last executing test programs: 3m34.085571882s ago: executing program 4 (id=220): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000020c0)}], 0x4}, 0x0) 3m34.085059082s ago: executing program 4 (id=221): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) io_uring_setup(0x66ed, &(0x7f00000004c0)={0x0, 0x5f0d, 0x8, 0x7, 0x1a3}) r0 = syz_io_uring_setup(0xbc3, 0x0, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000f93a674d5638dc56a67b3456e42faa78792be44f121445faf30c20a1ed632786afd3a080e7e6f8033a835cda48c59db847c0b40de8e15e57e6bd3042419cd13d1098337002b1a3fb1699a652d9c5bc66e4268c9c86"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x10) io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000480)=0x8) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) gettid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_process_fork\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r8, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r8, &(0x7f0000001280), 0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x30) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48) 3m33.026957699s ago: executing program 4 (id=234): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa00000, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac0000000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8000000000000000000000000000aa0c00028005000100000000000800074000000000180006801400040020010000000000000000000000000001"], 0xac}, 0x1, 0x0, 0x0, 0x4000}, 0x4000894) 3m32.861907762s ago: executing program 4 (id=238): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x523080, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f00000001c0)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c666c7573682c726f6469722c726f6469722c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c001762a07a915c8f6c3378b924fc250bdae45cd22bb33f29d72cf1c8410df88b83b9710b49374a748455718cc4af5f3ced9aa10632d595e9c8c3a89f41b650b9ebd4886ae65bf02b7c8ea4e76ef2cc241ac9f89f2753df98db0ba9558c753363f296424ec60e703fac2db7e9f31283852e115cf6acb8d77b3e5d68"], 0x96, 0x2a9, &(0x7f0000000500)="$eJzs3T9ra2UYAPDnpGkSdEgEJxE8oINTabu6pEgLxUxKBnXQYluQJggtFPyDsZOri6OriyC4+SVc/AaCq+BmwcKRk5xjkt40N+m9ae+f32/p2/c8z3ue9/QtpcN58vGr/ZPDNI4vvvojGo0kKu1ox2USrahE6ZuY0v4uAICn2WWWxd/ZyDJ5SUQ0VlcWALBCS//9/2XlJQEAK/be+x+8s9Pp7L6bpo3Y63973s3/s8+/jq7vHMen0Yuj2IxmXEVk/xuN97IsG1TTXCve6A/Ou3lm/6PfivV3/ooY5m9FM1rDqen8/c7uVjoykT/I63ihuH87z9+OZrw84/77nd3tGfnRrcWbr0/UvxHN+P2T+Cx6cTgsYpQflYivt9L07ez7f778MC8vz08G5936MG4sW7vjHw0AAAAAAAAAAAAAAAAAAAAAAM+wjaJ3Tj2G/XvyqaL/ztpV/s16pKXWdH+eUX5SLnStP9Agix/K/jybaZpmReA4vxqvVKN6P7sGAAAAAAAAAAAAAAAAAACAJ8vZ51+cHPR6R6ePZVB2Ayhf67/tOu2JmddifnB9fK9KMZyzcqyVMUnE3DLyTSxc879F24PbPbqXbqr5p58XXufHh++9GKwvEPOIg/J0nRwks59hPcqZRnlIfp2MqcWC96rddClb6vjVZl5qLr332ovDwWBOTCTzCnvrz9GTK2aS67uoDZ/qzPT1YjCRPh3TWPw8578pD0h06wAAAAAAAAAAAAAAAAAAgJUav/Q74+LF3NRKVl9ZWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwp8af/7/EYFAkLxBci9Oze94iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4H/AgAA///uD2MO") r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0) creat(&(0x7f0000000100)='./bus\x00', 0x0) mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000380)=@broute={'broute\x00', 0x20, 0x6, 0xacc, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000880], 0x0, &(0x7f0000000340), &(0x7f0000000880)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc, 0x1, [{0x3, 0x4, 0x15, 'veth1\x00', 'batadv_slave_1\x00', 'virt_wifi0\x00', 'batadv0\x00', @remote, [0x0, 0xff, 0xff, 0x0, 0xff], @broadcast, [0x0, 0xff, 0xff, 0x0, 0xff, 0xff], 0xbe, 0x236, 0x286, [@nfacct={{'nfacct\x00', 0x0, 0x28}, {{'syz1\x00', 0x2}}}], [@common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x1ff, 'system_u:object_r:ld_so_cache_t:s0\x00'}}}, @common=@RATEEST={'RATEEST\x00', 0x20, {{'syz0\x00', 0x6, 0x2, {0x8}}}}], @common=@LED={'LED\x00', 0x28, {{'syz1\x00', 0x0, 0x3e73b21, {0x6}}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x2, [{0x3, 0x14, 0x601d, 'veth0_to_hsr\x00', 'veth1_to_bond\x00', 'ip6tnl0\x00', 'geneve0\x00', @remote, [0xff, 0xff, 0x0, 0x0, 0xff, 0xff], @random="a520999b2d40", [0x0, 0x0, 0xff, 0x0, 0xff], 0x9e, 0x1fe, 0x276, [@state={{'state\x00', 0x0, 0x8}, {{0x8}}}], [@common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0xb, 'system_u:object_r:mouse_device_t:s0\x00'}}}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x7}}}], @common=@nflog={'nflog\x00', 0x50, {{0x9, 0x8, 0x7, 0x0, 0x0, "166f0b97bd153bb23e207edfebd879aa6254f143c9fc0c44ed5c7184c18b8d88dae6baae17e8f4a15f754fcf6005d686abce568e75959b4157e0d926bd2b33df"}}}}, {0x9, 0x50, 0x18, 'veth0_vlan\x00', 'vcan0\x00', 'veth0_vlan\x00', 'ip6gretap0\x00', @random="768cc4b3953d", [0xff, 0xff, 0xff, 0xff], @broadcast, [0xff, 0x0, 0xff, 0xff, 0xff], 0x6e, 0x6e, 0xbe, [], [], @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7ff, 'syz0\x00', {0x81}}}}}]}, {0x0, '\x00', 0x3, 0xfffffffffffffffc, 0x1, [{0x11, 0x10, 0x3, 'ip6gre0\x00', 'wlan0\x00', 'vlan0\x00', 'pimreg1\x00', @random="8facda7d0357", [0xff, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0xee, 0xee, 0x21e, [@cluster={{'cluster\x00', 0x0, 0x10}, {{0xf, 0x7fff, 0xca8, 0x1}}}, @limit={{'limit\x00', 0x0, 0x20}, {{0x5, 0x1, 0xd, 0x3, 0x5, 0x80000000}}}], [], @common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0xff, 