last executing test programs: 2.988190175s ago: executing program 3 (id=5398): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==") timer_create(0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x4000000, 0x3c, 0x72, &(0x7f0000000040)="976d9023d56482cd284a63da539706d7009be646625bd75b025352ebe557df463106baeed6c2d75549b140f143fb8bb67bfe5b308b8d05758115c7ad", &(0x7f0000000180)=""/114, 0x0, 0x0, 0x87, 0xc4, &(0x7f0000000400)="cf2240e6919817e49555d221b4e6c6ba11c4d974ddab2318db7b52cee499399a00be4b71119246d7bca28cc8346eb84414e45f3f4633f4acb77bf8cc38c4c16fe035905db79cdc0be634a915662c4cac58ae94706f86ea320f339c21399b5bb7607044916c63c528ab4149718d6215a9a3749113c268e49b2b9dae91ed804e5ac5d4ec7ac9c5fd", &(0x7f0000000280)="bf049fd184f7b03c21d9bcddc4eef9ebb6a0da3eb91c56454e873dd7336ccf21a1eeb8da7adf80d6e06ef46c7f36222fadaed2103c286468b3f44adee51445bd1bedf8fcc1c0b9fdc8b3829b1bf0c9d2d409cdecb12ad033e299c029331993ae9760345bf7feb91ee96b0eee19454ad3dbce5019b68c114ff1921a9b4665744c7784ac6736101a70592d83c448a84c31ec60bb901d96ea99471d823ee523318878ee704a8d9502b566cad45587cb74ea8259c1c0a926fc09499395b2db5af40bb6f4c526", 0x0, 0x8000}, 0x50) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffdbf}]}) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48) io_uring_setup(0x168e, &(0x7f0000000640)={0x0, 0x6d09, 0x0, 0x0, 0xffffffff}) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xfffffd26) 2.418329394s ago: executing program 3 (id=5406): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000900000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="b6483880000000000000020000000000000000cba80fcab716da157c07e12320d8ca803f7012a9619919fbe5c53e0dc0ee76d6ddc527c1afcf868fcfd920e2809f6fc0cde4b87b827b27cf952c72eb95fdc8f417fc12d8b0249836a4177f9c3f701939c995fa011511df5b3e75475beadacde19345c367f87d2af1bfd43a73599a3ac9ab09db47516e73109b846dd3ee8a237ba10bcb8c3d81690084ae"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000, @void, @value}, 0x94) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000280)={'gretap0\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x7, 0x80, 0x2, 0xfff, {{0x6, 0x4, 0x2, 0x0, 0x18, 0x67, 0x0, 0x98, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x33}, @rand_addr=0x64010101, {[@noop]}}}}}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) fcntl$lock(r1, 0x25, &(0x7f0000000000)) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x241, 0x0) getresuid(&(0x7f0000000080), &(0x7f00000002c0)=0x0, &(0x7f0000000400)) quotactl_fd$Q_QUOTAON(r1, 0xffffffff80000200, r3, &(0x7f0000000480)='./file0\x00') ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r4 = syz_open_procfs(0x0, &(0x7f0000000380)='attr/exec\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x800, &(0x7f0000000880)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f00000001c0), 0x1, 0x557, &(0x7f0000000b00)="$eJzs3c9vHFcdAPDvjH/sNk3rBHqACkiAQkBVduNNG1Vc2lxAqKqEqDggDqmxN5bJbjZk16U2kXD/hiKBxAn+BA5IHJB64sCNIxIHhFQOSBFYRTESSItmdvwj9rpe7PVu4/18pMnMmzcz3/dsT96bt/a8ACbW5YjYiIjZiHgrIuaK/UmxxGu9JTvu0eaDxa3NB4tJdLtv/iPJ87N9+Qml3Ws+XVyzHBHf/kbE95ODcdtr63cWGo36/SJd7TTvVdtr61dXmgvL9eX63VrtxvyNa69cf7k2tLpeav764ddXXv/O73772Q/+uPHVH2fFOl/k7dRjyHpVn9mJk5mOiNdPI9gYTBXr2TGXg+NJI+ITEfGF/P6fi6n8pxMAOMu63bnozu1NAwBnXZqPgSVpJSLStOgEVHpjeM/FubTRandevN1avbvUGyu7EDPp7ZVG/drF0p9/mB88k2Tp+Twvz8/TtX3p6xFxMSJ+WnoqT1cWW42l8XR5AGDiPb23/Y+If5XStFIZ6NQ+n+oBAE+M8rgLAACMnPYfACaP9h8AJs8A7X/xYf/GqZcFABiN/+/5/9lTKwcAMDrG/wFg8mj/AWCifOuNN7Klu1W8/3rp7bXVO623ry7V23cqzdXFymLr/r3Kcqu1nL+zp3nU9Rqt1r35l2L1nWqn3u5U22vrt5qt1budW/l7vW/VZ0ZSKwDgo1y89P6fkojY+NpT+RJ75nLQVsPZlo67AMDYTJ3kZB0EeKKZ7Qsm10BNeN5J+MOplwUYj74v8y733Xzcz3ur9wYJ4veM4GPlyqcHH/83xzOcLcb/YXIdb/z/1aGXAxg94/8wubrdZP+c/7M7WQDAmXSCX+Hr/mRYnRBgrI6azPuoz/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgEp2PiB9EklbyucDT7N+0Uol4JiIuxExye6VRvxYRz8aliJgpZen5cRcaADih9O9JMf/XlbkXzu/PnU3+XcrXEfGjX7z5s3cWOp3789n+f+7sL21PH1bbPe8E8woCAEOWt9+1Yr3nQf7R5oPF7WWU5Xl4M/5bTEW8uLX5IF96OdOR7Ywo532Jcx8mMV2cU46I5yNiagjxN96NiE/1q3+Sj41cKGY+3Rs/itjPjCp+FvjD9LH4aZ7XW2edr08OoSwwad6/GRGv9bv/0ricr/vf/+WIx9LH9fBm72Lb//dt7Yk/XUSa6hM/u+cvDxrjpd9/88DO7lwv792I56f7xU924ieHxH9hwPh/+czn3nv1kLzuLyOuRP/4e2NVO8171fba+tWV5sJyfbl+t1a7MX/j2ivXX65V8zHq6vZI9QHlfPj6EFn9zx0Sv7xb//xxtlf/2Z1zvzRg/X/1n7e+9/ndZGl//K98sf/3/7nd+Ae+/lmBvjxg/IVzvzl0+u4s/tIh9T/q+//igPE/+Nv60oCHAgAj0F5bv7PQaNTvn2gjewodxnUObGRFHOzg7e7iyYL+NU6jFsfcmDmtr+qpb0zv9BWHe+XvZlfsk5UO+ENynI106LU40cajjz6mO9RbDzjLdm/6cZcEAAAAAAAAAAAAAAA4zCj+dGncdQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODs+l8AAAD//0LMywA=") r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchown(r5, 0x0, 0xee01) 2.238401254s ago: executing program 4 (id=5411): r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) accept4$packet(r0, 0x0, 0x0, 0x0) 2.190624334s ago: executing program 4 (id=5413): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/keycreate\x00', 0x2, 0x0) syz_read_part_table(0x613, &(0x7f0000000c40)="$eJzs3D9olHcYB/DvJbmcUUg6OLnUOHQSiuJohirJVbEQTqUQHOw/RJopQuCkhynJ0GZQzCAdu0jhOmicjBmcFIXORRwswg0uBbtI7ZArd3mbXGgtLY2U0s9nuOe94+H5/h5419+F/7S+lIundqVb3v7wT/vbI5vPczndHJ841m6326eSUs6knNHy8HKSgWydmn1JBnvmXP965+qXP71bbj4++eKts/cW+zZmVvJGkl29zRn6o6NU/t6mvA43xu6PzC/MVC93vlQbrbX3k5vPx2srJxaXlo+Xj37c+f1S8qDoX38xhnIh9VzMp/lg4C9Hfb75WNqSP9fJr4+df1RttL5qPj2wtqfaf/vc4Zd7V6/cPZjMdiIm033ZNw3+w8V78ucXfjtPozU7enVqqXFk/63d1w7V7zysPev/ub2uE7lNoQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvDY3Oh8LM9XL9bHzj6qN1hfff/fezefjtZUTi0vLxwePPin6HhR1oKgXUs/FlJNMZzqfZOZ3k/tfFTlV6s0fuz8yv5H/y87k6YG1PdXm7XOHX06sXrl7sNtVymSn9G3X1q/Kb7RmR69OLTWO7L+1+9qh+p2HtWfFGtOVfNRdN0ll+48BAAAAAAAAAAAAAAAAAADA/9z4xLG9k+/UTiWlnNkxPJwfP+vesm9Xhr5N9+b9un1FfVJJhpNc37H+XwDNxydfDJ69t/hDcSl+LpXMJdn1zcrp5M2NnEtbY8ubk/k3/RoAAP//426Ogw==") creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f00000002c0)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pipe(&(0x7f0000000100)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x275a, 0x0) r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) dup2(r3, r2) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r2, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$TCSETS(r4, 0x40045431, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ebffffff0000f7ffff00"}) r5 = syz_open_pts(r4, 0x0) ioctl$TCSETAF(r5, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0xa, 0x1, 0xc, "00000000dc705800"}) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = dup3(r5, r4, 0x0) read$watch_queue(r6, &(0x7f0000001e00)=""/4101, 0x1005) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000180)) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3) r7 = socket(0x15, 0x5, 0x0) getsockopt(r7, 0x200000000114, 0x2711, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0x2a) 2.190164544s ago: executing program 2 (id=5414): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) open(&(0x7f0000000080)='./bus\x00', 0x143c62, 0x0) mount(0x0, &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,') 2.128877193s ago: executing program 2 (id=5416): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d00000085"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c280000500030004"], 0x48}}, 0x40000) 2.113041043s ago: executing program 2 (id=5417): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000890000000000000000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94) perf_event_open(&(0x7f0000000780)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fd, 0x2061, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x3, @perf_config_ext={0x7, 0x3}, 0x182, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) syz_mount_image$tmpfs(0x0, &(0x7f00000040c0)='./file0\x00', 0x810000, 0x0, 0x6, 0x0, &(0x7f0000000000)) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0xfffffffffffffffb}, 0x18) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=2']) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet6(0xa, 0x80001, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000540), 0x9) syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x40800) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000340)={'ip_vti0\x00', &(0x7f0000001240)={'ip_vti0\x00', 0x0, 0x7800, 0x40, 0xfffffffd, 0x52b, {{0x10, 0x4, 0x1, 0x20, 0x40, 0x65, 0x0, 0x5, 0x2f, 0x0, @loopback, @empty, {[@timestamp_prespec={0x44, 0x2c, 0x9a, 0x3, 0x1, [{@private=0xa010100, 0x3}, {@loopback, 0x369362c0}, {@local, 0x5}, {@multicast2, 0xc}, {@dev={0xac, 0x14, 0x14, 0x2d}, 0xa3}]}]}}}}}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000880)=@newtclass={0x58, 0x28, 0x400, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xc, 0x7}, {0x2, 0x8}, {0x10, 0xf}}, [@tclass_kind_options=@c_skbprio={0xc}, @TCA_RATE={0x6, 0x5, {0x9, 0x8}}, @TCA_RATE={0x6, 0x5, {0x9, 0x5}}, @TCA_RATE={0x6, 0x5, {0x95, 0x1}}, @TCA_RATE={0x6, 0x5, {0x3, 0x3}}, @TCA_RATE={0x6, 0x5, {0x40, 0x5}}]}, 0x58}, 0x1, 0x0, 0x0, 0x2cc8c4afbbdac034}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27}) sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 2.029232103s ago: executing program 2 (id=5419): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]}) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000dc0)={0x1b8, r3, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PEERS={0x194, 0x8, 0x0, 0x1, [{0xbc, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x1, @mcast1, 0x2}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x7}]}, {0x64, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549"}]}, {0x70, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @empty}}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r4}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x4000}, 0x40) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) r6 = socket(0x10, 0x3, 0x0) getsockopt(r6, 0x10e, 0xb, &(0x7f0000005d40)=""/44, &(0x7f0000005d80)=0x2c) mlockall(0x6) r7 = msgget$private(0x0, 0x0) msgrcv(r7, 0x0, 0x0, 0x1, 0x2000) msgrcv(r7, 0x0, 0x0, 0x0, 0x0) msgctl$IPC_SET(r7, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x800000000000000, 0x7, 0x2, 0x0, 0x3, 0xe8, 0x0, 0x0, 0x0, 0xffffffffffffffff}) msgsnd(r7, &(0x7f0000000380)={0x1, "c7612fc6bdefa1485b744d38f21b6e33d1ef7cf4a528c87005745aa74f5231ea5583bcf09e517edb34d888943945d537f7b0"}, 0x3a, 0x0) mlockall(0x5) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50) setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e23}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23}, 0x10) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000600), 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000100)='illinois\x00', 0x9) sendto$inet(r5, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0x2acf, 0x11, 0x0, 0x27) recvmsg(r5, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0xa, 0x0, 0x46, 0x407006}, 0x104) ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, &(0x7f0000000000)={r0, 0x8, 0xccb, 0x7}) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 1.906235553s ago: executing program 1 (id=5425): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1}, 0x0, &(0x7f0000000040)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), 0x0}, 0x20) 1.897067253s ago: executing program 1 (id=5426): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000012c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000012c0)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r1, &(0x7f0000001400)='cpuacct.usage_percpu_user\x00', 0x7a05, 0x1700) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=") r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r3, &(0x7f0000004200)='t', 0x1) socket$kcm(0x21, 0x2, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0) pwritev2(r4, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0xf4240}], 0x1, 0x800001, 0x0, 0x0) sendfile(r3, r2, 0x0, 0x7ffff000) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000000), 0x6db6e559) r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r6, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000140)={r6, &(0x7f0000000140), &(0x7f00000002c0)=""/4095}, 0x20) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = syz_io_uring_setup(0x36c6, &(0x7f0000000440)={0x0, 0x4608, 0x800, 0x1, 0x397}, &(0x7f0000000040)=0x0, &(0x7f0000000240)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0xffffffffffffffff, 0x0}) io_uring_enter(r7, 0x47ba, 0x0, 0x0, 0x0, 0x0) 1.853641933s ago: executing program 4 (id=5427): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) open(&(0x7f0000000080)='./bus\x00', 0x143c62, 0x0) mount(&(0x7f0000000100), 0x0, &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,') 1.751092313s ago: executing program 4 (id=5428): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, 0x0, &(0x7f00000002c0)=r3}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0x9}, 0x18) r5 = socket(0x10, 0x803, 0x0) sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r6, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c00020008"], 0x3c}}, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="4000000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000010240000180012800e0001007769726567756172640000000400028008000a00", @ANYRES32=r6], 0x40}}, 0x4000) 1.611814243s ago: executing program 4 (id=5429): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff000000ebbf0031", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="01000000"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0xc8, 0x0, 0x2, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a0104e1ff0000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021880000000c0a01030000000000000000070007000900020073797a31000000000900010073797a30000000005c0003805800008008000340000000024c000b80200001800a00010071756f7461000000100002800c0001400000000000000000280001800a0001006c696d69740000001800028008000440000000010c0001400000000000000003140000001000010000000000000000000084000a"], 0x10c}}, 0x0) r6 = inotify_init() r7 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) r8 = inotify_add_watch(r6, &(0x7f0000000240)='./file0\x00', 0x8c7) write$binfmt_elf32(r7, &(0x7f0000000040)=ANY=[@ANYRES64=r8], 0x69) close(r7) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001440)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42646d25dfd73d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f40f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b74039fffd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f152fdf6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a5121e941b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41b92fe3caef70845cde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r9}, 0x10) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r10}, 0x10) r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r12}, 0x10) 1.464459322s ago: executing program 3 (id=5431): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==") timer_create(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48) io_uring_setup(0x168e, &(0x7f0000000640)={0x0, 0x6d09, 0x0, 0x0, 0xffffffff}) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xfffffd26) 1.130115682s ago: executing program 2 (id=5434): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff000000ebbf0031", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB="01000000"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0xc8, 0x0, 0x2, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a0104e1ff0000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021880000000c0a01030000000000000000070007000900020073797a31000000000900010073797a30000000005c0003805800008008000340000000024c000b80200001800a00010071756f7461000000100002800c0001400000000000000000280001800a0001006c696d69740000001800028008000440000000010c0001400000000000000003140000001000010000000000000000000084000a"], 0x10c}}, 0x0) r6 = inotify_init() r7 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) r8 = inotify_add_watch(r6, &(0x7f0000000240)='./file0\x00', 0x8c7) write$binfmt_elf32(r7, &(0x7f0000000040)=ANY=[@ANYRES64=r8], 0x69) close(r7) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001440)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42646d25dfd73d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f40f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b74039fffd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f152fdf6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a5121e941b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41b92fe3caef70845cde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r9}, 0x10) execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r10}, 0x10) symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r11}, 0x10) 1.061567852s ago: executing program 3 (id=5435): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==") timer_create(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffdbf}]}) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48) io_uring_setup(0x168e, &(0x7f0000000640)={0x0, 0x6d09, 0x0, 0x0, 0xffffffff}) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xfffffd26) 688.061251ms ago: executing program 1 (id=5436): bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) 667.892681ms ago: executing program 4 (id=5437): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000012c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000012c0)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r1, &(0x7f0000001400)='cpuacct.usage_percpu_user\x00', 0x7a05, 0x1700) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=") r2 = openat(0xffffffffffffff9c, 0x0, 0x40, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r3, &(0x7f0000004200)='t', 0x1) socket$kcm(0x21, 