last executing test programs: 4.115415272s ago: executing program 4 (id=1928): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='dctcp\x00', 0x6) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007ed, &(0x7f0000008400)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff0000000000010902"], 0x0) sendmsg$inet(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000003c0)="a980", 0x2}], 0x1}, 0x40000) 1.892027909s ago: executing program 3 (id=1953): bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x342) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, &(0x7f0000000180)) 1.83218917s ago: executing program 3 (id=1955): ptrace(0x10, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x200c0d2, &(0x7f0000000140)={[{@user_xattr}]}, 0x21, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDQpQDUoEItEHiYDRjJ+smNmtqx+7Gn480O/Pmzcz3PWdn3vNz4hfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/J3l+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar9478vrr37j17/65Lu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9MGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/GshTYvFgU7t8akeAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P53Puw/OPeyAADj4f0/AEwf7T8ATB/tPwBMla+99lq2tI4633+9+ubuzkb9zVurlcZGsbazUlypb28V1+r1tfw7e2qPul61Xt9aej523io1K41mqbG7d69W39ls3su/1/teZW4stQIA/per1975fRIRBy89kS/RNZeDthoutnSERwGPl5lhTtZBgMea2b5geg3UhOedhN+ee1mAyej5Zd6Fnpvv95P/I4jfM4IPlRsfH3z83xzPcLEY2Yfp9cHG/18eeTmA8TP+D9Or1UpOz/k/f5IFAFxIQ/wKX+sHo+qEABP1qMm8R/L5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwwlyPiO5GkxXwu8DT7Ny0WI56KiCsxl9xfr1ZuR8TTcS0i5hay9NKkCw0ADCn9a9KZ/+vG4nOXT+fOJ/9eyNcR8b2fvv7jt5abze2lbP8/TvYvHE8fVn543hDzCgIAg/vzIAfl7Xe5s+56I//gcH/leDnHMp7x3pdOJh9dOTrcz5d2zmy0Wq1WRCHvS1z6ZxKznXMKEfFsRMyMIP7B2xHxsV71T/KxkSudmU+740cn9lNjjZ++L36a57XX2cv30RGUBabNO9nz55Ve918a1/N17/u/kD+hhpc//woRx8++o674s51IMz3iZ/f89UFjPP+br57Z2Vps570d8exsr/jJSfykT/znBoz/x0986ocv98lr/SziRvSO3x2r1KxtlRq7e7fWa8trlbXKZrl8d+nu7RfvvFAu5WPUpeOR6rP+9tLNp/uVLav/pT7xCz3rP39y7ucGrP/P//PGtz79MLlwOv4XPtv75/9Mz/htWZv4+QHjL1/6Zd/pu7P4q33q/6if/80B47/7l73VAQ8FAMagsbu3sVytVraH2sjehY7iOmc2siIOdvBxd3G4oH+KfGNEL0ufjawzNsjBc+f1qp77xuxJX3G0V/5mdsUxVycdeS2G2ngwrliTeyYB4/Hwpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA//8+JMPM") r1 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r1, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000480)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100006000000070020"], 0x24, 0x2) openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x107842, 0x42) 1.651620963s ago: executing program 3 (id=1959): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000780), 0x4, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$qrtr(0x2a, 0x2, 0x0) r1 = socket(0x2a, 0x2, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r3, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0) ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372000000001400010076657468315f766c616e"], 0xfc}}, 0x0) 1.571112044s ago: executing program 3 (id=1962): mlock(&(0x7f0000ffb000/0x3000)=nil, 0x3000) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, &(0x7f0000000000)=0x7ff, 0x6, 0x1) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1408000a}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@ipv6_deladdr={0x80, 0x15, 0x2, 0x70bd2c, 0x25dfdbfe, {0xa, 0x3f, 0x4f, 0xfe}, [@IFA_LOCAL={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, @IFA_RT_PRIORITY={0x8, 0x9, 0x1}, @IFA_LOCAL={0x14, 0x2, @private1}, @IFA_FLAGS={0x8, 0x8, 0x8}, @IFA_CACHEINFO={0x14, 0x6, {0x0, 0x40, 0x2, 0xd}}, @IFA_FLAGS={0x8, 0x8, 0x600}, @IFA_LOCAL={0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x4004014) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000000, 0x4010, 0xffffffffffffffff, 0x8000000) r2 = syz_io_uring_setup(0x5e8b, &(0x7f0000000180)={0x0, 0xc, 0x1, 0x2, 0x5e}, &(0x7f0000000200), &(0x7f0000000240)=0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000280)=@IORING_OP_CLOSE={0x13, 0x28, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1}) r4 = socket$inet_icmp(0x2, 0x2, 0x1) getsockopt$IPT_SO_GET_INFO(r4, 0x0, 0x40, &(0x7f00000002c0)={'security\x00', 0x0, [0x4, 0x80, 0x10001, 0x5, 0x465]}, &(0x7f0000000340)=0x54) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='.\x00', 0x8000, 0x10) utimensat(r5, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={{}, {0x77359400}}, 0x0) ioctl$BTRFS_IOC_DEV_INFO(r2, 0xd000941e, &(0x7f0000000440)={0x0, "a9851042c99b1e08d3f788dc0f19d0cd"}) ioctl$BTRFS_IOC_SCRUB(r5, 0xc400941b, &(0x7f0000001440)={r6, 0x7, 0x1, 0x1}) r7 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000001840), 0x1, 0x0) write$sndseq(r7, &(0x7f0000001a80)=[{0x0, 0x7f, 0x3, 0x4, @tick=0x9, {0x6}, {0x6, 0x50}, @ext={0x0, &(0x7f0000001880)}}, {0x6, 0x0, 0x7, 0xdf, @time={0x837}, {0x0, 0x4d}, {0x8, 0xf7}, @ext={0xc4, &(0x7f00000018c0)="3522baa36b82dc77a23ab5dc681d0262a53dc0fdba317091d40948bfea607a62171ca73b851ae0ad027ff978f7c3c9e48c48f0ca6814269615f849a2dbf19d16d9c143e5665495648a33aaaa16ef3a09dbc089ab3d3c70e9765b85507a41930062f78e3a83c5c848ed18e9081c1c1cf6f686d95989e8ddc25eea8df252e04eef49e2f3b5009c172bd45df2663fa2d5c05ba0d886580b4f5a2650caaff37392a0c73dfad893474c68d543e765d16fcfdd720616136f09fd5cec683ee7425b4eedb1fce971"}}, {0x8, 0xe1, 0xfe, 0x5, @time={0x80000001, 0xe}, {0x1, 0x6}, {0x0, 0xfd}, @queue={0x32, {0x5237, 0x2}}}, {0x6, 0x2, 0xc5, 0x10, @time={0x10001, 0x10001}, {0x8, 0x5}, {0x1}, @ext={0xa8, &(0x7f00000019c0)="c15a768e10f80c1de6f31b0903df61b729b3e8af6daa4dd0e16c543003bc39f170a5374e87bc65b3302b152bf145315245fd12966c4575ade7ba6915eed48906e6be0fe23ab70bbefd8f97f3d16006b51815b99cc6f4d1f436a019f0a282b8d5b1e35a3fc308155ce17a15031b8b346a095a62f4bd2839772b37c986f81658dc0a280530e4f11af65b2b1c298b010d544c9cd29bb75647b1cf00a0858e749685b43009a6a84d20ba"}}], 0x70) ioctl$PPPIOCNEWUNIT(r7, 0xc004743e, &(0x7f0000001b00)=0x1) ioctl$F2FS_IOC_GET_COMPRESS_OPTION(r0, 0x8002f515, &(0x7f0000001b40)) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001bc0), r7) sendmsg$NL80211_CMD_GET_SURVEY(r7, &(0x7f0000001c80)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x20, r8, 0x300, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0xa3, 0x40}}}}, ["", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x24000081) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000001d40)=@mangle={'mangle\x00', 0x1f, 0x6, 0x6d8, 0x3e8, 0x0, 0x510, 0x3e8, 0x140, 0x608, 0x608, 0x608, 0x608, 0x608, 0x6, &(0x7f0000001cc0), {[{{@ipv6={@private2, @empty, [0xffffff00, 0xffffff00, 0xff, 0xffffff00], [0xffff00, 0x0, 0xffffff00, 0xff000000], 'vxcan1\x00', 'netpci0\x00', {}, {0xff}, 0xa6, 0x5, 0x2, 0x4}, 0x0, 0x118, 0x140, 0x0, {}, [@common=@dst={{0x48}, {0x0, 0x2, 0x0, [0x8dab, 0x3, 0x7e3d, 0xf, 0x1, 0x10, 0xa, 0x8, 0x1, 0x101, 0x9, 0x8, 0x5, 0x9, 0xe7, 0x2], 0x7}}, @inet=@rpfilter={{0x28}, {0x6}}]}, @HL={0x28, 'HL\x00', 0x0, {0x0, 0xe2}}}, {{@ipv6={@private0, @ipv4={'\x00', '\xff\xff', @multicast2}, [0xff, 0xff000000, 0xff, 0xffffff00], [0xff000000, 0xff, 0xff, 0xffffffff], 'pimreg1\x00', 'bridge_slave_1\x00', {0xff}, {0xff}, 0x32, 0xe, 0x2, 0x22}, 0x0, 0xd8, 0x120, 0x0, {}, [@common=@frag={{0x30}, {[0x2, 0x2], 0x7fff, 0x1}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@multicast1, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x22, 0x4, 0x1}}}, {{@ipv6={@private2, @mcast1, [0xffffffff, 0x0, 0xffffffff, 0xffffffff], [0xff, 0x0, 0xffffffff, 0xffffffff], 'ip_vti0\x00', 'caif0\x00', {0xff}, {}, 0x2c, 0x6f, 0x4, 0x20}, 0x0, 0x160, 0x188, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x5}}, @common=@srh1={{0x90}, {0x60, 0x0, 0x6, 0x1, 0x9, @remote, @local, @private0, [0xff, 0x0, 0xff000000, 0xff], [0xff, 0x0, 0xff000000], [0xffffff00, 0xffffff00, 0xff000000, 0xffffff00], 0x3302, 0x40}}]}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x9, 0x81}}}, {{@ipv6={@private0, @remote, [0xff000000, 0x0, 0xa618a3c9b713cd5a, 0xffffff], [0xffffffff, 0xffff00, 0xffffffff, 0xff], 'pimreg\x00', 'veth0_to_hsr\x00', {0xff}, {0xff}, 0x32, 0x9, 0x3}, 0x0, 0x100, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x6}}, @common=@srh={{0x30}, {0x3a, 0xfb, 0xf6, 0xb, 0x3, 0x208, 0x20}}]}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@mcast1, @private1={0xfc, 0x1, '\x00', 0x1}, [0xff000000, 0xff, 0xffffff00, 0xffffffff], [0xffffff00, 0x1fffffffe, 0xffffff00, 0xffffffff], 'virt_wifi0\x00', 'wg1\x00', {0xff}, {0xff}, 0x33, 0x1, 0x2, 0x1}, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}]}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x738) msync(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0) ioctl$sock_inet_SIOCADDRT(r7, 0x890b, &(0x7f00000024c0)={0x0, {0x2, 0x4e21, @rand_addr=0x64010101}, {0x2, 0x4e20, @broadcast}, {0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x62b, 0x0, 0x0, 0x0, 0x9, &(0x7f0000002480)='dvmrp0\x00', 0x3, 0x1000}) r9 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000002540)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write(r9, 0x22, 0xa3, &(0x7f00000025c0)="1e5675f1896ea9f1cc54c754efff4d8bdbde011ecc2ce3bc6e82e8702eeadd27e2f4b2dcc676eb1ecd4b86e5f3459976f0b7206d281ca004643cbf2deca328884f15f47c5fec7041f4f014ab71bb85d903bf86b2cca6029f3913c21d6781d2259bb4596a09c84acc99a9c578d00a57fe41318b4de575d530e1210d9779544db0fd26104caad3dce1299360729959bef8ed8fd04575d9ab98028d0c6dfc09252182de21") getpid() ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r7, 0xc0189375, &(0x7f0000002680)={{0x1, 0x1, 0x18, r4}, './file0\x00'}) pidfd_getfd(r7, r10, 0x0) r11 = socket$inet6_udp(0xa, 0x2, 0x0) sendto$inet6(r11, &(0x7f00000026c0)="b3b2990a6cd21798f4683fd8e1ee286172ad6ae1766776d1ad09daae950a21ad2d20770e432b8cb8a135e727a014433ac0c1aed7161848c06d4838c141b74a9e56752793cc67ad2f3ddbb87ce7b7e76c2ef59de928397aa6c54e0d324349958c56cca946afbd385059e1a30c9beabe226093eb6233af9fe0ffc8be82015b156d11647556055e9152b7b5c82be5dd5b6bf50d2fbf1db881102118f14ad0494ed222ea15073650d447be6a0e6deda75308ba258bb6724ca4e4d9eb6ee282321d4e452e372eaa2d3a16e83a3735e6889eba38832a4bfcf2a116cb32ca50c723a7c9210037b3ebb1bfc88cee7d661c605913dcdb09ffed39b7ab0a1bd8c42b9b779c7d043b00debb7f2f703a5f64514898bcb3ba0d5f5c5afb47d31cdeee25b588933f72be6ed9c9972e229f22d62594398e2e3ca9bb82c704cca845bb49ee03c46a5d1980100083c542fdfcff5ba74b84f84292d1d07e17860c21fb58758654e4d22b8239ed5edc3f6f98a6ad7aafc8de54afc1f1e08e3f96d0e850ba742af25fafabcf3ddc2f8777f3cffe15495de05d33393e4832c487470181a193f00eda9037316bf94d8c683e670466b1673b876abcfb3f8a196c720f0134619397bd039bcf68a796cdab62605056957047e641b9d01bec31d767beef587e690d5cd19ae209c400cef6e5a6b71ae6d689c891f9aff5ae97d668950cbf5742e03c2e644270a5beb0b7eb28809a294564d9d0b2bb6bbc1257afd3036bc7ed2b7a5f80e73069ba538c2022fbb35e1843cb69b45e392963f95b987e28333d9aab815426a2af5abae95b88e6ade05fa4e9ec8911e752ccce88306c56cc5fb43a4aba17bd9b72ec38aadc9c3da296af7a7461d43a64afb5577f9663af55d4aded7872544384d1760b7426cf350c1af73705d0785b896d2c20705aa753f57748e43c07c05601a87eb4a960d1149971b784dd391e7aa7f646be2dcf552187070f04b51199f4b1d014c188a58539d7a5c269e3d76d2f817b25fb63530ac97d4a426018141772a3fbaeca3590423636f810a70d4695f23a2c06d717f3c0ebae67b6d832d7215a12e0ccd2dfc49e0cb869547ec2504e2ad5b74b2bcb4a662938cd657415b3475c03d00ab1eb4a855a003e82af2762b0460985eaa13e7dd81d149dc92a4b0e1b30d806034b64300e842fe7fbca8929e87086fcc33795f25b7620658c6ac0c1b1b5ac5eef49d2c3314a114c8e2474aa1e6905332f9ff2b73bf9979ede82975350faf0ec43f5c93e043d79ec03cf8c9a4979d8be60a4481de151fd10e79f7dc11a665f4dd78939f16aa7d7bbb945e03b6367a285a0c1467a30502c1f7ed97f35afa4cf8cc8724066bcb3fec676a7aa638b48bc8f25c3827a8614796d75abb99e4c9821e02bd1cba0303951f43d125f2e5e7552012fe8087dc307be7dfa9149a037a3cdca64384210414d54edceba3ee43f5ce27d9cc7126add0b7ec86b88df55e70b2d7087b3d36118118b991ebb0985fb2d9ebca0269d1d21ec18f096001935bf81e0eb8faea20d73bdc3ccb8b001d4d7ad2a88fcb2e23a98a491ef3f3eabc6574cb3f7a182e84cdd84f7ba8fd1cf9a926371171b02a0829634b6d939ba9fd42a06996eee822c13da37acf6b7214e0007af331a503c5062bc2c70b786ae51e1c1ec2932794900d0048f325cb5d08c06d301b92b1c60baa64837078bf50400f8f8ffd98fbe4b9de2b8d3e7db9af33a5470135484e34808a4161288abb3ef1afea61019329b9aea52af922e70a47a7b31f9d5054e009c2b72f426b199d97a1a1f85601dd0b5d848da925c787601d8ca671bde99148892079832c85463f184ccd7d8f12df63e246d98a4b5b041314e604d846987536cea07de2b955ccef936d021f79e284d87d6b7e05457e52897a347ae27f9aee7c2a6a262f922257aa4ea88222eea8df65adc768146510de56d018ff9f02c04ff236dcc4f7616525c2ea48516f696337bc9074d25dc97723989611c4f1a338c84102cff0430eed57621022f6931e0b63766b56d5fe6ec146c8110d73a5247e8ec690e3c5b4724f4bfc776923dbc8060a874ef24ebf15a8395b06aaf1f61fe32082eb003d9dc4f71c55e31468b4e60ff9779ac860ce18ffe8b7b408a63787ecf7ad7e3b7cca4ada31610213c95985923ddd83a8d9519cbe16adebab57d8627e6bd92fb52792bbe7cf74f810e7a0cea6a6286c9f8c34c308fcb0a9ce75820958052bac19ff3ac1d2225eceaedace6a649b224378b38187c8a99e058652f96499f57358f537ae712d5e0b9e0447e52f5c3121f05b6e3b04d0ff335e3cec77e106729bd6c46548dc519786e4d5777051e9d8cb2f7cfe56002af7018382980439552d4a266246e12f588083aa296dcd0fb1f1b32b23a72c2f3ba8d2622d607165b68b2ea48ef060378dc53aa2cd62f86063f8a6e515b1ae03edf8491971025a12e987cab1572ba1fa833bc504f3ed925fb6c218a5bc4dd10894629e7ac324e3b827b50d3ca0f43395247853acd214b50a1b148c3d8b4bc5cd60a59e79d280f9751843f3d92e1d6cd2057d76fdfb2ae7d60b6a40830de0a4c139a16ea8ad57e8d606f4eaa8f6d0fd5d4dc42ba249b8e693ac81ceca5134f86da8dc6a0681ce681ebf44a4e4fa97f5ec9156314fa77ea8fb31a542f7e6ae6d66088d7b884485f5dec094ca4269de9ab04b0017701bba7b8ac07a64e2b04eb093e064ac7ce9bdce08c710976bad5fa7abdd0a8a7e859211e6ce2d9aa594778c6f81d1fac8150bed57fe2e1c1d4153394e76d5f78af4505f1a451c38f61ca3657115d49553a26c75c8b0562f83ba0d130329b0d2816ad07bbd5aa6183f83a4f5291e2bc1e6d9f590db17f7d4e8a5ff4cbe5ff672b1716632ef1b9e105402af6304dbec99512077493388e1a570034fbe15196d1cf79dae58ff7faf92f627ed33050b607411efe14acb069e5540b09ba5abed8f948301523df8df7e9fb319c4e9fd46058834588130d38b4a000a471b7fc2af19ee8dcfeb540a4c9cc85dce5c24b3f34f41ec978fe127571ad5082f795a55358d858c6fe544ac84e8f159deaea193bd0bb9d5f59dc3d39fec168ee1fb1082c63f235b47a8183293f954102f2ed760457b1010c17f06bbec41869fed32f8b9cd8d700f000a3b3989102e778b8c681a4daa2434776c31559cd0f30d5b557fb718acb97adb12ce5f917b759c72001d3dfa2b4465296f19c0eaa4cc8a8674c44da9a1c5eb44970552dcdb23088fc21e88673268a011e2dbf97a4a42af5472d6e0ca169f66c418e7ad2c3fd6cb21a143ac0d52868df9f7c132774a60ea11d9d7b630d065780f8240f19d1f34018e91943a0e7c0a67a7e51a55bddcbb40a75d5a0e6599a25a490d8b5be817878b461cd8e0683d83b10ec9506c4e4075f67b2b2e3a217a3d3d077f55fc8197add2e8d43a9406a42622e458cb5ba16f91e82adbfbef67d8bdf38edc2160656eb667b3da58b96f2045a529bfc6d77748de5ea8250b68c686bab78f7a7a48613f396d3e5aa901473915c48505d8fbce43628856164ca32a552a3ffef2f701cff1c3b35c1bf9502bb5299328a91b857038e712fc19bbea488499da073b55e7fe855a50f202e4561fa469eaf721eef380f8e8746bc910955e6ebd5cf070fd1115a3305f42b9e3fcb56f7a31c339d197f35bb390d844a46d6cefe3e16e75b51bd88f79f48f06f2f5d1f2b73f6d906d58f961f7da00db4ff430812d7bcdead425f3ce30cde00a6235fafefac2c19241144d9d878adb0421e25d8525116f57c8d01be1369dd3ae20399aa58c2d2e524a5c8ae6e86e6e8e7018139b27378522519aca3112abbd14c941f4e00d0674cfbfbcba75690d83339cf7c34dae15807dca03644fa6acbadce90ea8086342477091c163363768d698bfde8eccb585b9c9a26de4cf9d4126f7a9f9bed43b1fddb2c696ede670a5ae6c9ebf9f4f10714b30dbbf7ed4491631c38a016558956b590de7422975253793fabca1d39fa369e5325b6813af6063f0c3e35e4f82a324c931d689f218b09bb4c270fc997eda45449199731378f83590e582ae98a1450d508836afb0a509f0695344ac97a7ee0bc662e33a241c7a87ac2f53b72699314f5ea9d44e70367d8530c6eb2c4c8a55ceeba93f7d441468b92c1eb03f44d4132f19209a301a8ccb4867bb64611a001d8baf6f53d77bcef876f002c88e842df2cf2c9f780f678571ba0907133eeba73a5614002b97c431f0bf2a6c240535570ebceee0ea0853da4611c7e9070a78e5357ac1ad6d23690119103d112cb672b4efa9ee752543cd76b7c81d22e701d26cc7c9fbff233c05a45e347ff7260defe4f43a21020843085d22f14b4d3c4088101024d5c356587162d263923d0c03eaf954386fce2e29bb7637b68a3d770db369c29217c033a68bb5cc0ca7ae229cb1b311f2ee601709bc0a8bf44f5cdfcb23327b5c48b66025251b060c035da96440f182e52db56674231c80d650ccb4b225d3e621b05bbaf9f1a085b04f24b3a09bb6cc2908cd4122c907a5310dd08c1d2f28c58194ce4c72cf94715a4f6ab14663c14f8b2c1cc84d4973a8f9424ff6f91fb199c0a9f0c57bcda85351c46b3d1e3dd66a0bf8551469355bcccbb35c4e719a5a786e14a7b105f98a7819cff812a1aff50253cd0c09e80a417f77aebd29405199ec64cc300fef84e02264dce664dbf1ef634c89ababdda16eb1d1681cfef95b9dfa84b7fb157c92aef9ddce244bd448fb6257a57784b98ea8cbb90c421b8ac0a08f0df2122c02e958c76ebe243725d1ee899054ee57218cfc6b6a69466db1ebd2246d33ba1f95de0520cdb7d95e3523c89dc46a300899aa5a429a06c00f8cf3f46b7817892d7a139380719a341af434c908bf6386e5ad02a24c3a82b0214d1f760c10ba9240649bc13d4626807f14be74262609db6e0d17d994dabd940748ee51cd05ee1f46fc59b40b451895f71d8240f0f86a8e4f35a23b2d8418bf9779a893a555a527c2688d9e04e8ea738b9355bd89819eaee7db82b4d2dfd524692cb1cd80b1c320e375b6f2b86f7a673bbd6e44690904443f7774f6aa2b6bf01550732c45774cb543701fa21ddc3d9c2224405a5ae965a2037956d8c0c1b6d52eb4b98e662405029aedca97c908ca29089e4fb04a6d831765f9799120e4819536099299a8759f781a5cd5db30eb618f444da6e01c556f4c0d17f300f66c0af419e65533ed7387b08879fc8cbde4d702c3ea86582cdb3635a2d8f04b4a0abf0131de6e075b107fa72d7162ceaee3e8a55ce3003178ea70d1abfc7f27b58c93065ba24739c06edc6a0093181de5983866f8584a7136facb54837a08da8a5c01dd581cf17872b144157830e637fb7cb8cc50233064bcae12f64a8b7032df02c96680babc1b3f2e5feb21a76ff41f223a867accfdf148bcce8b6e2cf95ffbfabf71505b6f08151309c9bffd1fc8586e86a90e4326ed283dcc612e78cbdc7dd1288c0dcc8eb8c86f8126a7fcf3cef280c9d986deb9cbe233300efaa53f3a1f67b5f3795a382c25069d8306ead9abf5fdcaf67127e8f5e632114b55bbcb87bca90860789feba164c44084b89fb6fcdec48056c862d1b79b92eb1c7a0722c835ba36e29d948b05662eed62488c31b7a9f83ef63713cce7a7a00ed6c8ba7dce39182a466748b5249eaca4807789f19fe57d65f13b7f7ae4fe2a9ed4f3aaed6ab7ec6837f3fc4ca5e94e73e8ce970d995c24902cc19ce5fa27e64839c27ae322728e3cda197fa93c857740536ae65cad78f59", 0x1000, 0x4, &(0x7f00000036c0)={0xa, 0x4e20, 0x4, @mcast1, 0x9}, 0x1c) dup(r4) 1.551446004s ago: executing program 0 (id=1963): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18) read$nci(r0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 1.327761468s ago: executing program 0 (id=1968): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x64, 0x28, 0xd27, 0x1000001, 0x0, {0x0, 0x0, 0x0, r3, {0xd, 0x9}, {0xffff}, {0x0, 0xa}}, [@filter_kind_options=@f_bpf={{0x8}, {0x38, 0x2, [@TCA_BPF_ACT={0x34, 0x1, [@m_sample={0x30, 0x1a, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x64}}, 0x4000) 1.295201519s ago: executing program 0 (id=1969): r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r1 = syz_clone(0x22180, 0x0, 0xa42f, 0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r2) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r3 = syz_open_procfs(r1, &(0x7f0000000040)='stat\x00') pread64(r3, &(0x7f0000000140)=""/15, 0xf, 0x4) 1.247565559s ago: executing program 0 (id=1972): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000240)={0x0, 0x4, 0x0, 0x4, 0x0, "7e12ddc5a89047bf00"}) r1 = syz_open_pts(r0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x2) read(r1, 0x0, 0x2006) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)) dup2(r1, r0) fcntl$setstatus(r1, 0x4, 0x2000) 1.059182833s ago: executing program 4 (id=1977): sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000057c0)={0x4c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private1}}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x8}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000084) 1.058433803s ago: executing program 4 (id=1978): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x18020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x20000000) connect$inet(r2, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10) 1.038312503s ago: executing program 4 (id=1979): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newtfilter={0x64, 0x28, 0xd27, 0x1000001, 0x0, {0x0, 0x0, 0x0, r3, {0xd, 0x9}, {0xffff}, {0x0, 0xa}}, [@filter_kind_options=@f_bpf={{0x8}, {0x38, 0x2, [@TCA_BPF_ACT={0x34, 0x1, [@m_sample={0x30, 0x1a, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x64}}, 0x4000) 1.020873504s ago: executing program 4 (id=1980): request_key(0x0, 0x0, &(0x7f0000000600)='/dev/vcsu#\x00\xfc\xbf9\xf6\vJ\x10RBJ\x06\xcd\xd0\x99\x81\x13\xc0\xa1\xed\xdd\x9ei\x1a\xd40\x93\x1e\x10\xcc\"\xca\xda\xedw\xcd!