'system_u:object_r:sshd_var_run_t:s0\x00'}}}}]}, {0x0, '\x00', 0x4, 0x0, 0x2, [{0x9, 0x1a, 0x21a, 'batadv0\x00', 'pimreg0\x00', 'macvlan1\x00', 'veth1\x00', @empty, [0x0, 0xff, 0xff, 0xff, 0x0, 0xff], @random="6e11ed5f9902", [0xff, 0xff, 0xff, 0xff], 0x6e, 0xee, 0x11e, [], [@common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffe}}}, @common=@log={'log\x00', 0x28, {{0xc, "657ec93de76776859f69c8f992c1f82c87ed9e583bc4a0ef2dcc5a421d5d", 0x6}}}], @common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x9da5}}}}, {0x0, 0x45, 0x809b, 'ip_vti0\x00', 'dummy0\x00', 'veth1_to_team\x00', 'veth0_vlan\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}, [0x0, 0x0, 0xff, 0xff, 0x0, 0xff], @remote, [0x0, 0x0, 0x0, 0xff], 0x6e, 0xe6, 0x116, [], [@common=@nflog={'nflog\x00', 0x50, {{0x807c, 0xc, 0x7, 0x0, 0x0, "80dedc8f6d393d0a2c1332d0c15309b645d77b329dc1950624f870d969531033ab8ad41fbcc80daf7c53c47b63f1669fb8c8e5a315dd73ec272e8cff95cb2e86"}}}], @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x9}}}}]}]}, 0xb44) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x1, 0x0, 0x0, 0x5, 0x0, "ef359f413bb901527f00d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea0000000000000000000800002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000000, 0x12, r3, 0x0) mbind(&(0x7f0000000000/0xd000)=nil, 0xd000, 0x2, &(0x7f0000000240)=0x5, 0x401, 0x5) ioctl$SG_GET_SG_TABLESIZE(r2, 0x227f, &(0x7f0000000040)) ftruncate(r1, 0x9) r4 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001fc0)=@delqdisc={0x120, 0x25, 0x100, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xf, 0xd}, {0xa, 0x4}}, [@qdisc_kind_options=@q_mq={0x7}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x81}, @TCA_STAB={0x80, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x8, 0x2, 0x4, 0x4, 0x0, 0x6, 0x38000, 0x2}}, {0x8, 0x2, [0x7, 0x2]}}, {{0x1c, 0x1, {0xf5, 0x81, 0x6, 0xfc, 0x1, 0xf, 0xa05c, 0x4}}, {0xc, 0x2, [0x9, 0x0, 0x4, 0x7]}}, {{0x1c, 0x1, {0x6, 0x9, 0x4, 0xffffffcb, 0x0, 0x10, 0x400, 0x7}}, {0x12, 0x2, [0x1, 0xd, 0x8000, 0xff, 0xa, 0x9, 0x9]}}]}, @TCA_STAB={0x6c, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x4, 0x7, 0x5, 0xa, 0x1, 0x8d6, 0x100, 0x3}}, {0xa, 0x2, [0x6, 0x0, 0x3]}}, {{0x1c, 0x1, {0x7, 0x33, 0x1, 0xffff8000, 0x2, 0x10001, 0x7}}, {0x4}}, {{0x1c, 0x1, {0x9, 0x1, 0x6, 0x4, 0x2, 0x7fff, 0xffff}}, {0x4}}]}]}, 0x120}}, 0x40001) sendto(r4, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r4, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f00000001c0)=""/17, 0x1d8}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x45}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f0000000280)=""/85, 0x7c}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) r5 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet6(r5, &(0x7f0000006280)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x3d0, @mcast1, 0xd}, 0x1c, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1400000000000000290000004300000008000000000000001400000000000000290000000b00000000000006000000001400000000000000290000000b00000095"], 0x48}}], 0x1, 0x0) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYRES32=r1, @ANYRES32=r6, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r7}, 0x10) write$binfmt_aout(r0, &(0x7f0000000280)=ANY=[@ANYRESDEC, @ANYRES16=r6, @ANYRES8=r7, @ANYRESDEC], 0xff2e) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) socket$igmp(0x2, 0x3, 0x2) 3m32.063532154s ago: executing program 4 (id=241): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000100)=0x1, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) sendto$inet6(r0, 0x0, 0x2, 0x0, 0x0, 0x0) 3m31.553688682s ago: executing program 4 (id=246): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) syz_read_part_table(0x1059, &(0x7f0000000000)="$eJzsz8FNw0AUBNDxYmRbogNa4Ewn7scHCuFMT0hUwDmX6EdeR0oHSQ7v3Uazs9IPD/WRlpxqfG+ZkyXJuWpK8nb0VdVakr+ehtuwP+q2ek3ycoRx2f/JsF3LVv+fa9/VsC++l6/5aH4zZf25150AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MwuAQAA//9ZkRMF") shutdown(r0, 0x0) syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x8, 0x3, 0xbffffffa}, &(0x7f00000003c0), &(0x7f0000000340)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000040), &(0x7f0000000280)='%pS \x00'}, 0x20) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) 3m31.553232542s ago: executing program 32 (id=246): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) syz_read_part_table(0x1059, &(0x7f0000000000)="$eJzsz8FNw0AUBNDxYmRbogNa4Ewn7scHCuFMT0hUwDmX6EdeR0oHSQ7v3Uazs9IPD/WRlpxqfG+ZkyXJuWpK8nb0VdVakr+ehtuwP+q2ek3ycoRx2f/JsF3LVv+fa9/VsC++l6/5aH4zZf25150AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MwuAQAA//9ZkRMF") shutdown(r0, 0x0) syz_io_uring_setup(0x10b, &(0x7f0000000580)={0x0, 0xd736, 0x8, 0x3, 0xbffffffa}, &(0x7f00000003c0), &(0x7f0000000340)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000040), &(0x7f0000000280)='%pS \x00'}, 0x20) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) 3m23.725521836s ago: executing program 2 (id=319): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) io_uring_setup(0x66ed, &(0x7f00000004c0)={0x0, 0x5f0d, 0x8, 0x7, 0x1a3}) r0 = syz_io_uring_setup(0xbc3, 