0x2, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0) pwritev2(r4, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0xf4240}], 0x1, 0x800001, 0x0, 0x0) sendfile(r3, r2, 0x0, 0x7ffff000) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x6db6e559) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000a9d58169bf1a984e000000c70000030000"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r5, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000140)={r5, &(0x7f0000000140), &(0x7f00000002c0)=""/4095}, 0x20) socket$nl_netfilter(0x10, 0x3, 0xc) r6 = syz_io_uring_setup(0x36c6, &(0x7f0000000440)={0x0, 0x4608, 0x800, 0x1, 0x397}, &(0x7f0000000040)=0x0, &(0x7f0000000240)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0xffffffffffffffff, 0x0}) io_uring_enter(r6, 0x47ba, 0x0, 0x0, 0x0, 0x0) 545.917371ms ago: executing program 3 (id=5438): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Dd', 0x0) 478.958771ms ago: executing program 1 (id=5439): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e0b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x3}, 0x18) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, 0x0, 0x0) write$binfmt_script(r2, &(0x7f0000000200), 0xfffffd9d) 476.82777ms ago: executing program 3 (id=5440): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]}) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000dc0)={0x364, r3, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PEERS={0x340, 0x8, 0x0, 0x1, [{0xbc, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x1, @mcast1, 0x2}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec"}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x7}]}, {0x1ac, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ALLOWEDIPS={0x184, 0x9, 0x0, 0x1, [{0x58, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @local}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010100}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x2}}]}]}]}, {0x64, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549"}]}, {0x70, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @empty}}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r4}]}, 0x364}, 0x1, 0x0, 0x0, 0x4000}, 0x40) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) r6 = socket(0x10, 0x3, 0x0) getsockopt(r6, 0x10e, 0xb, &(0x7f0000005d40)=""/44, &(0x7f0000005d80)=0x2c) mlockall(0x6) r7 = msgget$private(0x0, 0x0) msgrcv(r7, 0x0, 0x0, 0x1, 0x2000) msgrcv(r7, 0x0, 0x0, 0x0, 0x0) msgctl$IPC_SET(r7, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x800000000000000, 0x7, 0x2, 0x0, 0x3, 0xe8, 0x0, 0x0, 0x0, 0xffffffffffffffff}) msgsnd(r7, &(0x7f0000000380)={0x1, "c7612fc6bdefa1485b744d38f21b6e33d1ef7cf4a528c87005745aa74f5231ea5583bcf09e517edb34d888943945d537f7b0"}, 0x3a, 0x0) mlockall(0x5) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50) setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e23}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23}, 0x10) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000600), 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000100)='illinois\x00', 0x9) sendto$inet(r5, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0x2acf, 0x11, 0x0, 0x27) recvmsg(r5, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0xa, 0x0, 0x46, 0x407006}, 0x104) ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, &(0x7f0000000000)={r0, 0x8, 0xccb, 0x7}) process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 440.96686ms ago: executing program 1 (id=5441): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000e40)={0xc, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x63, 0x11, 0xc}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x2, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="020000000479a2c57b2000000008000300000000000000c6e2", @ANYRES32, @ANYBLOB="001000"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRESOCT=r1, @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r6) sendmsg$NFC_CMD_DEP_LINK_UP(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYRESDEC=0x0], 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x40) bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES16=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r8}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000ff01000000000000002000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10) r10 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r10, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=r9, @ANYRES64], 0x44}, 0x1, 0x0, 0x0, 0x64000004}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r2}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000d80)={[{@block_validity}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@grpid}, {@mb_optimize_scan}]}, 0x13, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") r11 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000000062273c89850c02555905b7ae59d9eab2d54d11dc39cab9d06e66ac6f10fb95ac3fb8417bc7ccaf553f6450704e7c0f49a7e23f173d7f2fb24af90d04648af6ca88ee7369c382b3ed8a3d7bea553e15d5195645dff52a5b96f2b473bc90432ba69b0c6ec481fc63a0609d2a6afa95455e9d7fa613fe2b54176329bf993a234486e6d7a05c547ba0bda58c13f2044f9aafed5a373e86084224b2c56eafd8eacd7f0c80159fe882ec3b452f9896a735dc45c8e38b0acf65815cd40c7c2dbfd7743cf56a9d024424879320c8478d55cf1d587c14e840d4e663dfe6c0ea39eca2aa20f6c3853d69d590ffd740cf0000000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0) setxattr$security_capability(&(0x7f0000000280)='./file1\x00', &(0x7f00000002c0), &(0x7f0000000100)=@v3={0x3000000, [{0xfffffff8, 0xc}, {0x7, 0x1}], 0xee00}, 0x18, 0x0) r13 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r13, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940)) 270.56806ms ago: executing program 2 (id=5444): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000012c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000012c0)='./cgroup/syz1\x00', 0x200002, 0x0) openat$cgroup_ro(r1, &(0x7f0000001400)='cpuacct.usage_percpu_user\x00', 0x7a05, 0x1700) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=") r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r3, &(0x7f0000004200)='t', 0x1) socket$kcm(0x21, 0x2, 0x2) r4 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x0) pwritev2(r4, &(0x7f00000000c0)=[{&(0x7f0000000200)="df", 0xf4240}], 0x1, 0x800001, 0x0, 0x0) sendfile(r3, r2, 0x0, 0x7ffff000) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000000), 0x6db6e559) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r6, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000140)={r6, &(0x7f0000000140), &(0x7f00000002c0)=""/4095}, 0x20) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = syz_io_uring_setup(0x36c6, &(0x7f0000000440)={0x0, 0x4608, 0x800, 0x1, 0x397}, &(0x7f0000000040)=0x0, &(0x7f0000000240)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd, 0xffffffffffffffff, 0x0}) io_uring_enter(r7, 0x47ba, 0x0, 0x0, 0x0, 0x0) 269.57626ms ago: executing program 0 (id=5445): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000890000000000000000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) syz_mount_image$tmpfs(0x0, &(0x7f00000040c0)='./file0\x00', 0x810000, 0x0, 0x6, 0x0, &(0x7f0000000000)) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0xfffffffffffffffb}, 0x18) mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=2']) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet6(0xa, 0x80001, 0x0) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000540), 0x9) syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x40800) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000340)={'ip_vti0\x00', &(0x7f0000001240)={'ip_vti0\x00', 0x0, 0x7800, 0x40, 0xfffffffd, 0x52b, {{0x10, 0x4, 0x1, 0x20, 0x40, 0x65, 0x0, 0x5, 0x2f, 0x0, @loopback, @empty, {[@timestamp_prespec={0x44, 0x2c, 0x9a, 0x3, 0x1, [{@private=0xa010100, 0x3}, {@loopback, 0x369362c0}, {@local, 0x5}, {@multicast2, 0xc}, {@dev={0xac, 0x14, 0x14, 0x2d}, 0xa3}]}]}}}}}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000880)=@newtclass={0x58, 0x28, 0x400, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xc, 0x7}, {0x2, 0x8}, {0x10, 0xf}}, [@tclass_kind_options=@c_skbprio={0xc}, @TCA_RATE={0x6, 0x5, {0x9, 0x8}}, @TCA_RATE={0x6, 0x5, {0x9, 0x5}}, @TCA_RATE={0x6, 0x5, {0x95, 0x1}}, @TCA_RATE={0x6, 0x5, {0x3, 0x3}}, @TCA_RATE={0x6, 0x5, {0x40, 0x5}}]}, 0x58}, 0x1, 0x0, 0x0, 0x2cc8c4afbbdac034}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27}) sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 172.40325ms ago: executing program 1 (id=5446): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000dc0)={0x3c8, r3, 0x5, 0x70bd2a, 0x25dfdbfd, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e24}, @WGDEVICE_A_PEERS={0x3a4, 0x8, 0x0, 0x1, [{0x98, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e20, 0x1, @mcast1, 0x2}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec"}, @WGPEER_A_FLAGS={0x8, 0x3, 0x7}]}, {0x234, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ALLOWEDIPS={0x20c, 0x9, 0x0, 0x1, [{0x58, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x1}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}]}, {0xc4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @local}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x2}}]}, {0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x2}}]}]}]}, {0x64, 0x0, 0x0, 0x1, [@WGPEER_A_FLAGS={0x8}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x3}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "379aa288b2244a5b504ba04bea45625d328fb93b62e607a1b2e4da2f7f76a549"}]}, {0x70, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_FLAGS={0x8, 0x3, 0x4}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @b_g}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @empty}}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r4}]}, 0x3c8}, 0x1, 0x0, 0x0, 0x4000}, 0x40) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) r6 = socket(0x10, 0x3, 0x0) getsockopt(r6, 0x10e, 0xb, &(0x7f0000005d40)=""/44, &(0x7f0000005d80)=0x2c) mlockall(0x6) r7 = msgget$private(0x0, 0x0) msgrcv(r7, 0x0, 0x0, 0x1, 0x2000) msgctl$IPC_SET(r7, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x800000000000000, 0x7, 0x2, 0x0, 0x3, 0xe8, 0x0, 0x0, 0x0, 0xffffffffffffffff}) msgsnd(r7, &(0x7f0000000380)={0x1, "c7612fc6bdefa1485b744d38f21b6e33d1ef7cf4a528c87005745aa74f5231ea5583bcf09e517edb34d888943945d537f7b0"}, 0x3a, 0x0) mlockall(0x5) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50) setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e23}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23}, 0x10) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000600), 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000100)='illinois\x00', 0x9) sendto$inet(r5, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0x2acf, 0x11, 0x0, 0x27) recvmsg(r5, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0xa, 0x0, 0x46, 0x407006}, 0x104) ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, &(0x7f0000000000)={r0, 0x8, 0xccb, 0x7}) 144.69191ms ago: executing program 0 (id=5447): ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x8004587d, 0x0) 97.94194ms ago: executing program 0 (id=5448): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVdn:Dd', 0x0) 97.24186ms ago: executing program 0 (id=5449): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) open(&(0x7f0000000080)='./bus\x00', 0x143c62, 0x0) mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', 0x0, 0x0, &(0x7f0000000300)='trans=rdma,') 56.14313ms ago: executing program 0 (id=5450): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c280000500030004"], 0x48}}, 0x40000) 0s ago: executing program 0 (id=5451): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e0b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x3}, 0x18) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, 0x0, 0x0) write$binfmt_script(r2, &(0x7f0000000200), 0xfffffd9d) kernel console output (not intermixed with test programs): (loop1): encrypted files will use data=ordered instead of data journaling mode [ 338.084623][T17651] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal [ 338.095325][ T29] audit: type=1400 audit(1737048203.745:21308): avc: denied { mounton } for pid=17650 comm="syz.1.4623" path="/254/bus" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 338.148356][T17656] loop4: detected capacity change from 0 to 512 [ 338.189412][ T29] audit: type=1400 audit(1737048203.835:21309): avc: denied { unmount } for pid=12907 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 338.209852][ T29] audit: type=1400 audit(1737048203.835:21310): avc: denied { mounton } for pid=17655 comm="syz.4.4625" path="/302/file0" dev="tmpfs" ino=1627 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 338.245855][T17653] bond5: entered promiscuous mode [ 338.250981][T17653] bond5: entered allmulticast mode [ 338.258449][T17656] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 338.270236][T17653] 8021q: adding VLAN 0 to HW filter on device bond5 [ 338.363750][ T29] audit: type=1400 audit(1737048203.915:21311): avc: denied { create } for pid=17657 comm="syz.1.4626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 338.384698][ T29] audit: type=1400 audit(1737048203.915:21312): avc: denied { write } for pid=17657 comm="syz.1.4626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 338.405480][ T29] audit: type=1400 audit(1737048203.955:21313): avc: denied { setattr } for pid=17655 comm="syz.4.4625" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 338.428041][ T29] audit: type=1400 audit(1737048203.965:21314): avc: denied { create } for pid=17657 comm="syz.1.4626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 338.448338][ T29] audit: type=1400 audit(1737048203.965:21315): avc: denied { create } for pid=17657 comm="syz.1.4626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 338.469116][ T29] audit: type=1400 audit(1737048203.965:21316): avc: denied { write } for pid=17657 comm="syz.1.4626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 338.502677][T17674] bond_slave_1: entered promiscuous mode [ 338.518963][T17674] bond_slave_1: left promiscuous mode [ 338.605630][T17683] loop4: detected capacity change from 0 to 512 [ 338.642164][T17683] ext4 filesystem being mounted at /304/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 338.981156][T17704] loop4: detected capacity change from 0 to 512 [ 339.007179][T17704] EXT4-fs: Mount option(s) incompatible with ext2 [ 339.154436][T17710] loop4: detected capacity change from 0 to 512 [ 339.198817][T17710] ext4 filesystem being mounted at /309/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 339.690220][ T24] hid-generic 0000:0000:0000.00DE: ignoring exceeding usage max [ 339.702299][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.710055][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.717636][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.725110][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.732604][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.740187][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.747640][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.755352][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.762808][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.770362][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.777992][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.785420][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.793481][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.801051][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.808545][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.816429][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.824438][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.831894][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.839340][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.847234][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.854741][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.862213][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.870104][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.878720][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.886141][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.893610][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.901062][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.909194][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.916643][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.924053][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.931500][ T24] hid-generic 0000:0000:0000.00DE: unknown main item tag 0x0 [ 339.946025][ T24] hid-generic 0000:0000:0000.00DE: hidraw0: HID v0.00 Device [syz0] on syz1 [ 340.017893][T17752] bond_slave_1: entered promiscuous mode [ 340.024215][T17752] bond_slave_1: left promiscuous mode [ 340.079839][T17754] xt_hashlimit: max too large, truncated to 1048576 [ 340.087843][T17754] Cannot find set identified by id 0 to match [ 340.147427][T17758] loop1: detected capacity change from 0 to 1024 [ 340.154622][T17758] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 340.164477][T17758] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 340.175445][T17758] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 340.184918][T17758] System zones: 0-1, 4-36, 102-102 [ 340.260272][T17767] bond6: entered promiscuous mode [ 340.265433][T17767] bond6: entered allmulticast mode [ 340.277652][T17767] 8021q: adding VLAN 0 to HW filter on device bond6 [ 340.402608][T17779] loop3: detected