&((\xd4\xa4\x80\xe9O\xc64hO\xc8*\xfb\xf7\x1d\xbeg\xd6\xeeM\xa5Y\xd5\xd4[\x18\"+\xc3\xc0\x94\xb4;\xf8\xee\x91\xd2B\x85\x14u6', 0xffffffffffffffff) 963.440374ms ago: executing program 2 (id=1981): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x0, @local, @local, 0x10, 0x7, 0x2, 0x8}}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r4, 0x0, 0x2}, 0x18) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r5, &(0x7f0000000380)={0xa, 0x4e21, 0x0, @remote, 0x3}, 0x1c) write$binfmt_misc(r5, &(0x7f0000000100), 0xfdef) 962.820964ms ago: executing program 4 (id=1982): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r2}, 0x18) read$nci(r0, 0x0, 0x0) timer_create(0x0, &(0x7f0000000240)={0x0, 0x21}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) 943.280195ms ago: executing program 2 (id=1983): socket(0x10, 0x2, 0x0) setresgid(0x0, 0x0, 0x0) r0 = syz_clone(0x22180, 0x0, 0xa42f, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00') pread64(r2, &(0x7f0000000140)=""/15, 0xf, 0x4) 922.735815ms ago: executing program 2 (id=1984): ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue0\x00'}) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000440)={0x7, 0x8002}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3, 0x1, 0xf533, 0x2}, 0x20}) 747.512858ms ago: executing program 3 (id=1985): perf_event_open(&(0x7f0000001700)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x8806, 0x3, 0x634e, 0x0, 0x0, 0x1, 0xfff6, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040) socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_bp={0x0, 0x1}, 0x100410, 0x200, 0x2, 0x1, 0x9, 0x9, 0xfffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x4000, &(0x7f0000000480)=ANY=[], 0x11, 0x221, &(0x7f0000000680)="$eJzs2j+LXFUcBuDfXSOJGzYz4j8SEA9aqM0lM7VFFklAHFA0I0RBcuPe0WGuM8vcYWFEzFba+hGsxdJOkJQ22/gJLOy22TKFeCWZaHbDWISwO2Kep5kXzrzccziXwynu/hvffj4a1PmgmMValsXapdiN21m0Yy3+thuvv3rtlxffv/bh25u93uX3UrqyebXTTSmde+nnj7784eVbs7Mf/Hjup9Ox1/54/6D7+97ze+f3/7z62bBOwzqNJ7NUpBuTyay4UZVpa1iP8pTercqiLtNwXJfTI+ODarK9PU/FeGtjfXta1nUqxvM0KudpNkmz6TwVnxbDccrzPG2sB4+i//3tpomD5snr0TTNU9/F2Vux8Vu0Ins6Zc9cyp67nr2wm50/aJrWqqfKsbD/j7dDh/qZiOqbnf5Of/G7GN8cxDCqKONitOKPuPOa3LPIV97qXb6Y7mrH19XNe/2bO/0njvY70Yr28n5n0U9H+6dj/XC/G614dnm/u7R/Jl575VA/j1b8+klMooqtuNO93/+qk9Kb7/Qe6F+4+z8AgP+bPP1j6f0tz/9tfNF/iPvhA/erU3Hh1GrXTkQ9/2JUVFU5PfawfoLPEgTh0cKqTyZOwv1NX/VMAAAAAAAAAAAAeBgn8TnhqtcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8t/0VAAD//88U1PU=") syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) ioctl$MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000780)={0x0, 0x0, 0x2}) socket$inet_udp(0x2, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) syz_usbip_server_init(0x5) ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f00000002c0)={0x0, 0x7879, 0x0, 0x7, 0x8f, "c464fc180fd14cc6f0a606b9e54918686dd50c", 0x0, 0x9}) 650.623459ms ago: executing program 2 (id=1986): socket$inet6_tcp(0xa, 0x1, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000480)='./file1\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x47b, &(0x7f0000001900)="$eJzs3EtsG0UfAPD/ruOk6eNLvlIeLS0ECqLikTTpgx64gEDiABISHIo4hSStSt0GNUGiVQWFQzmiStwRRyTuSJzggoADQuIKd1Spqnpp4WS09m7qOHbi1Gmt4N9PWntmd52Zv2fHHs/YCaBvjWU3ScT2iPgjIkbq2eUnjNXvbt24OPP3jYszSVSrb15PaufdvHFxpji1eNy2eqZajRjKkkMtyr38TsR0pTJ3Ls9PLJ55f2Lh/IXnTp2ZPjl3cu7s1LFjhw/tGzw6daSr+NL8Povr5p6P5vfufvXtK6/PHL/y7s/fZPXdnh9vjKOlZI2CsmibjNWf3WaPZjdPdlT7TeHX7GZHw45koP3J4/egQnSuFBFZc5Vr/X8kSjG8dGwkXvm0p5UD7qpqtVpt8f5czu8vVYH/sCR6XQOgN4o3/Ozzb7Hdw+FHz117sf4BKIv7Vr7VjwwszR2Umz7fbqSxiDh+6Z8vsy06mYcAAOjS99n459lW4780Hmg473/5GspoRPw/InZGxH0RsSsi7o+onftgRDy0zvKbV0hWjn/Sq3cUWIey8d8L+drW8vFfMfqL0VKe21GLv5ycOFWZO5g/JweiPJTlJ1cp44eXf/+8SG9pOtY4/su2rPxiLJjX4+pA0wTd7PTidLdxF659ErFnoFX8SRTLOElE7I6IPXdYxqmnv97b7tja8a9ilXWmTlW/iniq3v6XYln8t5sqabs+Ofn80akjE1uiMndworgqVvrlt8tvtCt/tfi3dR/emrL239ry+l9a8BxNtkQsnL9wurZeu7D+Mi7/+VlDn16+kDoWkX4bse7rfzB5q5YezPd9OL24eG4yYjB5beX+qduPLfLF+Vn8B/a37v87G2r8cERkF/G+iHgkX8TN2u6xiHg8IvavEv9PLz3xXrtjK9p/uIi/1ar5xsvin12r/aOx/defKJ3+8buO42/Z/odrqQP5nk5e/zqtYDfPHQAAAGwWae078Ek6vpRO0/Hx+tzTrtiaVuYXFp85Mf/B2dn6d+VHo5wWM10jDfOhk/nccJGfasofyueNvygN1/LjM/OV2V4HD31uW5v+n/mr1OvaAXfdBqyjAZuU/g/9S/+H/qX/Q//S/6F/ter/H/egHsC95/0f+pf+D/1L/4f+pf9DX2r72/i0q5/89zhR/O+ELv7O9d5H0XVi+G4WEWnvA+yLxEA3l3EniaGWh3r8wgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBB/g0AAP//nGbiZw==") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xb, 0xff, 0x2, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket$key(0xf, 0x3, 0x2) syz_init_net_socket$llc(0x1a, 0x1, 0x0) socket$inet(0x2, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) socket$netlink(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r2, @ANYRES64=0x0, @ANYRESOCT], 0x20) 423.427253ms ago: executing program 1 (id=1988): r0 = socket$kcm(0x10, 0x2, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = syz_open_pts(0xffffffffffffffff, 0x200201) ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000200)={0x7, 0xd6, 0x9}) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x48002) 394.856924ms ago: executing program 1 (id=1989): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='f2fs_iostat_latency\x00', r2, 0x0, 0x20000000}, 0x18) r3 = socket$inet_smc(0x2b, 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.sectors\x00', 0x275a, 0x0) write$binfmt_script(r4, &(0x7f00000003c0)={'#! ', './file0', [], 0xa, "416ce7383714712829a227265d90bb6ccc5d1db0f84471cfcea649f5f47210b7606e44aa92c1daaafb1372a103f68355d4abb35ce6e06377add014009746b99045e312555927070f83e4c09ec40afbeaee283cd9"}, 0x5f) fdatasync(r4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0) preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xfdef}], 0x1, 0x0, 0x0) bpf$LINK_DETACH(0x22, &(0x7f0000000540)=r4, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56) r5 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x98020, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r5) sendmsg$ETHTOOL_MSG_TSINFO_GET(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="10002dbd7000fedbdf2519000000200001800800030001000000140006006424e61eba8b5d9d0500000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x20048881}, 0x2000c800) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYRES8=r1, @ANYRESDEC, @ANYRES32=r2, @ANYBLOB="df4916ae87c04b87061934ed876dcbf50fab293eda0f41df299081d9207681816b0ca5bbe10044838046eb547a848c148ad3c873c1874e2f78ff193f53260ed2d52f60d6b7344e6a887a66d1b736c81960d62f572e9c28e1786ac90775451bdc6f9324f9671094e8fa4c258e106094ed69ca785f0342d634daf7ca0226a22a51c3b1aed666e219b08b8feb4d6e28255e25b77654140168b6c589343c73b1a21d88f247cc214f75397777d6e25ba8d9a903f96b27c21e44669af6a114133ab559fe5f300683d1ea9aa2c86ea7757c6bbfd657", @ANYRES16=r1, @ANYRES64=r0], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYRES8=r0], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000700), &(0x7f00000000c0), 0xff, r7}, 0x38) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10) syz_io_uring_setup(0x6988, &(0x7f0000000100)={0x0, 0x4055, 0x2000, 0x3, 0x5cc, 0x0, r5}, &(0x7f00000002c0)=0x0, &(0x7f0000000080)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4, 0x700000000000000}, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x58}}, 0x0) capget(&(0x7f0000000280)={0x19980330}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) 305.682335ms ago: executing program 1 (id=1990): creat(&(0x7f00000000c0)='./file1\x00', 0x180) r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f00000004c0)='./file1\x00', 0x1004081, &(0x7f0000000380)=ANY=[], 0x2, 0x81c, &(0x7f0000001540)="$eJzs3U9oHOfZAPBnFMmyZeIv5PvIZ4zjjO18YPM5ykpKlIoc0s1qJE8i7YrdVbEpITGxnBrLSUgIaUxp6kvSlpbSU49priGX3FoKLfTQ9lRoDr30EAjk0pKWFkpLKbjs7K61+rOSLctymv5+i/edfeedd953djzPzmrfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIqlMl0pjSczl1cUzaX+V6XptfpP53fp+tirZZL0RSetf7N0bB9tZB/9nZfZ9radjcbj96nDsbSV748r+++55/L8HB7rLb9Kg7Traf9ZQ74sk4hutRl06t7y89MptaMgu+vZPOhN7b3iRv19rPc9m1bxRy+fLs1maN2rp1ORk6eHTM410Jp/LGmcbzWw+rdSzcrNWT09UTqZjU1MTaTZ6trZYnZ0uz2XdzMceGi+VJtOnRheycr1Rqz781Gijcjqfm8urs0WZ8dLr0SrzWGtHfDpvps2sPJ+mFy4uL01s1dRWobFVOcOrdpzDD97zyWsf/+XiUmuH7FdJ0tkxx8fGxsfHJh+devSxUmlwvDS+OqO0RlwvEQMRrRK3Zaflztq/Qd5gZ49ZNyPi2n/tzMEbbtFAJ/7HXORRjcU4E2mkMVA8rzyGohLTUY9azLde/3Zozfx18f//Hv7jrzdbb2/870b5gyuzD0UR/4+0Xx3pF//XtWIHHoP9aq2+325Nb96r8UZciUtxLpZjOZbile2scc/aWm/HY7idDuxsrbORRTXyaEQt8piPcpGTdnLSmIrJmIxSPBunYyYakcZM5DEXWTTibDSiGVmxR1WiHlmUoxm1qEcaJ6ISJyONsZiKqZiINLIYjbNRi8WoxmxMR7mo5UJcLLb7xJp23ff15378wm8+eac1fb3Q2CYdSVof5vZ/FPHnTQqtC/c3Ef9bJQY6e/euxCR2yd6bfFd36MgNt+5aEf8H73QzAAAAgNsoKb59TyJiKO4vpmbyuezLd7pZAAAAwA4qftd8uJUMtabuj6R1/l/aoOSHEcO73jwAAABgByTFGLskIkbigfZUd7jURl8CAAAAAP+Gir//H2klIxFvFhnO/wEAAOBz5pv9rrH/8Z7iGrsj0VgYTn76p6jXh5KrC2ceTC6XW+XKl+9qL9dJvnS9xubMoeRAp5IimRy8sj+JiMFKdjjpXv3yn52xBJ8Wz4dWLkDY71r/yRYNiM0bULyK78TRdpmj59vp+e6c9lpGZvK5bLRSm3t8LOl8OdJ87cWLX42i+9+qzh9I4sLF5aXR519aPl+05WqrlquXO5eHT7pLRbQHVGzSlmvd0RT3b9zjoWIgRme9I+31lnr737ma7MDm/U961/lWHGuXOTbSTkdW939va51jo4+PRbl8YKCZnWm+dq2n951WjK30fLjb2+Qm3oW34ni7zPETx9vJBq0YX9WKF9e3Yrx3+9/YtrjhVrxz9M0zf/1FLckmtmrFxC22AuBOuVBc9WclCu0rotA/rrW1AtqauLuvu+TNHOUurHzK6C7fE+sGY110T7cT3d+KE+0yJ9qfJwYPbRBXShsc0V+++PIvO0f0R977wQ+fOfKrD9bE9ZtoxXtxsl2mk8S9P+8TY1t9/u6aqPpua4l3+663MTeevD48MZS0bz4UVx66ePncC0svLL04Pj4xWXqkVHp0PIaKjwqdpE9LRR6A/2xb3WPng69dL9rvLjzJI1ucVd97/ScFo/F8vBTLcT5OFaMNIuKBjWsd6fkZwqktzlpHeu7wcmqLc8uVsuNryw4fT6JP2YmeLfa/3y+Sv92mNwQAdsGxLeJwEve0L/vz+t2dJdaUuCtJTvWed38lIg71i7mtWH6yfePc7tlx9I/lvX7fSb+wGxsFAD7nsvqnyUjz7aRezxeeHZuaGis3T2dpvVZ5Oq3n07NZmlebWb1yulydzdKFeq1Zq3S/Op7OGmljcWGhVm+mM7V6ulBr5GeKO7+nnVu/N7L5crWZVxoLc1m5kaWVWrVZrjTT6bxRSRcWn5zLG6ezerFwYyGr5DN5pdzMa9W0UVusV7LRNG1kWU/BfDqrNvOZPBtK82q6UM/ny/WrETG3OJ+l01mjUs8XmrV2hd115dWZWn2+qHZ0fff/sNvbGwA+C15948qlc8vLS69sb+J3N1L4TvcRAFhNlAYAAAAAAAAAAAAAgM++9cP1Wrk3NRBwKLY9fPDV4WhN7Nvu4q2JZzo9uYVRjJtMDMYOV7j5xP+/3+7MTlS4vp6hbs7dW4373LfqPd3T2cS7tBF2cuK5J564tJKTDPZu3iffPHj6oyy6vdukno3/p2w01PXtAxF7fvS9ds4X+xROBne4px9GxDYWv5ZsUmZ3j0MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcCP+FQAA//+XX0rH") readlink(&(0x7f0000000440)='./file1\x00', &(0x7f0000000000)=""/172, 0xac) 255.237976ms ago: executing program 0 (id=1991): r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', 0x0}) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r3, 0x0, 0x8}, 0x18) r4 = io_uring_setup(0x30aa, &(0x7f0000001ac0)={0x0, 0x89e6, 0x2, 0x3, 0x1c6}) io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000440)={&(0x7f0000005000)={[{&(0x7f0000001b40)="fbd0b2f8770e27d62ce7039c619a5920697cfd34df8d8da9e4772a95fa7948493e09948a4f115fede349a5a333f7d18c3e7c10b5f71d839786e347c9e2d7c86e4ec1d9710023e7e8e41cf45d900356aac5b0447f6a7d6a330aedc5b701c4b7569e5664ae5617629fe923051b4465431b73e9f8bd0d37a1bd6b4e5b29fb0af5949c06f35f64665d68f1dbf7afbadd578a4bd67f839d", 0x95, 0x2}, {&(0x7f0000001c00)="be8c5cb363da8994a8e7a0595cd4f43ac653c501d1b4480a3d2ad9699ca18cd848e6c0f4580155a961e7089c7e373b6380d1bdcb53ea37683a2208d0cdb6f4ffb20543a1a10b5483768d9f219e449f5e90609c496e1a1722fd493b2c7294623875c4cdb72088bbcc93356a5313551c81fe14c28f12265baa4c59ea11c5705aacd2b1c78ba0c3b05cc7a78d81f3", 0x8d}, {&(0x7f0000003d80)="e2494d47bcc3dd8ec7878c15bc4114ced0bd86d3f733ff84c9e25b16aa82ff544add7a92dedfef0d46ca0ff979f648eabe1122cccb1def223731d4a30c7c50c27e930fcb9aacbd51451e8bc312698f15074f367e9ef272723f1de84365f514608c045702be02816d5eecf193b27f9b319705bf58a4ccecf1474b29dd9d804db7afccddcc78002d2ab5f8b045b3531d206f1d02bb46dcbc3c4e56451202560008b16a6e2635b52d842f5d8c13105c01e1e82eb9c953dad52fe9c99a747dfd5c67e4b45bf6f098170adb9d92cb29f642af1255bdef9304e79b65fb063e42f6d979cabfba55d4244731e1346d7c22c623432d7d358d40e125b8b665e21bdc8fcd9921e21e75c3cd5db7a9fc1f85b86953145128d67b5766f480e647609d1be15aa76c94078982d0c8fb547bdbd324d1592c3b4d7adb2d38ff598a44feef86069f2c62e8a71d4513662e2cccbc24b56c6a340b243742c36b39fbcd56d483e0950015f84e1918556760c134198ee9674cddf87d8061e70614ad461da36b5b101db3a61e5cbcc01c5b238a47abf97ff5001f36dbb4e72131bc1ca114aeb6bd7c5410896ecb47fec53c70594342b5a97960bff2e4a81928048c3f795aaee12ad7edfe7bbed34bd6aa617c83bda855f728e0d8e5fc8d9cfb4f4d6c0c44a2f158ccfbab8ab94f7f965830a57474aee2c7329af72e232ba7c3f1535b839562052a4776b15aac68a03d5e0d9819b8696b25bc7d9a221d9870bd976212fc16395dbcce27836a364f7111a7c9fa57b85b0c2e553b691574ffc971dc9525e47d538f9e6237f8b4d687a764edf2a85a055cf5c67b27ca5089298f349e386421e65fbc691862a54d7d596cf406a0fa00835a6b91c5f464d0d27f22104c55eb29a48f2f396c67a128d5f71340c7f521f4102d9ce552580771b7412987dd0c7e5bbc1c4f06fb46c29ecaea8082ceee0d62c09f71c8260c6a17d9a549e5f038afaf762b861b9e8dc04bf63baad72b85f99e654c4193aa721f96807d2bf0a39652c4cee685f277759887b1d95915fc7d772204f4e7a4abea1c1ba8bb0ac672156df4cab9c0e51e32a2a8999152dc781fd78be12276168748589a896531f418343d81e353dde92319e47fd7788e6056ae6cee9aa90487b310d695c0f43e05168f656052bf9a4e242eb534d42f559e9624c70718eacfb265857a25320b15e74613ab5ec0e777d25548c1ec33a79f5302fcf00d1e05e475d26c76f77554d4c35afb20e048e4f787721f9cd065d908a4e0145040a58063530ac593dc7550d34079c74eab380f1c23ecf285695a5e5e6f9b443baa2779410472667acec2012d44ed07eadbb89423525d27216266f2be9f4c51fae3c90515ed687c853ecc5823b1ecd9cb1741d1a852b05d193df33c3e484cc6219a6fc8657bf397ab743c99fa8bd1191f8cd0bab264f9bb748be6efb9d002e36fb03780623a45dd248750b2b95668b898323ac24c4d0386c3166dd43cdb5594b7fa29384b05cafbffe00d7374deadc3bbb1908b01d1825e9b8fe53f8a9735bb03d90e3586cce91b5dd8607bf246f2f1a75d6a1e15172816e0268dd34974f4de2d63c72b0d344ff06ade85a36537b514f906477cc1b29c56d7ad47e7667c8d5552d93c54124cc3dc3410d02f4ae43a06f9cd94341ec58b037a69641cb4c133212154082ed5984bb7420f93e993fda8ff66210ae3e25a6618b3f8272ef634e4e8086e352425e847c2f8f3e288020af5387b9e73f83e815409a45b35e099eba70ecddc45ddb6faabb8cfd07f1cc41b54cb21deb7bfce61c1b635765ebd1bc879de7bdf2c4183d97063d34e3030d5aa08b193e5dbbd9c01c706291bc2fb8ae5db6256fe7e7c55f7c0231c449499c5df72a85886e0af2bc27b6283b1b96689705c25e5bfa57830acbc9f79434bef06fdada2b0ce92cf1aa4ff8cc4f66ab2576a66c97d887fe0349c5f81b0698cbfc761a8316010b6a515304d347042571404bce6220294b04c0375c372eb97a185ec7c0bf2b5a599d7a3367b7910093f25cde009010e11b864e7844b0529ac757a03fbd4de80e13b7f002be00ca376b6333d95fa980d8526ee59b5c6dd0f294dfbf2502f05c950522dac9807e4925dcdea2ce31e4578201fd64c4946e8e519ac092112b2f6b905eb6201a3ed3121292fdd8c60608f764857f8c340c83c84f7778c0109d064ba34744f94e10091c63a40eed021fc02945cebf0ab047d4d44f574e6ac76bea77a97cf26ce0554d9611081d2e211a69343c84e462b1e5a27d6c04ab4f15a897bb2b57a58dc2968312a603305bf08e11c52e74ff5095f82241314a82308c023fefbb74acc2e382223981e3ec99a1df5602b8a4802abdf2c4c147db6cbf2b27fa1d3931fb11d86d35e02d1d72c1d21380fcbc4da1fa48c52d8527185326cbfd2b05f7830ce7b109b2b2cb780beeef8da0142480d48b44f1b4beb28191c6af3aaf39f5401e8a1f50b9d8a5611b3777fa682df06a4657a6f743cf4638c17cf66e918130d553e9bd74dc0514a3661ca5434d34ac233c1fa4d5a3040b513c2da3460c7b1802c3a5329587c34ab266dc0e6f2d9d2ef599937dba3f985a8c343f9c55a77a107552a72000d21a97ad60dd153848b84bf7586217abd23aae02d45ee37ddc872fb871da7ecd48f9d357d667d6b38055adef7fd324d8d3c7f5b9109b0c8ba74022da5ebf6d166ab40d6103308e42379fc7a33a0c3ee5b3f682cb803a80cc64de70c3a73c42642affdcee33f3c4ed86461790b505eda254ca24dc0dd2acac3e8dd5d94f4c4a31816cebc23dd9dd2895039de59656bdb914b94b976481f972a3a11f9ee227901838b8e433c1ed85115ad874fa0045d6568f7342cdcfe2f82715c2778dd489cf5e9854634885af8d868f72acc713dc2e7dd766dc7c43a5c9f32b4b5854233ecdb59fea6f7e85058d5cc6d4cd76f85ef190768a581a618bef0ebbb29241d05323fbf36565292f026170bd398c0dea174b8e8f33b5583f71f844a3e90702276290eabdf4ddabdb9a64fc75311c9f44a5d7029598715c17e6f4ed0f33ace2d8bdf33df5376bf4a612baccb4fd1ed1e50ef731faaa1b4bcbda9c78c9e10cca102a618c8bc50e9ff9a154fa00a16365265921f4e186f4883d599c6ca8a19dbd2e77ac70b4facd65380e60be616cf2d529e5446c82c2b77e02c9ec0d1850783ab879d8eff296ad282116614f756c45afb9a01a54e9809440e2fd058f2e940a701be8a31c46bc80c58f92067923c20029881d5eece3bf6cb66f51acb89c7705a9bed4d5d120a2dee85b33336a075fdc3cef68308274526bf13524302c86cc14dc0117bfbb791beb7351e976472cbc1ce8a9775a77cb499e36a6256102f1fe0eefe7978c1783a3d72b74e4c54579400c4311cc3843eeb94609d98ed061678d43d044774b5ec5d04ad8282656127a2e293686567822c64fb3903432785246d5726189051fc95c82477c28e112e52105e8552c27c643c729d7d2feed2f21712069d53fa5167aeeb4eedae0041d2cb246810d9043507038aab3ddf0349a080e8447518496fbaf209023caae911c239cdff3b246f76f9cd675623d62b1e2c62df62fecec0c144554c67ec834b7ea8bc53634bf85f99b07d66b989e982c3e44f6f99b5f75c25ee059cf71aa804c8a31bc2a6cabf06c8dfa9a7c3a436a44a5d71b26eece547f70794b58863ddeca359af50bb62521e76e3f2ebbd9bb564a108c19a439e16268d5e2dc2e9223d633abf0859ec512bc1615638e60101ad13ed7f090d1943f81df81d82e4e27db0f56dba73625043c3f3607b1d92dfabc54172511d50c700989ba527b883b78e292a5b3358bc2d35c88c4939f0d11ea86fe2125b6de38080fc7cd02743894d5a36d53d994628dcfae8b06a7bc03500106b1e4f11c505f3969cb937145a7a4af59f0aaf14ef51d662c607bd8e6494bdbff954b09d604a99a03dca883fb61e5155beec7abe377815b56361df0f5cc594ebc21c114833d62f36337226a4ff2a3d0c09d08daafa1f9dec534ba3ed1a3114d84647c49928224652525d94c709147a46b59cb942b3350c6986e7ed46a09df99793ae449643eff7bd20dc4f3a4ebaf81695d5cc3344e29cdb20eb145b99238d5017572ec38778b4873e791e746065d486b5e04a8ef406d0e7397b251f63a9a4f6d0f4f7362735b010543eef170ddc4914c95ca6e51cdf1f51980d4221db526622f0803a8b5339aa2caf414ec2732d44d5f6bb366aef6da7b29dc0000f13d8e9eaf324db53111a66e0425c6657d8c5e28392d08076b4a8995cfc033b637856b44e38c790d3814778eef317045357890c804e0a8202aebed0ec63ba2ec4b2539b804390de92d13d1568b0b5c88dfaabb243ec04efdd6d9be7093a68792a2faa671d0f53700e923e95b535c20596f61c6dbec15809fe67285e6ac1c856612f5f375072d4c91c211534db29472b4392088a7de2115701eaa73bef1cb98ccda10744e19959ba1ca3de97933845d91af8913e3654e0fb49852d42738d0758c81b240a0b2bff3dbb4062f3b62f3083b9d5ec0d82e2744da786e397022fcb22e103cb78ff796a65677f5f7d3577256b6fe4c474a4852b4042e5408bd6ee109786a8752ff1e9e43a3f7708b19fcf95de82f4f5559adf61df4fb6615e29d4a2d884e9b870a8c505219ec77ba832f7a22af4e630e4de7894fae990af7c407b3d51f52475317b626166efe52f3fcc6834e1724effaed256812925baae38fd191a3089c2fbbb1e623b16b4e2613283c2717cd3a57aa00728bf67605f68a15bbdf3516a2ab4dc661371f5694801c99b3449080c7f80b5f53ced92019437cb973c0856880927f34c9af4598ad71add6e61435e8cf7de144db12603b43b40cbeadfdc33f34b0c69847e1879246bcc8094d121cf62dc966bc0a8e442f0f14dcb799d1d762456cf83a030270a91967ea0b8df7f06719cfce10dd5459eaa491c3b9e218c81059372148cfcb3efc7bb99c7ca4f0d84f8ec7dfbe4d133722e4648f0ea1bf5b5412c98eb258ed79806846772b368c3bae56133cd3a056bea3e7de6cd403f3ac306464d52d55fb31f4e223bdc2b81caffc522684a283799cb555d8de1dc8d6943f44a37e9a1f731d53a3f208f7a5a8071094ea57f4eefe3b2ca5d7cbd2f87fed5f52a59c9d9ceb893e9a8d8579573c246a8f436342a719574a42818ed2c55620eba5f1b00f9851b7f643faa9f7b4d04955134bc6bdf5189d1c726bf2417d7db6e8e375ffb23a1223495f2d1f601ade5722910b8cb2adc8716e04dca36415d2783fec114e7dd94710063062528f4c0c961092ce04c66b18728f538d26dbc726c4ca779e0dd7a668f614189e0b074e3fba67996d1a9686cf7fc75f5fe0d55d1a7d5a01cf78826e40eefb39039fe201b9faf8a2d391ace9adc7e1ee91c6aa27e8ba5beb1da3247a56ad36a9dfb1c4566abaaa7cabbf1d7009ff6048ead11ca3c1951a83a5259340c71d8435e0e2db1726cec37eaa0d2c903d6818b9c9d4a641d33055bc2be4e44531181794605aeb5d1b2f2bc260e38416dc9a123992419d3d2c5b76a1d25b2978bd7855ad367e5566137d45cb90ded567aae41391277a8b9967d8d584defdbcd1a673eb4285943e78954ae1309d76724e3098394fe942cb3f4fe4f9ddeec1fde9cd2f15fe116656a8b6534037e770923ca2773959ad2bc65fd17526a301f2de65a0b12000f1540cf00d1f944868d2e8fa16a439d8154cb905016eff286ff562781e61b68417693de77a009b23687b730", 0x1000, 0x1}, {&(0x7f0000001cc0)="c30659b1da4bf5a46d159c89d5492184fc41ba93e7088c43151c87d9993ed1e7b13d19df48ed8bf067b19d567760d7c0113e2536372b677fa01f8c4ff949a627ae18d0d5c661a09cdd05f20e50b228d818668e90f953af3e50fe601346eeef95b8390a78e497f58c17c45f75509a9dd28adad3684ee930572de3e7b54472bfa42c1f94a3afe5884fe9805aa2f1033a0887", 0x91, 0x3}, {&(0x7f0000001d80)="30e588cae55f4ad86dd2b035dc76f22b6d5629a0763ba743d41317917410761978cf43bbcd9920941e7f718f3f498bb2403a4d0a6a926886279bff7f702cd238bf332d18aa6f6031a482b1cfb2d6ff366f77567975c340ffaa512a33ae98c6693277b8f006fa9fcbc61d644ba20c8a0605295073669f9befe7a5188bd31e99a5e70a4647b66e2c7622980e4e97ee849efd384d7c397861480fc248", 0x9b}, {&(0x7f0000001e40)="612d35ae5c1b3a573231588a7014e856b1db52eaa3603d1ebac7225cb0cf3dcd97ca40c1d79ebe82a9eef97d58ad9a993d83f5fb50e536eb90a67170408cb3ef7ac52d2d9c5b5a099b8cf21566b6dfabdc16c0666cb3bb09db851ea4060f363f63499b4c1092dd324678a0de9a597cd81c70e7a5141dff7e998c508629fb652ea5c56986aaa269f96a4a815d25a4f3a2f6d9a20cd6ec3d80839e29e9f4e387f8ebb57602691ae6aee0fa91021a", 0xad, 0x3}, {&(0x7f0000000200)="6bfeca9b2b4a78c4611fecca2fc606a0f8a87f98e243563bfe1d43cf412f7215a225d8c28e4d8ab80acb0f158c7397e51ea8bb28da47", 0x36}]}, 0x7, 0x3}, 0x1) r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SDTEFACILITIES(r5, 0x89eb, &(0x7f0000001f00)={0x7, 0x3ff, 0x4cb9, 0x3, 0xcb, 0x1a, 0x7, "e9dbd59e9d2efce9d1174dc42da0fb655804dafb", "eb5e0ddd8dc4aceb86c80c4f990fce936f572ee7"}) bind$packet(r0, &(0x7f0000000180)={0x11, 0xd, r2, 0x1, 0x0, 0x6, @dev}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) r6 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r6, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) connect$llc(r6, &(0x7f0000000240)={0x1a, 0x20, 0x0, 0x9, 0x2, 0x0, @random='\x00\x00\x00\x00\x00\a'}, 0x10) r7 = syz_init_net_socket$llc(0x1a, 0x801, 0x0) bind$llc(r7, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd42"], 0xfdef) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) stat(&(0x7f0000000380)='./bus\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x410c84, &(0x7f00000004c0)={[], [{@euid_eq={'euid', 0x3d, 0xee00}}, {@smackfsfloor={'smackfsfloor', 0x3d, '4-'}}, {@fowner_gt={'fowner>', r10}}, {@smackfsdef={'smackfsdef', 0x3d, ']v_-:\xe2\xcdbeW\xdb\xdd\xec?