0x0, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000f93a674d5638dc56a67b3456e42faa78792be44f121445faf30c20a1ed632786afd3a080e7e6f8033a835cda48c59db847c0b40de8e15e57e6bd3042419cd13d1098337002b1a3fb1699a652d9c5bc66e4268c9c86d9f6b0a9d6a559607b1217baf3c8a2a1d72082f65d5da32ca1570c300423278e62798dea1c34dbab5f006babe871d9bda7216fdaacf85a7681a65e7f70a5ef40b4e2d50f02d3edbaafb7a9c2b8c28fc236bfda39"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x10) io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000480)=0x8) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) gettid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_process_fork\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r8, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r8, &(0x7f0000001280), 0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x30) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48) 3m22.80107474s ago: executing program 2 (id=324): ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) syz_mount_image$vfat(&(0x7f00000003c0), &(0x7f00000002c0)='./file0\x00', 0xac3c7f, 0xffffffffffffffff, 0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC, @ANYRESDEC=0x0], 0x0, 0x1003, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94) syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x200c44, &(0x7f00000015c0)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909000000f2ff00003dda5de4d586f0df206d65656b416d6f64653d7063303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f459574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801e26d335ef2ba9ac2423a358ccbb776b21e1d3b5ee4e0f21a4c775145ef26c98b4af40babc3b18cc5635b6da7c4d1b0fbb8f271016ecf316158c2be5a4bef251c82b85bbc335cae0a2920ce36f206f449fbf64a47e05bd4cf8312774a4e61", @ANYRESDEC=0x0, @ANYBLOB="9e5d2edaa671c7e0eae4fd60dae69ab4f2bc67edc56b86dd2aad498e48b660bfcd9e012251e8a44f4ce60e4952e1d7d090"], 0xfe, 0x668, &(0x7f0000000e80)="$eJzs3Utv29gZxvGHsnwtMC3aYhAEmfGZpAM4aKpI8sQDI12UpSibU0kUSLqwV4N0Yg+CyJk2SYHGm6k3vQDtF+huNrPohyjQddf9Al0WGLS7At2oICnqSlm+J23/PyPREfmS56XI6A0t8VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECWUyuXK5YaXmtn10zn1AK/ecL8dG3zups27s7sV7LiP1pa0o100o1vD2a/Hf91W7fSZ7e0FD8s6ehrb3/j4beKhWz5ExI6D511hS9eHT191OnsPz9fb13rPMtdiYlMVDjFUltuywt9r2lvucYLfbO5sVG+v10PTd1ruOFeGLlN4wRuIfIDs+bcNZXNzXXjlvb8ndZWzT50s4kffq9aLm+YjxZ7u//+R6XQ2fYaDa+1lcTEs+OYxf4R4tpNYw6edPbXZyUZB1VOE1SdFVQtV6uVSrVa2Xiw+eDDcrk4MaE8RhMRg4P2zdn5uE6X9M4NXFwhrv9/s6SGltTSjnZlcn8c1RTIV3PK/J6s/r9/3z2x3+H6n1X5G4PZN5XU/3fTZ+9Oq/9TcjEyyQJ5c6wp08/380KvdKSneqSOOtrX82mRXz/TelcvL8Or/dmSipKnUL48NWVrS65Mb4rRpja0obI+1rbqCmVUl6eGXIXaU6hIrprJPgnkylYkX4GM1uTorowq2tSm1mXkqqQ9+dpRS1uqyda/ut3ugZ4kr/v6CTkqC6qcJqjYPwYng6bV/598ni5xtvqP/z39Y+cUMcBr1+2d/083lzdx9eoyAgAAAAAAl81KfvtuJZ/dvyOpq7rXcMuvOy0AAAAAAHCJkk/+b8UP83HrHVlTzv+7158bAAAAAAC4HFZyjZ0laSX5Ur81uBLqNF8CyL04AAAAAAAAvFmSz/+LC1I3GVptVdaZzv8BAAAAAMB/gd8MjbFfzMbY7WYf6xckhe1F60//WFQwbx23d79jHdrxHPuwFzPxDYCoftMqKh2oNxmvd0FS8sxxb1m98YF7g2Ba6cC+0lcHs8b6t4KxBBbmsl9f5CTw1tFQAhvF3jP9Tu+lMe/1+n18VFAyJ+1lpe413JLjNx5WZNtvFSJ3N/r5sye/kIL+dh486eyXPvms8zjJ5TiedHwY5/H5SDqFWbm8TMZbSK65yNviZdWzLn/baq5YSb/lbPvnZB8Whjs63fb/SrfTmNsr6ePKUbYHZP2y16iUkl022PpkdAhrkEVlfMvzdsSULJaSLO6kMXfW7qQPWX7pXlj67pxULU3ug2A4i+pwFrNfC+ufE6/FjCziY2E9zuLP8YqmZLF+tiwm9ggAvC4HgyqUDGI+Ocb+eN09z7vc7Or+g9FeXv6hm15wOCcVe59NpBchTqsrit/R19KwhXQU9+LNnHf0cq+uLGnKO3r5AtUt7uuPg3sg9dLuzSn2s/h3t9t9WEn6/f1YVf0iXuCLqf2Gjepc/BLef3n402QA/Nin+5/uP6tW1zfKH5TLD6qaTzaj90DtAQDkmH2PndGIpUE969fuD/pn1Y///n7aGqm73+x/paCkT/SZOnqse9ktBFbz+10Z+hrCvcmz1jh2WRqPreje1LO6pJYOxVb7sfPKFhn9/8Igdv2qdwMAANfq9ow6PF7/887d72Xn3Ws3c8+7R2v5+B2Ch2PnR2o5AAC4Gm7wlbUS/doKAq/9cWVzs2JH264JfOdHJvBqW67xWpEbONt2a8s17cCPfMdvmHagRa/mhibcabf9IDJ1PzBtP/R2kzu/m96t30O3abcizwnbDdcOXeP4rch2IlPzQse0d37Y8MJtN0gWDtuu49U9x448v2VCf1mOWzImdN2hQK/mtiKv7sXNlmkHXtMO9syP/cZO0zU1N3QCrx356QqzvrxW3Q+ayWpL6p50o0MAAP5vvHh19PRRp7P//ITGsdJG9n20E4IX8lb4mjcRAACMoUoDAAAAAAAAAAAAAAAAAAAAAPDmO831fyc2sosCsynzygmW+lN+9tap1mxpMOXLv14ow3M0CuNTeiPtdmcv/pe0UcyLWY4bC5I62cs/HHN8qVuxeqpgpY3i5b+Gy1LekXBlje8fjB6HEzHxzNxZi/19Ubz4P4e8xrMvp8yafUQtjr6GCydt4GijKOn5wgV2wfW/FwG4Xv8JAAD//6TAPYc=") r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20084, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000280)={'wg2\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000300)={&(0x7f0000000500)=@bridge_dellink={0x118, 0x11, 0x100, 0x70bd26, 0x25dfdbff, {0x7, 0x0, 0x0, 0x0, 0x44, 0x10020}, [@IFLA_TXQLEN={0x8}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_PHYS_PORT_ID={0x1c, 0x22, "2a2d4900e5001ef2d5e32388236e77b214f9bbd404402183"}, @IFLA_ADDRESS={0xa, 0x1, @local}, @IFLA_VF_PORTS={0xc0, 0x18, 0x0, 0x1, [{0x4}, {0x1c, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0x2}, @IFLA_PORT_VF={0x8, 0x1, 0xd47e}, @IFLA_PORT_VF={0x8, 0x1, 0x4}]}, {0x34, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0x7}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "89b46fba484cad996df54f10ba763334"}, @IFLA_PORT_VF={0x8, 0x1, 0x3}, @IFLA_PORT_PROFILE={0xc, 0x2, 'iso9660\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x1, 0x9}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "18eb514095ed828cdadbe4a02ce81f16"}]}, {0x48, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0x10, 0x2, '/dev/autofs\x00'}, @IFLA_PORT_PROFILE={0xc, 0x2, 'iso9660\x00'}, @IFLA_PORT_PROFILE={0xb, 