capacity change from 0 to 512 [ 340.451598][T17779] ext4 filesystem being mounted at /344/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 340.542016][T17799] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4675'. [ 340.778229][T17815] loop3: detected capacity change from 0 to 512 [ 340.798982][T17815] ext4 filesystem being mounted at /350/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 340.840498][T17820] loop3: detected capacity change from 0 to 512 [ 340.849648][T17820] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 340.860263][T17820] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal [ 340.904614][T17823] loop3: detected capacity change from 0 to 512 [ 340.919658][T17823] ext4 filesystem being mounted at /352/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 341.016703][ T3375] vhci_hcd: vhci_device speed not set [ 341.177899][T17843] loop1: detected capacity change from 0 to 512 [ 341.185027][T17843] EXT4-fs: Mount option(s) incompatible with ext2 [ 341.244055][T17845] loop1: detected capacity change from 0 to 8192 [ 341.444237][ T24] hid-generic 0000:0000:0000.00DF: ignoring exceeding usage max [ 341.456443][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.463941][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.471491][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.478990][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.486494][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.494810][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.502390][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.510142][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.517619][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.525325][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.532876][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.540657][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.548137][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.555634][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.563438][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.571478][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.580929][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.588415][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.595833][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.603338][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.610787][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.618238][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.625663][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.633212][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.640652][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.648086][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.655486][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.662925][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.670459][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.677957][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.685890][ T24] hid-generic 0000:0000:0000.00DF: unknown main item tag 0x0 [ 341.727277][T17861] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4698'. [ 341.735484][ T24] hid-generic 0000:0000:0000.00DF: hidraw0: HID v0.00 Device [syz0] on syz1 [ 341.795247][T17867] loop4: detected capacity change from 0 to 512 [ 341.799340][T17865] loop2: detected capacity change from 0 to 1024 [ 341.803614][T17867] EXT4-fs: Mount option(s) incompatible with ext2 [ 341.817403][T17865] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 341.827301][T17865] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 341.846667][T17865] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 341.854966][T17865] System zones: 0-1, 4-36, 102-102 [ 341.911288][T17872] loop3: detected capacity change from 0 to 512 [ 341.934350][T17874] xt_hashlimit: max too large, truncated to 1048576 [ 341.969571][T17874] Cannot find set identified by id 0 to match [ 341.979827][T17878] bond_slave_1: entered promiscuous mode [ 341.992397][T17878] bond_slave_1: left promiscuous mode [ 342.008563][T17880] loop2: detected capacity change from 0 to 512 [ 342.008557][T17872] ext4 filesystem being mounted at /355/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 342.061120][T17880] ext4 filesystem being mounted at /355/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 342.119403][T17889] netlink: 'syz.3.4708': attribute type 1 has an invalid length. [ 342.146743][T17886] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 342.153307][T17886] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 342.160981][T17886] vhci_hcd vhci_hcd.0: Device attached [ 342.194420][T17889] 8021q: adding VLAN 0 to HW filter on device bond8 [ 342.244192][T17889] 8021q: adding VLAN 0 to HW filter on device bond8 [ 342.261462][T17889] bond8: (slave wireguard0): The slave device specified does not support setting the MAC address [ 342.274992][T17889] bond8: (slave wireguard0): Error -95 calling set_mac_address [ 342.311038][T17906] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4716'. [ 342.415991][T17915] loop3: detected capacity change from 0 to 2048 [ 342.422548][ T8] usb 1-1: new high-speed USB device number 10 using vhci_hcd [ 342.460492][T17920] loop2: detected capacity change from 0 to 512 [ 342.467562][T17920] EXT4-fs: Mount option(s) incompatible with ext2 [ 342.508702][T17921] uprobe: syz.2.4720:17921 failed to unregister, leaking uprobe [ 342.617570][T17927] loop2: detected capacity change from 0 to 512 [ 342.638874][T17927] ext4 filesystem being mounted at /362/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 342.920408][T17890] vhci_hcd: connection reset by peer [ 342.925964][T13820] vhci_hcd: stop threads [ 342.930346][T13820] vhci_hcd: release socket [ 342.934839][T13820] vhci_hcd: disconnect device [ 343.148590][T17939] bond_slave_1: entered promiscuous mode [ 343.154967][T17939] bond_slave_1: left promiscuous mode [ 343.197136][ T29] kauditd_printk_skb: 555 callbacks suppressed [ 343.197154][ T29] audit: type=1400 audit(1737048208.875:21872): avc: denied { read } for pid=17940 comm="syz.1.4727" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 343.227845][ T29] audit: type=1400 audit(1737048208.875:21873): avc: denied { open } for pid=17940 comm="syz.1.4727" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 343.252335][ T29] audit: type=1400 audit(1737048208.905:21874): avc: denied { write } for pid=17940 comm="syz.1.4727" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 343.287111][T17947] loop4: detected capacity change from 0 to 512 [ 343.288078][ T29] audit: type=1400 audit(1737048208.955:21875): avc: denied { write } for pid=17940 comm="syz.1.4727" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 343.296723][T17947] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 343.332125][T17947] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal [ 343.403814][T17955] loop3: detected capacity change from 0 to 512 [ 343.429402][T17955] ext4 filesystem being mounted at /359/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 343.455466][ T29] audit: type=1400 audit(1737048209.125:21876): avc: denied { setopt } for pid=17958 comm="syz.1.4734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 343.479259][T17960] rdma_rxe: rxe_newlink: failed to add sit0 [ 343.486020][ T29] audit: type=1400 audit(1737048209.155:21877): avc: denied { create } for pid=17958 comm="syz.1.4734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 343.506664][ T29] audit: type=1400 audit(1737048209.155:21878): avc: denied { write } for pid=17958 comm="syz.1.4734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 343.543677][ T29] audit: type=1326 audit(1737048209.215:21879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17965 comm="syz.3.4737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdd0ca5d29 code=0x7ffc0000 [ 343.575803][ T29] audit: type=1326 audit(1737048209.245:21881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17963 comm="syz.0.4736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4008945d29 code=0x7ffc0000 [ 343.599528][ T29] audit: type=1326 audit(1737048209.245:21880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17965 comm="syz.3.4737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcdd0ca5d29 code=0x7ffc0000 [ 343.637365][ T3376] hid-generic 0000:0000:0000.00E0: ignoring exceeding usage max [ 343.640404][T17969] loop4: detected capacity change from 0 to 512 [ 343.649759][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.658834][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.666579][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.674313][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.681812][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.689386][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.696843][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.704509][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.712118][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.719625][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.727143][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.734598][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.742060][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.749564][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.756988][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.764411][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.767780][T17969] ext4 filesystem being mounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 343.772384][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.789814][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.797308][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.804763][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.812216][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.819697][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.827149][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.834623][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.842278][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.849870][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.857298][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.864712][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.872222][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.879745][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.887220][ T3376] hid-generic 0000:0000:0000.00E0: unknown main item tag 0x0 [ 343.895215][ T3376] hid-generic 0000:0000:0000.00E0: hidraw0: HID v0.00 Device [syz0] on syz1 [ 343.961616][T17983] loop1: detected capacity change from 0 to 2048 [ 344.023022][T17987] ref_ctr increment failed for inode: 0x7ca offset: 0x9 ref_ctr_offset: 0x82 of mm: 0xffff8881042f8fc0 [ 344.040336][T17986] uprobe: syz.2.4744:17986 failed to unregister, leaking uprobe [ 344.393158][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x1 [ 344.400756][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x0 [ 344.408239][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x0 [ 344.415661][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x0 [ 344.423166][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x0 [ 344.430600][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x4 [ 344.438066][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x0 [ 344.445506][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x0 [ 344.452951][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x2 [ 344.460363][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x0 [ 344.467815][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x0 [ 344.475217][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x0 [ 344.482871][ T3375] hid-generic 0000:0000:0000.00E1: unknown main item tag 0x0 [ 344.490290][ T3375] hid-generic 0000:0000:0000.00E1: collection stack underflow [ 344.497938][ T3375] hid-generic 0000:0000:0000.00E1: item 0 0 0 12 parsing failed [ 344.505922][ T3375] hid-generic 0000:0000:0000.00E1: probe with driver hid-generic failed with error -22 [ 344.958540][T18027] uprobe: syz.1.4759:18027 failed to unregister, leaking uprobe [ 344.988458][T18031] loop4: detected capacity change from 0 to 512 [ 344.999406][T18031] ext4 filesystem being mounted at /336/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 345.116129][T18046] loop4: detected capacity change from 0 to 512 [ 345.123236][T18046] EXT4-fs: Mount option(s) incompatible with ext2 [ 345.162514][T18049] syz2: rxe_newlink: already configured on sit0 [ 345.205303][T18054] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4769'. [ 345.221461][T18056] loop2: detected capacity change from 0 to 512 [ 345.240035][T18056] ext4 filesystem being mounted at /374/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 345.254734][T18060] loop4: detected capacity change from 0 to 512 [ 345.283498][T18060] ext4 filesystem being mounted at /343/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 345.362617][T18075] netlink: 'syz.4.4777': attribute type 1 has an invalid length. [ 345.375943][T18075] 8021q: adding VLAN 0 to HW filter on device bond4 [ 345.401720][T18075] 8021q: adding VLAN 0 to HW filter on device bond4 [ 345.409260][T18075] bond4: (slave wireguard0): The slave device specified does not support setting the MAC address [ 345.422510][T18075] bond4: (slave wireguard0): Error -95 calling set_mac_address [ 345.456251][T18081] rdma_rxe: rxe_newlink: failed to add sit0 [ 345.482431][T18083] xt_hashlimit: size too large, truncated to 1048576 [ 345.573668][T18085] loop3: detected capacity change from 0 to 512 [ 345.631945][T18098] netlink: 'syz.0.4785': attribute type 1 has an invalid length. [ 345.642821][T18085] ext4 filesystem being mounted at /365/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 345.658181][T18098] 8021q: adding VLAN 0 to HW filter on device bond7 [ 345.683849][T18098] 8021q: adding VLAN 0 to HW filter on device bond7 [ 345.696131][T18098] bond7: (slave wireguard1): The slave device specified does not support setting the MAC address [ 345.710081][T18098] bond7: (slave wireguard1): Error -95 calling set_mac_address [ 345.889917][T18110] syz2: rxe_newlink: already configured on sit0 [ 345.940906][T18117] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4793'. [ 346.023132][T18122] uprobe: syz.3.4796:18122 failed to unregister, leaking uprobe [ 346.059767][T18129] loop1: detected capacity change from 0 to 8192 [ 346.334941][T18148] uprobe: syz.2.4805:18148 failed to unregister, leaking uprobe [ 346.351329][T18147] loop3: detected capacity change from 0 to 8192 [ 346.658885][T18158] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4808'. [ 346.696419][T18160] loop2: detected capacity change from 0 to 512 [ 346.709248][T18160] EXT4-fs: Mount option(s) incompatible with ext2 [ 346.870542][T18168] loop4: detected capacity change from 0 to 512 [ 346.906210][T18168] ext4 filesystem being mounted at /353/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 347.018451][T18178] bond_slave_1: entered promiscuous mode [ 347.037295][T18178] bond_slave_1: left promiscuous mode [ 347.066721][T18179] uprobe: syz.0.4818:18179 failed to unregister, leaking uprobe [ 347.105230][T18183] loop1: detected capacity change from 0 to 8192 [ 347.320672][T18192] loop3: detected capacity change from 0 to 512 [ 347.330371][T18192] EXT4-fs: Mount option(s) incompatible with ext2 [ 347.576648][ T8] vhci_hcd: vhci_device speed not set [ 348.111588][T18215] loop2: detected capacity change from 0 to 512 [ 348.119957][T18215] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 348.130108][T18215] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal [ 348.213345][T18219] bond_slave_1: entered promiscuous mode [ 348.226976][T18219] bond_slave_1: left promiscuous mode [ 348.265051][T18223] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4832'. [ 348.342817][T18228] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4833'. [ 348.407165][T18227] uprobe: syz.1.4835:18227 failed to unregister, leaking uprobe [ 348.502950][T18239] loop3: detected capacity change from 0 to 512 [ 348.510136][T18239] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 348.548821][ T29] kauditd_printk_skb: 359 callbacks suppressed [ 348.548838][ T29] audit: type=1326 audit(1737048214.225:22241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18241 comm="syz.1.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 348.578957][ T29] audit: type=1326 audit(1737048214.225:22242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18241 comm="syz.1.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 348.603946][T18239] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.4838: iget: bad extended attribute block 19 [ 348.611815][ T29] audit: type=1326 audit(1737048214.275:22243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18241 comm="syz.1.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 348.623545][T18239] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.4838: couldn't read orphan inode 15 (err -117) [ 348.640275][ T29] audit: type=1326 audit(1737048214.275:22244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18241 comm="syz.1.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 348.640313][ T29] audit: type=1326 audit(1737048214.275:22245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18241 comm="syz.1.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 348.700943][ T29] audit: type=1326 audit(1737048214.275:22246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18241 comm="syz.1.