\xb0\x941\xf7\xe9\x81\x02\xc3NO\x9fI\x82TR\xe5\xb4&\xd0{\xc7\xaa\x06\xaf\xf3\x85p\xe6\x06\xcd\xe1\xec\xba\x11\xf6\xc6a\xce\xb6\xea\xe2\xa7\x02\x15\x89\xbe>\x02\xc8\x15\xe4^s[\xce\xa5\x8e\x98\xb3\xea\xeaf\xfe\xfe\xc5\x12\xa5\x97\x94\xfc\x1cYI\xa0\x18\xfeo\xb3e\xa42\xb2\xe3\x9e\xf9\x16-Ahb\x0f'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '['}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}]}, 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f00000006c0)={0x180, 0x3b, 0x1, 0x70bd2d, 0x25dfdbfb, "", [@generic="22a356ad12c46af0e26fb596800f2f6434012b9b16d398698bb85c126e5f8f5f9ea31b14a75d06c64623a6bf4461abddfa4a68a8306cf994ed485ed75c75cd0c35012fcb472a276bc5751529580505742515aadbe86225bee57a0fafdc9a7d2f6eecbf42fe2d968f086045c8bf12ce86f91800534e5dcf19b560c19b03a6cacba4ff7824b1df16dd0108895e7311bcbf6016e04cbf0f6809290bac438545da8c58e45ef218921ff2109d9f51770ebd1fe65dcf4472eedaa83dc54227897e8e70dbd131621ca1b341cbceb10d2e24e987921ba7069bb6bd2b6faf843daed3", @generic="38fa031ce0067d530e249093e21e455e46e934707ef98ea3cf8041c89e9e1f34520991a7c5986226949cff9ed95e20c671c80ffd2ce02f84366faa47de78ba90e79eee1800a328841c791705a6fe78712f354b9f99771a9da33111c7df7374f33ddcd9eac081fbe5c9f7da81d05bc8decf31e88590b961f4ca5d692bed62618150ef28aadb1249bbf0c43cee633e19"]}, 0x180}, {&(0x7f0000000840)={0x1010, 0x33, 0x400, 0x70bd28, 0x25dfdbff, "", [@generic="a2f0d4860a6d042aecfee9738e8d8018949519c1a9e494146ee106d581e52e578dc36d1bebc9d26ab4b0a62b5d179904db4802a895605e735f7c7cdba33af4715f61c28db11fc104d93cbe5724ca7fb7d160509689c52c3bfb98bb34030b1f9754e1468ee7897076cb3de980d3b180fc54db18af7ddfb06e815066c4d0c703e8fd37869294f77af47d54f14606264649ec3144686a201e981a841317e9c92b01c1cf720e747f631055761e8642d7710872331fa030c58ba5160d038b3e6a6573ab6a5424e6c3ea4cfc42c0f1af7d6c347c44adef819bd0a961de785b519762acec05fb42449e011803329b7ec2ddbd36d05d6507db9f88993ef18162a7589cac62b611fbfd5a9ff269b962e99f00c3e4a3e91bfbf2cfe31a534504efe8b4a32bf37df73f808e5ea4c44b7b8405efd2ee9a8cf004abf429183274c275b157309a5729a5d2c24ac01f0f622346a747396c961041d86ab2274a634c4d7a1784e06003906fb8a0b3d0d87e81dd95c15bef7e8a6c736581f8260fc8434ca79fb90e4f41c7c9f257bba4f3950bcef534ac99354b19d93ad360c62b02ab79dacd9942ed4f88e80193d9d0a2d6c8586dea78012505ddb0788cc88d87a1e8593ccba01e5a3ce3b2192fd4940ce7deaca1aa72bd6e045230ec860c57874b9b1c1e1275ef35437a718d1e06d24054a9bcf116e27e019b04069f6ac8bb7b2f09d999f6340df3826ff6dd227842baaa06d0f5d79b9579864d7692f7e32497cdea8abdb17dcff5cd287ad45de69a40837e326751690492539d580a883b7f23e0b2afba9d20ab87f79ba049699e73d638e93e20c7f511b53f5a93122857dc1e0c2bf6ef085c1fdb5d6b964b466edc14494dc0db08989d75f51d52189d34c83fb985575e7bf0b37d41f7885e2e5362dbc06e6eaabe38bdea9843705e52b62f037012e6722f281ef8960da68b5995659f67c0029da44c50134ea01e71c7c015cb3a91fd5c790a1055074b6b9801fc3f59c58b692ced4b9d7336549330f9e042165c4ea27d69ad5abaa68be4c5e40001d4db3de1224559bedb6688e2dbae3d9eecc567c0a5ba41e340d00e137a1eced910f24e8f1b71673c7f27a21026a2ad1e59c7ad910f5f3d0f40e3da715d56e12f20d98ddc393b1eb24c397a18fc702e90fb1efcd983feb416f1984ee09ca98a5483557b3071975b577ce45da37be8f237b2c7b94ce57864a1746b5056916dc84945d76e1495efcb40c2c57866891b2988305a4d3ca990abc390f3ec5cd2a7fbd88c8b35095c4e4dde4d0932fc3352586b944f83e32001eed315143d1633a813d63f6693588eba6895b408d7e6113d81e0c8ecb53a192285ac53a4be59be259898944d1827bfb769889ac27ab1ec90280c079c123208e5fc9bde3b0046eaeb9dd3d8212b43d72902e2a6d47fc6b825aa2b037f5417aebb87460e634f8a76b47edf75b51dd5ab1ebc67e91e81879f43ac567af94b8b5bbb90c27863d9bb3ffa37b90537734f3b811dab149313c6f76aae697abcf6aceeaf2a53f6c6aa083702426ee5a4dbeeef657db5b2f59eee4b656406848d2f1527a6a44ed9ebdb3ac6f42bace2b898ae24810edd27c1e2e34d74915f1730622cc613bfc00deb404dc46fb56a0cae8cb48d13943e172e4bf7e50e271eb93f3aefa77cfad5d6e9aa7b66d1c62ea37e8da4ab1613a4126fa7503f8a8531e26a5c8361ebd944f21f9f232c7f1a962915ad9143b1bffaa170f6d6f6f3edd85219a477a2af6be6ca924bd9e03ff304cd750bbcf041a3e63322ac5e99a11aa143ea089d720047fa79b37a0a1f4d8a4a93c482f1bcfb0c9b95af82c15136ca4a1a06b27a4eb62e126e358a19889c82051c05627879a75904f9cdf609b41f3d4e1653daf0b8e9dcd8529f77d8abf86c8344b89d19f1476e06ba7ea985b774a12f344d6581a93149be85c008190c193e75f8d21d4a878fe224757cfc02dd74128473904aa70e61904fc0023340392fa4b239a50c9b68e4c50cfa88033cbdf2ffb189098810b3412a86d7660fe8a07062aa743470ac8702d476ba338d2663580979f55dcb731d0fb8871062c639bd07d4cb09517ef2732d2b9c0a6a86283f56084bf077515621ef7550ed8ecdc97ef2cc7963872200c5f08eb8f0fc8e7e2c38ab875450592cbedf14b9fa7138df07ac775908d7439757db95fb02519a8b48a12d523648ff9c1441a75f3f530941e6eacf5e97322e7132b73fc9d5e9e776aab1a88aa12e376b5d7542373ff913e1f452f2156f4297b21abacc82acd16530fd55246f0398cf4cd5788e7d690908203a365316e4522211a0659833dc0747a75db870b96e445d780618515b884f373bfd142e17bce7df86292c0da4e2d4c82baae7981f6e2f51fb4b9338bbd3a5913b3e0061e55565f7787530f6dc7b75545b4e0576e637a34a97522c50ad62956d531a8e04eb328d0bf0f52bece049f24513ae4f66ebfb6b7e440532ed39874bb74a98f5c115fa7d2cdf6ab62d8c7f3985b3d7a51085b89d77c97dc0c564a29a78f44ff3664e06e1f40442d1842629a2c177698cde5ac3655aa4823120881ba175c70b63385767e3d9424ed33c49d0362aff35d3c321773ca9d1219d9e095b20c3c7b69db67500adeb28ac015c7659ec58ac820ff4360078e00ab261b5463627dc857d889fb733858a8c47e113232cecca5a5605806e1d97cc71c7ce7807686620d043e0bd8cbfd0bcd71f5f1c4b287f58ec5b3a62446b96d8986f06045f445aad7323166adcd70b484242b999f23a7c2b49afdf2f9532bbe6a0a9beef7c9c838f60748d7a6fb955eed1263451c6295e974ac72c13787b7c351a51857aade27c337e435201a0910807e629cb3ee8c28b87753d98a64a1e828ddf21943c05f28e2226233a5085ba2949ffcc51367f972fc1db4c586c5cabd1551214fb599489efdc7f7e3e57e7ac4157cdd1aecd2bf3a2cab41e14ae28ceb93afa31c3232ad79effa8f1014d26a99a3d6fc1af568e06e99fefff62250ac659d9a908c1ba57e792cb6058fa68fc0d430f38e5485db797d1b32527abdad6ff32229ecdee405376352db145266318a04b09fe2907974ef050ddca82ec6a5fbaf73b194c62975c443b604d3f4d50d2870248f2523c89b131aa8aabc947866d75a7571dbbd03603fc439c667f03f614e754cc870642f2cb83e42bec18e546e8b317cdf4ea788fd915619a955ff644cf605b025f465f2a5c81aba7dd66db716fcfe20352796186118d53c7c6759e7dfbb015fb02101870b77a46ea702c9921882804c09c2b1cff99150583db6a51449feab7c14a3d00dba287ce038bcee52a53532b865d00bfe75576abec62a9df2aa8a6fa99a4b05f50a3645d51d74e028706c42064bb308614f8297edeeee366b02becbb5e1b7a8ce7e3faa80935ed37552c6267e8916906d079590c98bf885f0342b9d87570710a381189a13562840847db554a1c2b9bc710f36fb317936838626a0da51fe81ba9d8f1489de8e35d3383504a670cfb540882bfd80e30083369ffbaf3ff339ffecef463efc79df36bff7213acb4c694557e495b32a4b46fccd67106b96feeed5406c3b8596d4ef5cfc23baf6638f372654abf6fb72e1fcbf4d1b8497a1725450c1253c08eb89d76a6a534afb797b5a5c1ff950d3b0aa75ffda708dadd16d6e7d07de229f8ad504b087dc9c01b1fd113d0b8adbd1fba4d46ddcf85bb5c5b11af283fa8aae1fe202afa4f2a482b33daba38ec644332868474119f87412f0e1f300d6706ac28ea5a2b4750c25cfd42cd7217d42071d3d6278873441f026eb935b93f3731c31b24c1b6d33788d2fbf4d3a63495340fb0894a2764d22ff17592badddbf15517dc0ea316f58d4229c4e64e28a9d501bf8314fd41ddc5309194599ff243b1c019918b3357b30d40feed159e018e3f226b991d78e31ace18125fb6b2ef9bedcd3aab0f6f365b37362cfdf5893b4feb6308f3b9bb8e432094c2b2af2b46aeeefbf11941d9e9137b3f2ef0d235e01643164f032b1e1c7a9cb91c04831ebce8b3cb19f167f7c0444490bbf1ab0bc05f6057f78b9242af414c4c2a1b1e7f1773fb152e68c798b4224f3e549e5fae8b10af5135fea8c495c9774bda5e2736ead2a9a4df8a1cf6b00e3327b046efaa4b4d0d001cb1abc6c47c8cefac14bf8c0b73f277a840d661f56d9d98722df4163579278ca86e08866a96fde02ecd949883058439996d01619829ecd8f312da4dea64efea7f96bbfd867da6b92fe42302c9b491b9fb688c4aea7833f292f97ceb09f9132b1a26294abcb6b74ff9d76285100bc651ab0ccf80fdeb62a96d5d7be14eb6ace03cedc2a3d76fbea143d21ddda4e428dcaca5db9c18c1c770df29bfaa7f4e31aed4ff4a490c521235322e237234af0aa60517a11f8a1cecb065d0ca18733a310efdbda5d6c397b54a492be0985fc72218b065d98812727cfbb2620e90e462326acc5d87938d85da99b96cc3a5ba9e646fdfee9b1e6b3bfd27027114ccf8ea67b6e0e9317bf457170d05c61cd67bc93036f8c902f6ce41464c0acce6d25dc420af96638d1c3fc4f259f4ce3ea43f7521d16ea78f3281bac0460b62a74ed1706ac86b1ff1767237b12d0701320b5b516b9c1269f0e644d73f03b671b295199dd5028cd29014bd2f9735604c2e362b402bd7463ee7e01ef43f894beeaa09baa640d6013556f6e4cf1a531f001859bc400cc4bd4a91d99965b2e766292145867ae5e860c0a21d7adef2580438c9b2ed310e4b406033a1fd1a93112247cc240073d1763f228f84395834ff0f1c83b9b461076bba0c2cdc32fbcde1473eb41be84b2b2b0c692167cb32063eae628d553fd35e23840e3670a608c409898ca2a3bbfdb4b4730a0db79908f4192b868fd0b4acb580a847e0f2bf38e7d3ffb0d2dd36db2028c18b0cb1371a8e7067284bfe4559d94f185efb423e8f0347f7547ccab5eec657cf166c25fbf9069ba4329892217a1549528716a284a65f6174f7ac7d586852874dbd2fb562d1c6eb1775febe090b147e42623385825bc70a63556364af53cdd3464ec552761cd46d56df862e0f3edfd9430296ef20d0a80e65fa4e03beac2a8b5a79471856401ee1cc892ceaf91734e150ec0b8c95aed085518124d2ab015c287169abf058b46a8de985cddc30c6c47d820ea28c709b02a25d8bfdd170604244597cb0044bf19c11b3641b59001128d7d0e806392993a3e5686d0c0da370823223ce5743c3b93df737adfed652c6a4b9cb152997d385b85ae9f59f030ae6bbb33e4e1ea489748331fedf4931a559f4d08d9b131e24b41641d376b9306078c3a6ada0f188c81928bcb4baf936681a5ea5466a35d760f920080cb8ff917d8931f53284020bfa9bb3642891ce2746899e4b514fb4fef6a91dd1b8fe485b822abbabe1d07f734a74b5bcd8a2faa2d9d1253b7bd581460c3762e0d0fe2e589f79074af934790927d1feaf0f9705a95529483cf54b5f8cef9543d4527e1f4588cf19c0b3e001c8bc2ce431d280b74f13d6d9a367584acae4983db57b948e8783719cc5b2d905875c8bee22a275e5ba117d24008eea554969fdd8033bd4aaa2d3e6f98898730581181ceba81e321ffa3eb2bbc2935770545e56cb603f04d1fe49243de4dc5b9a63f00785c8766daf5365125275bf6b2a519f5756ca6fb2fa317dd084013aaf03df512bf3c4a361ccf804bf9b48b4e41098918c22b249565eb5341dcfd1b05322cedf54124b8f9c88b43d330ad93d1376c243e16fb214fa6e040367b160d65d"]}, 0x1010}, {&(0x7f0000000040)={0x20, 0x3e, 0x400, 0x70bd26, 0x25dfdbfb, "", [@typed={0x8, 0x19, 0x0, 0x0, @fd=r8}, @typed={0x8, 0x9, 0x0, 0x0, @ipv4=@multicast1}]}, 0x20}, {&(0x7f0000001880)={0x188, 0x3a, 0x20, 0x70bd2a, 0x25dfdbfe, "", [@typed={0x8, 0x114, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}, @typed={0x8, 0x3e, 0x0, 0x0, @uid=r10}, @nested={0x10a, 0xa9, 0x0, 0x1, [@generic="0ec1606b7f733c46ac32e8abcfdd4fa810f080ae7affe02af5dcd65bfdacc451e22b23f232102e9b336d759c7a23c93643f2cd96d22b14fec9b3d6e9102c6c37281b6a37220ad1f1a7b36dbf098c71aeedc0559f0eade0d9a05e4c", @nested={0x4, 0x141}, @typed={0x8, 0x98, 0x0, 0x0, @ipv4=@remote}, @generic="6281cf5b773e69bef188d809d67067596487b05dc6dde9eef31bdb115b8e7148006c2844cf57db26f2cee29a5a2d7e8f48d4b37275421ec514747096adaadf708bd7fd915b9eae3f50070df0954eecf4cd138cdf70e1461552cea38b7dd58b2d6c71bc2856a3862ae61434ff2a7be7b2df747fd1e7763023a5fd946afb1afd86438632dfeaa82a2e4439ae94c6dc9514740a710e6166cf6069e820261411e7"]}, @typed={0x4, 0x10f}, @typed={0x14, 0x89, 0x0, 0x0, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}, @generic="5054d46b92759ff0e88e098117243e43d40af627ec1655a97aa4cb9fdcb8d32c0747f7ab6ebed51356f19b7b24c1b330c0443fda5c7e910fbea97f09a1c627df5a4c85eb"]}, 0x188}, {&(0x7f0000000100)={0x24, 0x11, 0x1, 0x70bd2a, 0x25dfdbfb, "", [@typed={0x14, 0x3c, 0x0, 0x0, @ipv6=@empty}]}, 0x24}, {&(0x7f0000002b00)={0x1254, 0x20, 0x400, 0x70bd2a, 0x25dfdbfb, "", [@nested={0x1129, 0x12f, 0x0, 0x1, [@generic="65dbe8f54b90929cbd7602d2f198de1fe13fde1699879002911bd6d02afb74d371b7b99c042f8983ba54753bb6f0a11dc92c684c9db453b55c6f4b0a478a74159bf66a5fbbd93451edc753c258b785e0df4bb093441c3d18ec82162e80e9f1433b5acd4c72", @nested={0x4, 0x64}, @generic="233b9a1d8190e3b74b2c9c49e9804c043575769b285c01dc63509b7d2b61e41d88f671ab4ee8cbef2c4d9928e813965ce43672ea8a19c47c3346f92d6afc6bd128e3581662edf94d832fcfbbd187bac1", @nested={0x4, 0x52}, @nested={0x4, 0xa0}, @nested={0x4, 0xa8}, @typed={0x5c, 0x117, 0x0, 0x0, @binary="11af73e47883f151f9b56fa24e01e0757e6568802a99e5f23dd0ab7faa72493e80e85981b6fa51da02db9c2a9e46a148730411af227970c6051f4b65ce49456d1939e8e627504aae0ffa0f91510696549fe16ed13958e1eb"}, @nested={0x4, 0xcd}, @generic="be5e837b18fb3eafc6f37fb0bec004f0f76101e816f71a14e939ef38488de4ab5990c98c80157c6b2865ffb80277b39505ee295a8d03184ae935255b8a878353cd482d3d9f8c7166a85c2a318d9f04378cdd5b453596f97b1664d941c4fcba6b5294f8701af4afaf4cc0a59376ceb652d687560547f4f9155cc4b8aebc0f97bb383358f338c426a12e1745aa950827ab77bb36986ec04b4cd4899b7d46bbc7bb437dde830cb880f00ac06a64d0e0829462b560dd6630062381015661dab1da16b748817075c2210e91e1bd5bb299023eabd6dec1de676f831b56d88e33070362a5326b692f6f3a65b050b0d25b5fbb3079b5fa881b3dcb9733fedfbb2e5832994298f35dc1748e3565505fe5856f2d23d9c0307514f71a1fefa50918374ec3950bce312ce38acb8ccca3d6f368d1119fffcfcc7f7d2233459890b19c6c562c0f0550f870e40219b4405495e135bfd9701b200a85f4246c50b159ef6f4dcab7f0baa20cdc2e26d935d6e3b14b29e912c402ff2a64c258d8dbff70fb40b1f75e990a22b3f34e30744619913a2e49e56c99979b83f47064260abeb60db656e4f1f29ba408cfc057d4e1a8b8c00d68d0d58b3876c3d8b176b4ebc232a4c37a32cd7be1e6e52f9838b8c0e508d24fa3ec6e69a30ca48dc3e9e9f15c900907ad4bbaccd9c720dd59fa7bb4dfbe4115c4df8cd7c11f9e5dc2401eae4a28d3a22455152ad2c7b6dafd99a234175d98c5ad6c28de18ed0a3d9b425de7b71c4ab1bf884bca4d7706d2be87fc2cce111e7adf3c6e0efada177799fdc4b372f3f320a177cb203151d563d31d04a217d2e992870d9eaf7f017b7399b48b801dda4972729b2197cf9e9c238132d433443109ae3051baaf51bb8b22d3493bc36fc51cf9d80e956c55cb8cab7a3fc40041fe29feb7648c6487337c41f7677b5d7c3fedc4b5cd393ae1c5d92380e1cace67e9e79a565a1c7dd0f7e93e65bad2ea4681fa840a223c272030e7decc612501ab68c61a913085a40238eb2c23924d14859db68f5e3ba8a69dfcffdd52e98b1809a13a9f10d4f732870f608f9da4474f3e7a3b88d08b9acf559fa3aa154231296eb58da482a6e977e033a41d0b04bd24366dbf72768782e0279a5e8000bc50eec97477fd4ac2c6f6a02b39e53a2d0b1783a6a05181e29f1341664446e6d463740323c64e805da845d52bdaf0a09fb437a0f78d17eabaa7e147735e3de727eaf1d17dbfcfe29fbefa570013b01a9c51c3d84d4940fcf3e7c67d83e86fad9ed5076645b984cbe9ae953b214b0acdad855c91f29b9654e37391b580a46143101bbbb1122022848f3d545aec4bce48ed327c28565935650d4ad620dcd318653ef0a9cef8cd246d1ce63f274a95aa36a43d2572a7a87811f0ca8fc6b62c3a5d98d967a6bfcc0074cbd43f4221f0704178f449ce1658908301c693d790de20e67286f008fe88a359a617d24619785420ca2df45c127907d75022cb5ec6633d56c3c5a22c08bc625fe4f126eccc27216aeaadac7ed37c2548058e9fbec10992e0b5e2ebd5c5bc65300dba6033dfc306870582ae9dd7c5eba395887b0c8c06d88943d3cb9538bc3b831399bfcf52b0f97f450fa20d1c2e7f572d690b725ed2d23816c820d4f7c8287d6a01e1a095fa816c715248fb59655bfb970adfe710851e27d24f9c2f7a8523a4f392f39230f33d16cf913996fb8493bda6260df3f710cc001c2176ad3105898720bc9c92abffa761a0025f6feaf2a53303883c0bb4f50fe9faa57e249ba55fdc9e5452c243f823a1d8f656a6938482cdae05b5051b4571520c475b33b6b1aeeba07f978ac1ce43dbb85ccd72028292c695cd37022df744b646ccd95c232d0a385cf4240349f386d0a3d84a40e3971b9d078b8e23eca97a0bf502b64eb9728cf9403716af1e50a73628052166114d8cf1cbdc1000d689d948b92ef1642a7c47928d0d68aeb1aa12dc46670a3954ab32c306f4c05a2dd2b1b6d033d916841979411e230a37ac430cff442e4cc77548490b1c7e4248e5dce055d0e5566cc2a8e6b9a4dcdf0bc20126bddb09f094bc9270dd4bd4da66f16ddb6500c062b656ca66327ca17e0d07a82b6852e0f9c4f772017c6ee63a1f7a1bac4537a868a5286ebe8fe199c45d56bec3bd6f573670bf31f943503009d266a43b34bc94a768c7b609110b0260a250e98d5e85886fb28ceb17bc36769f735dd93382cb622bc53f27f0afadd5f58298d82ee9f36b3e81049b3ffb02ebbbdb3083501eaa0b7f0a0ce40ce67147cdaf135debf3003fd0cda64af68ec0d30fa68d3f3619bd180d20eeb5a632089d2329782aaaa375ad8b04dd325498b4586b2e11ee00d6a2e99413f5b60a17b42de18d824f3d9b637db2ad92aa627ed0bee1cc413e24c2e22f031183da7957c67cb1220ceb63e5d87e832e31ae4c7b411fe96c119a8b6991a79e2950f81683770ba42c17eaed2075a2ce7ee5d522939c8814dde0d9e1413173b4f08c20ef6c7d5087cf1afc881e9880a4c20a846a5599c180d5e375e5950d0c86b1f5e2d6edd643c33ac6a4ba0bc5f62aa3ec5b74af3819f557b21ceaaa7ffb36a1b715733779d2094b73043bd4852bd115b8e55af438e9e0a978a7c2298f718fd9266478de4f55aefed45425291400b2138f8eb1baeb274ce9f485b0f73b5b72867f5535970d575dd074d11aef768a8a0fa2817b3c0040a05121bce0f16f4f09ae31e86ab08dd95cb42198bfa4afed2977ab105412a24350cd36fc5b329d1acb6c201fa3a2b5e66dff1ce8754cc70395155e10cb4434d67d87abe5331d14c9e3adaa7940d988aacd9a162477d2d19ce0f2d482bb1d783865d1fec8a0bd544eb953975e1740b6a7c0c021ecd925707d3a2a39d62c0cebc0986cabfa525804eeec666bf13d0e3279cc42d60933c19ffda0434366c021c1b0aab4a7a109bbcc27ad806e538ef050b726fd00dd853d8a79c02d13b991e11eb3f28466204a737ceed0f98476753b8dfc4736683b653180c6e24f0b20a7c90e592814a31088e1bdbc6879c998a0bdbd4cca9cd282e43580aa0eff7296116c0eaccbbaaaa754e651a250ca3693302911f6c3382950a6d45caed00e4a71e36d9c48b58c3872b769b02ef7365bb8f7c65970f3642b21ef5b726ee872b716ad6475c48dfb3f53023364d42384ca0543d4e257fff5b25689a9ca9fcec0dfff12f432f4d9de8917fa19bb65afd6a9df9a704a59c5e7203c64043a07fb4cfdfadce8fe987301ff45afbb54748fbe04b22df2899de2a4580fe02ad7871c1e15b86c7e2d1be5dedd6272c4693e27f03b59e9372c65dcc19e95c27e5e9aa5925690e72a78649407d6e11fb7b03f6a4c4e03260f31a6830c80ef3ee2f420b0db7eeecc0ffd0ed12aac4dd1723d0777d832e10e7e0dd193eeb85e1b4dd7e86055d43e47d9d6b3a37cb9bc2d6431b64cc514e5cd8a3f17f73ebfe67bd91222b709b091886912f2a03be0ec793545ec88f772c24f32c34a4789e05d9ccb69624187c50d72e3eda659e8e9db192ab6e5f567c7ecaebabcd39501cd594378bdefe4c6054641441583a821b29347f9f8d44effa84aaf9fce8ea9fb7748bba907e5dd5ae7fdf13cb49b26fbe37b6f011f06731b6ba09c92cf6b9890e9749176bfe989edcfd0f761c806258e8a8b2cf4f4bb35c7985591f529fab5fc02543444614931fb73f77661709237db893f5317cd18ed3df16ed09ed23824b5f4af068f35eb6aa3237a0f11d0ca132f07d24742d1e1871cccbbfcfe88c951a833df0f7070dd4abb3ef203cf2eb7853b90c21ae8758569cea9622e9890fdb0a45a3ffab8ddf1e45f7ea6c7eb3e319b5e5e0a59f8c7e21c3c8025cd15655a290877461dfafb273c94181a8c5d8ceb5fea99693f5988d2dc0b1f65cb302fb8432b6bcd1199d5c4e467fdd859bc67888e3fa92140941a0dba1b5a366f533ad8bcd2715867a4a7c9e298718cb84ce7831be16d2eb16bd7fe1c3812dec44baca700521dd3d7e16f08782a32190512575c67d7e3eca7f64ae26d54f212a4d9b9c8fbd8e51335f794c27b15c6ab4ac4ea02d93f13fc6ef0a91020dadb0d68c1ba35795817ed448d1ec864ea38ce56ce36453a23faa36b5b03c4aa6e56506c98aeb36f6b3fe8fc1fcaee009cd4393a2a196ea72e0aa6a478af97ce8615272a2f350b7824d1524078821b17bf5e908da7fc2404878579f6aaf8483e3263a4b6f992c13e1c4d9dec4d1978be9a2a4c34ca243784d55649b85b0273ff6e762699992e20d91849b5b61742e928b049663fa1e4d334fde89832424f218af94dcb6398d45ec64d2525fb52b7d2176aace29f8245db149cbeeb8ead902fc1555bc0be7b972f0cfc3e09fa1bce1985e14685c1b2f20690e92d36fe8dc6656f4017e0d3c1e5ec5d3430266565e62ea9739a3457ba5c61eaad6b2c0c2ecbe2c2245f764a185293fd5087cfa575d6866b07d8cd4a1c5de1315dd486ef639492e4d08bd561253aced524988c192a448db2793f4eb2359fd441f9f76cddf0daffb699f2662f6325cf6aa9833fea05c2e093427e8c899ac26de6026424690d917059092e2f2e5fe021daf8368c092c9662ec61ad72b687c3a5f146ee95e0be2ea1958a56274abc9375dfb8b465ba29394c2f3d6179f6c750b45b69da639d2c9cabb7d11378fecf9f94778f3ce2500f343481099f14b7a1ca6fbd25577f1dc234d40f978f79f805dc6ee38be3dce58ad5cdc3d970e71d4b66f61aa6657d6383edaa24a54711b6f06a3532fbb73fcfd352aacc6d19719d3a49732c075571bb8073a04a03aa0a87919219345b06d3d1b3f7ae7b33b017c3329c6d746b7f393a7d74f2bf7ee59c19f6c45d334e30ab685f6b0cbd17e990e7b881a1a5b9104082640db2e1a58be4286cfe9aac270c2c6371b356147d443c2a1965fe0e7da6f1309416e2ba6e4fe64d44d03bc5feefa8b288d6f55a91d784fe64a51a45d49ca2e70df040d142b2190b653a3210302eebb5aaad2f3d69c49052642b3ba4ea5e58dd69c108d344658ca92cd3c9d92dbc1bdb2047b46b1661a11ffbf4a41bfd09338d49577267e4ae560d4963088b0bc344cd373bf36f39e3c3441c3c614339d49c38e7fdd53c390009814c6b400e635b1c95a66c155a6e0b86b39ac39f321a94e9811ff5dca319387c09719910c1512c50c373528a0bf6e64a8dcd6da6b5f346948162e3b904d6f36f925a61a869b37479540896f9d40603a64e0bfd544761852e392ec4db4cd5f7bc52cda5dfd5d6df75a56993b6267cd9e29e85cee8481854185a2f54757b74f48e557dac624f964c4b66071b81e9933b9902aa2601999985df0c461abbc6e66638aa39337b3fde60b5cc2c9aa3b91091654fab397c2b079c0cdc90aa63c830d0f3f3773495e5272a495d9f49544a51d0ef276b99bacb3d5126286d90a0bd99469001ff1dce9c528a125f23ab43d3145764ddd1ee544f7aa0a303fcd8d07dc5612e80d8921c19f79f8ec571342d129db3f6d1d201c7aae9c6f948315223e76ee60a55522f3b2e6ffde4f9b55476e6432eef1ed3e1573619d14a13f84762219b70de4f693b513299cf2c1e562fa79274be11baf9507c4fcf31d8fc41b2bb9f1b17ba97b8412f50fea054028bd99148654695f79c41d1e62b479bf5190addbad0866174319e02444eec25cc52decfa92b8bb7c1f1ea21cdcecf87c9daf9dbffce2f5490c708594fc945ed3e7753d8d2af774ef12cdad9344f1fe319dadf7c4845f4b9d14d45e6a33833007d8fe6bee00c6cfa0d58764313"]}, @nested={0x118, 0xaa, 0x0, 0x1, [@typed={0x103, 0xaf, 0x0, 0x0, @binary="62eb32951e44f4a61a63a238f5722050647c86862e62ca1704ff857e65564db02b163a4255b393ac13360778507cf787790771782a5c22a49bdaf46604a21990e5bd3a480f05064af64b3937a28b2e5127bb5a949a3c3981dc6c62f95e9e814febb79c055eb4fa8cca7f8a073507141c2b6be1937e3f5e26395fdfaaebc67f68570d29aba1ca545b57744ae4e82274f7687dab81e24f0691ad0323127c0b0e48a315d4a01a132ee2d854f58ae26d87af0be2a59c9b1e11239a54d44248239060d4cee103757e608e1b4fbbd4f87e1b0353a0adca6cca1b960bb0af14c4c44dac9105f82128923e9f368efef7508e30d2046233d49bc178b9bbc6d960d77f62"}, @nested={0x4, 0x14d}, @typed={0xc, 0x5f, 0x0, 0x0, @u64=0x2}]}]}, 0x1254}], 0x6}, 0x48040) 254.934996ms ago: executing program 2 (id=1992): syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "41e35911e54143e31e41c0b652d0feea"}]}}}}}}}, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="5c00500013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000000000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0) 160.283168ms ago: executing program 1 (id=1993): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) socket$inet_smc(0x2b, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x800) sendmsg$NFT_BATCH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x54}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000) 86.003039ms ago: executing program 1 (id=1994): socket(0x10, 0x2, 0x0) setresgid(0x0, 0x0, 0x0) r0 = syz_clone(0x22180, 0x0, 0xa42f, 0x0, 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00') pread64(r2, &(0x7f0000000140)=""/15, 0xf, 0x4) 10.70015ms ago: executing program 3 (id=1995): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)=r1}, 0x20) r2 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f00000004c0)={'ip6tnl0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0}) 10.12221ms ago: executing program 0 (id=1996): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1f, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r0, @ANYRESHEX], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x205) writev(r2, &(0x7f0000000400)=[{0x0}, {&(0x7f0000000780)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9", 0x2a}], 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) unshare(0x2c020400) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) socket$key(0xf, 0x3, 0x2) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x138, 