0x2, '++}[)-\x00'}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "6c87bf3252da216c7bd59138c10ea0aa"}, @IFLA_PORT_REQUEST={0x5, 0x6, 0xb9}]}]}]}, 0x118}, 0x1, 0x0, 0x0, 0x4040}, 0x0) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141b82, 0x0) write$cgroup_int(r5, &(0x7f0000000000)=0x700, 0x12) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'}) 3m22.534713175s ago: executing program 2 (id=329): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x2f, 0x3, "5fad843dc5c1efe84ced18d4422d5b0b86e8441958d3d2ea41149f1e55359af069a2a5e039ccf56f068a5a"}, @NFTA_TARGET_NAME={0x9, 0x1, 'SNAT\x00'}, @NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_COMPAT={0x4}]}], {0x14}}, 0xf0}, 0x1, 0x0, 0x0, 0x4}, 0x40000) 3m22.526435245s ago: executing program 2 (id=330): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000006000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='mm_page_alloc\x00', r0}, 0x10) ioperm(0xd, 0x5, 0x7) prctl$PR_SET_NAME(0xf, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x10c42, &(0x7f0000000d80)=ANY=[], 0x1, 0x28b, &(0x7f0000001d80)="$eJzs3U1rE2sYxvGraU6bpKdNFuccOIJ4oxvdDG38ABKkBTGg1EbUhTC1Ew0Zk5IJlYjY7ty48HMUl+4E9Qt04869u24ENwXFSN5s0qaC6ctE8/9BZ+726TV9ppmEewYy2b714mExHzh5t6pIzBSRNrQjpRpV21h7HWnWE+q2oQtTnz+cvnH7ztVMNju/aLaQWbqYNrOZM28ePXl59l116uarmdeT2krd3f6U/rj139b/29+WHhQCKwRWKlfNteVyueou+56tFIKiY3bd99zAs0Ip8Co943m/vLpaM7e0Mp1YrXhBYG6pZkWvZtWyVSs1c++7hZI5jmPTCY2WvwfI5DYXF93MMUwGwyHaWFQqGXdcUnzfcG4zjEkBAIBwdff/Grr+v9G1/Lz/36D/PwT6/1HQ6P8T7edvL/p/AAAAAAAAAAAAAAAAAAAAAAB+Bzv1erJeryc7687XpKSYpM73Yc8Tx4PHf7R1vXEvJvnP1nJrOckfaywbMnkV5MvTrJL62jwe2lr1wpXs/Kw1pfTWX2/n19dy4735OSWV6p+fa+WtN/+XEt35tJL6p38+3Tc/ofPnuvKOknp/T2X5Wmke17v5p3Nml69l9+Tjzd8DAAAAAOBP4NgPfc/fHeeg8Vb+F64P7Dm/jupUNNx9BwAAAABgVAS1x0XX971KOMWX9sWCgeKHmHxcoe3yAMW/kgaKX+q66+vuUHTfT466eF4eln/dEBYxSUe6wbhaRefzPY5myyG9IAEAAAA4NrtNf9gzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABgdJ3EDc8O+NORE95VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHTfAwAA//+4ayE9") creat(&(0x7f0000000000)='./bus\x00', 0x0) mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x1, 0x0, 0x0, 0x5, 0x0, "ef359f413bb901527f00d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea0000000000000000000800002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]}) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$9p_tcp(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r2}, 0x18) clock_adjtime(0x0, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x793f, 0x200, 0x8, 0x45, 0xffffffffffff8001, 0x8, 0x2, 0x3, 0xd, 0x1, 0x4, 0x400, 0x5, 0x2f2, 0x9, 0x2, 0x3, 0xb, 0x9, 0x0, 0x6, 0x8000, 0x7fffffffffffffff, 0x4}) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x52b, &(0x7f0000000f40)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky") alarm(0x1) r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$binfmt_register(r4, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32) fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r6}, 0x10) r7 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x140, 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r7, 0xc018937e, &(0x7f0000001040)={{0x1, 0x1, 0x1018}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'}) 3m21.902812985s ago: executing program 2 (id=339): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$inet(0x2, 0x3, 0x33) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffffffb}]}) getsockopt$inet_mreqsrc(r2, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000040)=0x28) 3m21.647361219s ago: executing program 2 (id=346): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) io_uring_setup(0x2ef1, &(0x7f0000000000)={0x0, 0x5710, 0x80}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==") r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r3, 0x2007ffc) sendfile(r3, r3, 0x0, 0x800000009) (fail_nth: 5) 3m21.580768299s ago: executing program 33 (id=346): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) io_uring_setup(0x2ef1, &(0x7f0000000000)={0x0, 0x5710, 0x80}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d6163"], 0x5c}}, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==") r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r3, 0x2007ffc) sendfile(r3, r3, 0x0, 0x800000009) (fail_nth: 5) 2m19.907986692s ago: executing program 0 (id=1078): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x80000000000000}, 0x18) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) (async) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) (async) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) clock_gettime(0x0, &(0x7f0000000000)) (async) r3 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bind$can_j1939(r3, &(0x7f0000000100)={0x1d, r4}, 0x18) (async) connect$can_j1939(r3, &(0x7f0000000080)={0x1d, r4, 0x0, {0x0, 0xf0, 0x2}, 0x1}, 0x18) (async) r5 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7279, 0x0, 0x4, 0x18e}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async) syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0) (async) syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, &(0x7f0000000680)=[0x0], 0x1}, 0x58) 2m19.781825984s ago: executing program 0 (id=1080): pipe2$watch_queue(0x0, 0x80) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, 