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 348.717942][T18237] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4838: bg 0: block 65: padding at end of block bitmap is not set [ 348.725158][ T29] audit: type=1326 audit(1737048214.275:22247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18241 comm="syz.1.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 348.762944][ T29] audit: type=1326 audit(1737048214.275:22248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18241 comm="syz.1.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 348.786551][ T29] audit: type=1326 audit(1737048214.275:22249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18241 comm="syz.1.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 348.810151][ T29] audit: type=1326 audit(1737048214.275:22250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18241 comm="syz.1.4839" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 348.973033][T18261] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4844'. [ 349.254991][T18278] loop3: detected capacity change from 0 to 1024 [ 349.270661][T18278] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 349.281238][T18278] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 349.293319][T18278] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 349.303008][T18278] System zones: 0-1, 4-36, 102-102 [ 349.394178][T18284] loop3: detected capacity change from 0 to 512 [ 349.401827][T18284] EXT4-fs: Mount option(s) incompatible with ext2 [ 349.513088][T18292] loop3: detected capacity change from 0 to 512 [ 349.522671][T18292] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 349.561191][T18292] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.4858: iget: bad extended attribute block 19 [ 349.594991][T18296] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4860'. [ 349.604488][T18292] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.4858: couldn't read orphan inode 15 (err -117) [ 349.661303][T18300] netlink: 'syz.4.4861': attribute type 1 has an invalid length. [ 349.674251][T18292] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4858: bg 0: block 65: padding at end of block bitmap is not set [ 349.686903][T18300] 8021q: adding VLAN 0 to HW filter on device bond5 [ 349.711704][T18300] 8021q: adding VLAN 0 to HW filter on device bond5 [ 349.719357][T18300] bond5: (slave wireguard0): The slave device specified does not support setting the MAC address [ 349.731269][T18300] bond5: (slave wireguard0): Error -95 calling set_mac_address [ 349.779276][T18307] loop3: detected capacity change from 0 to 1024 [ 349.795305][T18307] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 349.813580][T18307] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 349.826175][T18307] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 349.828939][T18309] rdma_rxe: rxe_newlink: failed to add sit0 [ 349.844289][T18307] System zones: 0-1, 4-36, 102-102 [ 349.956117][T18318] loop2: detected capacity change from 0 to 512 [ 349.956117][T18320] loop3: detected capacity change from 0 to 512 [ 349.970874][T18320] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 349.978158][T18325] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4871'. [ 349.981654][T18320] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal [ 349.999754][T18318] ext4 filesystem being mounted at /397/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 350.055772][T18330] 9pnet: p9_errstr2errno: server reported unknown error [ 350.108681][T18330] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 350.119250][T18339] bridge0: port 2(bridge_slave_1) entered disabled state [ 350.126560][T18339] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.147690][T18340] rdma_rxe: rxe_newlink: failed to add sit0 [ 350.157143][T18335] loop3: detected capacity change from 0 to 8192 [ 350.169958][T18339] FAULT_INJECTION: forcing a failure. [ 350.169958][T18339] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 350.183211][T18339] CPU: 0 UID: 0 PID: 18339 Comm: syz.1.4876 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 350.194006][T18339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 350.204148][T18339] Call Trace: [ 350.207451][T18339] [ 350.210403][T18339] dump_stack_lvl+0xf2/0x150 [ 350.215121][T18339] dump_stack+0x15/0x1a [ 350.219338][T18339] should_fail_ex+0x223/0x230 [ 350.224095][T18339] should_fail+0xb/0x10 [ 350.228278][T18339] should_fail_usercopy+0x1a/0x20 [ 350.233452][T18339] _copy_from_user+0x1e/0xb0 [ 350.238071][T18339] br_ioctl_stub+0xef/0x5d0 [ 350.242624][T18339] ? do_vfs_ioctl+0x96e/0x1530 [ 350.247678][T18339] ? __pfx_br_ioctl_stub+0x10/0x10 [ 350.252832][T18339] sock_ioctl+0x3dd/0x600 [ 350.257340][T18339] ? __pfx_sock_ioctl+0x10/0x10 [ 350.262246][T18339] __se_sys_ioctl+0xc9/0x140 [ 350.267093][T18339] __x64_sys_ioctl+0x43/0x50 [ 350.271726][T18339] x64_sys_call+0x1690/0x2dc0 [ 350.276489][T18339] do_syscall_64+0xc9/0x1c0 [ 350.281198][T18339] ? clear_bhb_loop+0x55/0xb0 [ 350.285918][T18339] ? clear_bhb_loop+0x55/0xb0 [ 350.290942][T18339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.296984][T18339] RIP: 0033:0x7fcfb70e5d29 [ 350.301441][T18339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 350.321197][T18339] RSP: 002b:00007fcfb5757038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 350.329751][T18339] RAX: ffffffffffffffda RBX: 00007fcfb72d5fa0 RCX: 00007fcfb70e5d29 [ 350.337818][T18339] RDX: 0000000020000080 RSI: 00000000000089a1 RDI: 0000000000000005 [ 350.345833][T18339] RBP: 00007fcfb5757090 R08: 0000000000000000 R09: 0000000000000000 [ 350.353878][T18339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 350.361968][T18339] R13: 0000000000000000 R14: 00007fcfb72d5fa0 R15: 00007ffcdf0fc9a8 [ 350.370292][T18339] [ 350.494946][T18355] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4882'. [ 350.525480][T18350] uprobe: syz.1.4880:18350 failed to unregister, leaking uprobe [ 350.773486][T18382] loop1: detected capacity change from 0 to 1024 [ 350.789354][T18382] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 350.794684][T18385] loop4: detected capacity change from 0 to 512 [ 350.810885][T18385] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 350.826428][T18388] rdma_rxe: rxe_newlink: failed to add sit0 [ 350.832763][T18382] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 350.836795][T18385] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.4895: iget: bad extended attribute block 19 [ 350.856832][T18382] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 350.865055][T18382] System zones: 0-1, 4-36, 102-102 [ 350.866306][T18385] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.4895: couldn't read orphan inode 15 (err -117) [ 350.890169][T18385] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4895: bg 0: block 65: padding at end of block bitmap is not set [ 350.918566][T18395] netlink: 'syz.2.4899': attribute type 1 has an invalid length. [ 350.940666][T18395] 8021q: adding VLAN 0 to HW filter on device bond9 [ 350.987784][T18395] 8021q: adding VLAN 0 to HW filter on device bond9 [ 350.995164][T18395] bond9: (slave wireguard0): The slave device specified does not support setting the MAC address [ 351.007535][T18395] bond9: (slave wireguard0): Error -95 calling set_mac_address [ 351.146110][T18422] bond_slave_1: entered promiscuous mode [ 351.162613][T18422] bond_slave_1: left promiscuous mode [ 351.370792][T18432] loop4: detected capacity change from 0 to 8192 [ 351.379127][T18442] loop3: detected capacity change from 0 to 512 [ 351.398807][T18442] ext4 filesystem being mounted at /396/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 351.582467][T18446] syzkaller0: entered allmulticast mode [ 351.631036][T18446] syzkaller0 (unregistering): left allmulticast mode [ 351.901348][T18457] loop2: detected capacity change from 0 to 512 [ 351.902862][T18457] EXT4-fs: Mount option(s) incompatible with ext2 [ 352.038843][T18459] loop2: detected capacity change from 0 to 2048 [ 352.075061][T18463] loop3: detected capacity change from 0 to 512 [ 352.089780][T18463] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 352.113236][T18463] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.4924: iget: bad extended attribute block 19 [ 352.149034][T18463] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.4924: couldn't read orphan inode 15 (err -117) [ 352.214959][T18473] loop1: detected capacity change from 0 to 512 [ 352.221423][T18459] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 352.221486][T18459] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 500 with error 28 [ 352.248748][T18459] EXT4-fs (loop2): This should not happen!! Data will be lost [ 352.248748][T18459] [ 352.258466][T18459] EXT4-fs (loop2): Total free blocks count 0 [ 352.265048][T18459] EXT4-fs (loop2): Free/Dirty block details [ 352.271023][T18459] EXT4-fs (loop2): free_blocks=2415919104 [ 352.276880][T18459] EXT4-fs (loop2): dirty_blocks=512 [ 352.282327][T18459] EXT4-fs (loop2): Block reservation details [ 352.289423][T18459] EXT4-fs (loop2): i_reserved_data_blocks=32 [ 352.298912][T18463] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4924: bg 0: block 65: padding at end of block bitmap is not set [ 352.382303][T18477] bond_slave_1: entered promiscuous mode [ 352.394637][T18477] bond_slave_1: left promiscuous mode [ 352.430335][T18479] loop2: detected capacity change from 0 to 8192 [ 352.448043][T18473] ext4 filesystem being mounted at /306/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 352.594188][T18487] loop1: detected capacity change from 0 to 1024 [ 352.610832][T18487] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 352.621596][T18487] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 352.659259][T18487] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 352.668968][T18487] System zones: 0-1, 4-36, 102-102 [ 352.998173][T18521] loop1: detected capacity change from 0 to 512 [ 353.019728][T18521] ext4 filesystem being mounted at /311/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 353.061912][T18526] FAULT_INJECTION: forcing a failure. [ 353.061912][T18526] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 353.075246][T18526] CPU: 0 UID: 0 PID: 18526 Comm: syz.0.4944 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 353.086221][T18526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 353.096415][T18526] Call Trace: [ 353.099716][T18526] [ 353.102751][T18526] dump_stack_lvl+0xf2/0x150 [ 353.107570][T18526] dump_stack+0x15/0x1a [ 353.111876][T18526] should_fail_ex+0x223/0x230 [ 353.116605][T18526] should_fail+0xb/0x10 [ 353.120870][T18526] should_fail_usercopy+0x1a/0x20 [ 353.126025][T18526] _copy_to_user+0x20/0xa0 [ 353.131071][T18526] simple_read_from_buffer+0xa0/0x110 [ 353.136537][T18526] proc_fail_nth_read+0xf9/0x140 [ 353.141820][T18526] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 353.147453][T18526] vfs_read+0x1a2/0x700 [ 353.153124][T18526] ? __rcu_read_unlock+0x4e/0x70 [ 353.159707][T18526] ? __fget_files+0x17c/0x1c0 [ 353.166736][T18526] ksys_read+0xe8/0x1b0 [ 353.171468][T18526] __x64_sys_read+0x42/0x50 [ 353.176894][T18526] x64_sys_call+0x2874/0x2dc0 [ 353.181760][T18526] do_syscall_64+0xc9/0x1c0 [ 353.186395][T18526] ? clear_bhb_loop+0x55/0xb0 [ 353.191219][T18526] ? clear_bhb_loop+0x55/0xb0 [ 353.195939][T18526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.202015][T18526] RIP: 0033:0x7f400894473c [ 353.206584][T18526] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 353.226576][T18526] RSP: 002b:00007f4006fb7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 353.235032][T18526] RAX: ffffffffffffffda RBX: 00007f4008b35fa0 RCX: 00007f400894473c [ 353.243041][T18526] RDX: 000000000000000f RSI: 00007f4006fb70a0 RDI: 0000000000000004 [ 353.251046][T18526] RBP: 00007f4006fb7090 R08: 0000000000000000 R09: 0000000000000000 [ 353.259091][T18526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 353.267356][T18526] R13: 0000000000000000 R14: 00007f4008b35fa0 R15: 00007ffc03ebedd8 [ 353.275471][T18526] [ 353.471846][T18539] bond_slave_1: entered promiscuous mode [ 353.479540][T18539] bond_slave_1: left promiscuous mode [ 353.479860][T18541] loop4: detected capacity change from 0 to 1764 [ 353.502576][T18541] iso9660: Bad value for 'session' [ 353.540924][T18541] loop4: detected capacity change from 0 to 764 [ 353.550960][T18541] FAULT_INJECTION: forcing a failure. [ 353.550960][T18541] name failslab, interval 1, probability 0, space 0, times 0 [ 353.564227][T18541] CPU: 0 UID: 0 PID: 18541 Comm: syz.4.4950 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 353.575234][T18541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 353.585356][T18541] Call Trace: [ 353.588645][T18541] [ 353.591712][T18541] dump_stack_lvl+0xf2/0x150 [ 353.596345][T18541] dump_stack+0x15/0x1a [ 353.600583][T18541] should_fail_ex+0x223/0x230 [ 353.605320][T18541] should_failslab+0x8f/0xb0 [ 353.610172][T18541] kmem_cache_alloc_noprof+0x52/0x320 [ 353.615741][T18541] ? getname_flags+0x81/0x3b0 [ 353.620532][T18541] getname_flags+0x81/0x3b0 [ 353.625053][T18541] getname+0x17/0x20 [ 353.628967][T18541] do_sys_openat2+0x67/0x120 [ 353.633586][T18541] __x64_sys_openat+0xf3/0x120 [ 353.638893][T18541] x64_sys_call+0x2b30/0x2dc0 [ 353.643674][T18541] do_syscall_64+0xc9/0x1c0 [ 353.648192][T18541] ? clear_bhb_loop+0x55/0xb0 [ 353.652974][T18541] ? clear_bhb_loop+0x55/0xb0 [ 353.657742][T18541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.663732][T18541] RIP: 0033:0x7fadde505d29 [ 353.668255][T18541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.687964][T18541] RSP: 002b:00007faddcb77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 353.696475][T18541] RAX: ffffffffffffffda RBX: 00007fadde6f5fa0 RCX: 00007fadde505d29 [ 353.704526][T18541] RDX: 00000000001c1880 RSI: 0000000020000100 RDI: ffffffffffffff9c [ 353.712505][T18541] RBP: 00007faddcb77090 R08: 0000000000000000 R09: 0000000000000000 [ 353.720484][T18541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 353.728461][T18541] R13: 0000000000000000 R14: 00007fadde6f5fa0 R15: 00007ffd7cf7c2e8 [ 353.736455][T18541] [ 353.739613][ T29] kauditd_printk_skb: 255 callbacks suppressed [ 353.739625][ T29] audit: type=1400 audit(1737048219.225:22506): avc: denied { mount } for pid=18540 comm="syz.4.4950" name="/" dev="loop4" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 353.800833][ T29] audit: type=1400 audit(1737048219.475:22507): avc: denied { unmount } for pid=11965 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 353.851474][T18554] loop1: detected capacity change from 0 to 512 [ 353.892565][T18554] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 353.914868][T18558] netlink: 'syz.4.4957': attribute type 1 has an invalid length. [ 353.959466][T18558] 8021q: adding VLAN 0 to HW filter on device bond6 [ 354.011869][T18554] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.4953: iget: bad extended attribute block 19 [ 354.026875][T18558] 8021q: adding VLAN 0 to HW filter on device bond6 [ 354.034108][T18558] bond6: (slave wireguard0): The slave device specified does not support setting the MAC address [ 354.047621][T18554] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.4953: couldn't read orphan inode 15 (err -117) [ 354.060985][T18558] bond6: (slave wireguard0): Error -95 calling set_mac_address [ 354.071242][T18549] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4953: bg 0: block 65: padding at end of block bitmap is not set [ 354.208870][ T29] audit: type=1400 audit(1737048219.885:22508): avc: denied { read write } for pid=18573 comm="syz.3.4964" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 354.247110][ T29] audit: type=1400 audit(1737048219.905:22509): avc: denied { open } for pid=18573 comm="syz.3.4964" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 354.281365][T18585] loop1: detected capacity change from 0 to 512 [ 354.296749][ T29] audit: type=1400 audit(1737048219.965:22510): avc: denied { ioctl } for pid=18573 comm="syz.3.4964" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 354.346845][T18585] ext4 filesystem being mounted at /317/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 354.386574][ T29] audit: type=1400 audit(1737048220.055:22511): avc: denied { ioctl } for pid=18575 comm="syz.2.4963" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 355.395152][T18613] loop4: detected capacity change from 0 to 512 [ 355.463905][T18613] ext4 filesystem being mounted at /376/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 355.904528][T18634] loop4: detected capacity change from 0 to 512 [ 355.949638][T18634] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 355.984337][T18634] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal [ 356.265126][T18654] loop3: detected capacity change from 0 to 512 [ 356.281775][T18653] loop4: detected capacity change from 0 to 512 [ 356.309384][T18653] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 356.416920][T18654] ext4 filesystem being mounted at /409/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 356.424926][ T29] audit: type=1400 audit(1737048222.095:22512): avc: denied { write } for pid=18664 comm="syz.2.5000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 356.448933][T18653] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.4996: iget: bad extended attribute block 19 [ 