0x10, 0x713, 0xffffff80, 0x0, {{@in=@broadcast, @in6=@mcast1, 0x0, 0x80ff}, {@in6=@remote, 0x0, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, 0x0, 0x0, 0xa, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0xe}, 0x0) unshare(0x2a020400) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) socket$kcm(0x23, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYRES16=r3, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095e57c617001eae41d2e126ba5dd27bfcab268266c94f90b36165e2917ee98fb04fd160b2bc524aae1b36546e9686c613d9490b1933447ddcbe683827fd6b9d2921eeda2b85f0a5c44ace7b8bb57f77b909af050cff5aedeaa667422b407f5a6bb28e9247b15ce68c42ba9ed4df61fbca019fa77d763a1aca9a242b73eb41115e8d49bdc653ff6883e6149db"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r4}, &(0x7f0000000800), &(0x7f0000000840)=r5}, 0x20) io_uring_enter(0xffffffffffffffff, 0x8ba, 0x696d, 0x20, 0x0, 0x0) sync_file_range(r4, 0xffffffffffffffff, 0x409, 0x7) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x10, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000100)='kfree\x00', 0xffffffffffffffff, 0x0, 0x1000000}, 0x18) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000078000000030a01010000000000000000010000000900030073797a310000000028000480080002400000000208000140000000051400030076657468315f746f5f626174616476000900010073797a300000000008000a4000000002"], 0xc0}}, 0x8000) 9.72572ms ago: executing program 2 (id=1997): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c0000001800dd8d000000000000000002000000000000060000000006001500010000001800168014000100800000000000000000001000000011"], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x5, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './bus\x00'}) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10) r7 = socket$rds(0x15, 0x5, 0x0) bind$rds(r7, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r7, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x4, @local}, 0x10, 0x0}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xd, 0x0, &(0x7f0000000240)="354da925f340a56cd9bd738d60", 0x0, 0x501, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r8 = socket(0x40000000015, 0x5, 0x0) socket$netlink(0x10, 0x3, 0x9) r9 = gettid() bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r4}, &(0x7f0000000080), &(0x7f0000000380)=r2}, 0x20) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r9}, &(0x7f0000bbdffc)=0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300800000000025"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r11}, 0x10) fsync(r11) timer_settime(r10, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') recvmmsg(r8, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x85}}, 0x0) 0s ago: executing program 1 (id=1998): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10060, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x20000000000001d2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000280), &(0x7f00000002c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, 0x0, 0x2, 0x0) r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382) r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n [ 134.435380][ T7672] dump_stack_lvl+0xf6/0x150 [ 134.435402][ T7672] dump_stack+0x15/0x1a [ 134.435417][ T7672] should_fail_ex+0x261/0x270 [ 134.435502][ T7672] should_fail+0xb/0x10 [ 134.435519][ T7672] should_fail_usercopy+0x1a/0x20 [ 134.435541][ T7672] _copy_from_user+0x1c/0xa0 [ 134.435646][ T7672] wants_mount_setattr+0x14a/0x670 [ 134.435682][ T7672] ? putname+0xe1/0x100 [ 134.435705][ T7672] __se_sys_mount_setattr+0x114/0x240 [ 134.435728][ T7672] __x64_sys_mount_setattr+0x67/0x80 [ 134.435747][ T7672] x64_sys_call+0x9e9/0x2e10 [ 134.435831][ T7672] do_syscall_64+0xc9/0x1a0 [ 134.435852][ T7672] ? clear_bhb_loop+0x25/0x80 [ 134.435869][ T7672] ? clear_bhb_loop+0x25/0x80 [ 134.435926][ T7672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.435944][ T7672] RIP: 0033:0x7f26a871e169 [ 134.435956][ T7672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.435971][ T7672] RSP: 002b:00007f26a6d87038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ba [ 134.435986][ T7672] RAX: ffffffffffffffda RBX: 00007f26a8945fa0 RCX: 00007f26a871e169 [ 134.436025][ T7672] RDX: 0000000000008100 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 134.436035][ T7672] RBP: 00007f26a6d87090 R08: 0000000000000020 R09: 0000000000000000 [ 134.436045][ T7672] R10: 0000200000001dc0 R11: 0000000000000246 R12: 0000000000000001 [ 134.436055][ T7672] R13: 0000000000000000 R14: 00007f26a8945fa0 R15: 00007ffd9d886188 [ 134.436072][ T7672] [ 134.615926][ T7670] serio: Serial port ptm0 [ 134.640305][ T7675] 9pnet_fd: Insufficient options for proto=fd [ 134.702105][ T7686] loop3: detected capacity change from 0 to 1024 [ 134.711099][ T7683] netlink: 'syz.4.1427': attribute type 1 has an invalid length. [ 134.719102][ T7683] netlink: 161700 bytes leftover after parsing attributes in process `syz.4.1427'. [ 134.730874][ T7683] No such timeout policy "syz1" [ 134.871671][ T7688] serio: Serial port ptm1 [ 134.966038][ T7696] loop2: detected capacity change from 0 to 512 [ 134.973393][ T7696] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 134.999626][ T7696] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.012770][ T7696] ext4 filesystem being mounted at /300/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 135.028243][ T7696] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.1431: corrupted xattr block 19: overlapping e_value [ 135.043747][ T7696] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop2 ino=15 [ 135.054238][ T7696] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.1431: corrupted xattr block 19: overlapping e_value [ 135.123849][ T7696] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.1431: corrupted xattr block 19: overlapping e_value [ 135.142263][ T7696] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop2 ino=15 [ 135.154090][ T7696] EXT4-fs error (device loop2): ext4_get_inode_usage:884: inode #15: comm syz.2.1431: corrupted xattr block 19: overlapping e_value [ 135.169024][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.176589][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.184037][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.200107][ T7701] loop1: detected capacity change from 0 to 512 [ 135.203471][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.214010][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.221476][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.229719][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.237299][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.240605][ T7696] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.1431: corrupted xattr block 19: overlapping e_value [ 135.244688][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.266728][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.268840][ T7696] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop2 ino=15 [ 135.274121][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.274162][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.299023][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.299379][ T7701] EXT4-fs error (device loop1): ext4_orphan_get:1416: comm syz.1.1432: bad orphan inode 15 [ 135.318701][ T7701] ext4_test_bit(bit=14, block=18) = 1 [ 135.324141][ T7701] is_bad_inode(inode)=0 [ 135.328447][ T7701] NEXT_ORPHAN(inode)=1023 [ 135.332976][ T7701] max_ino=32 [ 135.336306][ T7701] i_nlink=0 [ 135.341113][ T7701] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2962: inode #15: comm syz.1.1432: corrupted xattr block 19: invalid header [ 135.357901][ T7701] EXT4-fs warning (device loop1): ext4_evict_inode:279: xattr delete (err -117) [ 135.367945][ T7701] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 135.382182][ T7701] ext4 filesystem being mounted at /276/qY3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 135.382302][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.401251][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.409351][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.416979][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.424544][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.432025][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.440431][ T36] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 135.449344][ T36] hid-generic 0000:0004:0000.0002: hidraw0: HID v0.02 Device [syz0] on syz1 [ 135.449740][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 135.482251][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.569277][ T7708] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1435'. [ 135.652421][ T7717] loop3: detected capacity change from 0 to 512 [ 135.665375][ T7717] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 135.713424][ T7717] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 135.738495][ T7717] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.1439: corrupted in-inode xattr: e_value size too large [ 135.762946][ T7724] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1441'. [ 135.767599][ T7721] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1440'. [ 135.773357][ T7717] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.1439: couldn't read orphan inode 15 (err -117) [ 135.795592][ T7724] loop4: detected capacity change from 0 to 128 [ 135.802615][ T7724] vfat: Unknown parameter '' [ 135.811120][ T7717] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.828970][ T7724] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(12) [ 135.835805][ T7724] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 135.836222][ T7717] netlink: 'syz.3.1439': attribute type 13 has an invalid length. [ 135.843532][ T7724] vhci_hcd vhci_hcd.0: Device attached [ 135.851712][ T7717] gretap0: refused to change device tx_queue_len [ 135.863765][ T7717] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 135.882775][ T7725] vhci_hcd: connection closed [ 135.883087][ T1988] vhci_hcd: stop threads [ 135.892946][ T1988] vhci_hcd: release socket [ 135.897649][ T1988] vhci_hcd: disconnect device [ 135.905535][ T7729] loop2: detected capacity change from 0 to 128 [ 135.977866][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.014632][ T7731] loop3: detected capacity change from 0 to 1024 [ 136.252554][ T7744] serio: Serial port ptm0 [ 136.781931][ T7750] loop4: detected capacity change from 0 to 512 [ 136.800816][ T7750] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.828419][ T7750] ext4 filesystem being mounted at /262/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.942872][ T7755] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7755 comm=syz.3.1448 [ 136.949302][ T7750] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1447: corrupted inode contents [ 136.968870][ T7750] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1447: mark_inode_dirty error [ 136.983443][ T7755] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pid=7755 comm=syz.3.1448 [ 136.996493][ T7750] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1447: corrupted inode contents [ 136.996691][ T7750] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.1447: mark_inode_dirty error [ 137.053559][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.144328][ T7763] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1452'. [ 137.279883][ T7772] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1456'. [ 137.343327][ T7772] loop1: detected capacity change from 0 to 128 [ 137.351069][ T7772] vfat: Unknown parameter '' [ 137.362363][ T7772] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12) [ 137.369173][ T7772] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 137.377805][ T7772] vhci_hcd vhci_hcd.0: Device attached [ 137.436919][ T7775] vhci_hcd: connection closed [ 137.446798][ T7778] program syz.4.1457 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 137.458727][ T3421] vhci_hcd: stop threads [ 137.465180][ T3421] vhci_hcd: release socket [ 137.469684][ T3421] vhci_hcd: disconnect device [ 137.674840][ T7785] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1460'. [ 137.719305][ T7787] loop4: detected capacity change from 0 to 512 [ 137.739011][ T7787] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.752920][ T7787] ext4 filesystem being mounted at /269/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 137.766219][ T7787] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1461: corrupted inode contents [ 137.779822][ T7787] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1461: mark_inode_dirty error [ 137.792010][ T7787] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1461: corrupted inode contents [ 137.806524][ T7787] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1461: corrupted inode contents [ 137.819925][ T7787] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1461: mark_inode_dirty error [ 137.831744][ T7787] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1461: corrupted inode contents [ 137.845143][ T7787] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.1461: mark_inode_dirty error [ 137.858444][ T7787] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1461: corrupted inode contents [ 137.872683][ T7787] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1461: mark_inode_dirty error [ 137.901931][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.158517][ T29] kauditd_printk_skb: 122 callbacks suppressed [ 138.158590][ T29] audit: type=1326 audit(1745342126.722:3263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7794 comm="syz.1.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f140e9ee169 code=0x7ffc0000 [ 138.191701][ T29] audit: type=1326 audit(1745342126.722:3264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7794 comm="syz.1.1462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f140e9ee169 code=0x7ffc0000 [ 138.345546][ T7811] FAULT_INJECTION: forcing a failure. [ 138.345546][ T7811] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 138.359650][ T7811] CPU: 1 UID: 0 PID: 7811 Comm: syz.2.1471 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 138.359681][ T7811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 138.359772][ T7811] Call Trace: [ 138.359781][ T7811] [ 138.359790][ T7811] dump_stack_lvl+0xf6/0x150 [ 138.359821][ T7811] dump_stack+0x15/0x1a [ 138.359842][ T7811] should_fail_ex+0x261/0x270 [ 138.359875][ T7811] should_fail+0xb/0x10 [ 138.359949][ T7811] should_fail_usercopy+0x1a/0x20 [ 138.360011][ T7811] _copy_to_user+0x20/0xa0 [ 138.360055][ T7811] simple_read_from_buffer+0xb2/0x130 [ 138.360094][ T7811] proc_fail_nth_read+0x103/0x140 [ 138.360137][ T7811] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 138.360243][ T7811] vfs_read+0x1b2/0x710 [ 138.360262][ T7811] ? bpf_trace_run2+0x12c/0x1d0 [ 138.360287][ T7811] ? __rcu_read_unlock+0x4e/0x70 [ 138.360314][ T7811] ? __fget_files+0x186/0x1c0 [ 138.360373][ T7811] ksys_read+0xeb/0x1b0 [ 138.360396][ T7811] __x64_sys_read+0x42/0x50 [ 138.360413][ T7811] x64_sys_call+0x2a3b/0x2e10 [ 138.360437][ T7811] do_syscall_64+0xc9/0x1a0 [ 138.360475][ T7811] ? clear_bhb_loop+0x25/0x80 [ 138.360512][ T7811] ? clear_bhb_loop+0x25/0x80 [ 138.360538][ T7811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.360561][ T7811] RIP: 0033:0x7fb4d059cb7c [ 138.360579][ T7811] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 138.360596][ T7811] RSP: 002b:00007fb4cec07030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 138.360670][ T7811] RAX: ffffffffffffffda RBX: 00007fb4d07c5fa0 RCX: 00007fb4d059cb7c [ 138.360682][ T7811] RDX: 000000000000000f RSI: 00007fb4cec070a0 RDI: 0000000000000004 [ 138.360693][ T7811] RBP: 00007fb4cec07090 R08: 0000000000000000 R09: 0000000000000000 [ 138.360707][ T7811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 138.360718][ T7811] R13: 0000000000000000 R14: 00007fb4d07c5fa0 R15: 00007ffd708ecec8 [ 138.360779][ T7811] [ 138.415570][ T29] audit: type=1400 audit(1745342126.932:3265): avc: denied { write } for pid=7810 comm="syz.4.1470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 138.595668][ T7821] loop2: detected capacity change from 0 to 128 [ 138.603919][ T7821] vfat: Unknown parameter '' [ 138.612300][ T7821] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(13) [ 138.618929][ T7821] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 138.626710][ T7821] vhci_hcd vhci_hcd.0: Device attached [ 138.648249][ T7822] vhci_hcd: connection closed [ 138.648729][ T134] vhci_hcd: stop threads [ 138.657948][ T134] vhci_hcd: release socket [ 138.662611][ T134] vhci_hcd: disconnect device [ 138.720115][ T7825] xt_hashlimit: max too large, truncated to 1048576 [ 138.835423][ T7834] loop1: detected capacity change from 0 to 1024 [ 138.957671][ T7842] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=7842 comm=syz.1.1479 [ 139.061053][ T7851] loop1: detected capacity change from 0 to 128 [ 139.326993][ T29] audit: type=1326 audit(1745342127.892:3266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7857 comm="syz.2.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 139.394418][ T29] audit: type=1326 audit(1745342127.892:3267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7857 comm="syz.2.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 139.418206][ T29] audit: type=1326 audit(1745342127.912:3268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7859 comm="syz.0.1486" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddbb80e169 code=0x7ffc0000 [ 139.441836][ T29] audit: type=1326 audit(1745342127.922:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7857 comm="syz.2.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 139.465579][ T29] audit: type=1326 audit(1745342127.922:3270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7857 comm="syz.2.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 139.489049][ T29] audit: type=1326 audit(1745342127.922:3271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7857 comm="syz.2.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 139.513226][ T29] audit: type=1326 audit(1745342127.922:3272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7857 comm="syz.2.1485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 139.683442][ T7869] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7869 comm=syz.0.1488 [ 139.744979][ T7879] random: crng reseeded on system resumption [ 139.769202][ T7883] netlink: 'syz.0.1494': attribute type 13 has an invalid length. [ 139.770883][ T7880] FAULT_INJECTION: forcing a failure. [ 139.770883][ T7880] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 139.777396][ T7883] gretap0: refused to change device tx_queue_len [ 139.790401][ T7880] CPU: 0 UID: 0 PID: 7880 Comm: syz.1.1492 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 139.790495][ T7880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 139.790513][ T7880] Call Trace: [ 139.790522][ T7880] [ 139.790534][ T7880] dump_stack_lvl+0xf6/0x150 [ 139.790567][ T7880] dump_stack+0x15/0x1a [ 139.790587][ T7880] should_fail_ex+0x261/0x270 [ 139.790620][ T7880] should_fail+0xb/0x10 [ 139.790673][ T7880] should_fail_usercopy+0x1a/0x20 [ 139.790706][ T7880] _copy_to_user+0x20/0xa0 [ 139.790744][ T7880] simple_read_from_buffer+0xb2/0x130 [ 139.790902][ T7880] proc_fail_nth_read+0x103/0x140 [ 139.791021][ T7880] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 139.791064][ T7880] vfs_read+0x1b2/0x710 [ 139.791084][ T7880] ? bpf_trace_run2+0x12c/0x1d0 [ 139.791181][ T7880] ? __rcu_read_unlock+0x4e/0x70 [ 139.791210][ T7880] ? __fget_files+0x186/0x1c0 [ 139.791241][ T7880] ksys_read+0xeb/0x1b0 [ 139.791266][ T7880] __x64_sys_read+0x42/0x50 [ 139.791291][ T7880] x64_sys_call+0x2a3b/0x2e10 [ 139.791370][ T7880] do_syscall_64+0xc9/0x1a0 [ 139.791404][ T7880] ? clear_bhb_loop+0x25/0x80 [ 139.791431][ T7880] ? clear_bhb_loop+0x25/0x80 [ 139.791460][ T7880] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.791486][ T7880] RIP: 0033:0x7f140e9ecb7c [ 139.791524][ T7880] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 139.791548][ T7880] RSP: 002b:00007f140d057030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 139.791572][ T7880] RAX: ffffffffffffffda RBX: 00007f140ec15fa0 RCX: 00007f140e9ecb7c [ 139.791588][ T7880] RDX: 000000000000000f RSI: 00007f140d0570a0 RDI: 0000000000000007 [ 139.791603][ T7880] RBP: 00007f140d057090 R08: 0000000000000000 R09: 0000000000000000 [ 139.791618][ T7880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 139.791633][ T7880] R13: 0000000000000000 R14: 00007f140ec15fa0 R15: 00007ffc320db568 [ 139.791659][ T7880] [ 140.003459][ T7883] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 140.030242][ T7887] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13) [ 140.037600][ T7887] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 140.045456][ T7887] vhci_hcd vhci_hcd.0: Device attached [ 140.064785][ T7888] vhci_hcd: connection closed [ 140.065056][ T134] vhci_hcd: stop threads [ 140.074794][ T134] vhci_hcd: release socket [ 140.080134][ T134] vhci_hcd: disconnect device [ 140.292103][ T7898] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1499'. [ 140.400402][ T7905] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1502'. [ 140.580513][ T7915] loop2: detected capacity change from 0 to 128 [ 140.604546][ T7920] loop4: detected capacity change from 0 to 512 [ 140.699386][ T7920] EXT4-fs error (device loop4): ext4_orphan_get:1416: comm syz.4.1507: bad orphan inode 15 [ 140.711623][ T7920] ext4_test_bit(bit=14, block=18) = 1 [ 140.717255][ T7920] is_bad_inode(inode)=0 [ 140.721527][ T7920] NEXT_ORPHAN(inode)=1023 [ 140.725961][ T7920] max_ino=32 [ 140.729640][ T7920] i_nlink=0 [ 140.778971][ T7925] netlink: 'syz.1.1508': attribute type 13 has an invalid length. [ 140.800525][ T7920] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2962: inode #15: comm syz.4.1507: corrupted xattr block 19: invalid header [ 140.819836][ T7925] gretap0: refused to change device tx_queue_len [ 140.827163][ T7925] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 140.869218][ T7920] EXT4-fs warning (device loop4): ext4_evict_inode:279: xattr delete (err -117) [ 140.895813][ T7920] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 140.984579][ T7920] ext4 filesystem being mounted at /276/qY3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 141.064228][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 141.192148][ T7931] loop4: detected capacity change from 0 to 512 [ 141.231445][ T7931] EXT4-fs error (device loop4): ext4_orphan_get:1390: inode #15: comm syz.4.1510: iget: bad extended attribute block 1 [ 141.250257][ T7938] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1513'. [ 141.263972][ T7939] FAULT_INJECTION: forcing a failure. [ 141.263972][ T7939] name failslab, interval 1, probability 0, space 0, times 0 [ 141.276843][ T7939] CPU: 0 UID: 0 PID: 7939 Comm: syz.3.1511 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 141.276876][ T7939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 141.276892][ T7939] Call Trace: [ 141.276900][ T7939] [ 141.276917][ T7939] dump_stack_lvl+0xf6/0x150 [ 141.276949][ T7939] dump_stack+0x15/0x1a [ 141.277031][ T7939] should_fail_ex+0x261/0x270 [ 141.277057][ T7939] should_failslab+0x8f/0xb0 [ 141.277078][ T7939] kmem_cache_alloc_noprof+0x59/0x340 [ 141.277132][ T7939] ? __send_signal_locked+0x15d/0x7a0 [ 141.277235][ T7939] __send_signal_locked+0x15d/0x7a0 [ 141.277271][ T7939] send_signal_locked+0x28f/0x3a0 [ 141.277303][ T7939] do_send_sig_info+0x9f/0xf0 [ 141.277336][ T7939] __se_sys_tkill+0x139/0x190 [ 141.277398][ T7939] __x64_sys_tkill+0x31/0x40 [ 141.277425][ T7939] x64_sys_call+0x2214/0x2e10 [ 141.277447][ T7939] do_syscall_64+0xc9/0x1a0 [ 141.277471][ T7939] ? clear_bhb_loop+0x25/0x80 [ 141.277500][ T7939] ? clear_bhb_loop+0x25/0x80 [ 141.277566][ T7939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.277593][ T7939] RIP: 0033:0x7f95c4e7e169 [ 141.277640][ T7939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.277663][ T7939] RSP: 002b:00007f95c34c6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c8 [ 141.277686][ T7939] RAX: ffffffffffffffda RBX: 00007f95c50a6080 RCX: 00007f95c4e7e169 [ 141.277698][ T7939] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 00000000000002b1 [ 141.277709][ T7939] RBP: 00007f95c34c6090 R08: 0000000000000000 R09: 0000000000000000 [ 141.277720][ T7939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.277731][ T7939] R13: 0000000000000000 R14: 00007f95c50a6080 R15: 00007fff05dbc548 [ 141.277752][ T7939] [ 141.477950][ T7931] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.1510: couldn't read orphan inode 15 (err -117) [ 141.517533][ T7931] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 141.574435][ T7931] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 141.652927][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.802090][ T7948] loop4: detected capacity change from 0 to 1024 [ 141.939724][ T7951] loop3: detected capacity change from 0 to 128 [ 141.966546][ T7951] vfat: Unknown parameter '' [ 142.028512][ T7951] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13) [ 142.035470][ T7951] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 142.043330][ T7951] vhci_hcd vhci_hcd.0: Device attached [ 142.051624][ T7948] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.080696][ T7953] vhci_hcd: connection closed [ 142.080932][ T134] vhci_hcd: stop threads [ 142.090077][ T134] vhci_hcd: release socket [ 142.095344][ T134] vhci_hcd: disconnect device [ 142.500740][ T7962] netlink: 'syz.1.1520': attribute type 13 has an invalid length. [ 142.519204][ T7962] gretap0: refused to change device tx_queue_len [ 142.525586][ T7962] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 142.675338][ T7964] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1521'. [ 142.722300][ T7966] loop3: detected capacity change from 0 to 512 [ 142.760876][ T7966] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.823948][ T7966] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.842169][ T7966] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1522: corrupted inode contents [ 142.879471][ T7966] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #2: comm syz.3.1522: mark_inode_dirty error [ 142.921774][ T7966] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1522: corrupted inode contents [ 142.970780][ T7974] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1522: corrupted inode contents [ 142.994204][ T7974] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #2: comm syz.3.1522: mark_inode_dirty error [ 143.016419][ T7981] loop9: detected capacity change from 0 to 7 [ 143.026508][ T7974] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1522: corrupted inode contents [ 143.028229][ T7981] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.048674][ T7974] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.1522: mark_inode_dirty error [ 143.062595][ T7981] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.070519][ T7981] loop9: unable to read partition table [ 143.080425][ T7974] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1522: corrupted inode contents [ 143.098600][ T7981] loop_reread_partitions: partition scan of loop9 (被ڬdƤݡ [ 143.098600][ T7981] U) failed (rc=-5) [ 143.123357][ T7974] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #2: comm syz.3.1522: mark_inode_dirty error [ 143.198342][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.262871][ T7986] loop3: detected capacity change from 0 to 1024 [ 143.269071][ T7984] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1530'. [ 143.440756][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.510159][ T7990] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1541'. [ 143.552613][ T7994] serio: Serial port ptm1 [ 143.658073][ T29] kauditd_printk_skb: 319 callbacks suppressed [ 143.658097][ T29] audit: type=1326 audit(1745342132.132:3592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7992 comm="syz.4.1528" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a871e169 code=0x7ffc0000 [ 143.701285][ T8001] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1532'. [ 143.768049][ T29] audit: type=1326 audit(1745342132.332:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8003 comm="syz.4.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a871e169 code=0x7ffc0000 [ 143.851367][ T29] audit: type=1326 audit(1745342132.352:3594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8003 comm="syz.4.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f26a871e169 code=0x7ffc0000 [ 143.875721][ T29] audit: type=1326 audit(1745342132.352:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8003 comm="syz.4.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a871e169 code=0x7ffc0000 [ 143.899833][ T29] audit: type=1326 audit(1745342132.352:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8003 comm="syz.4.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a871e169 code=0x7ffc0000 [ 143.923450][ T29] audit: type=1326 audit(1745342132.362:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8003 comm="syz.4.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f26a871e169 code=0x7ffc0000 [ 143.948622][ T29] audit: type=1326 audit(1745342132.362:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8003 comm="syz.4.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a871e169 code=0x7ffc0000 [ 143.972319][ T29] audit: type=1326 audit(1745342132.362:3599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8003 comm="syz.4.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a871e169 code=0x7ffc0000 [ 143.996663][ T29] audit: type=1326 audit(1745342132.362:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8003 comm="syz.4.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26a871e169 code=0x7ffc0000 [ 144.020657][ T29] audit: type=1326 audit(1745342132.362:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8003 comm="syz.4.1534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26a871e169 code=0x7ffc0000 [ 144.252510][ T8018] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1539'. [ 144.289426][ T8023] loop4: detected capacity change from 0 to 512 [ 144.341294][ T8026] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1543'. [ 144.347549][ T8023] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.363111][ T8023] ext4 filesystem being mounted at /283/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.375407][ T8023] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1542: corrupted inode contents [ 144.388254][ T8023] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1542: mark_inode_dirty error [ 144.400522][ T8023] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1542: corrupted inode contents [ 144.449641][ T8023] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1542: corrupted inode contents [ 144.463748][ T8023] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1542: mark_inode_dirty error [ 144.464224][ T8037] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 144.492674][ T8023] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1542: corrupted inode contents [ 144.506427][ T8023] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.1542: mark_inode_dirty error [ 144.519113][ T8023] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1542: corrupted inode contents [ 144.531514][ T8023] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1542: mark_inode_dirty error [ 144.585943][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.623260][ T8043] loop2: detected capacity change from 0 to 2048 [ 144.638587][ T8043] EXT4-fs: Ignoring removed bh option [ 144.644400][ T8043] ext4: Unknown parameter 'smackfstransmute' [ 144.660607][ T8050] xt_hashlimit: size too large, truncated to 1048576 [ 144.851298][ T8073] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1559'. [ 144.865056][ T8070] netlink: 'syz.2.1557': attribute type 1 has an invalid length. [ 144.877419][ T8076] FAULT_INJECTION: forcing a failure. [ 144.877419][ T8076] name failslab, interval 1, probability 0, space 0, times 0 [ 144.890133][ T8076] CPU: 1 UID: 0 PID: 8076 Comm: syz.3.1561 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 144.890166][ T8076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 144.890178][ T8076] Call Trace: [ 144.890186][ T8076] [ 144.890195][ T8076] dump_stack_lvl+0xf6/0x150 [ 144.890280][ T8076] dump_stack+0x15/0x1a [ 144.890301][ T8076] should_fail_ex+0x261/0x270 [ 144.890357][ T8076] should_failslab+0x8f/0xb0 [ 144.890385][ T8076] __kmalloc_cache_noprof+0x55/0x320 [ 144.890512][ T8076] ? sf_setstate+0x18c/0x300 [ 144.890548][ T8076] sf_setstate+0x18c/0x300 [ 144.890578][ T8076] ip_mc_add_src+0x3de/0x5f0 [ 144.890600][ T8076] ? should_fail_ex+0xd7/0x270 [ 144.890695][ T8076] ____ip_mc_inc_group+0x167/0x5d0 [ 144.890719][ T8076] __ip_mc_join_group+0x242/0x2c0 [ 144.890809][ T8076] ip_mc_join_group+0x1f/0x30 [ 144.890836][ T8076] ip_mcast_join_leave+0x13c/0x190 [ 144.890965][ T8076] do_ip_setsockopt+0x19b3/0x2290 [ 144.891001][ T8076] ip_setsockopt+0x63/0x100 [ 144.891037][ T8076] udp_setsockopt+0x95/0xb0 [ 144.891144][ T8076] sock_common_setsockopt+0x64/0x80 [ 144.891184][ T8076] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 144.891224][ T8076] __sys_setsockopt+0x187/0x200 [ 144.891326][ T8076] __x64_sys_setsockopt+0x66/0x80 [ 144.891354][ T8076] x64_sys_call+0x2a09/0x2e10 [ 144.891433][ T8076] do_syscall_64+0xc9/0x1a0 [ 144.891533][ T8076] ? clear_bhb_loop+0x25/0x80 [ 144.891558][ T8076] ? clear_bhb_loop+0x25/0x80 [ 144.891584][ T8076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.891611][ T8076] RIP: 0033:0x7f95c4e7e169 [ 144.891630][ T8076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.891652][ T8076] RSP: 002b:00007f95c34e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 144.891689][ T8076] RAX: ffffffffffffffda RBX: 00007f95c50a5fa0 RCX: 00007f95c4e7e169 [ 144.891701][ T8076] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000007 [ 144.891716][ T8076] RBP: 00007f95c34e7090 R08: 0000000000000088 R09: 0000000000000000 [ 144.891730][ T8076] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001 [ 144.891744][ T8076] R13: 0000000000000000 R14: 00007f95c50a5fa0 R15: 00007fff05dbc548 [ 144.891771][ T8076] [ 144.913104][ T8073] 8021q: adding VLAN 0 to HW filter on device bond1 [ 145.161009][ T8083] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link [ 145.191319][ T8089] xt_hashlimit: max too large, truncated to 1048576 [ 145.202000][ T8089] Cannot find set identified by id 0 to match [ 145.209521][ T8089] FAULT_INJECTION: forcing a failure. [ 145.209521][ T8089] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 145.222630][ T8089] CPU: 0 UID: 0 PID: 8089 Comm: syz.3.1562 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 145.222775][ T8089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 145.222788][ T8089] Call Trace: [ 145.222797][ T8089] [ 145.222808][ T8089] dump_stack_lvl+0xf6/0x150 [ 145.222839][ T8089] dump_stack+0x15/0x1a [ 145.222859][ T8089] should_fail_ex+0x261/0x270 [ 145.222889][ T8089] should_fail+0xb/0x10 [ 145.222914][ T8089] should_fail_usercopy+0x1a/0x20 [ 145.222956][ T8089] _copy_to_user+0x20/0xa0 [ 145.223008][ T8089] simple_read_from_buffer+0xb2/0x130 [ 145.223059][ T8089] proc_fail_nth_read+0x103/0x140 [ 145.223093][ T8089] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 145.223132][ T8089] vfs_read+0x1b2/0x710 [ 145.223151][ T8089] ? bpf_trace_run2+0x12c/0x1d0 [ 145.223180][ T8089] ? __rcu_read_unlock+0x4e/0x70 [ 145.223203][ T8089] ? __fget_files+0x186/0x1c0 [ 145.223227][ T8089] ksys_read+0xeb/0x1b0 [ 145.223274][ T8089] __x64_sys_read+0x42/0x50 [ 145.223293][ T8089] x64_sys_call+0x2a3b/0x2e10 [ 145.223317][ T8089] do_syscall_64+0xc9/0x1a0 [ 145.223412][ T8089] ? clear_bhb_loop+0x25/0x80 [ 145.223462][ T8089] ? clear_bhb_loop+0x25/0x80 [ 145.223546][ T8089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.223572][ T8089] RIP: 0033:0x7f95c4e7cb7c [ 145.223590][ T8089] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 145.223607][ T8089] RSP: 002b:00007f95c34e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 145.223625][ T8089] RAX: ffffffffffffffda RBX: 00007f95c50a5fa0 RCX: 00007f95c4e7cb7c [ 145.223638][ T8089] RDX: 000000000000000f RSI: 00007f95c34e70a0 RDI: 0000000000000010 [ 145.223670][ T8089] RBP: 00007f95c34e7090 R08: 0000000000000000 R09: 0000000000000000 [ 145.223685][ T8089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.223699][ T8089] R13: 0000000000000000 R14: 00007f95c50a5fa0 R15: 00007fff05dbc548 [ 145.223795][ T8089] [ 145.461609][ T8095] FAULT_INJECTION: forcing a failure. [ 145.461609][ T8095] name failslab, interval 1, probability 0, space 0, times 0 [ 145.474251][ T8091] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1563'. [ 145.483471][ T8095] CPU: 0 UID: 0 PID: 8095 Comm: syz.2.1565 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 145.483562][ T8095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 145.483577][ T8095] Call Trace: [ 145.483586][ T8095] [ 145.483595][ T8095] dump_stack_lvl+0xf6/0x150 [ 145.483626][ T8095] dump_stack+0x15/0x1a [ 145.483646][ T8095] should_fail_ex+0x261/0x270 [ 145.483724][ T8095] should_failslab+0x8f/0xb0 [ 145.483752][ T8095] __kmalloc_cache_noprof+0x55/0x320 [ 145.483866][ T8095] ? bpf_prog_alloc_no_stats+0xc3/0x390 [ 145.483958][ T8095] ? bpf_prog_alloc_no_stats+0x49/0x390 [ 145.483992][ T8095] bpf_prog_alloc_no_stats+0xc3/0x390 [ 145.484090][ T8095] bpf_prog_alloc+0x3a/0x150 [ 145.484174][ T8095] bpf_prog_load+0x532/0x10e0 [ 145.484224][ T8095] __sys_bpf+0x533/0x800 [ 145.484267][ T8095] __x64_sys_bpf+0x43/0x50 [ 145.484291][ T8095] x64_sys_call+0x23da/0x2e10 [ 145.484330][ T8095] do_syscall_64+0xc9/0x1a0 [ 145.484412][ T8095] ? clear_bhb_loop+0x25/0x80 [ 145.484439][ T8095] ? clear_bhb_loop+0x25/0x80 [ 145.484465][ T8095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.484491][ T8095] RIP: 0033:0x7fb4d059e169 [ 145.484509][ T8095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.484603][ T8095] RSP: 002b:00007fb4cec07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 145.484626][ T8095] RAX: ffffffffffffffda RBX: 00007fb4d07c5fa0 RCX: 00007fb4d059e169 [ 145.484641][ T8095] RDX: 0000000000000094 RSI: 00002000000005c0 RDI: 0000000000000005 [ 145.484656][ T8095] RBP: 00007fb4cec07090 R08: 0000000000000000 R09: 0000000000000000 [ 145.484670][ T8095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.484765][ T8095] R13: 0000000000000000 R14: 00007fb4d07c5fa0 R15: 00007ffd708ecec8 [ 145.484790][ T8095] [ 145.722354][ T8098] loop3: detected capacity change from 0 to 512 [ 145.732570][ T8098] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 145.750830][ T8098] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 145.765334][ T8098] EXT4-fs error (device loop3): ext4_iget_extra_inode:4693: inode #15: comm syz.3.1566: corrupted in-inode xattr: e_value size too large [ 145.782767][ T8098] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.1566: couldn't read orphan inode 15 (err -117) [ 145.799935][ T8098] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.835346][ T8097] netlink: 'syz.3.1566': attribute type 13 has an invalid length. [ 145.843479][ T8097] gretap0: refused to change device tx_queue_len [ 145.849969][ T8097] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 145.898083][ T8115] loop4: detected capacity change from 0 to 512 [ 145.899056][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.921623][ T8115] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.941158][ T8115] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.970660][ T8115] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1571: corrupted inode contents [ 145.990929][ T8115] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1571: mark_inode_dirty error [ 146.004119][ T8121] netlink: 'syz.0.1572': attribute type 13 has an invalid length. [ 146.023078][ T8115] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1571: corrupted inode contents [ 146.032073][ T8128] netlink: 'syz.2.1575': attribute type 1 has an invalid length. [ 146.043549][ T8128] FAULT_INJECTION: forcing a failure. [ 146.043549][ T8128] name failslab, interval 1, probability 0, space 0, times 0 [ 146.056835][ T8128] CPU: 1 UID: 0 PID: 8128 Comm: syz.2.1575 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 146.056915][ T8128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 146.056961][ T8128] Call Trace: [ 146.057047][ T8128] [ 146.057055][ T8128] dump_stack_lvl+0xf6/0x150 [ 146.057081][ T8128] dump_stack+0x15/0x1a [ 146.057098][ T8128] should_fail_ex+0x261/0x270 [ 146.057123][ T8128] should_failslab+0x8f/0xb0 [ 146.057147][ T8128] __kmalloc_noprof+0xad/0x410 [ 146.057175][ T8128] ? alloc_workqueue+0x17d/0x1330 [ 146.057234][ T8128] alloc_workqueue+0x17d/0x1330 [ 146.057262][ T8128] ? snprintf+0x8c/0xb0 [ 146.057295][ T8128] ? bitmap_free+0x15/0x20 [ 146.057414][ T8128] ? bitmap_free+0x15/0x20 [ 146.057443][ T8128] bond_init+0x9f/0x2b0 [ 146.057480][ T8128] ? register_netdevice+0x1fc/0xee0 [ 146.057510][ T8128] register_netdevice+0x297/0xee0 [ 146.057587][ T8128] bond_newlink+0x45/0x90 [ 146.057614][ T8128] ? __pfx_bond_newlink+0x10/0x10 [ 146.057716][ T8128] rtnl_newlink_create+0x1bb/0x640 [ 146.057769][ T8128] ? __mutex_lock+0x1ae/0xa00 [ 146.057801][ T8128] rtnl_newlink+0xf38/0x12d0 [ 146.057869][ T8128] ? xa_load+0xbd/0xe0 [ 146.057895][ T8128] ? cmp_ex_search+0x56/0x70 [ 146.057927][ T8128] ? bsearch+0x98/0xc0 [ 146.057988][ T8128] ? cmp_ex_search+0x56/0x70 [ 146.058014][ T8128] ? __rcu_read_unlock+0x4e/0x70 [ 146.058111][ T8128] ? selinux_capable+0x14f/0x260 [ 146.058144][ T8128] ? selinux_capable+0x1f9/0x260 [ 146.058176][ T8128] ? security_capable+0x81/0x90 [ 146.058201][ T8128] ? ns_capable+0x7d/0xb0 [ 146.058399][ T8128] ? __pfx_rtnl_newlink+0x10/0x10 [ 146.058430][ T8128] rtnetlink_rcv_msg+0x65a/0x740 [ 146.058461][ T8128] ? avc_has_perm_noaudit+0x1cc/0x210 [ 146.058541][ T8128] netlink_rcv_skb+0x12f/0x230 [ 146.058562][ T8128] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 146.058665][ T8128] rtnetlink_rcv+0x1c/0x30 [ 146.058693][ T8128] netlink_unicast+0x605/0x6c0 [ 146.058732][ T8128] netlink_sendmsg+0x609/0x720 [ 146.058758][ T8128] ? __pfx_netlink_sendmsg+0x10/0x10 [ 146.058792][ T8128] __sock_sendmsg+0x140/0x180 [ 146.058826][ T8128] ____sys_sendmsg+0x350/0x4e0 [ 146.058852][ T8128] __sys_sendmsg+0x1a0/0x240 [ 146.058901][ T8128] __x64_sys_sendmsg+0x46/0x50 [ 146.058926][ T8128] x64_sys_call+0x26f3/0x2e10 [ 146.058950][ T8128] do_syscall_64+0xc9/0x1a0 [ 146.058977][ T8128] ? clear_bhb_loop+0x25/0x80 [ 146.059098][ T8128] ? clear_bhb_loop+0x25/0x80 [ 146.059121][ T8128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.059144][ T8128] RIP: 0033:0x7fb4d059e169 [ 146.059159][ T8128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.059215][ T8128] RSP: 002b:00007fb4cec07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 146.059236][ T8128] RAX: ffffffffffffffda RBX: 00007fb4d07c5fa0 RCX: 00007fb4d059e169 [ 146.059249][ T8128] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005 [ 146.059262][ T8128] RBP: 00007fb4cec07090 R08: 0000000000000000 R09: 0000000000000000 [ 146.059275][ T8128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 146.059287][ T8128] R13: 0000000000000000 R14: 00007fb4d07c5fa0 R15: 00007ffd708ecec8 [ 146.059308][ T8128] [ 146.060112][ T8121] gretap0: refused to change device tx_queue_len [ 146.068414][ T8133] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1571: corrupted inode contents [ 146.072672][ T8121] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 146.098000][ T8133] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1571: mark_inode_dirty error [ 146.393467][ T8138] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 146.395170][ T8133] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1571: corrupted inode contents [ 146.406355][ T8138] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 146.423017][ T8133] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.1571: mark_inode_dirty error [ 146.433318][ T8138] vhci_hcd vhci_hcd.0: Device attached [ 146.442154][ T8133] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1571: corrupted inode contents [ 146.457595][ T8142] vhci_hcd: connection closed [ 146.492901][ T1988] vhci_hcd: stop threads [ 146.502277][ T1988] vhci_hcd: release socket [ 146.506842][ T1988] vhci_hcd: disconnect device [ 146.507352][ T8133] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1571: mark_inode_dirty error [ 146.569098][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.580171][ T8147] loop2: detected capacity change from 0 to 1024 [ 146.619429][ T8147] serio: Serial port ptm0 [ 146.678333][ T8152] FAULT_INJECTION: forcing a failure. [ 146.678333][ T8152] name failslab, interval 1, probability 0, space 0, times 0 [ 146.692148][ T8152] CPU: 0 UID: 0 PID: 8152 Comm: syz.3.1582 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 146.692183][ T8152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 146.692200][ T8152] Call Trace: [ 146.692209][ T8152] [ 146.692220][ T8152] dump_stack_lvl+0xf6/0x150 [ 146.692251][ T8152] dump_stack+0x15/0x1a [ 146.692275][ T8152] should_fail_ex+0x261/0x270 [ 146.692303][ T8152] should_failslab+0x8f/0xb0 [ 146.692330][ T8152] kmem_cache_alloc_noprof+0x59/0x340 [ 146.692362][ T8152] ? __kernfs_new_node+0x6d/0x380 [ 146.692478][ T8152] __kernfs_new_node+0x6d/0x380 [ 146.692515][ T8152] ? security_kernfs_init_security+0x21/0x80 [ 146.692619][ T8152] ? up_write+0x35/0xf0 [ 146.692644][ T8152] kernfs_new_node+0xd7/0x150 [ 146.692741][ T8152] __kernfs_create_file+0x49/0x180 [ 146.692783][ T8152] ? __pfx_dev_attr_store+0x10/0x10 [ 146.692810][ T8152] sysfs_add_file_mode_ns+0x136/0x1c0 [ 146.692939][ T8152] internal_create_group+0x467/0xa40 [ 146.692982][ T8152] sysfs_create_group+0x1f/0x30 [ 146.693063][ T8152] loop_configure+0x7bb/0xa30 [ 146.693112][ T8152] lo_ioctl+0x5fa/0x15e0 [ 146.693133][ T8152] ? avc_has_extended_perms+0x6fd/0x8f0 [ 146.693230][ T8152] ? blkdev_common_ioctl+0xb24/0x1a10 [ 146.693261][ T8152] ? do_vfs_ioctl+0x977/0x1570 [ 146.693300][ T8152] ? selinux_file_ioctl+0x2f9/0x380 [ 146.693324][ T8152] ? __pfx_lo_ioctl+0x10/0x10 [ 146.693396][ T8152] blkdev_ioctl+0x35b/0x450 [ 146.693491][ T8152] ? __pfx_blkdev_ioctl+0x10/0x10 [ 146.693592][ T8152] __se_sys_ioctl+0xc9/0x140 [ 146.693629][ T8152] __x64_sys_ioctl+0x43/0x50 [ 146.693665][ T8152] x64_sys_call+0x168d/0x2e10 [ 146.693692][ T8152] do_syscall_64+0xc9/0x1a0 [ 146.693764][ T8152] ? clear_bhb_loop+0x25/0x80 [ 146.693824][ T8152] ? clear_bhb_loop+0x25/0x80 [ 146.693920][ T8152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.693945][ T8152] RIP: 0033:0x7f95c4e7e169 [ 146.693964][ T8152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.693986][ T8152] RSP: 002b:00007f95c34e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 146.694010][ T8152] RAX: ffffffffffffffda RBX: 00007f95c50a5fa0 RCX: 00007f95c4e7e169 [ 146.694070][ T8152] RDX: 00002000000002c0 RSI: 0000000000004c0a RDI: 0000000000000003 [ 146.694088][ T8152] RBP: 00007f95c34e7090 R08: 0000000000000000 R09: 0000000000000000 [ 146.694100][ T8152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.694114][ T8152] R13: 0000000000000000 R14: 00007f95c50a5fa0 R15: 00007fff05dbc548 [ 146.694139][ T8152] [ 146.958302][ T8152] loop9: detected capacity change from 0 to 7 [ 146.962226][ T8153] FAULT_INJECTION: forcing a failure. [ 146.962226][ T8153] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 146.964801][ T8152] Buffer I/O error on dev loop9, logical block 0, async page read [ 146.978091][ T8153] CPU: 0 UID: 0 PID: 8153 Comm: syz.4.1581 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 146.978219][ T8153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 146.978244][ T8153] Call Trace: [ 146.978255][ T8153] [ 146.978268][ T8153] dump_stack_lvl+0xf6/0x150 [ 146.978304][ T8153] dump_stack+0x15/0x1a [ 146.978326][ T8153] should_fail_ex+0x261/0x270 [ 146.978394][ T8153] should_fail+0xb/0x10 [ 146.978533][ T8153] should_fail_usercopy+0x1a/0x20 [ 146.978642][ T8153] _copy_from_user+0x1c/0xa0 [ 146.978682][ T8153] copy_msghdr_from_user+0x54/0x2b0 [ 146.978749][ T8153] ? __sys_sendmmsg+0x246/0x4b0 [ 146.978778][ T8153] ? __sys_sendmmsg+0x246/0x4b0 [ 146.978811][ T8153] __sys_sendmmsg+0x1eb/0x4b0 [ 146.978878][ T8153] __x64_sys_sendmmsg+0x57/0x70 [ 146.979018][ T8153] x64_sys_call+0x2b53/0x2e10 [ 146.979046][ T8153] do_syscall_64+0xc9/0x1a0 [ 146.979080][ T8153] ? clear_bhb_loop+0x25/0x80 [ 146.979112][ T8153] ? clear_bhb_loop+0x25/0x80 [ 146.979141][ T8153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.979234][ T8153] RIP: 0033:0x7f26a871e169 [ 146.979265][ T8153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.979290][ T8153] RSP: 002b:00007f26a6d66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 146.979316][ T8153] RAX: ffffffffffffffda RBX: 00007f26a8946080 RCX: 00007f26a871e169 [ 146.979396][ T8153] RDX: 0000000000000006 RSI: 0000200000004b00 RDI: 0000000000000003 [ 146.979412][ T8153] RBP: 00007f26a6d66090 R08: 0000000000000000 R09: 0000000000000000 [ 146.979427][ T8153] R10: 00000000200040d1 R11: 0000000000000246 R12: 0000000000000001 [ 146.979442][ T8153] R13: 0000000000000000 R14: 00007f26a8946080 R15: 00007ffd9d886188 [ 146.979468][ T8153] [ 147.174716][ T8152] Buffer I/O error on dev loop9, logical block 0, async page read [ 147.183611][ T8152] loop9: unable to read partition table [ 147.189412][ T8152] loop_reread_partitions: partition scan of loop9 (被xڬdƤݡ [ 147.189412][ T8152] U) failed (rc=-5) [ 147.535026][ T8175] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 147.556306][ T36] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 147.583750][ T8180] loop4: detected capacity change from 0 to 1024 [ 147.619534][ T8182] serio: Serial port ptm0 [ 147.629554][ T8178] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1592'. [ 147.640021][ T8178] netlink: 'syz.1.1592': attribute type 1 has an invalid length. [ 147.648054][ T8178] netlink: 'syz.1.1592': attribute type 2 has an invalid length. [ 147.655929][ T8178] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1592'. [ 147.675826][ T8180] serio: Serial port ptm1 [ 147.726332][ T36] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 147.817303][ T8193] loop3: detected capacity change from 0 to 128 [ 147.832872][ T8193] vfat: Unknown parameter '' [ 147.876244][ T8193] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13) [ 147.882919][ T8193] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 147.890838][ T8193] vhci_hcd vhci_hcd.0: Device attached [ 147.960757][ T8195] vhci_hcd: connection closed [ 147.961022][ T51] vhci_hcd: stop threads [ 147.970279][ T51] vhci_hcd: release socket [ 147.974809][ T51] vhci_hcd: disconnect device [ 148.528688][ T8209] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1599'. [ 148.558347][ T8211] FAULT_INJECTION: forcing a failure. [ 148.558347][ T8211] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 148.571486][ T8211] CPU: 0 UID: 0 PID: 8211 Comm: syz.3.1600 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 148.571522][ T8211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 148.571539][ T8211] Call Trace: [ 148.571548][ T8211] [ 148.571560][ T8211] dump_stack_lvl+0xf6/0x150 [ 148.571586][ T8211] dump_stack+0x15/0x1a [ 148.571642][ T8211] should_fail_ex+0x261/0x270 [ 148.571750][ T8211] should_fail+0xb/0x10 [ 148.571777][ T8211] should_fail_usercopy+0x1a/0x20 [ 148.571807][ T8211] _copy_to_iter+0x24e/0xd10 [ 148.571842][ T8211] ? input_devices_seq_show+0x44a/0x460 [ 148.571894][ T8211] ? __virt_addr_valid+0x1ed/0x250 [ 148.571918][ T8211] ? __check_object_size+0x367/0x510 [ 148.572001][ T8211] seq_read_iter+0x7b8/0x970 [ 148.572039][ T8211] seq_read+0x1fa/0x240 [ 148.572082][ T8211] ? __pfx_seq_read+0x10/0x10 [ 148.572108][ T8211] proc_reg_read+0x13f/0x1d0 [ 148.572139][ T8211] vfs_readv+0x3e5/0x660 [ 148.572165][ T8211] ? __pfx_proc_reg_read+0x10/0x10 [ 148.572265][ T8211] __x64_sys_preadv+0xf9/0x1c0 [ 148.572301][ T8211] x64_sys_call+0x1410/0x2e10 [ 148.572329][ T8211] do_syscall_64+0xc9/0x1a0 [ 148.572361][ T8211] ? clear_bhb_loop+0x25/0x80 [ 148.572388][ T8211] ? clear_bhb_loop+0x25/0x80 [ 148.572430][ T8211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.572456][ T8211] RIP: 0033:0x7f95c4e7e169 [ 148.572475][ T8211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.572497][ T8211] RSP: 002b:00007f95c34e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 148.572521][ T8211] RAX: ffffffffffffffda RBX: 00007f95c50a5fa0 RCX: 00007f95c4e7e169 [ 148.572536][ T8211] RDX: 0000000000000001 RSI: 00002000000015c0 RDI: 0000000000000003 [ 148.572589][ T8211] RBP: 00007f95c34e7090 R08: 0000000000000003 R09: 0000000000000000 [ 148.572604][ T8211] R10: 00000000000000f0 R11: 0000000000000246 R12: 0000000000000001 [ 148.572619][ T8211] R13: 0000000000000000 R14: 00007f95c50a5fa0 R15: 00007fff05dbc548 [ 148.572644][ T8211] [ 148.887800][ T29] kauditd_printk_skb: 254 callbacks suppressed [ 148.887819][ T29] audit: type=1400 audit(1745342137.452:3856): avc: denied { mac_admin } for pid=8207 comm="syz.1.1599" capability=33 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 148.915456][ T29] audit: type=1400 audit(1745342137.452:3857): avc: denied { relabelto } for pid=8207 comm="syz.1.1599" name="315" dev="tmpfs" ino=1724 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 148.942725][ T29] audit: type=1400 audit(1745342137.452:3858): avc: denied { associate } for pid=8207 comm="syz.1.1599" name="315" dev="tmpfs" ino=1724 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0" [ 149.076202][ T29] audit: type=1400 audit(1745342137.452:3859): avc: denied { write } for pid=8207 comm="syz.1.1599" name="315" dev="tmpfs" ino=1724 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 149.103133][ T29] audit: type=1400 audit(1745342137.452:3860): avc: denied { add_name } for pid=8207 comm="syz.1.1599" name="cpuset.effective_cpus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0" [ 149.129771][ T29] audit: type=1400 audit(1745342137.452:3861): avc: denied { associate } for pid=8207 comm="syz.1.1599" name="cpuset.effective_cpus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 149.251462][ T8230] loop3: detected capacity change from 0 to 512 [ 149.258241][ T29] audit: type=1326 audit(1745342137.702:3862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8219 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c4e7e169 code=0x7ffc0000 [ 149.282801][ T29] audit: type=1326 audit(1745342137.702:3863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8219 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c4e7e169 code=0x7ffc0000 [ 149.288385][ T8230] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 149.307228][ T29] audit: type=1326 audit(1745342137.702:3864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8219 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f95c4e7cc1f code=0x7ffc0000 [ 149.339345][ T29] audit: type=1326 audit(1745342137.702:3865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8219 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c4e7e169 code=0x7ffc0000 [ 149.343210][ T8232] serio: Serial port ptm0 [ 149.398061][ T8230] EXT4-fs (loop3): invalid journal inode [ 149.403946][ T8230] EXT4-fs (loop3): can't get journal size [ 149.433386][ T8230] EXT4-fs (loop3): 1 truncate cleaned up [ 149.441930][ T8230] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 149.479113][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.596817][ T8238] loop3: detected capacity change from 0 to 128 [ 149.633044][ T8238] vfat: Unknown parameter '' [ 149.649986][ T8238] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13) [ 149.656801][ T8238] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 149.664533][ T8238] vhci_hcd vhci_hcd.0: Device attached [ 149.691835][ T8239] vhci_hcd: connection closed [ 149.692251][ T31] vhci_hcd: stop threads [ 149.701305][ T31] vhci_hcd: release socket [ 149.705824][ T31] vhci_hcd: disconnect device [ 149.977388][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1611'. [ 150.254501][ T8252] FAULT_INJECTION: forcing a failure. [ 150.254501][ T8252] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 150.267973][ T8252] CPU: 0 UID: 0 PID: 8252 Comm: syz.3.1616 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 150.268085][ T8252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 150.268102][ T8252] Call Trace: [ 150.268111][ T8252] [ 150.268121][ T8252] dump_stack_lvl+0xf6/0x150 [ 150.268153][ T8252] dump_stack+0x15/0x1a [ 150.268174][ T8252] should_fail_ex+0x261/0x270 [ 150.268202][ T8252] should_fail+0xb/0x10 [ 150.268233][ T8252] should_fail_usercopy+0x1a/0x20 [ 150.268375][ T8252] _copy_from_user+0x1c/0xa0 [ 150.268412][ T8252] ucma_write+0xdc/0x250 [ 150.268444][ T8252] ? __pfx_ucma_write+0x10/0x10 [ 150.268467][ T8252] vfs_write+0x295/0x950 [ 150.268524][ T8252] ? putname+0xe1/0x100 [ 150.268603][ T8252] ? __fget_files+0x186/0x1c0 [ 150.268643][ T8252] ksys_write+0xeb/0x1b0 [ 150.268713][ T8252] __x64_sys_write+0x42/0x50 [ 150.268734][ T8252] x64_sys_call+0x2a45/0x2e10 [ 150.268762][ T8252] do_syscall_64+0xc9/0x1a0 [ 150.268795][ T8252] ? clear_bhb_loop+0x25/0x80 [ 150.268830][ T8252] ? clear_bhb_loop+0x25/0x80 [ 150.268879][ T8252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.268950][ T8252] RIP: 0033:0x7f95c4e7e169 [ 150.269030][ T8252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.269047][ T8252] RSP: 002b:00007f95c34e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 150.269067][ T8252] RAX: ffffffffffffffda RBX: 00007f95c50a5fa0 RCX: 00007f95c4e7e169 [ 150.269082][ T8252] RDX: 00000000000000a0 RSI: 0000200000000980 RDI: 0000000000000004 [ 150.269098][ T8252] RBP: 00007f95c34e7090 R08: 0000000000000000 R09: 0000000000000000 [ 150.269168][ T8252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 150.269181][ T8252] R13: 0000000000000000 R14: 00007f95c50a5fa0 R15: 00007fff05dbc548 [ 150.269206][ T8252] [ 150.271244][ T8250] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1615'. [ 150.475813][ T8250] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1615'. [ 150.493500][ T8250] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1615'. [ 150.515448][ T8260] loop3: detected capacity change from 0 to 512 [ 150.553329][ T8260] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 150.593167][ T8260] EXT4-fs (loop3): invalid journal inode [ 150.599641][ T8260] EXT4-fs (loop3): can't get journal size [ 150.641959][ T8260] EXT4-fs (loop3): 1 truncate cleaned up [ 150.667017][ T8260] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 150.779385][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.827375][ T8270] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1623'. [ 150.890709][ T8278] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1627'. [ 150.900525][ T8278] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1627'. [ 150.905970][ T8281] loop3: detected capacity change from 0 to 512 [ 150.917002][ T8278] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1627'. [ 150.928281][ T8281] EXT4-fs error (device loop3): ext4_orphan_get:1416: comm syz.3.1624: bad orphan inode 15 [ 150.936900][ T8278] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1627'. [ 150.939626][ T8281] ext4_test_bit(bit=14, block=18) = 1 [ 150.952929][ T8281] is_bad_inode(inode)=0 [ 150.957248][ T8281] NEXT_ORPHAN(inode)=1023 [ 150.961792][ T8281] max_ino=32 [ 150.965009][ T8281] i_nlink=0 [ 151.066385][ T8281] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #15: comm syz.3.1624: corrupted xattr block 19: invalid header [ 151.112956][ T8297] FAULT_INJECTION: forcing a failure. [ 151.112956][ T8297] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 151.124561][ T8281] EXT4-fs warning (device loop3): ext4_evict_inode:279: xattr delete (err -117) [ 151.126250][ T8297] CPU: 0 UID: 0 PID: 8297 Comm: syz.2.1633 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 151.126336][ T8297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 151.126353][ T8297] Call Trace: [ 151.126362][ T8297] [ 151.126373][ T8297] dump_stack_lvl+0xf6/0x150 [ 151.126476][ T8297] dump_stack+0x15/0x1a [ 151.126497][ T8297] should_fail_ex+0x261/0x270 [ 151.126608][ T8297] should_fail+0xb/0x10 [ 151.126633][ T8297] should_fail_usercopy+0x1a/0x20 [ 151.126665][ T8297] _copy_from_user+0x1c/0xa0 [ 151.126703][ T8297] kstrtouint_from_user+0x84/0x100 [ 151.126755][ T8297] ? 0xffffffff81000000 [ 151.126770][ T8297] ? selinux_file_permission+0x22d/0x360 [ 151.126800][ T8297] proc_fail_nth_write+0x54/0x160 [ 151.126843][ T8297] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 151.126962][ T8297] vfs_write+0x295/0x950 [ 151.126986][ T8297] ? __fget_files+0x186/0x1c0 [ 151.127016][ T8297] ksys_write+0xeb/0x1b0 [ 151.127041][ T8297] __x64_sys_write+0x42/0x50 [ 151.127066][ T8297] x64_sys_call+0x2a45/0x2e10 [ 151.127100][ T8297] do_syscall_64+0xc9/0x1a0 [ 151.127151][ T8297] ? clear_bhb_loop+0x25/0x80 [ 151.127178][ T8297] ? clear_bhb_loop+0x25/0x80 [ 151.127206][ T8297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.127232][ T8297] RIP: 0033:0x7fb4d059cc1f [ 151.127249][ T8297] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 151.127296][ T8297] RSP: 002b:00007fb4cec07030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 151.127348][ T8297] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb4d059cc1f [ 151.127365][ T8297] RDX: 0000000000000001 RSI: 00007fb4cec070a0 RDI: 0000000000000007 [ 151.127414][ T8297] RBP: 00007fb4cec07090 R08: 0000000000000000 R09: 0000000000000000 [ 151.127429][ T8297] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 151.127443][ T8297] R13: 0000000000000000 R14: 00007fb4d07c5fa0 R15: 00007ffd708ecec8 [ 151.127467][ T8297] [ 151.182975][ T8300] loop2: detected capacity change from 0 to 512 [ 151.191147][ T8281] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 151.221648][ T8300] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 151.248126][ T8281] ext4 filesystem being mounted at /317/qY3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 151.251651][ T8300] EXT4-fs (loop2): invalid journal inode [ 151.385648][ T8300] EXT4-fs (loop2): can't get journal size [ 151.392981][ T8300] EXT4-fs (loop2): 1 truncate cleaned up [ 151.393062][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 151.399460][ T8300] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.420009][ C0] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17 [ 151.470752][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.560764][ T8323] tipc: Started in network mode [ 151.565808][ T8323] tipc: Node identity , cluster identity 4711 [ 151.572060][ T8323] tipc: Failed to obtain node identity [ 151.577921][ T8323] tipc: Enabling of bearer rejected, failed to enable media [ 151.589682][ T8325] loop2: detected capacity change from 0 to 128 [ 151.590068][ T8323] infiniband srz1: RDMA CMA: cma_listen_on_dev, error -98 [ 151.634496][ T8327] netlink: 'syz.0.1644': attribute type 13 has an invalid length. [ 151.642556][ T8327] gretap0: refused to change device tx_queue_len [ 151.649032][ T8327] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 151.694332][ T8332] loop2: detected capacity change from 0 to 512 [ 151.702572][ T8332] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.1646: bad orphan inode 15 [ 151.713719][ T8332] ext4_test_bit(bit=14, block=18) = 1 [ 151.720056][ T8332] is_bad_inode(inode)=0 [ 151.724392][ T8332] NEXT_ORPHAN(inode)=1023 [ 151.728789][ T8332] max_ino=32 [ 151.732008][ T8332] i_nlink=0 [ 151.735314][ T8332] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2962: inode #15: comm syz.2.1646: corrupted xattr block 19: invalid header [ 151.749682][ T8332] EXT4-fs warning (device loop2): ext4_evict_inode:279: xattr