0x0) modify_ldt$read_default(0x2, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000200)={[{@noblock_validity}, {@errors_remount}, {@sysvgroups}, {@norecovery}, {@oldalloc}, {@orlov}, {@oldalloc}, {@auto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x580, &(0x7f0000001b40)="$eJzs3U1rVFcfAPD/nUx8fx4jiLRdlICLWqwTk/TFQkG7LK1UaPd2SK5BMnEkMxGTCuqibropUiilQukH6L5L6RfopxBaQYqEdtFNyp3c0TGTmcQ4dkbn94Or59xzJ+eee+45+Z+5EyaAoTWe/VOIeDUivkkiDraUFSMvHF8/bvXhtZlsS2Jt7bM/k0jyfc3jk/z//XnmlYj49auI44X2emvLK/PlSiVdzPMT9YXLE7XllRMXF8pz6Vx6aWp6+tQ701Pvv/duz9r65rm/v//07kenvj66+t3P9w/dTuJMHMjLWtvxDG60ZsZjPL8mo3Fmw4GTPahskCT9PgF2ZCQf56ORzQEHYyQf9cDL73pErAFDKjH+YUg144Dm2r5H6+AXxoMP1xdA7e0vrr83Ensaa6N9q8kTK6NsvTvWg/qzOn75487tbIst3oe43oP6AJpu3IyIk8Vi+/yX5PPfzp1svHnc3cY6hu33D/TT3Sz+eWuz+KfwKP6JTeKf/ZuM3Z3YevwX7vegmo6y+O+DTePfR1PX2Eie+18j5htNLlyspCcj4v8RcSxGd2f5bs9zTq3eW+tU1hr/ZVtWfzMWzM/jfnH3k6+ZLdfLz9LmVg9uRrz2OP5Nom3+39OIdTf2f3Y9zm2zjiPpndc7lW3d/mhZqvQ+Al77KeKNTfv/8ROtpPvzyYnG/TDRvCva/XXryG+d6t9G+5+rrP/3dW//WNL6vLb29HX8uOeftFPZTu//XcnnjfSufN/Vcr2+OBmxK/mkff/U49c2883js/YfO9p9/tvs/t8bEV9ss/23Dt/qeOgg9P/sU/X/0yfuffzlD53q317/v91IHcv3bGf+2+4JPsu1AwAAAAAAgEFTiIgDEWOlR+lCoVRa/3zH4dhXqFRr9eMXqkuXZhvHxViMFppPug+2fB5iMv88bDM/tSE/HRGHIuLbkb2NfGmmWpntd+MBAAAAAAAAAAAAAAAAAABgQOxv/M1/Utj49/+Z30f6fXbAc+crv2F4bTn+e/FNT8BA8vsfhpfxD8PL+IfhZfzD8DL+YXh1Gf+mBnjJGeQwvIx/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KlzZ89m29rqw2szWX72yvLSfPXKidm0Nl9aWJopzVQXL5fmqtW5SlqaqS5s9fMq1erlyalYujpRT2v1idryyvmF6tKl+vmLC+W59Hw6+p+0CgAAAAAAAAAAAAAAAAAAAF4steWV+XKlki5KdEycjoE4jR0nkq16+XR+M7QVFfKCbi8v9r+BL22i2PXKP99EHyclAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjg3wAAAP//IAU3iQ==") bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = getpid() syz_pidfd_open(r0, 0x0) syz_clone(0xf5982500, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) mount(&(0x7f0000000000)=@filename='./file1\x00', 0x0, 0x0, 0x80021, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'geneve1\x00', 0x0}) r4 = socket$inet(0x2, 0x3, 0x8) setsockopt$inet_int(r4, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) r5 = socket$inet(0x2, 0x6000000000000003, 0x6) r6 = dup3(r4, r5, 0x0) setsockopt$inet_int(r6, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4) io_uring_setup(0x2e24, &(0x7f0000000280)={0x0, 0x5589, 0x2000, 0x1, 0x20f}) sendto$packet(r2, &(0x7f0000000180)="0b03f6ffe0ff64000200475400f6a13bb1000000080086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x88a8, r3}, 0x14) bpf$PROG_LOAD(0x5, 0x0, 0x0) 2m19.625122417s ago: executing program 0 (id=1084): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0}) bpf$MAP_CREATE(0x0, 0x0, 0x48) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xf}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28, 0xffff}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000003400)=@newtfilter={0x58, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x1}, {}, {0xa, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x2c, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0x1, 0x7, 0x1, 0x8000, 0x0, 0x4, 0x53c4, 0x2000000, [{0x1, 0x1, 0xf, 0x3}]}}, @TCA_U32_POLICE={0x4}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) 2m19.357884141s ago: executing program 0 (id=1095): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000000000000000000000010180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='mm_page_alloc\x00', r0}, 0x10) r1 = io_uring_setup(0x3eee, &(0x7f0000000080)={0x0, 0x6d33, 0x1000, 0x0, 0x4000000}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) mount$9p_fd(0x0, 0x0, 0x0, 0x200000, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}, {0x1}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00', {0xfffffffffffffffe}}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00', {}, {0xff}}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81, {0xc}}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x7, 0x30, {0x6}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x3000046, &(0x7f00000000c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@grpjquota}, {@oldalloc}, {@errors_remount}, {@orlov}, {@usrquota}, {@stripe={'stripe', 0x3d, 0x622}}]}, 0x1, 0x56c, &(0x7f0000001a00)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdy+A/4Vwx0MHQUvfCmctKTLmuTJttiUs3nA6e87zknfc+bc543z5uTkACG1kT2pxDxfER8kUQcjogk3zYa+caJjf3WHl6fzZYk1tc//C2p75fVG/+r8biDeeW5iPjps4iThe3tVldWF0rlcrqU1ydri1cmqyurpy4tlubT+fTy9MzMmddnpt96842e9fWV839+/cHdd898fnztqx/uH7mdxNk4lG9r7sczuNFcmYiJ/DkZi7NbdpzqQWO7STLoA+CpjORxPhbZGHA4RvKoB/77Po2IdWBIJeIfhlQjD2jM7XeeB/+/T1lJ/zx4Z2MCtL3/oxvvjcS++tzowFry2Mwom++O96D9rI0ff71zO1uid+9DAHR042ZEnB4d3T7+Jfn4t4MOb/qdbr16X3NlaxvGP+ifu1n+82qr/KdQj83f83Ddmv8cbBG7T6Nz/Bfu96CZtrL87+2W+e/mTavxkbz2v3rON5ZcvFROT+fZ8IkY25vVd7qfc2bt3nq7bc35X7Zk7Tdywfw47o/uffwxc6Va6Vn63OzBzYgXWua/yWb+m7Q4/9nzcb7LNo6ld15qt61z//9Z699FvNzy/D96cUt2vj85Wb8eJhtXxXZ/3Dr2c7v2B93/7Pwf2Ln/40nz/drqk7fx7b6/0nbbHut/dH/970k+qpf35OuulWq1pamIPcn729dPP3pso97YP+v/iePtx7921//+iPi4y/7fOvr9i131f0Dnf+6Jzv+TF+6998k37drvbvx7rV46ka/pZvzr9gCf5bkDAAAAAACA3aYQEYciKRQ3y4VCsbjx+Y6jcaBQrlRrJy9Wli/PRf27suMxVmjc6T7c9HmIqfzzsI369Jb6TEQciYgvR/bX68XZSnlu0J0HAAAAAAAAAAAAAAAAAACAXeJg/Tv/I5v1xvf/M7+MDO64gD7xk98wvDrGfy9+6QnYlbz+w/AS/zC8xD8ML/EPw0v8w/AS/zC8uoj/Qj+OA+g/r/8AAAAAAAAAAAAAAAAAAAAAAAAAAADQU+fPncuW9bWH12ez+tzVleWFytVTc2l1obi4PFucrSxdKc5XKvPltDhbWez0/8qVypWp6Vi+NllLq7XJ6srqhcXK8uXahUuLpfn0QjrWl14BAAAAAAAAAAAAAAAAAADAv0t1ZXWhVC6nSwoKT1UY3R2HodDjwqBHJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB45O8AAAD//8A2OIo=") r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x18) rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000180)='./file0/file0\x00') r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="240000001900010000000000000000001c140000fe0400010000000008000100040001"], 