356.461840][T18653] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.4996: couldn't read orphan inode 15 (err -117) [ 356.476036][T18653] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4996: bg 0: block 65: padding at end of block bitmap is not set [ 356.608509][ T29] audit: type=1326 audit(1737048222.275:22513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18678 comm="syz.0.5005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4008945d29 code=0x7ffc0000 [ 356.632387][ T29] audit: type=1326 audit(1737048222.275:22514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18678 comm="syz.0.5005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4008945d29 code=0x7ffc0000 [ 356.656181][ T29] audit: type=1326 audit(1737048222.275:22515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18678 comm="syz.0.5005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4008945d29 code=0x7ffc0000 [ 356.691695][T18681] xt_hashlimit: size too large, truncated to 1048576 [ 357.029268][T18697] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 357.036027][T18697] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 357.043865][T18697] vhci_hcd vhci_hcd.0: Device attached [ 357.163783][T18704] FAULT_INJECTION: forcing a failure. [ 357.163783][T18704] name failslab, interval 1, probability 0, space 0, times 0 [ 357.176521][T18704] CPU: 0 UID: 0 PID: 18704 Comm: syz.3.5011 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 357.187375][T18704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 357.197650][T18704] Call Trace: [ 357.200959][T18704] [ 357.203903][T18704] dump_stack_lvl+0xf2/0x150 [ 357.208553][T18704] dump_stack+0x15/0x1a [ 357.212936][T18704] should_fail_ex+0x223/0x230 [ 357.217678][T18704] should_failslab+0x8f/0xb0 [ 357.222410][T18704] kmem_cache_alloc_noprof+0x52/0x320 [ 357.227880][T18704] ? security_file_alloc+0x32/0x100 [ 357.233290][T18704] security_file_alloc+0x32/0x100 [ 357.238389][T18704] init_file+0x5b/0x1b0 [ 357.242599][T18704] alloc_empty_file+0xea/0x200 [ 357.247391][T18704] path_openat+0x6a/0x1fa0 [ 357.251898][T18704] ? _parse_integer_limit+0x167/0x180 [ 357.257337][T18704] ? _parse_integer+0x27/0x30 [ 357.262056][T18704] ? kstrtoull+0x110/0x140 [ 357.266550][T18704] ? kstrtouint+0x77/0xc0 [ 357.270904][T18704] ? kstrtouint_from_user+0xb0/0xe0 [ 357.276338][T18704] do_filp_open+0x107/0x230 [ 357.280934][T18704] do_sys_openat2+0xab/0x120 [ 357.285720][T18704] __x64_sys_openat+0xf3/0x120 [ 357.290736][T18704] x64_sys_call+0x2b30/0x2dc0 [ 357.295581][T18704] do_syscall_64+0xc9/0x1c0 [ 357.300177][T18704] ? clear_bhb_loop+0x55/0xb0 [ 357.304890][T18704] ? clear_bhb_loop+0x55/0xb0 [ 357.309607][T18704] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.315610][T18704] RIP: 0033:0x7fcdd0ca5d29 [ 357.320075][T18704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.339899][T18704] RSP: 002b:00007fcdcf2d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 357.348340][T18704] RAX: ffffffffffffffda RBX: 00007fcdd0e96160 RCX: 00007fcdd0ca5d29 [ 357.356392][T18704] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 357.364387][T18704] RBP: 00007fcdcf2d5090 R08: 0000000000000000 R09: 0000000000000000 [ 357.372385][T18704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 357.380375][T18704] R13: 0000000000000000 R14: 00007fcdd0e96160 R15: 00007ffe91a9d4d8 [ 357.388418][T18704] [ 357.516634][ T3376] usb 9-1: new high-speed USB device number 6 using vhci_hcd [ 357.790492][T18698] vhci_hcd: connection reset by peer [ 357.796108][T13820] vhci_hcd: stop threads [ 357.800516][T13820] vhci_hcd: release socket [ 357.805406][T13820] vhci_hcd: disconnect device [ 357.861099][T18719] loop2: detected capacity change from 0 to 8192 [ 358.131285][T18730] xt_hashlimit: size too large, truncated to 1048576 [ 358.620252][T18746] bond_slave_1: entered promiscuous mode [ 358.637113][T18746] bond_slave_1: left promiscuous mode [ 358.725659][T18753] loop4: detected capacity change from 0 to 2048 [ 358.744715][T18749] bond_slave_1: entered promiscuous mode [ 358.757719][T18749] bond_slave_1: left promiscuous mode [ 358.783096][ T29] kauditd_printk_skb: 106 callbacks suppressed [ 358.783112][ T29] audit: type=1400 audit(1737048224.455:22622): avc: denied { setopt } for pid=18750 comm="syz.0.5030" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 358.817353][ T29] audit: type=1400 audit(1737048224.495:22623): avc: denied { unmount } for pid=11502 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 358.842077][T18753] EXT4-fs mount: 94 callbacks suppressed [ 358.842104][T18753] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 358.860316][ T29] audit: type=1400 audit(1737048224.535:22624): avc: denied { mount } for pid=18752 comm="syz.4.5031" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 358.907361][ T29] audit: type=1400 audit(1737048224.565:22625): avc: denied { read write } for pid=12907 comm="syz-executor" name="loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 358.931991][ T29] audit: type=1400 audit(1737048224.565:22626): avc: denied { open } for pid=12907 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 358.956407][ T29] audit: type=1400 audit(1737048224.565:22627): avc: denied { ioctl } for pid=12907 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=101 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 358.982389][ T29] audit: type=1400 audit(1737048224.575:22628): avc: denied { prog_load } for pid=18752 comm="syz.4.5031" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 359.001659][ T29] audit: type=1400 audit(1737048224.575:22629): avc: denied { bpf } for pid=18752 comm="syz.4.5031" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 359.022487][ T29] audit: type=1400 audit(1737048224.575:22630): avc: denied { perfmon } for pid=18752 comm="syz.4.5031" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 359.043990][ T29] audit: type=1400 audit(1737048224.575:22631): avc: denied { prog_run } for pid=18752 comm="syz.4.5031" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 359.112399][T18763] loop2: detected capacity change from 0 to 512 [ 359.112522][T18753] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 359.126866][T18763] journal_path: Non-blockdev passed as './bus' [ 359.139740][T18763] EXT4-fs: error: could not find journal device path [ 359.146848][T18753] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 742 with error 28 [ 359.159545][T18753] EXT4-fs (loop4): This should not happen!! Data will be lost [ 359.159545][T18753] [ 359.169392][T18753] EXT4-fs (loop4): Total free blocks count 0 [ 359.175593][T18753] EXT4-fs (loop4): Free/Dirty block details [ 359.181682][T18753] EXT4-fs (loop4): free_blocks=2415919104 [ 359.187460][T18753] EXT4-fs (loop4): dirty_blocks=752 [ 359.192783][T18753] EXT4-fs (loop4): Block reservation details [ 359.198844][T18753] EXT4-fs (loop4): i_reserved_data_blocks=47 [ 359.208313][T18764] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 359.247559][T18780] loop2: detected capacity change from 0 to 512 [ 359.265462][T18775] loop3: detected capacity change from 0 to 8192 [ 359.286443][T18780] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 359.299277][T18783] loop1: detected capacity change from 0 to 128 [ 359.307733][T18783] EXT4-fs: Ignoring removed nobh option [ 359.329428][T18783] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 359.341938][T18783] ext4 filesystem being mounted at /329/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 359.345678][T18780] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #15: comm syz.2.5042: iget: bad extended attribute block 19 [ 359.377744][T18780] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.5042: couldn't read orphan inode 15 (err -117) [ 359.427078][T18780] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.451930][T18791] loop4: detected capacity change from 0 to 8192 [ 359.470631][T18780] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.5042: bg 0: block 65: padding at end of block bitmap is not set [ 359.502263][T12907] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 359.519413][T11502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.544417][T18795] loop2: detected capacity change from 0 to 1024 [ 359.552700][T18795] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 359.575098][T18795] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 359.585607][T18795] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 359.594320][T18795] System zones: 0-1, 4-36, 102-102 [ 359.600266][T18795] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 359.624881][T11502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.068329][T18810] netlink: 'syz.0.5049': attribute type 1 has an invalid length. [ 360.095785][T18810] 8021q: adding VLAN 0 to HW filter on device bond8 [ 360.183573][T18820] FAULT_INJECTION: forcing a failure. [ 360.183573][T18820] name failslab, interval 1, probability 0, space 0, times 0 [ 360.196447][T18820] CPU: 1 UID: 0 PID: 18820 Comm: syz.0.5053 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 360.207337][T18820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 360.217426][T18820] Call Trace: [ 360.221342][T18820] [ 360.224403][T18820] dump_stack_lvl+0xf2/0x150 [ 360.229098][T18820] dump_stack+0x15/0x1a [ 360.233642][T18820] should_fail_ex+0x223/0x230 [ 360.238375][T18820] should_failslab+0x8f/0xb0 [ 360.243587][T18820] kmem_cache_alloc_noprof+0x52/0x320 [ 360.249036][T18820] ? getname_flags+0x81/0x3b0 [ 360.253752][T18820] getname_flags+0x81/0x3b0 [ 360.258356][T18820] user_path_at+0x26/0x120 [ 360.262816][T18820] __x64_sys_umount+0x85/0xe0 [ 360.267537][T18820] x64_sys_call+0x20cd/0x2dc0 [ 360.272239][T18820] do_syscall_64+0xc9/0x1c0 [ 360.276869][T18820] ? clear_bhb_loop+0x55/0xb0 [ 360.281722][T18820] ? clear_bhb_loop+0x55/0xb0 [ 360.286434][T18820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.292469][T18820] RIP: 0033:0x7f4008945d29 [ 360.297095][T18820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 360.316752][T18820] RSP: 002b:00007f4006fb7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 360.325597][T18820] RAX: ffffffffffffffda RBX: 00007f4008b35fa0 RCX: 00007f4008945d29 [ 360.333596][T18820] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0 [ 360.341798][T18820] RBP: 00007f4006fb7090 R08: 0000000000000000 R09: 0000000000000000 [ 360.353394][T18820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 360.361566][T18820] R13: 0000000000000000 R14: 00007f4008b35fa0 R15: 00007ffc03ebedd8 [ 360.369940][T18820] [ 360.508791][T18828] loop1: detected capacity change from 0 to 1024 [ 360.529085][T18828] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 360.539762][T18828] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 360.555039][T18828] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 360.564490][T18828] System zones: 0-1, 4-36, 102-102 [ 360.570597][T18828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 360.627999][T18836] xt_hashlimit: size too large, truncated to 1048576 [ 360.699862][T18844] loop4: detected capacity change from 0 to 512 [ 360.727354][T12907] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.741886][T18846] loop3: detected capacity change from 0 to 512 [ 360.754456][T18846] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 360.764390][T18844] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 360.777031][T18844] ext4 filesystem being mounted at /391/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 360.792811][T18846] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.5064: iget: bad extended attribute block 19 [ 360.819382][T18846] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.5064: couldn't read orphan inode 15 (err -117) [ 360.832921][T18846] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 360.851210][T18854] netlink: 'syz.1.5062': attribute type 1 has an invalid length. [ 360.859862][T18846] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5064: bg 0: block 65: padding at end of block bitmap is not set [ 361.155930][T18862] loop1: detected capacity change from 0 to 8192 [ 361.271564][T11965] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.079916][T18872] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 362.086478][T18872] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 362.094121][T18872] vhci_hcd vhci_hcd.0: Device attached [ 362.139832][T18885] loop2: detected capacity change from 0 to 1024 [ 362.160024][T18885] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 362.169821][T18885] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 362.186865][T12204] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.198635][T18885] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 362.210438][T18891] loop4: detected capacity change from 0 to 1024 [ 362.211594][T18885] System zones: 0-1, 4-36, 102-102 [ 362.229198][T18885] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 362.240076][T18895] loop3: detected capacity change from 0 to 1024 [ 362.249223][T18891] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 362.256855][T18895] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 362.280603][T18895] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 362.291810][T11965] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.291806][T11502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.310371][T18895] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 362.323612][T18899] loop2: detected capacity change from 0 to 1024 [ 362.330238][T18895] System zones: 0-1, 4-36, 102-102 [ 362.337170][T18895] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 362.355318][T18899] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 362.376740][ T9] usb 1-1: new high-speed USB device number 11 using vhci_hcd [ 362.377896][T18899] FAULT_INJECTION: forcing a failure. [ 362.377896][T18899] name failslab, interval 1, probability 0, space 0, times 0 [ 362.386757][T18904] loop4: detected capacity change from 0 to 512 [ 362.397186][T18899] CPU: 1 UID: 0 PID: 18899 Comm: syz.2.5076 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 362.408880][T18904] journal_path: Non-blockdev passed as './bus' [ 362.414960][T18899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 362.414979][T18899] Call Trace: [ 362.414989][T18899] [ 362.415000][T18899] dump_stack_lvl+0xf2/0x150 [ 362.421347][T18904] EXT4-fs: error: could not find journal device path [ 362.432255][T18899] dump_stack+0x15/0x1a [ 362.454700][T18899] should_fail_ex+0x223/0x230 [ 362.459494][T18899] should_failslab+0x8f/0xb0 [ 362.464371][T18899] kmem_cache_alloc_noprof+0x52/0x320 [ 362.469775][T18899] ? getname_flags+0x81/0x3b0 [ 362.474477][T18899] getname_flags+0x81/0x3b0 [ 362.479122][T18899] user_path_at+0x26/0x120 [ 362.483832][T18899] __x64_sys_umount+0x85/0xe0 [ 362.488616][T18899] x64_sys_call+0x20cd/0x2dc0 [ 362.493437][T18899] do_syscall_64+0xc9/0x1c0 [ 362.497974][T18899] ? clear_bhb_loop+0x55/0xb0 [ 362.502670][T18899] ? clear_bhb_loop+0x55/0xb0 [ 362.507446][T18899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.513384][T18899] RIP: 0033:0x7f7202ea5d29 [ 362.517813][T18899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.537545][T18899] RSP: 002b:00007f7201517038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 362.545973][T18899] RAX: ffffffffffffffda RBX: 00007f7203095fa0 RCX: 00007f7202ea5d29 [ 362.554063][T18899] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0 [ 362.562131][T18899] RBP: 00007f7201517090 R08: 0000000000000000 R09: 0000000000000000 [ 362.570189][T18899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 362.578174][T18899] R13: 0000000000000000 R14: 00007f7203095fa0 R15: 00007ffc2e8b9ca8 [ 362.586235][T18899] [ 362.594268][T12204] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.655504][T18911] loop3: detected capacity change from 0 to 512 [ 362.663882][ T3376] vhci_hcd: vhci_device speed not set [ 362.670000][T18879] vhci_hcd: connection reset by peer [ 362.675507][T13820] vhci_hcd: stop threads [ 362.679931][T13820] vhci_hcd: release socket [ 362.684557][T13820] vhci_hcd: disconnect device [ 362.691204][T18911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 362.704761][T18911] ext4 filesystem being mounted at /426/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 362.706701][T11502] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.727473][T18911] xt_hashlimit: size too large, truncated to 1048576 [ 362.734289][T18911] xt_hashlimit: overflow, try lower: 0/0 [ 362.772442][T12204] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.823679][T18920] loop2: detected capacity change from 0 to 8192 [ 362.827599][T18924] loop3: detected capacity change from 0 to 1024 [ 362.859666][T18924] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 362.879868][T18924] syz.3.5085[18924] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 362.879938][T18924] syz.3.5085[18924] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 362.891714][T18924] syz.3.5085[18924] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 362.929014][T12204] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.177525][T18936] loop3: detected capacity change from 0 to 1024 [ 363.221474][T18942] FAULT_INJECTION: forcing a failure. [ 363.221474][T18942] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 363.234668][T18942] CPU: 1 UID: 0 PID: 18942 Comm: syz.1.5091 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 363.242076][T18936] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 363.245448][T18942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 363.265101][T18942] Call Trace: [ 363.268417][T18942] [ 363.271369][T18942] dump_stack_lvl+0xf2/0x150 [ 363.276101][T18942] dump_stack+0x15/0x1a [ 363.280456][T18942] should_fail_ex+0x223/0x230 [ 363.285238][T18942] should_fail+0xb/0x10 [ 363.291784][T18942] should_fail_usercopy+0x1a/0x20 [ 363.297044][T18942] _copy_from_user+0x1e/0xb0 [ 363.301692][T18942] copy_msghdr_from_user+0x54/0x2a0 [ 363.307050][T18942] ? __fget_files+0x17c/0x1c0 [ 363.311973][T18942] __sys_sendmsg+0x13e/0x230 [ 363.316861][T18942] __x64_sys_sendmsg+0x46/0x50 [ 363.321688][T18942] x64_sys_call+0x2734/0x2dc0 [ 363.326543][T18942] do_syscall_64+0xc9/0x1c0 [ 363.331076][T18942] ? clear_bhb_loop+0x55/0xb0 [ 363.332452][T18936] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 363.335847][T18942] ? clear_bhb_loop+0x55/0xb0 [ 363.350728][T18942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.356678][T18942] RIP: 0033:0x7fcfb70e5d29 [ 363.361160][T18942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.381089][T18942] RSP: 002b:00007fcfb5757038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 363.389626][T18942] RAX: ffffffffffffffda RBX: 00007fcfb72d5fa0 RCX: 00007fcfb70e5d29 [ 363.397652][T18942] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000007 [ 363.405678][T18942] RBP: 00007fcfb5757090 R08: 0000000000000000 R09: 0000000000000000 [ 363.413940][T18942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 363.421990][T18942] R13: 0000000000000000 R14: 00007fcfb72d5fa0 R15: 00007ffcdf0fc9a8 [ 363.429998][T18942] [ 363.446886][T18936] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 363.456516][T18936] System zones: 0-1, 4-36, 102-102 [ 363.473461][T18936] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 363.564877][T18954] loop4: detected capacity change from 0 to 2048 [ 363.573936][T12204] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.624701][T18954] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 363.771088][T18954] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 363.793803][ T29] kauditd_printk_skb: 284 callbacks suppressed [ 363.793822][ T29] audit: type=1326 audit(1737048229.465:22916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18980 comm="syz.2.