delete (err -117) [ 151.760453][ T8332] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 151.773335][ T8332] ext4 filesystem being mounted at /343/qY3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 151.801078][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 151.815012][ T8339] FAULT_INJECTION: forcing a failure. [ 151.815012][ T8339] name failslab, interval 1, probability 0, space 0, times 0 [ 151.827719][ T8339] CPU: 1 UID: 0 PID: 8339 Comm: syz.0.1650 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 151.827746][ T8339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 151.827761][ T8339] Call Trace: [ 151.827769][ T8339] [ 151.827778][ T8339] dump_stack_lvl+0xf6/0x150 [ 151.827847][ T8339] dump_stack+0x15/0x1a [ 151.827862][ T8339] should_fail_ex+0x261/0x270 [ 151.827890][ T8339] should_failslab+0x8f/0xb0 [ 151.827925][ T8339] __kmalloc_cache_noprof+0x55/0x320 [ 151.828000][ T8339] ? sctp_add_bind_addr+0x6f/0x1f0 [ 151.828027][ T8339] sctp_add_bind_addr+0x6f/0x1f0 [ 151.828052][ T8339] sctp_copy_local_addr_list+0x19d/0x220 [ 151.828087][ T8339] sctp_copy_one_addr+0x82/0x270 [ 151.828117][ T8339] sctp_bind_addr_copy+0x81/0x2b0 [ 151.828159][ T8339] sctp_assoc_set_bind_addr_from_ep+0xc0/0xd0 [ 151.828182][ T8339] sctp_connect_new_asoc+0x1df/0x3c0 [ 151.828217][ T8339] __sctp_connect+0x43e/0x7c0 [ 151.828260][ T8339] sctp_getsockopt_connectx3+0x22a/0x310 [ 151.828375][ T8339] sctp_getsockopt+0x805/0xab0 [ 151.828410][ T8339] sock_common_getsockopt+0x5b/0x70 [ 151.828450][ T8339] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 151.828482][ T8339] do_sock_getsockopt+0x1fc/0x290 [ 151.828513][ T8339] __x64_sys_getsockopt+0x13f/0x1c0 [ 151.828543][ T8339] x64_sys_call+0x128f/0x2e10 [ 151.828611][ T8339] do_syscall_64+0xc9/0x1a0 [ 151.828691][ T8339] ? clear_bhb_loop+0x25/0x80 [ 151.828717][ T8339] ? clear_bhb_loop+0x25/0x80 [ 151.828744][ T8339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.828768][ T8339] RIP: 0033:0x7fddbb80e169 [ 151.828782][ T8339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.828897][ T8339] RSP: 002b:00007fddb9e77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 151.828914][ T8339] RAX: ffffffffffffffda RBX: 00007fddbba35fa0 RCX: 00007fddbb80e169 [ 151.828926][ T8339] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000008 [ 151.828936][ T8339] RBP: 00007fddb9e77090 R08: 0000200000000180 R09: 0000000000000000 [ 151.828950][ T8339] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000002 [ 151.828965][ T8339] R13: 0000000000000000 R14: 00007fddbba35fa0 R15: 00007ffec273ccb8 [ 151.828996][ T8339] [ 151.854050][ T8343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 152.074117][ T8343] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 152.085094][ T8343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 152.094179][ T8343] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 152.127201][ T8350] loop4: detected capacity change from 0 to 512 [ 152.150769][ T8350] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 152.164327][ T8350] ext4 filesystem being mounted at /294/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.178264][ T8350] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1654: corrupted inode contents [ 152.191064][ T8350] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1654: mark_inode_dirty error [ 152.195027][ T8355] netlink: 'syz.0.1656': attribute type 13 has an invalid length. [ 152.204586][ T8350] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1654: corrupted inode contents [ 152.210962][ T8355] gretap0: refused to change device tx_queue_len [ 152.227493][ T8350] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1654: corrupted inode contents [ 152.229075][ T8355] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 152.242738][ T8350] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1654: mark_inode_dirty error [ 152.268683][ T8350] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1654: corrupted inode contents [ 152.281267][ T8350] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.1654: mark_inode_dirty error [ 152.294505][ T8350] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1654: corrupted inode contents [ 152.308192][ T8350] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1654: mark_inode_dirty error [ 152.335833][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.377154][ T8365] loop3: detected capacity change from 0 to 512 [ 152.407891][ T8365] EXT4-fs error (device loop3): ext4_orphan_get:1416: comm syz.3.1660: bad orphan inode 15 [ 152.418399][ T8365] ext4_test_bit(bit=14, block=18) = 1 [ 152.423822][ T8365] is_bad_inode(inode)=0 [ 152.428040][ T8365] NEXT_ORPHAN(inode)=1023 [ 152.432584][ T8365] max_ino=32 [ 152.435808][ T8365] i_nlink=0 [ 152.447098][ T8365] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #15: comm syz.3.1660: corrupted xattr block 19: invalid header [ 152.480160][ T8365] EXT4-fs warning (device loop3): ext4_evict_inode:279: xattr delete (err -117) [ 152.492393][ T8365] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 152.505688][ T8365] ext4 filesystem being mounted at /320/qY3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 152.532839][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 152.592634][ T8380] FAULT_INJECTION: forcing a failure. [ 152.592634][ T8380] name failslab, interval 1, probability 0, space 0, times 0 [ 152.605395][ T8380] CPU: 1 UID: 0 PID: 8380 Comm: syz.0.1665 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 152.605427][ T8380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 152.605464][ T8380] Call Trace: [ 152.605474][ T8380] [ 152.605484][ T8380] dump_stack_lvl+0xf6/0x150 [ 152.605514][ T8380] dump_stack+0x15/0x1a [ 152.605534][ T8380] should_fail_ex+0x261/0x270 [ 152.605567][ T8380] should_failslab+0x8f/0xb0 [ 152.605596][ T8380] kmem_cache_alloc_noprof+0x59/0x340 [ 152.605645][ T8380] ? dst_alloc+0xc0/0x100 [ 152.605667][ T8380] dst_alloc+0xc0/0x100 [ 152.605750][ T8380] ip_route_input_rcu+0x1823/0x1d40 [ 152.605800][ T8380] ip_route_input_noref+0x62/0xa0 [ 152.605830][ T8380] ip_rcv_finish_core+0x310/0xb40 [ 152.605921][ T8380] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 152.605942][ T8380] ip_sublist_rcv+0x1f4/0x650 [ 152.605963][ T8380] ? __pfx_ip_rcv_finish+0x10/0x10 [ 152.605982][ T8380] ip_list_rcv+0x25f/0x290 [ 152.606008][ T8380] ? __pfx_ip_list_rcv+0x10/0x10 [ 152.606032][ T8380] __netif_receive_skb_list_core+0x4f4/0x520 [ 152.606067][ T8380] netif_receive_skb_list_internal+0x4e6/0x670 [ 152.606106][ T8380] netif_receive_skb_list+0x31/0x230 [ 152.606138][ T8380] bpf_test_run_xdp_live+0xe17/0x1050 [ 152.606179][ T8380] ? synchronize_rcu_expedited+0x6d5/0x790 [ 152.606216][ T8380] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 152.606247][ T8380] ? bpf_test_run_xdp_live+0x2b3/0x1050 [ 152.606289][ T8380] bpf_prog_test_run_xdp+0x526/0x8e0 [ 152.606309][ T8380] ? __rcu_read_unlock+0x4e/0x70 [ 152.606332][ T8380] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 152.606417][ T8380] bpf_prog_test_run+0x20e/0x3a0 [ 152.606451][ T8380] __sys_bpf+0x440/0x800 [ 152.606486][ T8380] __x64_sys_bpf+0x43/0x50 [ 152.606590][ T8380] x64_sys_call+0x23da/0x2e10 [ 152.606612][ T8380] do_syscall_64+0xc9/0x1a0 [ 152.606650][ T8380] ? clear_bhb_loop+0x25/0x80 [ 152.606671][ T8380] ? clear_bhb_loop+0x25/0x80 [ 152.606692][ T8380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.606713][ T8380] RIP: 0033:0x7fddbb80e169 [ 152.606728][ T8380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.606747][ T8380] RSP: 002b:00007fddb9e77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 152.606782][ T8380] RAX: ffffffffffffffda RBX: 00007fddbba35fa0 RCX: 00007fddbb80e169 [ 152.606794][ T8380] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 152.606807][ T8380] RBP: 00007fddb9e77090 R08: 0000000000000000 R09: 0000000000000000 [ 152.606819][ T8380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 152.606830][ T8380] R13: 0000000000000000 R14: 00007fddbba35fa0 R15: 00007ffec273ccb8 [ 152.606849][ T8380] [ 152.914239][ T8382] loop4: detected capacity change from 0 to 128 [ 152.922512][ T8382] vfat: Unknown parameter '' [ 152.932116][ T8382] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(13) [ 152.938794][ T8382] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 152.946662][ T8382] vhci_hcd vhci_hcd.0: Device attached [ 152.953476][ T8388] vhci_hcd: connection closed [ 152.955503][ T51] vhci_hcd: stop threads [ 152.964565][ T51] vhci_hcd: release socket [ 152.969018][ T51] vhci_hcd: disconnect device [ 153.104095][ T8399] loop3: detected capacity change from 0 to 512 [ 153.112797][ T8399] EXT4-fs error (device loop3): ext4_orphan_get:1416: comm syz.3.1672: bad orphan inode 15 [ 153.124007][ T8399] ext4_test_bit(bit=14, block=18) = 1 [ 153.129564][ T8399] is_bad_inode(inode)=0 [ 153.133791][ T8399] NEXT_ORPHAN(inode)=1023 [ 153.138233][ T8399] max_ino=32 [ 153.141485][ T8399] i_nlink=0 [ 153.145517][ T8399] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #15: comm syz.3.1672: corrupted xattr block 19: invalid header [ 153.160217][ T8399] EXT4-fs warning (device loop3): ext4_evict_inode:279: xattr delete (err -117) [ 153.170171][ T8399] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 153.183756][ T8399] ext4 filesystem being mounted at /324/qY3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 153.205406][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 153.219572][ T8407] xt_TPROXY: Can be used only with -p tcp or -p udp [ 153.452220][ T8409] Illegal XDP return value 4291170304 on prog (id 1333) dev N/A, expect packet loss! [ 153.484229][ T8411] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 153.595723][ T8421] 9pnet_fd: Insufficient options for proto=fd [ 153.690603][ T8428] cgroup: Unknown subsys name 'mask' [ 153.721257][ T8434] __nla_validate_parse: 8 callbacks suppressed [ 153.721273][ T8434] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1686'. [ 153.737426][ T8433] loop2: detected capacity change from 0 to 2048 [ 153.749179][ T8434] loop3: detected capacity change from 0 to 128 [ 153.756297][ T8434] vfat: Unknown parameter '' [ 153.764712][ T8434] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13) [ 153.771386][ T8434] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 153.779831][ T8434] vhci_hcd vhci_hcd.0: Device attached [ 153.786490][ T8437] vhci_hcd: connection closed [ 153.789165][ T12] vhci_hcd: stop threads [ 153.790961][ T8433] Alternate GPT is invalid, using primary GPT. [ 153.793897][ T12] vhci_hcd: release socket [ 153.798247][ T8433] loop2: p1 p2 p3 [ 153.804359][ T12] vhci_hcd: disconnect device [ 153.821309][ T8433] program syz.2.1685 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 153.929242][ T8444] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13) [ 153.935940][ T8444] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 153.943689][ T8444] vhci_hcd vhci_hcd.0: Device attached [ 153.950413][ T8445] vhci_hcd: connection closed [ 153.950779][ T12] vhci_hcd: stop threads [ 153.959987][ T12] vhci_hcd: release socket [ 153.964439][ T12] vhci_hcd: disconnect device [ 154.061733][ T8451] SELinux: syz.0.1691 (8451) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 154.115962][ T29] kauditd_printk_skb: 276 callbacks suppressed [ 154.115981][ T29] audit: type=1400 audit(1745342142.672:4142): avc: denied { mount } for pid=8458 comm="syz.2.1692" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 154.116907][ T8459] FAULT_INJECTION: forcing a failure. [ 154.116907][ T8459] name failslab, interval 1, probability 0, space 0, times 0 [ 154.158557][ T8459] CPU: 1 UID: 0 PID: 8459 Comm: syz.2.1692 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 154.158589][ T8459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 154.158601][ T8459] Call Trace: [ 154.158607][ T8459] [ 154.158666][ T8459] dump_stack_lvl+0xf6/0x150 [ 154.158696][ T8459] dump_stack+0x15/0x1a [ 154.158723][ T8459] should_fail_ex+0x261/0x270 [ 154.158806][ T8459] should_failslab+0x8f/0xb0 [ 154.158828][ T8459] kmem_cache_alloc_noprof+0x59/0x340 [ 154.158857][ T8459] ? p9_client_prepare_req+0xf3/0x890 [ 154.158881][ T8459] p9_client_prepare_req+0xf3/0x890 [ 154.158917][ T8459] ? avc_has_perm_noaudit+0x1cc/0x210 [ 154.158948][ T8459] ? delete_node+0x40e/0x460 [ 154.158969][ T8459] p9_client_rpc+0xf5/0x700 [ 154.158998][ T8459] ? __radix_tree_replace+0x1c1/0x1f0 [ 154.159019][ T8459] ? radix_tree_iter_tag_clear+0x115/0x180 [ 154.159138][ T8459] ? idr_alloc_u32+0x129/0x180 [ 154.159168][ T8459] p9_client_attach+0xd3/0x270 [ 154.159203][ T8459] v9fs_fid_lookup+0x430/0xa20 [ 154.159231][ T8459] v9fs_vfs_getattr+0x131/0x270 [ 154.159314][ T8459] vfs_getattr_nosec+0x141/0x1d0 [ 154.159340][ T8459] vfs_statx+0x145/0x2f0 [ 154.159369][ T8459] __se_sys_newstat+0x6a/0x280 [ 154.159401][ T8459] ? __pfx___bpf_trace_sys_enter+0x10/0x10 [ 154.159426][ T8459] ? __bpf_trace_sys_enter+0x10/0x30 [ 154.159453][ T8459] ? __traceiter_sys_enter+0x5b/0x80 [ 154.159476][ T8459] ? trace_sys_enter+0xcd/0x110 [ 154.159529][ T8459] __x64_sys_newstat+0x31/0x40 [ 154.159621][ T8459] x64_sys_call+0x6f3/0x2e10 [ 154.159643][ T8459] do_syscall_64+0xc9/0x1a0 [ 154.159668][ T8459] ? clear_bhb_loop+0x25/0x80 [ 154.159690][ T8459] ? clear_bhb_loop+0x25/0x80 [ 154.159717][ T8459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.159763][ T8459] RIP: 0033:0x7fb4d059e169 [ 154.159778][ T8459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.159796][ T8459] RSP: 002b:00007fb4cec07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 154.159814][ T8459] RAX: ffffffffffffffda RBX: 00007fb4d07c5fa0 RCX: 00007fb4d059e169 [ 154.159827][ T8459] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0 [ 154.159839][ T8459] RBP: 00007fb4cec07090 R08: 0000000000000000 R09: 0000000000000000 [ 154.159850][ T8459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.159941][ T8459] R13: 0000000000000000 R14: 00007fb4d07c5fa0 R15: 00007ffd708ecec8 [ 154.159961][ T8459] [ 154.428511][ T29] audit: type=1400 audit(1745342142.992:4143): avc: denied { unmount } for pid=3306 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 154.463967][ T29] audit: type=1326 audit(1745342143.022:4144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8470 comm="syz.0.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddbb80e169 code=0x7ffc0000 [ 154.488482][ T29] audit: type=1326 audit(1745342143.022:4145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8470 comm="syz.0.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddbb80e169 code=0x7ffc0000 [ 154.512069][ T29] audit: type=1326 audit(1745342143.022:4146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8470 comm="syz.0.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fddbb80e169 code=0x7ffc0000 [ 154.535789][ T29] audit: type=1326 audit(1745342143.022:4147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8470 comm="syz.0.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddbb80e169 code=0x7ffc0000 [ 154.559576][ T29] audit: type=1326 audit(1745342143.022:4148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8470 comm="syz.0.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddbb80e169 code=0x7ffc0000 [ 154.583626][ T29] audit: type=1326 audit(1745342143.022:4149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8470 comm="syz.0.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fddbb80e169 code=0x7ffc0000 [ 154.606988][ T29] audit: type=1326 audit(1745342143.022:4150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8470 comm="syz.0.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddbb80e169 code=0x7ffc0000 [ 154.631275][ T29] audit: type=1326 audit(1745342143.022:4151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8470 comm="syz.0.1697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fddbb80e169 code=0x7ffc0000 [ 154.680154][ T8477] loop4: detected capacity change from 0 to 512 [ 154.707008][ T8474] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 154.768394][ T8484] FAULT_INJECTION: forcing a failure. [ 154.768394][ T8484] name failslab, interval 1, probability 0, space 0, times 0 [ 154.781247][ T8484] CPU: 1 UID: 0 PID: 8484 Comm: syz.2.1702 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 154.781285][ T8484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 154.781322][ T8484] Call Trace: [ 154.781331][ T8484] [ 154.781342][ T8484] dump_stack_lvl+0xf6/0x150 [ 154.781414][ T8484] dump_stack+0x15/0x1a [ 154.781433][ T8484] should_fail_ex+0x261/0x270 [ 154.781466][ T8484] should_failslab+0x8f/0xb0 [ 154.781496][ T8484] kmem_cache_alloc_noprof+0x59/0x340 [ 154.781532][ T8484] ? audit_log_start+0x37f/0x6e0 [ 154.781620][ T8484] audit_log_start+0x37f/0x6e0 [ 154.781718][ T8484] ? kstrtouint+0x7b/0xc0 [ 154.781743][ T8484] audit_seccomp+0x49/0x100 [ 154.781771][ T8484] __seccomp_filter+0x694/0x10e0 [ 154.781799][ T8484] ? vfs_write+0x669/0x950 [ 154.781865][ T8484] ? putname+0xe1/0x100 [ 154.781902][ T8484] __secure_computing+0x7e/0x150 [ 154.781937][ T8484] syscall_trace_enter+0xcf/0x1f0 [ 154.781966][ T8484] ? fpregs_assert_state_consistent+0x83/0xa0 [ 154.782002][ T8484] do_syscall_64+0xaa/0x1a0 [ 154.782056][ T8484] ? clear_bhb_loop+0x25/0x80 [ 154.782082][ T8484] ? clear_bhb_loop+0x25/0x80 [ 154.782102][ T8484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.782145][ T8484] RIP: 0033:0x7fb4d059e169 [ 154.782163][ T8484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.782185][ T8484] RSP: 002b:00007fb4cec07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000064 [ 154.782209][ T8484] RAX: ffffffffffffffda RBX: 00007fb4d07c5fa0 RCX: 00007fb4d059e169 [ 154.782225][ T8484] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff [ 154.782240][ T8484] RBP: 00007fb4cec07090 R08: 0000000000000000 R09: 0000000000000000 [ 154.782255][ T8484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.782320][ T8484] R13: 0000000000000000 R14: 00007fb4d07c5fa0 R15: 00007ffd708ecec8 [ 154.782351][ T8484] [ 154.988027][ T8477] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.006904][ T8477] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 155.047534][ T8477] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1699: corrupted inode contents [ 155.081607][ T8477] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1699: mark_inode_dirty error [ 155.127131][ T8477] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1699: corrupted inode contents [ 155.143689][ T8501] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1699: corrupted inode contents [ 155.158364][ T8501] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1699: mark_inode_dirty error [ 155.171299][ T8501] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1699: corrupted inode contents [ 155.184651][ T8501] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.1699: mark_inode_dirty error [ 155.226691][ T8501] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #2: comm syz.4.1699: corrupted inode contents [ 155.246366][ T8501] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #2: comm syz.4.1699: mark_inode_dirty error [ 155.524849][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.014669][ T8530] syzkaller1: entered promiscuous mode [ 157.020249][ T8530] syzkaller1: entered allmulticast mode [ 157.262905][ T8538] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1718'. [ 157.306020][ T8540] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 157.379798][ T8540] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 157.391634][ T8543] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 157.413397][ T8543] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 158.078772][ T8564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 158.189587][ T8564] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 158.626096][ T8593] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 158.666844][ T8593] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 159.517151][ T29] kauditd_printk_skb: 94 callbacks suppressed [ 159.517171][ T29] audit: type=1326 audit(1745342147.932:4244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8607 comm="syz.4.1744" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f26a871e169 code=0x0 [ 160.815209][ T29] audit: type=1400 audit(1745342148.832:4245): avc: denied { map } for pid=8617 comm="syz.3.1745" path="socket:[21299]" dev="sockfs" ino=21299 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 161.400350][ T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1) [ 161.420491][ T29] audit: type=1400 audit(1745342149.962:4246): avc: denied { mounton } for pid=8630 comm="syz.3.1749" path=2F3333392FE91F7189591E9233614B dev="tmpfs" ino=1862 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 162.672262][ T29] audit: type=1400 audit(1745342151.232:4247): avc: denied { name_bind } for pid=8655 comm="syz.4.1757" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 162.930342][ T8674] ALSA: seq fatal error: cannot create timer (-16) [ 163.053726][ T8675] infiniband syz!: set down [ 163.058948][ T8675] infiniband syz!: added team_slave_0 [ 163.098006][ T8675] RDS/IB: syz!: added [ 163.102070][ T8675] smc: adding ib device syz! with port count 1 [ 163.108374][ T8675] smc: ib device syz! port 1 has pnetid [ 