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x0) r7 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r7, 0x1, 0x3e, &(0x7f0000fee000)=0x3fa, 0x4) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', 0x0}) r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x14) write$cgroup_int(r10, &(0x7f0000000000)=0x921, 0x12) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r11}, 0x10) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4c004) syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) 2m18.319637967s ago: executing program 0 (id=1103): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb069, @void, @value}, 0x94) r1 = socket(0x25, 0x5, 0x5) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = syz_io_uring_setup(0x1f87, &(0x7f00000003c0)={0x0, 0x0, 0x13580, 0x0, 0x16d}, &(0x7f0000000100)=0x0, &(0x7f0000000380)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x0, &(0x7f0000001400)={0x0, 0x3938700}, 0x1, 0x40}) io_uring_enter(r4, 0x6b4d, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r4, 0x0, 0x3, 0x7, 0x0, 0x0) r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0) write$binfmt_script(r8, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r8, 0xc0406619, &(0x7f0000000240)={@desc={0x1, 0x0, @desc3}}) sendmsg$FOU_CMD_ADD(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="050500000000000000000100000014000700000000000000000000095120aa5f5d00ffffe05d312e3782c2b97cfefdb66300fcff05005b219beb5775c9c0a9f9f88f94d4682710699e26068d8309031ef7cdc3b69ab52e75d6d2b4eb11a0946f7bfff8df7d609057723d1e2dcd58c901f96b338c5cc449264a3b88a67d41cd6715841916a835a8f6"], 0x30}}, 0x10) sendmsg$FOU_CMD_ADD(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="020226bd7000fddbdf250100000005000400010000001400070002e7454574365fb8f0e1000000000001"], 0x30}, 0x1, 0x0, 0x0, 0x20040080}, 0x4000081) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r9 = socket$kcm(0x11, 0x3, 0x0) setsockopt$sock_attach_bpf(r9, 0x107, 0xf, &(0x7f0000000000), 0x4) sendmsg$kcm(r9, &(0x7f0000000080)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000240)="27050200590214000600002fb96dbcf706e105b10000080000000000000011d4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000102821880b0000000000000057ed25126fd7879597dea9ba0c7ed20a8562aa6941", 0x60}, {&(0x7f0000000580)="8fb7920bfb81bfa3f40c9d6216d92768cf06ff1175c0a084462a1ff6deacc1487536dc83860a90b4b078e93088f15de59dbb775b8f7cbe9e0d58bfbf200c018bd724a6573a1cb73f220eb4ea55116f78c6214d368caec7290151a5b7d09d05f5058e39d8179e10604d7e4e3482b9197e417a7139e9e0e4b0bb1217a1d5207eb3738c1b0bdb2e60c91d9818826dfc0aae152a0cd47974d70ad9cf0ea62b8dd60388d27bd7313f711fa3dc7996bb1bdcbe01685117", 0xb4}, {&(0x7f00000024c0)="432e11726946ddf6d5b7d7cf74e7ff81b8ad53c9f1c3195545daa1f0809b4b6008ba98ee084def8a16e75b92defd09535e4db5d8dd49620327cb674bf10c4ef8ce0ac32346173756aab6b6c0ae41db6e957e4fd8791f2e3358f50e3e203f0bdb9262cfe4913ba714600c2b01a0b744bc1a56a93239fe0c2240c99cb1a0aacbcd1aca8354d2f54cd65ae7c15aa08957ca337b3856f894439b86206d2e36ee81453ba08796272653afc76d3fc0c68be4db7aeb711c88b22b46fe7c072e8089b6fdc285e5372968c410af6772cabf7945551bef7cae64e95a5b1cf9ae4b3484630a538681f8e87998596556d0788edd5c1dccffbbfb670b98ecd7e5dd333282442d36151b6d7f0c1a90970964060f3a5b0ca1b1cb6ec9f10820f869918817a9367024069a5a009a711c30e96556478091104a9f2fbbcd407aed9e9d8ef9ac0d94c03c6f1df9f4f833189d51283888d3e5efe07c103ec336f05efa91aec99270372c15c44c6b3e5636099fc6fd3f", 0x16c}], 0x3}, 0x9cdc2384056b48b8) r10 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{}, 0x97, 0x0, [{}, {0x80}]}, [{}, {}, {}, {}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x20000000, 0x0, 0x0, 0x3}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}, {}, {0xd5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {}, {0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10000, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x0) 2m15.882353456s ago: executing program 0 (id=1130): syz_emit_ethernet(0x5e, &(0x7f0000000640)={@local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c30010", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @mcast1={0xff, 0x3}, @empty}}}}}}, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x6882) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000cc0)={0x2, 0x8, 0x40, 0x0, 0x6}) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x14) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) ioctl$RTC_IRQP_READ(r1, 0x40187013, &(0x7f0000000140)) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x480000, 0x50) mkdirat(r4, &(0x7f0000000080)='./file0/file0\x00', 0x14) r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x5, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0xffffffff}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 2m15.818735857s ago: executing program 34 (id=1130): syz_emit_ethernet(0x5e, &(0x7f0000000640)={@local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "c30010", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @mcast1={0xff, 0x3}, @empty}}}}}}, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x6882) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000cc0)={0x2, 0x8, 0x40, 0x0, 0x6}) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x14) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0x3) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) ioctl$RTC_IRQP_READ(r1, 0x40187013, &(0x7f0000000140)) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x480000, 0x50) mkdirat(r4, &(0x7f0000000080)='./file0/file0\x00', 0x14) r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x5, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0xffffffff}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262) 4.457363949s ago: executing program 3 (id=2540): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x0, 0x20000000, 0x2}, 0x2}) statx(0xffffffffffffffff, &(0x7f00000027c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3100, 0x2, 0x0) 4.43278326s ago: executing program 3 (id=2541): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18) r2 = socket$l2tp(0x2, 0x2, 0x73) setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000800)={'filter\x00', 0x7, 0x4, 0x3d0, 0x1d8, 0xf0, 0xf0, 0x2e8, 0x2e8, 0x2e8, 0x4, &(0x7f0000000040), {[{{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x5901fe02, 0x100, 0x7, 0x2}}}, {{@arp={@empty, @private=0xa010102, 0xff, 0xff000000, 0x9, 0x2, {@mac=@broadcast, {[0x0, 0xff, 0x0, 0xff, 0x0, 0xff]}}, {@mac=@multicast, {[0x0, 0xff, 0xff, 0xff, 0xff, 0xff]}}, 0xfff8, 0x8, 0x5, 0x1ff, 0x81, 0x8, 'pim6reg1\x00', 'gretap0\x00', {}, {}, 0x0, 0x306}, 0xc0, 0xe8}, @unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x5, 0x1f}}}, {{@arp={@rand_addr=0x64010101, @multicast1, 0x0, 0xff0000ff, 0x10, 0x0, {@mac=@remote, {[0x0, 0x0, 0xff, 0xff, 0xff, 0xff]}}, {@mac=@remote, {[0x0, 0xff, 0xff, 0x0, 0x9e04f4dc02f3b6f7, 0xff]}}, 0x3, 0x3, 0x0, 0xf800, 0x0, 0x6, 'vlan0\x00', 'pimreg1\x00', {0xff}, {}, 0x0, 0x8}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private=0xa010101, @multicast1, 0xf}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sendmsg$tipc(r3, &(0x7f0000004440)={&(0x7f0000000ec0)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x94}, 0x14) 4.173852234s ago: executing program 3 (id=2542): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000020000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x1000}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SCAN(r1, 0x0, 0x0) 4.159166064s ago: executing program 3 (id=2543): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) 4.101666685s ago: executing program 3 (id=2544): pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x2, &(0x7f00000001c0)=0x7ff, 0x4) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x28403) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001500)=ANY=[@ANYBLOB="2000000076000d0b00000000f3441d5043d1db951f000000080005"], 0x20}}, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x1}}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r4}, &(0x7f00000004c0), &(0x7f0000000500)='%pK \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$pppoe(0x18, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r5}, 0x10) r6 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r6, &(0x7f00000000c0)={0x18, 0x0, {0x2, @broadcast, 'veth1_virt_wifi\x00'}}, 0x1e) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) signalfd4(0xffffffffffffffff, &(0x7f00000002c0), 0x8, 0x800) ioctl$SNDRV_TIMER_IOCTL_STATUS32(r2, 0x80585414, &(0x7f0000000400)) sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0) splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0) 3.432041366s ago: executing program 6 (id=2547): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00'}, 0x18) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x8, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r4}, &(0x7f0000000040), &(0x7f0000000140)=r3}, 0x20) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) 3.270274278s ago: executing program 6 (id=2550): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r3}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r2, &(0x7f0000000180)={0x1, 0x10, 0xfa00, {&(0x7f0000000140), r3}}, 0x18) 3.203885419s ago: executing program 6 (id=2552): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x0, 0x20000000, 0x2}, 0x2}) statx(0xffffffffffffffff, &(0x7f00000027c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3100, 0x2, 0x0) 3.14157149s ago: executing program 6 (id=2554): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000180)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs") 3.041266612s ago: executing program 6 (id=2557): syz_read_part_table(0x5c8, &(0x7f0000000600)="$eJzs2z1oE2gYB/Anaq6Hwrk4ORzWwclFcTSDlSQqCiHaRRwUFBEzRRAiBAQdbIaWZigdu5RCln5MTcPR4WhpoXMpHXoUOnQ62qXQpTl6fY+7sXdtD4TfD17er3/y5BkyvsF37Vz83u12MxHR7fn3n+5v5QsPr5XulZ9FZOJFRPT++tP04U0mJf761utpv5H242MXOwO7D7Kt9ad7N14uNM6l+89pXJpo95+4Oc7cZG7x8pev1eJgLfdurVjf+ra68mRqJ19uP240px9l779OuaU0X0jzh6jFp3gfr6ISlXgT1VOqP9ravHVwtdiafXt3v9AZmr+dcqUT9nnc+h97h5836303Z66M3KnNLZe3zx/lKv/h3wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP9vMrd4+cvXanGwlnu3VqxvfVtdeTK1ky+3Hzea04+y91/HLz2HuaWUv5DmD1GLT/E+XkUlKvEmqqdUf7S1eevgarE1+/bufqEzNH875Uonb/VY9T/2Dj9v1vtuzlwZuVObWy5vnz/KVXrO6AcAAAAAAAAAAAAAAAAAAABAROQLD6+V7pWfRWTiRUS0f+7786l/N713z6Tc9bTYSOfjYxc7A7sPsq31p3s3Xi40fkvnn9O4NNHu/2edH/5e/nj2XXFcfwQAAP//HQGWmQ==") r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='afs_send_data\x00', r1, 