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 363.799803][T18983] loop1: detected capacity change from 0 to 1024 [ 363.801312][ T29] audit: type=1326 audit(1737048229.475:22917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18980 comm="syz.2.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 363.823869][T18954] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 224 with error 28 [ 363.830186][ T29] audit: type=1326 audit(1737048229.475:22918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18980 comm="syz.2.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 363.853808][T18954] EXT4-fs (loop4): This should not happen!! Data will be lost [ 363.853808][T18954] [ 363.872839][ T29] audit: type=1326 audit(1737048229.545:22919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18980 comm="syz.2.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 363.889760][T18954] EXT4-fs (loop4): Total free blocks count 0 [ 363.889782][T18954] EXT4-fs (loop4): Free/Dirty block details [ 363.889797][T18954] EXT4-fs (loop4): free_blocks=2415919104 [ 363.889813][T18954] EXT4-fs (loop4): dirty_blocks=224 [ 363.899479][ T29] audit: type=1326 audit(1737048229.545:22920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18980 comm="syz.2.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 363.922931][T18954] EXT4-fs (loop4): Block reservation details [ 363.928924][ T29] audit: type=1326 audit(1737048229.545:22921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18980 comm="syz.2.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 363.934804][T18954] EXT4-fs (loop4): i_reserved_data_blocks=14 [ 363.940540][ T29] audit: type=1326 audit(1737048229.545:22922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18980 comm="syz.2.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 364.000950][T18987] FAULT_INJECTION: forcing a failure. [ 364.000950][T18987] name failslab, interval 1, probability 0, space 0, times 0 [ 364.006643][ T29] audit: type=1326 audit(1737048229.545:22923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18980 comm="syz.2.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 364.006678][ T29] audit: type=1326 audit(1737048229.545:22924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18980 comm="syz.2.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 364.006704][ T29] audit: type=1326 audit(1737048229.545:22925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18980 comm="syz.2.5104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 364.030169][T18987] CPU: 1 UID: 0 PID: 18987 Comm: syz.0.5110 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 364.044855][T18984] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 364.066231][T18987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 364.066251][T18987] Call Trace: [ 364.066261][T18987] [ 364.066271][T18987] dump_stack_lvl+0xf2/0x150 [ 364.157661][T18987] dump_stack+0x15/0x1a [ 364.161912][T18987] should_fail_ex+0x223/0x230 [ 364.166638][T18987] ? alloc_pipe_info+0xb0/0x360 [ 364.171558][T18987] should_failslab+0x8f/0xb0 [ 364.176197][T18987] __kmalloc_cache_noprof+0x4e/0x320 [ 364.181512][T18987] alloc_pipe_info+0xb0/0x360 [ 364.186290][T18987] splice_direct_to_actor+0x60f/0x670 [ 364.191853][T18987] ? __pfx_direct_splice_actor+0x10/0x10 [ 364.197557][T18987] ? 0xffffffff81000000 [ 364.201719][T18987] ? selinux_file_permission+0x22a/0x360 [ 364.207461][T18987] ? __rcu_read_unlock+0x4e/0x70 [ 364.212511][T18987] ? avc_policy_seqno+0x15/0x20 [ 364.217396][T18987] ? selinux_file_permission+0x22a/0x360 [ 364.223156][T18987] do_splice_direct+0xd7/0x150 [ 364.227945][T18987] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 364.234013][T18987] do_sendfile+0x398/0x660 [ 364.238533][T18987] __x64_sys_sendfile64+0x110/0x150 [ 364.243768][T18987] x64_sys_call+0xfbd/0x2dc0 [ 364.248376][T18987] do_syscall_64+0xc9/0x1c0 [ 364.252899][T18987] ? clear_bhb_loop+0x55/0xb0 [ 364.257628][T18987] ? clear_bhb_loop+0x55/0xb0 [ 364.262346][T18987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.268325][T18987] RIP: 0033:0x7f4008945d29 [ 364.272781][T18987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 364.292509][T18987] RSP: 002b:00007f4006fb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 364.301030][T18987] RAX: ffffffffffffffda RBX: 00007f4008b35fa0 RCX: 00007f4008945d29 [ 364.309088][T18987] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000009 [ 364.317220][T18987] RBP: 00007f4006fb7090 R08: 0000000000000000 R09: 0000000000000000 [ 364.325275][T18987] R10: 000000000003ffff R11: 0000000000000246 R12: 0000000000000001 [ 364.333286][T18987] R13: 0000000000000000 R14: 00007f4008b35fa0 R15: 00007ffc03ebedd8 [ 364.341373][T18987] [ 364.351159][T18983] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 364.364665][T18983] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 364.380529][T18983] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 364.390035][T18983] System zones: 0-1, 4-36, 102-102 [ 364.395868][T18983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 364.415462][T18994] loop4: detected capacity change from 0 to 512 [ 364.423843][T18994] ext3: Unknown parameter 'subj_type' [ 364.447361][T12907] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.536522][T19008] loop3: detected capacity change from 0 to 256 [ 364.584884][T19004] loop1: detected capacity change from 0 to 8192 [ 364.740349][T19010] loop3: detected capacity change from 0 to 8192 [ 365.532338][T19026] loop4: detected capacity change from 0 to 1024 [ 365.557155][T19026] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 365.567596][T19026] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 365.589660][T19026] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840e119, mo2=0002] [ 365.598769][T19026] System zones: 0-1, 4-36, 102-102 [ 365.604510][T19026] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 365.605749][T19033] loop1: detected capacity change from 0 to 4096 [ 365.647979][T11965] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.654289][T19033] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 365.672069][T19033] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.835168][T19043] loop1: detected capacity change from 0 to 512 [ 365.888964][T19043] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 365.903196][T19043] ext4 filesystem being mounted at /349/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 365.931065][T19057] loop4: detected capacity change from 0 to 512 [ 365.941041][T19057] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 365.947686][T12907] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 365.971469][T19057] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.5134: iget: bad extended attribute block 19 [ 366.001561][T19057] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.5134: couldn't read orphan inode 15 (err -117) [ 366.019481][T19057] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 366.060428][T19057] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.5134: bg 0: block 65: padding at end of block bitmap is not set [ 366.088038][T19066] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5137'. [ 366.285238][T11965] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 366.290635][T19086] loop1: detected capacity change from 0 to 512 [ 366.318877][T19090] xt_hashlimit: size too large, truncated to 1048576 [ 366.326931][T19086] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 366.341034][T19086] ext4 filesystem being mounted at /357/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 366.369581][T12907] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 366.384330][T19092] loop4: detected capacity change from 0 to 512 [ 366.398516][T19092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 366.414980][T19092] ext4 filesystem being mounted at /410/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 366.440154][T19097] xt_hashlimit: size too large, truncated to 1048576 [ 366.549181][T19100] loop1: detected capacity change from 0 to 512 [ 366.607728][T19100] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 366.641490][T19100] ext4 filesystem being mounted at /358/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 366.780825][T11965] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 366.935006][T19110] loop4: detected capacity change from 0 to 8192 [ 367.000752][T19110] loop4: detected capacity change from 0 to 2048 [ 367.031871][T19110] loop4: p1 < > p4 [ 367.040231][T19110] loop4: p4 size 8388608 extends beyond EOD, truncated [ 367.081034][ T3496] udevd[3496]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 367.153455][ T3495] udevd[3495]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 367.196361][ T3495] udevd[3495]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 367.197570][ T3496] udevd[3496]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 367.248375][T19129] loop4: detected capacity change from 0 to 512 [ 367.269279][T19129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 367.309008][T19129] ext4 filesystem being mounted at /412/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 367.321355][T12907] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.381400][T19142] xt_hashlimit: size too large, truncated to 1048576 [ 367.389149][T11965] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 367.435353][T19145] loop1: detected capacity change from 0 to 512 [ 367.458185][T19145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 367.472988][T19145] ext4 filesystem being mounted at /359/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 367.517009][T19152] loop4: detected capacity change from 0 to 512 [ 367.535170][T19152] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 367.546658][ T9] vhci_hcd: vhci_device speed not set [ 367.550694][T19152] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.5164: iget: bad extended attribute block 19 [ 367.566408][T19152] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.5164: couldn't read orphan inode 15 (err -117) [ 367.579464][T19152] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 367.598327][T19152] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.5164: bg 0: block 65: padding at end of block bitmap is not set [ 367.889107][T12907] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.945645][T19162] syz.2.5167[19162] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 367.945736][T19162] syz.2.5167[19162] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 367.959261][T19162] syz.2.5167[19162] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 368.254528][T19174] loop3: detected capacity change from 0 to 512 [ 368.308005][T19174] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 368.473323][T19174] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.5172: iget: bad extended attribute block 19 [ 368.517180][T19174] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.5172: couldn't read orphan inode 15 (err -117) [ 368.551199][T19174] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 368.620525][T12204] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 368.762704][T19182] loop3: detected capacity change from 0 to 512 [ 368.809381][ T29] kauditd_printk_skb: 291 callbacks suppressed [ 368.809400][ T29] audit: type=1326 audit(1737048234.485:23217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19184 comm="syz.1.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 368.839664][ T29] audit: type=1326 audit(1737048234.485:23218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19184 comm="syz.1.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 368.863378][ T29] audit: type=1326 audit(1737048234.485:23219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19184 comm="syz.1.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 368.878899][T19182] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 368.887047][ T29] audit: type=1326 audit(1737048234.485:23220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19184 comm="syz.1.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 368.924813][ T29] audit: type=1326 audit(1737048234.485:23221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19184 comm="syz.1.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 368.948614][ T29] audit: type=1326 audit(1737048234.485:23222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19184 comm="syz.1.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 368.971273][T19182] ext4 filesystem being mounted at /450/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 368.972540][ T29] audit: type=1326 audit(1737048234.485:23223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19184 comm="syz.1.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 369.007654][ T29] audit: type=1326 audit(1737048234.485:23224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19184 comm="syz.1.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 369.032476][ T29] audit: type=1326 audit(1737048234.485:23225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19184 comm="syz.1.