163.576211][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 163.720678][ T8680] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1763'. [ 163.977718][ T8680] netlink: 'syz.4.1763': attribute type 1 has an invalid length. [ 164.141806][ T8688] usb usb8: usbfs: process 8688 (syz.3.1766) did not claim interface 0 before use [ 164.392328][ T36] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 164.402170][ T8694] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 164.499564][ T36] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 164.506390][ T8694] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.531366][ T8696] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 164.559179][ T8696] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.573883][ T8700] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 164.584747][ T8700] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.732129][ T8708] tipc: Started in network mode [ 164.737105][ T8708] tipc: Node identity 6, cluster identity 4711 [ 164.743307][ T8708] tipc: Node number set to 6 [ 165.423671][ T8728] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1781'. [ 165.444468][ T8723] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 165.506251][ T8723] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 165.539012][ T8728] vlan2: entered promiscuous mode [ 165.544170][ T8728] batadv0: entered promiscuous mode [ 165.880595][ T29] audit: type=1400 audit(1745342154.442:4248): avc: denied { read } for pid=8733 comm="syz.2.1784" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 166.031868][ T8746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 166.041617][ T8746] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 166.245307][ T8753] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 166.255130][ T8753] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 167.071556][ T8767] usb usb8: usbfs: process 8767 (syz.4.1796) did not claim interface 0 before use [ 167.097175][ T8771] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1798'. [ 167.112161][ T8771] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 167.120946][ T8771] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 167.129291][ T8771] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 167.137694][ T8771] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 167.148358][ T8771] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 167.157048][ T8771] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 167.165825][ T8771] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 167.174369][ T8771] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 167.194427][ T8778] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1801'. [ 167.365361][ T8791] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.375385][ T8791] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 167.405197][ T8794] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.414908][ T8794] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 168.415801][ T8808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 168.428389][ T8808] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 168.463317][ T29] audit: type=1400 audit(1745342157.022:4249): avc: denied { name_connect } for pid=8816 comm="syz.0.1816" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1 [ 168.515609][ T29] audit: type=1400 audit(1745342157.072:4250): avc: denied { create } for pid=8823 comm="syz.1.1819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 168.549644][ T29] audit: type=1400 audit(1745342157.112:4251): avc: denied { read } for pid=8816 comm="syz.0.1816" laddr=127.0.0.1 lport=60150 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 169.388013][ T8844] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 169.397897][ T8844] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 169.496400][ T8846] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 169.505017][ T8846] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 170.775791][ T29] audit: type=1400 audit(1745342159.222:4252): avc: denied { getopt } for pid=8860 comm="syz.0.1830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 170.957348][ T8890] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1838'. [ 170.967986][ T29] audit: type=1400 audit(1745342159.522:4253): avc: denied { connect } for pid=8889 comm="syz.1.1838" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 171.432722][ T29] audit: type=1400 audit(1745342159.992:4254): avc: denied { unmount } for pid=3301 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 172.101405][ T8929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 172.143780][ T8937] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1859'. [ 172.150814][ T8939] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 172.163456][ T8929] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 172.263922][ T8939] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 173.033919][ T8942] netlink: 'syz.0.1850': attribute type 3 has an invalid length. [ 173.233103][ T8948] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=8948 comm=syz.2.1861 [ 173.578212][ T29] audit: type=1400 audit(1745342162.132:4255): avc: denied { read } for pid=8961 comm="syz.1.1864" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 174.573079][ T8977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 174.612925][ T8977] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 174.635670][ T8979] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1872'. [ 174.648781][ T8982] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 174.660131][ T8982] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.261788][ T9004] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1880'. [ 176.208325][ T9020] can: request_module (can-proto-0) failed. [ 176.282317][ T9033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 176.292566][ T9033] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 176.333943][ T9036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1894'. [ 176.344434][ T9036] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1894'. [ 176.764384][ T29] audit: type=1400 audit(1745342165.322:4256): avc: denied { bind } for pid=9052 comm="syz.2.1901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 176.795454][ T29] audit: type=1400 audit(1745342165.322:4257): avc: denied { name_bind } for pid=9052 comm="syz.2.1901" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1 [ 176.817104][ T29] audit: type=1400 audit(1745342165.322:4258): avc: denied { node_bind } for pid=9052 comm="syz.2.1901" saddr=224.0.0.2 src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 176.941572][ T29] audit: type=1400 audit(1745342165.502:4259): avc: denied { getopt } for pid=9065 comm="syz.1.1907" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 176.974255][ T9069] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22 [ 176.982826][ T9069] netdevsim netdevsim4: Direct firmware load for . failed with error -22 [ 177.119099][ T9073] bridge0: entered promiscuous mode [ 177.627088][ T9073] batadv0: entered promiscuous mode [ 177.633339][ T9073] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network [ 177.643521][ T9073] hsr1: Slave B (batadv0) is not up; please bring it up to get a fully working HSR network [ 177.749469][ T9073] bridge0: left promiscuous mode [ 177.755675][ T9073] batadv0: left promiscuous mode [ 177.902194][ T9087] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 177.910933][ T9087] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 178.001850][ T9093] serio: Serial port pts0 [ 178.104402][ T9096] 9pnet: p9_errstr2errno: server reported unknown error @L O00000000000000000011 [ 178.156267][ T9101] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1912'. [ 178.549379][ T9120] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 178.607386][ T9120] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 179.085119][ T29] audit: type=1400 audit(1745342167.632:4260): avc: denied { write } for pid=9121 comm="syz.0.1925" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 179.105347][ T9130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 179.135999][ T9134] @: renamed from vlan0 [ 179.142077][ T9130] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 179.157885][ T29] audit: type=1400 audit(1745342167.692:4261): avc: denied { ioctl } for pid=9133 comm="syz.2.1929" path="socket:[23146]" dev="sockfs" ino=23146 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 179.183118][ T29] audit: type=1326 audit(1745342167.722:4262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9133 comm="syz.2.1929" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb4d059e169 code=0x0 [ 179.593824][ T9144] program syz.0.1933 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 179.634026][ T9148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 179.643222][ T9148] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 179.865321][ T9157] vhci_hcd: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 180.201316][ T9166] bridge0: entered allmulticast mode [ 180.246676][ T29] audit: type=1400 audit(1745342168.812:4263): avc: denied { wake_alarm } for pid=9165 comm="syz.2.1940" capability=35 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 180.312844][ T9166] bridge_slave_1: left allmulticast mode [ 180.318680][ T9166] bridge_slave_1: left promiscuous mode [ 180.324455][ T9166] bridge0: port 2(bridge_slave_1) entered disabled state [ 180.340419][ T9166] bridge_slave_0: left allmulticast mode [ 180.346947][ T9166] bridge_slave_0: left promiscuous mode [ 180.352707][ T9166] bridge0: port 1(bridge_slave_0) entered disabled state [ 180.381681][ T9171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1942'. [ 180.606294][ T9177] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(13) [ 180.613124][ T9177] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 180.620979][ T9177] vhci_hcd vhci_hcd.0: Device attached [ 180.680360][ T9180] vhci_hcd: connection closed [ 180.680645][ T31] vhci_hcd: stop threads [ 180.690476][ T31] vhci_hcd: release socket [ 180.695013][ T31] vhci_hcd: disconnect device [ 180.762903][ T29] audit: type=1326 audit(1745342169.322:4264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9182 comm="syz.2.1947" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 180.841263][ T9195] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 180.851596][ T9195] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 180.878335][ T9197] loop2: detected capacity change from 0 to 512 [ 180.886775][ T9197] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.1952: bad orphan inode 15 [ 180.900533][ T9197] ext4_test_bit(bit=14, block=18) = 1 [ 180.906398][ T9197] is_bad_inode(inode)=0 [ 180.910850][ T9197] NEXT_ORPHAN(inode)=1023 [ 180.915401][ T9197] max_ino=32 [ 180.919820][ T9197] i_nlink=0 [ 180.925769][ T9197] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2962: inode #15: comm syz.2.1952: corrupted xattr block 19: invalid header [ 180.942498][ T9197] EXT4-fs warning (device loop2): ext4_evict_inode:279: xattr delete (err -117) [ 180.952258][ T9197] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 180.964874][ T9197] ext4 filesystem being mounted at /396/qY3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 180.978202][ T9201] usb usb8: usbfs: process 9201 (syz.3.1953) did not claim interface 0 before use [ 180.989966][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 181.010131][ T9203] loop3: detected capacity change from 0 to 512 [ 181.028406][ T9203] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 181.042825][ T9203] ext4 filesystem being mounted at /372/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 181.055597][ T9203] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1955: corrupted inode contents [ 181.069214][ T9203] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #2: comm syz.3.1955: mark_inode_dirty error [ 181.081226][ T9203] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1955: corrupted inode contents [ 181.095681][ T9203] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1955: corrupted inode contents [ 181.109271][ T9203] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #2: comm syz.3.1955: mark_inode_dirty error [ 181.121146][ T9203] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1955: corrupted inode contents [ 181.134232][ T9203] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.1955: mark_inode_dirty error [ 181.146771][ T9203] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #2: comm syz.3.1955: corrupted inode contents [ 181.158933][ T9203] EXT4-fs error (device loop3): ext4_dirty_inode:6103: inode #2: comm syz.3.1955: mark_inode_dirty error [ 181.182014][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.219688][ T9219] FAULT_INJECTION: forcing a failure. [ 181.219688][ T9219] name failslab, interval 1, probability 0, space 0, times 0 [ 181.232898][ T9219] CPU: 0 UID: 0 PID: 9219 Comm: syz.2.1961 Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 181.232999][ T9219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 181.233015][ T9219] Call Trace: [ 181.233025][ T9219] [ 181.233034][ T9219] dump_stack_lvl+0xf6/0x150 [ 181.233066][ T9219] dump_stack+0x15/0x1a [ 181.233086][ T9219] should_fail_ex+0x261/0x270 [ 181.233117][ T9219] should_failslab+0x8f/0xb0 [ 181.233145][ T9219] kmem_cache_alloc_noprof+0x59/0x340 [ 181.233235][ T9219] ? getname_flags+0x81/0x3b0 [ 181.233287][ T9219] getname_flags+0x81/0x3b0 [ 181.233309][ T9219] __x64_sys_rmdir+0x21/0x40 [ 181.233343][ T9219] x64_sys_call+0x29a5/0x2e10 [ 181.233401][ T9219] do_syscall_64+0xc9/0x1a0 [ 181.233431][ T9219] ? clear_bhb_loop+0x25/0x80 [ 181.233457][ T9219] ? clear_bhb_loop+0x25/0x80 [ 181.233481][ T9219] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.233506][ T9219] RIP: 0033:0x7fb4d059e169 [ 181.233524][ T9219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.233611][ T9219] RSP: 002b:00007fb4cec07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054 [ 181.233633][ T9219] RAX: ffffffffffffffda RBX: 00007fb4d07c5fa0 RCX: 00007fb4d059e169 [ 181.233647][ T9219] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 181.233726][ T9219] RBP: 00007fb4cec07090 R08: 0000000000000000 R09: 0000000000000000 [ 181.233739][ T9219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 181.233750][ T9219] R13: 0000000000000000 R14: 00007fb4d07c5fa0 R15: 00007ffd708ecec8 [ 181.233848][ T9219] [ 181.234427][ T29] audit: type=1400 audit(1745342169.802:4265): avc: denied { create } for pid=9220 comm="syz.3.1962" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 181.236533][ T9221] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 181.324949][ T9228] loop2: detected capacity change from 0 to 512 [ 181.328273][ T9221] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 181.485776][ T9228] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.1965: bad orphan inode 15 [ 181.499574][ T9228] ext4_test_bit(bit=14, block=18) = 1 [ 181.505330][ T9228] is_bad_inode(inode)=0 [ 181.509905][ T9228] NEXT_ORPHAN(inode)=1023 [ 181.514417][ T9228] max_ino=32 [ 181.517910][ T9228] i_nlink=0 [ 181.521686][ T9228] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2962: inode #15: comm syz.2.1965: corrupted xattr block 19: invalid header [ 181.574579][ T9228] EXT4-fs warning (device loop2): ext4_evict_inode:279: xattr delete (err -117) [ 181.601396][ T9247] serio: Serial port pts0 [ 181.601844][ T9228] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none. [ 181.622460][ T9228] ext4 filesystem being mounted at /404/qY3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 181.639314][ T9249] ALSA: seq fatal error: cannot create timer (-16) [ 181.667836][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0009-000000000000. [ 181.699710][ T9252] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13) [ 181.706656][ T9252] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 181.714509][ T9252] vhci_hcd vhci_hcd.0: Device attached [ 181.739386][ T9253] vhci_hcd: connection closed [ 181.739701][ T1988] vhci_hcd: stop threads [ 181.748934][ T1988] vhci_hcd: release socket [ 181.753374][ T1988] vhci_hcd: disconnect device [ 182.062037][ T9283] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1985'. [ 182.088626][ T9283] loop3: detected capacity change from 0 to 128 [ 182.105802][ T9283] vfat: Unknown parameter '' [ 182.114547][ T9283] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13) [ 182.121221][ T9283] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 182.129240][ T9283] vhci_hcd vhci_hcd.0: Device attached [ 182.149616][ T9284] vhci_hcd: connection closed [ 182.150092][ T3392] vhci_hcd: stop threads [ 182.159230][ T3392] vhci_hcd: release socket [ 182.164282][ T3392] vhci_hcd: disconnect device [ 182.240156][ T9287] loop2: detected capacity change from 0 to 512 [ 182.297428][ T9287] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 182.318820][ T9287] EXT4-fs (loop2): invalid journal inode [ 182.332114][ T9287] EXT4-fs (loop2): can't get journal size [ 182.371129][ T9287] EXT4-fs (loop2): 1 truncate cleaned up [ 182.395192][ T9287] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 182.560612][ T3306] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.583047][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 182.583084][ T29] audit: type=1400 audit(1745342171.142:4268): avc: denied { ioctl } for pid=9297 comm="syz.0.1991" path="socket:[23412]" dev="sockfs" ino=23412 ioctlcmd=0x89eb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 182.613952][ T29] audit: type=1400 audit(1745342171.142:4269): avc: denied { bind } for pid=9297 comm="syz.0.1991" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 182.633555][ T29] audit: type=1400 audit(1745342171.142:4270): avc: denied { bind } for pid=9297 comm="syz.0.1991" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 182.653297][ T29] audit: type=1400 audit(1745342171.142:4271): avc: denied { connect } for pid=9297 comm="syz.0.1991" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 182.823859][ T3305] ================================================================== [ 182.832013][ T3305] BUG: KCSAN: data-race in shmem_add_to_page_cache / shmem_getattr [ 182.840025][ T3305] [ 182.842366][ T3305] read-write to 0xffff888118bcb3b0 of 8 bytes by task 9307 on cpu 1: [ 182.850561][ T3305] shmem_add_to_page_cache+0x3bb/0x4b0 [ 182.856135][ T3305] shmem_get_folio_gfp+0x4dd/0xd30 [ 182.861280][ T3305] shmem_write_begin+0xa7/0x190 [ 182.866274][ T3305] generic_perform_write+0x189/0x4b0 [ 182.871734][ T3305] shmem_file_write_iter+0xc2/0xe0 [ 182.877185][ T3305] __kernel_write_iter+0x243/0x4c0 [ 182.882340][ T3305] dump_user_range+0x5ed/0x8b0 [ 182.887315][ T3305] elf_core_dump+0x1d61/0x1ef0 [ 182.892107][ T3305] do_coredump+0x1814/0x1f50 [ 182.896915][ T3305] get_signal+0xdb7/0x1080 [ 182.901373][ T3305] arch_do_signal_or_restart+0x9a/0x480 [ 182.906971][ T3305] irqentry_exit_to_user_mode+0xa7/0x120 [ 182.912636][ T3305] irqentry_exit+0x12/0x50 [ 182.917558][ T3305] asm_exc_page_fault+0x26/0x30 [ 182.922450][ T3305] [ 182.922832][ T9314] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1996'. [ 182.924772][ T3305] read to 0xffff888118bcb3b0 of 8 bytes by task 3305 on cpu 0: [ 182.924791][ T3305] shmem_getattr+0x69/0x200 [ 182.945872][ T3305] vfs_getattr_nosec+0x141/0x1d0 [ 182.950858][ T3305] vfs_statx+0x145/0x2f0 [ 182.955140][ T3305] vfs_fstatat+0xd9/0x150 [ 182.959630][ T3305] __se_sys_newfstatat+0x58/0x260 [ 182.964721][ T3305] __x64_sys_newfstatat+0x55/0x70 [ 182.969792][ T3305] x64_sys_call+0x2d6f/0x2e10 [ 182.974490][ T3305] do_syscall_64+0xc9/0x1a0 [ 182.979018][ T3305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.984950][ T3305] [ 182.987430][ T3305] value changed: 0x00000000000002f9 -> 0x00000000000002fa [ 182.995176][ T3305] [ 182.997777][ T3305] Reported by Kernel Concurrency Sanitizer on: [ 183.004217][ T3305] CPU: 0 UID: 0 PID: 3305 Comm: syz-executor Not tainted 6.15.0-rc3-syzkaller-00008-ga33b5a08cbbd #0 PREEMPT(voluntary) [ 183.017268][ T3305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 183.028482][ T3305] ================================================================== [ 183.222090][ T29] audit: type=1326 audit(1745342171.772:4272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9312 comm="syz.2.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 183.247140][ T29] audit: type=1326 audit(1745342171.772:4273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9312 comm="syz.2.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 183.270792][ T29] audit: type=1326 audit(1745342171.772:4274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9312 comm="syz.2.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 183.295097][ T29] audit: type=1326 audit(1745342171.772:4275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9312 comm="syz.2.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 183.319394][ T29] audit: type=1326 audit(1745342171.772:4276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9312 comm="syz.2.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000 [ 183.343953][ T29] audit: type=1326 audit(1745342171.772:4277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9312 comm="syz.2.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb4d059e169 code=0x7ffc0000