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 369.056456][ T29] audit: type=1326 audit(1737048234.485:23226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19184 comm="syz.1.5175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfb70e5d29 code=0x7ffc0000 [ 369.098133][T12204] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 369.270170][T19193] xt_hashlimit: size too large, truncated to 1048576 [ 369.324519][T19194] loop3: detected capacity change from 0 to 512 [ 369.399945][T19194] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 369.414585][T19194] ext4 filesystem being mounted at /452/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 369.736564][T19199] xt_hashlimit: size too large, truncated to 1048576 [ 369.920243][T19200] loop1: detected capacity change from 0 to 512 [ 370.004456][T19200] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 370.077204][T19200] ext4 filesystem being mounted at /362/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 370.271342][T11965] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.281646][T12204] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.533035][T19210] loop3: detected capacity change from 0 to 512 [ 370.587944][T19210] EXT4-fs: Ignoring removed i_version option [ 370.605920][T19210] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 370.647633][T19210] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 370.695141][T19210] EXT4-fs (loop3): 1 truncate cleaned up [ 370.707602][T19210] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 370.775449][T12907] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.802477][T19234] xt_hashlimit: size too large, truncated to 1048576 [ 370.862259][T19242] loop1: detected capacity change from 0 to 512 [ 370.927917][T19242] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 370.961147][T19242] ext4 filesystem being mounted at /363/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 371.021777][T19248] loop4: detected capacity change from 0 to 8192 [ 371.033994][T19251] FAULT_INJECTION: forcing a failure. [ 371.033994][T19251] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 371.047688][T19251] CPU: 0 UID: 0 PID: 19251 Comm: syz.2.5197 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 371.059216][T19251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 371.069782][T19251] Call Trace: [ 371.073096][T19251] [ 371.076043][T19251] dump_stack_lvl+0xf2/0x150 [ 371.080924][T19251] dump_stack+0x15/0x1a [ 371.085152][T19251] should_fail_ex+0x223/0x230 [ 371.089929][T19251] should_fail+0xb/0x10 [ 371.094746][T19251] should_fail_usercopy+0x1a/0x20 [ 371.099989][T19251] _copy_from_user+0x1e/0xb0 [ 371.104631][T19251] copy_from_sockptr+0x62/0xa0 [ 371.109905][T19251] packet_setsockopt+0x806/0xfd0 [ 371.115712][T19251] ? __pfx_packet_setsockopt+0x10/0x10 [ 371.121505][T19251] __sys_setsockopt+0x187/0x200 [ 371.126400][T19251] __x64_sys_setsockopt+0x66/0x80 [ 371.131837][T19251] x64_sys_call+0x282e/0x2dc0 [ 371.136651][T19251] do_syscall_64+0xc9/0x1c0 [ 371.142313][T19251] ? clear_bhb_loop+0x55/0xb0 [ 371.150030][T19251] ? clear_bhb_loop+0x55/0xb0 [ 371.156316][T19251] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.162644][T19251] RIP: 0033:0x7f7202ea5d29 [ 371.168023][T19251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 371.192511][T19251] RSP: 002b:00007f7201517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 371.203683][T19251] RAX: ffffffffffffffda RBX: 00007f7203095fa0 RCX: 00007f7202ea5d29 [ 371.213611][T19251] RDX: 0000000000000005 RSI: 0000000000000107 RDI: 0000000000000006 [ 371.223023][T19251] RBP: 00007f7201517090 R08: 000000000000001c R09: 0000000000000000 [ 371.231495][T19251] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001 [ 371.240711][T19251] R13: 0000000000000000 R14: 00007f7203095fa0 R15: 00007ffc2e8b9ca8 [ 371.250038][T19251] [ 371.274621][T12204] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.346393][T19253] random: crng reseeded on system resumption [ 371.464459][T12907] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.898401][T19275] bond_slave_1: entered promiscuous mode [ 371.913222][T19275] bond_slave_1: left promiscuous mode [ 372.012637][T19279] loop4: detected capacity change from 0 to 2048 [ 372.038034][T19281] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 372.044736][T19281] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 372.052404][T19281] vhci_hcd vhci_hcd.0: Device attached [ 372.125996][T19279] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 372.152746][T19279] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1966 with error 28 [ 372.165426][T19279] EXT4-fs (loop4): This should not happen!! Data will be lost [ 372.165426][T19279] [ 372.175186][T19279] EXT4-fs (loop4): Total free blocks count 0 [ 372.181206][T19279] EXT4-fs (loop4): Free/Dirty block details [ 372.187205][T19279] EXT4-fs (loop4): free_blocks=2415919104 [ 372.192959][T19279] EXT4-fs (loop4): dirty_blocks=1968 [ 372.198297][T19279] EXT4-fs (loop4): Block reservation details [ 372.204311][T19279] EXT4-fs (loop4): i_reserved_data_blocks=123 [ 372.293729][T19290] loop3: detected capacity change from 0 to 512 [ 372.320511][T19290] ext4 filesystem being mounted at /455/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 372.336789][ T9] usb 5-1: new high-speed USB device number 11 using vhci_hcd [ 372.415593][T19294] bond_slave_1: entered promiscuous mode [ 372.422092][T19294] bond_slave_1: left promiscuous mode [ 372.432483][ T54] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 372.445181][ T54] EXT4-fs (loop4): This should not happen!! Data will be lost [ 372.445181][ T54] [ 372.560584][T19300] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5214'. [ 372.571941][T19303] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0 [ 372.584261][T19300] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5214'. [ 372.594393][T19300] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5214'. [ 372.715803][T19313] bond_slave_1: entered promiscuous mode [ 372.726293][T19313] bond_slave_1: left promiscuous mode [ 372.868520][T19282] vhci_hcd: connection reset by peer [ 372.874342][T13820] vhci_hcd: stop threads [ 372.878690][T13820] vhci_hcd: release socket [ 372.883137][T13820] vhci_hcd: disconnect device [ 373.319645][T19345] loop4: detected capacity change from 0 to 8192 [ 373.760981][T19366] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 373.838086][ T29] kauditd_printk_skb: 265 callbacks suppressed [ 373.838102][ T29] audit: type=1400 audit(1737048239.515:23492): avc: denied { create } for pid=19378 comm="syz.3.5244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 373.877022][ T29] audit: type=1400 audit(1737048239.545:23493): avc: denied { setopt } for pid=19378 comm="syz.3.5244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 373.896802][ T29] audit: type=1400 audit(1737048239.545:23494): avc: denied { prog_load } for pid=19378 comm="syz.3.5244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 373.916094][ T29] audit: type=1400 audit(1737048239.545:23495): avc: denied { bpf } for pid=19378 comm="syz.3.5244" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 373.936828][ T29] audit: type=1400 audit(1737048239.545:23496): avc: denied { create } for pid=19378 comm="syz.3.5244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 373.956561][ T29] audit: type=1400 audit(1737048239.545:23497): avc: denied { write } for pid=19378 comm="syz.3.5244" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 373.976423][ T29] audit: type=1400 audit(1737048239.545:23498): avc: denied { append } for pid=2982 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=16 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 374.001100][T19366] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.005538][ T29] audit: type=1400 audit(1737048239.675:23499): avc: denied { create } for pid=19383 comm="syz.3.5245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 374.032279][ T29] audit: type=1400 audit(1737048239.675:23500): avc: denied { map_create } for pid=19383 comm="syz.3.5245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 374.051747][ T29] audit: type=1400 audit(1737048239.675:23501): avc: denied { map_read map_write } for pid=19383 comm="syz.3.5245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 374.103554][T19386] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 374.110149][T19386] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 374.118008][T19386] vhci_hcd vhci_hcd.0: Device attached [ 374.134873][T19366] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.192508][T19366] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.254126][T19366] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 374.261981][T19391] loop4: detected capacity change from 0 to 512 [ 374.276541][T19366] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 374.304077][T19366] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 374.315538][T19391] ext4 filesystem being mounted at /439/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 374.316359][T19393] bond_slave_1: entered promiscuous mode [ 374.332712][T19393] bond_slave_1: left promiscuous mode [ 374.343630][T19366] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 374.374006][ T24] usb 7-1: new high-speed USB device number 11 using vhci_hcd [ 374.575393][T19415] sit0 speed is unknown, defaulting to 1000 [ 374.632092][T19415] lo speed is unknown, defaulting to 1000 [ 374.802076][T19424] loop2: detected capacity change from 0 to 8192 [ 374.937697][T19387] vhci_hcd: connection reset by peer [ 374.950040][T14350] vhci_hcd: stop threads [ 374.954346][T14350] vhci_hcd: release socket [ 374.958809][T14350] vhci_hcd: disconnect device [ 375.082963][T19429] loop4: detected capacity change from 0 to 512 [ 375.111033][T19429] ext4 filesystem being mounted at /442/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 375.162176][T19433] bond_slave_1: entered promiscuous mode [ 375.168711][T19433] bond_slave_1: left promiscuous mode [ 375.525887][T19451] loop3: detected capacity change from 0 to 512 [ 375.550715][T19451] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 375.598316][T19451] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.5269: iget: bad extended attribute block 19 [ 375.616943][T19451] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.5269: couldn't read orphan inode 15 (err -117) [ 375.635095][T19451] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5269: bg 0: block 65: padding at end of block bitmap is not set [ 375.894274][T19467] loop1: detected capacity change from 0 to 512 [ 375.952726][T19467] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 375.960990][T19467] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002] [ 375.979278][T19467] System zones: 0-2, 18-18, 34-35 [ 375.994042][T19467] EXT4-fs (loop1): shut down requested (0) [ 376.088488][T19476] loop1: detected capacity change from 0 to 512 [ 376.099200][T19476] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 376.189336][T19476] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.5277: iget: bad extended attribute block 19 [ 376.203956][T19476] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.5277: couldn't read orphan inode 15 (err -117) [ 376.224890][T19476] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.5277: bg 0: block 65: padding at end of block bitmap is not set [ 376.852245][T19494] loop2: detected capacity change from 0 to 512 [ 376.869225][T19494] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 377.166458][T19496] loop2: detected capacity change from 0 to 8192 [ 377.385982][T19504] sit0 speed is unknown, defaulting to 1000 [ 377.427769][ T9] vhci_hcd: vhci_device speed not set [ 377.487155][T19504] lo speed is unknown, defaulting to 1000 [ 378.168479][T19516] sit0 speed is unknown, defaulting to 1000 [ 378.181009][T19523] loop3: detected capacity change from 0 to 2048 [ 378.338851][T19523] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 378.364224][T19523] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1488 with error 28 [ 378.377041][T19523] EXT4-fs (loop3): This should not happen!! Data will be lost [ 378.377041][T19523] [ 378.386899][T19523] EXT4-fs (loop3): Total free blocks count 0 [ 378.393079][T19523] EXT4-fs (loop3): Free/Dirty block details [ 378.399438][T19523] EXT4-fs (loop3): free_blocks=2415919104 [ 378.405323][T19523] EXT4-fs (loop3): dirty_blocks=1488 [ 378.411021][T19523] EXT4-fs (loop3): Block reservation details [ 378.417287][T19523] EXT4-fs (loop3): i_reserved_data_blocks=93 [ 378.578400][T19516] lo speed is unknown, defaulting to 1000 [ 378.659262][T13820] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 378.675432][T13820] EXT4-fs (loop3): This should not happen!! Data will be lost [ 378.675432][T13820] [ 378.875232][ T29] kauditd_printk_skb: 336 callbacks suppressed [ 378.875251][ T29] audit: type=1400 audit(1737048244.545:23838): avc: denied { connect } for pid=19560 comm="syz.3.5305" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 378.903401][ T29] audit: type=1400 audit(1737048244.545:23839): avc: denied { write } for pid=19560 comm="syz.3.5305" path="socket:[51804]" dev="sockfs" ino=51804 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 378.928077][ T29] audit: type=1400 audit(1737048244.595:23840): avc: denied { write } for pid=19562 comm="syz.4.5306" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 378.962914][ T29] audit: type=1326 audit(1737048244.635:23841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19560 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdd0ca5d29 code=0x7ffc0000 [ 378.988214][ T29] audit: type=1326 audit(1737048244.635:23842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19560 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fcdd0ca5d29 code=0x7ffc0000 [ 379.014009][T19568] loop3: detected capacity change from 0 to 512 [ 379.027480][T19568] EXT4-fs: Ignoring removed i_version option [ 379.040945][T19568] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 379.047507][ T29] audit: type=1326 audit(1737048244.665:23843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19560 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdd0ca5d29 code=0x7ffc0000 [ 379.074833][ T29] audit: type=1326 audit(1737048244.665:23844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19560 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdd0ca5d29 code=0x7ffc0000 [ 379.098685][ T29] audit: type=1326 audit(1737048244.665:23845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19569 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fcdd0cd85e5 code=0x7ffc0000 [ 379.105269][T19576] xt_hashlimit: size too large, truncated to 1048576 [ 379.122476][ T29] audit: type=1326 audit(1737048244.675:23846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19560 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fcdd0ca5d29 code=0x7ffc0000 [ 379.152996][ T29] audit: type=1326 audit(1737048244.675:23847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19560 comm="syz.3.5305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcdd0ca5d63 code=0x7ffc0000 [ 379.181065][T19577] loop4: detected capacity change from 0 to 512 [ 379.221162][T19568] EXT4-fs (loop3): 1 truncate cleaned up [ 379.255068][T19577] ext4 filesystem being mounted at /454/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 379.496660][ T24] vhci_hcd: vhci_device speed not set [ 379.660150][T19589] loop1: detected capacity change from 0 to 512 [ 379.700691][T19589] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 379.829225][T19598] loop1: detected capacity change from 0 to 512 [ 379.882371][T19598] ext4 filesystem being mounted at /381/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 379.955343][T19612] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 379.962002][T19612] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 379.970299][T19612] vhci_hcd vhci_hcd.0: Device attached [ 380.049577][T19629] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5327'. [ 380.049911][T19627] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5328'. [ 380.069188][T19627] unsupported nlmsg_type 40 [ 380.079575][T19627] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 380.089312][T19627] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 380.099143][T19627] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 380.108396][T19627] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 380.117610][T19627] vxlan0: entered promiscuous mode [ 380.122963][T19627] vxlan0: entered allmulticast mode [ 380.177445][T19638] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5330'. [ 380.226737][ T8] usb 5-1: new high-speed USB device number 12 using vhci_hcd [ 380.357063][T19646] loop4: detected capacity change from 0 to 512 [ 380.370809][T19646] ext4 filesystem being mounted at /460/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 380.432064][T19652] xt_hashlimit: size too large, truncated to 1048576 [ 380.486531][T19653] loop4: detected capacity change from 0 to 512 [ 380.519856][T19653] ext4 filesystem being mounted at /462/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 380.750009][T19613] vhci_hcd: connection reset by peer [ 380.755901][ T54] vhci_hcd: stop threads [ 380.760313][ T54] vhci_hcd: release socket [ 380.764753][ T54] vhci_hcd: disconnect device [ 380.785753][T19666] netlink: 32 bytes leftover after parsing attributes in process `syz.3.5341'. [ 380.843310][T19671] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5343'. [ 380.879377][T19675] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 380.949682][T19675] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 381.027551][T19675] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 381.083995][T19675] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 381.148228][T19675] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.163072][T19675] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.175757][T19675] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.191447][T19675] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.309028][T19690] FAULT_INJECTION: forcing a failure. [ 381.309028][T19690] name failslab, interval 1, probability 0, space 0, times 0 [ 381.321926][T19690] CPU: 1 UID: 0 PID: 19690 Comm: syz.2.5349 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 381.333622][T19690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 381.343814][T19690] Call Trace: [ 381.347097][T19690] [ 381.350487][T19690] dump_stack_lvl+0xf2/0x150 [ 381.355128][T19690] dump_stack+0x15/0x1a [ 381.359362][T19690] should_fail_ex+0x223/0x230 [ 381.364078][T19690] should_failslab+0x8f/0xb0 [ 381.368804][T19690] kmem_cache_alloc_noprof+0x52/0x320 [ 381.374371][T19690] ? security_file_alloc+0x32/0x100 [ 381.379660][T19690] security_file_alloc+0x32/0x100 [ 381.384718][T19690] init_file+0x5b/0x1b0 [ 381.388989][T19690] alloc_empty_file+0xea/0x200 [ 381.393766][T19690] path_openat+0x6a/0x1fa0 [ 381.398189][T19690] ? _parse_integer_limit+0x167/0x180 [ 381.403736][T19690] ? _parse_integer+0x27/0x30 [ 381.408418][T19690] ? kstrtoull+0x110/0x140 [ 381.412881][T19690] ? kstrtouint+0x77/0xc0 [ 381.417436][T19690] ? kstrtouint_from_user+0xb0/0xe0 [ 381.422715][T19690] do_filp_open+0x107/0x230 [ 381.427263][T19690] do_sys_openat2+0xab/0x120 [ 381.431961][T19690] __x64_sys_openat+0xf3/0x120 [ 381.436803][T19690] x64_sys_call+0x2b30/0x2dc0 [ 381.441512][T19690] do_syscall_64+0xc9/0x1c0 [ 381.446147][T19690] ? clear_bhb_loop+0x55/0xb0 [ 381.450892][T19690] ? clear_bhb_loop+0x55/0xb0 [ 381.455594][T19690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.461514][T19690] RIP: 0033:0x7f7202ea5d29 [ 381.466022][T19690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 381.485751][T19690] RSP: 002b:00007f7201517038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 381.494407][T19690] RAX: ffffffffffffffda RBX: 00007f7203095fa0 RCX: 00007f7202ea5d29 [ 381.502390][T19690] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: ffffffffffffff9c [ 381.510472][T19690] RBP: 00007f7201517090 R08: 0000000000000000 R09: 0000000000000000 [ 381.518458][T19690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 381.526550][T19690] R13: 0000000000000000 R14: 00007f7203095fa0 R15: 00007ffc2e8b9ca8 [ 381.534567][T19690] [ 381.633006][T19700] msdos: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ¨ÐÊ3†…ƒPq{ÚP [ 381.633006][T19700] n'º|$@OOݱµ’-®+·el' [ 381.640546][T19701] loop4: detected capacity change from 0 to 1024 [ 381.658285][T19700] 9pnet_fd: Insufficient options for proto=fd [ 381.694901][T19700] loop2: detected capacity change from 0 to 2048 [ 381.710113][T19700] ext4: Unknown parameter 'dont_appraise' [ 381.798440][T19712] loop2: detected capacity change from 0 to 2048 [ 381.884198][T19712] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 381.904926][T19721] loop1: detected capacity change from 0 to 1024 [ 381.906772][T19712] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 381.931216][T19712] EXT4-fs (loop2): This should not happen!! Data will be lost [ 381.931216][T19712] [ 381.941565][T19712] EXT4-fs (loop2): Total free blocks count 0 [ 381.948031][T19712] EXT4-fs (loop2): Free/Dirty block details [ 381.955437][T19712] EXT4-fs (loop2): free_blocks=2415919104 [ 381.961849][T19712] EXT4-fs (loop2): dirty_blocks=2224 [ 381.969113][T19712] EXT4-fs (loop2): Block reservation details [ 381.975929][T19712] EXT4-fs (loop2): i_reserved_data_blocks=139 [ 381.984410][T19716] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 382.011175][T19727] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 382.019206][T19727] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 382.030447][T19727] vhci_hcd vhci_hcd.0: Device attached [ 382.042847][T19722] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 170 with error 28 [ 382.058494][T19722] EXT4-fs (loop2): This should not happen!! Data will be lost [ 382.058494][T19722] [ 382.083064][T19716] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 382.151756][T19716] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 382.199488][T19716] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 382.242814][T19716] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.254674][T19716] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.266812][T19716] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.269320][T19743] loop2: detected capacity change from 0 to 1024 [ 382.278225][T19716] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.281465][ T3373] usb 3-1: new high-speed USB device number 7 using vhci_hcd [ 382.332205][T19748] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5366'. [ 382.342167][T19748] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5366'. [ 382.779053][T19770] loop4: detected capacity change from 0 to 8192 [ 382.843420][T19728] vhci_hcd: connection reset by peer [ 382.849601][ T36] vhci_hcd: stop threads [ 382.853920][ T36] vhci_hcd: release socket [ 382.858477][ T36] vhci_hcd: disconnect device [ 383.152456][T19783] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.200003][T19783] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.238561][T19783] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.297915][T19783] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.548735][T19791] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.591885][T19795] loop3: detected capacity change from 0 to 512 [ 383.599600][T19791] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.616916][T19795] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 383.639118][T19795] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.5381: iget: bad extended attribute block 19 [ 383.653899][T19791] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.656994][T19795] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.5381: couldn't read orphan inode 15 (err -117) [ 383.699018][T19791] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.719671][T19795] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5381: bg 0: block 65: padding at end of block bitmap is not set [ 383.754044][T19791] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.765757][T19791] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.777214][T19791] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.788889][T19791] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 383.864673][T19803] loop4: detected capacity change from 0 to 512 [ 383.890472][T19803] ext4 filesystem being mounted at /472/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 383.948751][T19807] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5384'. [ 383.957981][T19807] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5384'. [ 384.028355][T19810] xt_hashlimit: size too large, truncated to 1048576 [ 384.093231][T19811] loop4: detected capacity change from 0 to 512 [ 384.129550][T19811] ext4 filesystem being mounted at /474/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 384.323485][T19816] loop1: detected capacity change from 0 to 512 [ 384.359653][T19816] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 384.367736][T19816] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002] [ 384.376789][T19816] System zones: 0-2, 18-18, 34-35 [ 384.393295][T19816] EXT4-fs (loop1): shut down requested (0) [ 384.483801][ T29] kauditd_printk_skb: 365 callbacks suppressed [ 384.483819][ T29] audit: type=1326 audit(1737048250.155:24213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19819 comm="syz.2.5388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 384.554951][ T29] audit: type=1326 audit(1737048250.195:24214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19819 comm="syz.2.5388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 384.578737][ T29] audit: type=1326 audit(1737048250.195:24215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19819 comm="syz.2.5388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 384.602404][ T29] audit: type=1326 audit(1737048250.195:24216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19819 comm="syz.2.5388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 384.627074][ T29] audit: type=1326 audit(1737048250.195:24217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19819 comm="syz.2.5388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 384.651568][ T29] audit: type=1326 audit(1737048250.195:24218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19819 comm="syz.2.5388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 384.675255][ T29] audit: type=1326 audit(1737048250.195:24219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19819 comm="syz.2.5388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 384.699585][ T29] audit: type=1326 audit(1737048250.195:24220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19819 comm="syz.2.5388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 384.723891][ T29] audit: type=1326 audit(1737048250.195:24221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19819 comm="syz.2.5388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 384.747594][ T29] audit: type=1326 audit(1737048250.195:24222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19819 comm="syz.2.5388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7202ea5d29 code=0x7ffc0000 [ 384.815207][T19829] loop4: detected capacity change from 0 to 512 [ 384.826723][T19829] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 384.842081][T19829] EXT4-fs (loop4): 1 truncate cleaned up [ 385.019153][T19841] loop4: detected capacity change from 0 to 2048 [ 385.099839][T19841] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 385.114857][T19841] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 385.127355][T19841] EXT4-fs (loop4): This should not happen!! Data will be lost [ 385.127355][T19841] [ 385.137043][T19841] EXT4-fs (loop4): Total free blocks count 0 [ 385.143048][T19841] EXT4-fs (loop4): Free/Dirty block details [ 385.149030][T19841] EXT4-fs (loop4): free_blocks=2415919104 [ 385.154774][T19841] EXT4-fs (loop4): dirty_blocks=2384 [ 385.160101][T19841] EXT4-fs (loop4): Block reservation details [ 385.166179][T19841] EXT4-fs (loop4): i_reserved_data_blocks=149 [ 385.209081][T19845] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 334 with error 28 [ 385.221768][T19845] EXT4-fs (loop4): This should not happen!! Data will be lost [ 385.221768][T19845] [ 385.336656][ T8] vhci_hcd: vhci_device speed not set [ 385.386973][T19848] loop2: detected capacity change from 0 to 2048 [ 385.478186][T19848] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 385.478663][T19852] loop4: detected capacity change from 0 to 512 [ 385.500584][T19848] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1082 with error 28 [ 385.513108][T19848] EXT4-fs (loop2): This should not happen!! Data will be lost [ 385.513108][T19848] [ 385.522894][T19848] EXT4-fs (loop2): Total free blocks count 0 [ 385.528934][T19848] EXT4-fs (loop2): Free/Dirty block details [ 385.529086][T19852] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 385.534821][T19848] EXT4-fs (loop2): free_blocks=2415919104 [ 385.534841][T19848] EXT4-fs (loop2): dirty_blocks=1088 [ 385.555980][T19848] EXT4-fs (loop2): Block reservation details [ 385.562000][T19848] EXT4-fs (loop2): i_reserved_data_blocks=68 [ 385.564294][T19852] EXT4-fs (loop4): 1 truncate cleaned up [ 385.602334][ T36] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 385.614862][ T36] EXT4-fs (loop2): This should not happen!! Data will be lost [ 385.614862][ T36] [ 385.649700][T19857] loop3: detected capacity change from 0 to 2048 [ 385.688380][T19863] xt_hashlimit: size too large, truncated to 1048576 [ 385.786209][T19783] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.799466][T19783] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.810106][T19870] loop2: detected capacity change from 0 to 512 [ 385.824505][T19783] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.867504][T19783] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.902014][T19870] ext4 filesystem being mounted at /499/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 385.927831][T19857] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 385.953423][T19857] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 920 with error 28 [ 385.965939][T19857] EXT4-fs (loop3): This should not happen!! Data will be lost [ 385.965939][T19857] [ 385.975619][T19857] EXT4-fs (loop3): Total free blocks count 0 [ 385.981751][T19857] EXT4-fs (loop3): Free/Dirty block details [ 385.987673][T19857] EXT4-fs (loop3): free_blocks=2415919104 [ 385.993405][T19857] EXT4-fs (loop3): dirty_blocks=928 [ 385.998645][T19857] EXT4-fs (loop3): Block reservation details [ 386.004652][T19857] EXT4-fs (loop3): i_reserved_data_blocks=58 [ 386.119283][T19879] loop1: detected capacity change from 0 to 512 [ 386.195777][ T36] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28 [ 386.198558][T19879] ext4 filesystem being mounted at /396/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 386.208341][ T36] EXT4-fs (loop3): This should not happen!! Data will be lost [ 386.208341][ T36] [ 386.312109][T19894] loop3: detected capacity change from 0 to 512 [ 386.323788][T19894] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 386.425688][T19894] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 386.479675][T19909] loop4: detected capacity change from 0 to 2048 [ 386.537155][T19909] loop4: p1 < > p4 [ 386.542623][T19909] loop4: p4 size 8388608 extends beyond EOD, truncated [ 386.741243][ T3000] loop4: p1 < > p4 [ 386.750222][ T3000] loop4: p4 size 8388608 extends beyond EOD, truncated [ 386.769666][T19941] loop1: detected capacity change from 0 to 8192 [ 386.789773][ T3495] udevd[3495]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 386.789793][T12972] udevd[12972]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 386.834993][T19946] 8021q: adding VLAN 0 to HW filter on device bond7 [ 386.857317][T19946] 8021q: adding VLAN 0 to HW filter on device bond7 [ 386.865482][T19946] bond7: (slave wireguard0): The slave device specified does not support setting the MAC address [ 386.878541][T19946] bond7: (slave wireguard0): Error -95 calling set_mac_address [ 387.173149][T19959] loop3: detected capacity change from 0 to 2048 [ 387.262418][T19959] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 387.283974][T19959] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 387.296690][T19959] EXT4-fs (loop3): This should not happen!! Data will be lost [ 387.296690][T19959] [ 387.306469][T19959] EXT4-fs (loop3): Total free blocks count 0 [ 387.312635][T19959] EXT4-fs (loop3): Free/Dirty block details [ 387.318731][T19959] EXT4-fs (loop3): free_blocks=2415919104 [ 387.324656][T19959] EXT4-fs (loop3): dirty_blocks=2320 [ 387.331131][T19959] EXT4-fs (loop3): Block reservation details [ 387.337601][T19959] EXT4-fs (loop3): i_reserved_data_blocks=145 [ 387.416624][ T3373] vhci_hcd: vhci_device speed not set [ 387.429416][T19966] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 264 with error 28 [ 387.442170][T19966] EXT4-fs (loop3): This should not happen!! Data will be lost [ 387.442170][T19966] [ 387.710329][T19974] loop3: detected capacity change from 0 to 2048 [ 387.843746][T19974] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 387.867704][T19974] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 804 with error 28 [ 387.880782][T19974] EXT4-fs (loop3): This should not happen!! Data will be lost [ 387.880782][T19974] [ 387.890490][T19974] EXT4-fs (loop3): Total free blocks count 0 [ 387.896719][T19974] EXT4-fs (loop3): Free/Dirty block details [ 387.903341][T19974] EXT4-fs (loop3): free_blocks=2415919104 [ 387.909551][T19974] EXT4-fs (loop3): dirty_blocks=816 [ 387.917105][T19974] EXT4-fs (loop3): Block reservation details [ 387.925781][T19974] EXT4-fs (loop3): i_reserved_data_blocks=51 [ 388.010383][T19981] loop4: detected capacity change from 0 to 8192 [ 388.255973][T19993] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5441'. [ 388.291438][T19993] loop1: detected capacity change from 0 to 512 [ 388.310207][T19993] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 388.369135][T19993] EXT4-fs (loop1): 1 truncate cleaned up [ 388.426024][T20002] loop2: detected capacity change from 0 to 8192 [ 388.653385][T20018] ================================================================== [ 388.661812][T20018] BUG: KCSAN: data-race in mark_buffer_dirty_inode / mark_buffer_dirty_inode [ 388.671424][T20018] [ 388.673797][T20018] write to 0xffff888106b31c88 of 8 bytes by task 20002 on cpu 0: [ 388.682325][T20018] mark_buffer_dirty_inode+0x18d/0x1c0 [ 388.687861][T20018] fat_mirror_bhs+0x241/0x330 [ 388.693705][T20018] fat_ent_write+0xcc/0xe0 [ 388.699209][T20018] fat_chain_add+0x15f/0x400 [ 388.704281][T20018] fat_get_block+0x46b/0x5e0 [ 388.708933][T20018] __block_write_begin_int+0x417/0xfa0 [ 388.718814][T20018] cont_write_begin+0x546/0x860 [ 388.727108][T20018] fat_write_begin+0x51/0xe0 [ 388.732943][T20018] cont_write_begin+0x18b/0x860 [ 388.738551][T20018] fat_write_begin+0x51/0xe0 [ 388.743705][T20018] generic_perform_write+0x1a8/0x4a0 [ 388.750521][T20018] __generic_file_write_iter+0xa1/0x120 [ 388.757363][T20018] generic_file_write_iter+0x77/0x1c0 [ 388.763390][T20018] do_iter_readv_writev+0x394/0x450 [ 388.768761][T20018] vfs_writev+0x2d4/0x880 [ 388.773975][T20018] __se_sys_pwritev2+0x100/0x1c0 [ 388.779190][T20018] __x64_sys_pwritev2+0x78/0x90 [ 388.784094][T20018] x64_sys_call+0x2afe/0x2dc0 [ 388.788793][T20018] do_syscall_64+0xc9/0x1c0 [ 388.793317][T20018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.799267][T20018] [ 388.801957][T20018] read to 0xffff888106b31c88 of 8 bytes by task 20018 on cpu 1: [ 388.811011][T20018] mark_buffer_dirty_inode+0x96/0x1c0 [ 388.816427][T20018] fat_mirror_bhs+0x241/0x330 [ 388.821408][T20018] fat_ent_write+0xcc/0xe0 [ 388.826296][T20018] fat_chain_add+0x15f/0x400 [ 388.831266][T20018] fat_get_block+0x46b/0x5e0 [ 388.836469][T20018] __block_write_begin_int+0x417/0xfa0 [ 388.842834][T20018] cont_write_begin+0x546/0x860 [ 388.847817][T20018] fat_write_begin+0x51/0xe0 [ 388.852779][T20018] generic_perform_write+0x1a8/0x4a0 [ 388.858444][T20018] __generic_file_write_iter+0xa1/0x120 [ 388.865104][T20018] generic_file_write_iter+0x77/0x1c0 [ 388.872529][T20018] vfs_write+0x77f/0x920 [ 388.877545][T20018] ksys_write+0xe8/0x1b0 [ 388.881840][T20018] __x64_sys_write+0x42/0x50 [ 388.887815][T20018] x64_sys_call+0x287e/0x2dc0 [ 388.894722][T20018] do_syscall_64+0xc9/0x1c0 [ 388.899779][T20018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.906034][T20018] [ 388.908390][T20018] value changed: 0x0000000000000000 -> 0xffff88810694ac08 [ 388.916394][T20018] [ 388.920185][T20018] Reported by Kernel Concurrency Sanitizer on: [ 388.928024][T20018] CPU: 1 UID: 0 PID: 20018 Comm: syz.2.5444 Not tainted 6.13.0-rc7-syzkaller-00043-g619f0b6fad52 #0 [ 388.943713][T20018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 388.959916][T20018] ==================================================================