0x0, 0x2}, 0x18) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) r2 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000001c0)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x18, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1}) io_uring_enter(r2, 0x6e2, 0x3900, 0x1, 0x0, 0xe00) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18) rt_sigsuspend(&(0x7f00000002c0)={[0x225c17d03]}, 0x8) 2.770268986s ago: executing program 7 (id=2560): prctl$PR_SET_MM_MAP(0x41, 0x3, 0x0, 0x2b) bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18) sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setfsgid(0xee00) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x15, 0xc, &(0x7f0000000380)=ANY=[@ANYRESDEC=r1, @ANYRES32, @ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r4}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x7, 0x0, 0x0, @void, @value, @void, @value}, 0x48) socket$nl_route(0x10, 0x3, 0x0) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r6) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) syz_usb_disconnect(0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xfffffffffffffd6f) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r7, 0xffffffffffffffff, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES16=r8], 0xc4}}, 0x0) timer_create(0x3, 0x0, &(0x7f0000000080)) syz_open_procfs$namespace(r5, &(0x7f0000000200)='ns/uts\x00') 2.172951605s ago: executing program 6 (id=2561): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) close(0xffffffffffffffff) close(0xffffffffffffffff) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, 0x0) fcntl$setsig(r3, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r4}], 0x2c, 0xffffffffffbffff8) dup2(r3, r4) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) fcntl$setown(r3, 0x8, r2) tkill(r2, 0x13) 1.972231838s ago: executing program 1 (id=2567): perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000003fffffe218110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0xffffffffffffffcf, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1, 0x0, 0x9}, 0x18) r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) 1.940834079s ago: executing program 1 (id=2568): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000180)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs") 1.90248127s ago: executing program 1 (id=2569): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x10000) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r1, 0x54a3) r2 = socket$xdp(0x2c, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x400000000000004) r4 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000240)={'syz_tun\x00', 0x0}) bind$packet(r5, &(0x7f0000000300)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r8, 0x0, 0x6}, 0x18) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1) 1.660710343s ago: executing program 7 (id=2570): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x20}, 0xc) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10) connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendfile(r3, r2, 0x0, 0x20000023893) 1.519347836s ago: executing program 7 (id=2571): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) close(0xffffffffffffffff) close(0xffffffffffffffff) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, &(0x7f0000b28000)=0x3) fcntl$setsig(r3, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r4}], 0x2c, 0xffffffffffbffff8) dup2(r3, r4) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) fcntl$setown(r3, 0x8, r2) tkill(r2, 0x13) 1.428073768s ago: executing program 1 (id=2572): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000000)=ANY=[], 0x58) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x4e23, 0x80000001, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3}]}, &(0x7f00000002c0)=0x10) sendto$inet6(r1, &(0x7f0000000400)="deba9e268cecad754b0856c184f5e071d35400f1b665ff0374301744e9257c0b159aedd4bd42691cefc279d54af8937fd66c703f0e09969dd4780c55ca8d788cc7968a65d38439655432ffda891d484f5f6297c2f108eba937da38152819950c89f62bdafa2e0a32d04d910c4b73040dbe38fcd9d6327220ce995a665d6b7c7ca4745e86080b6ecbfb9a1c709a277985deb934f7d8339c8ebbdc562d67f58ac02edcf111d1ce699c4923d002c7c31d3b3d64f9e1e96937b8", 0xb8, 0x8040, &(0x7f0000000240)={0xa, 0x4e21, 0x5, @remote, 0x10}, 0x1c) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0) r4 = fsopen(&(0x7f00000003c0)='bpf\x00', 0x0) bind$inet6(r3, &(0x7f00000001c0)={0xa, 0x4e22, 0xffff9966, @mcast2, 0x400}, 0x1c) fsconfig$FSCONFIG_SET_BINARY(r4, 0x2, &(0x7f0000000280)='\xebU\x95\xa4i\xea`\xe0[\x9a\x84\x11\xc9&R:\xe9\xea\xec\xe05@b\x1f\xab\xb7\xe6\xd4\x18\xe7D@\xf5\xb2\xb4\xe8i$\x038\x99\xfb;\xbeR\xbf\xc2\r\x13\xf0\xf0\xec\x94\xad\nA\xee>\xb3i4\\\xc8\xd7 \x8d\xe0D\x953|) \xd8p\x12\x11\x81\x7f\x93\a\xfb!\x83\xc2\xd8\xe4\x98\xae\xb7\f\x0fR\xd3\xad\xa5\xca\xd5\xc2\bv+\x9a\x94\xd0\x05\x8d\xef\x9f94>\xa5?\x9a\x11Et\xef\xea\xe9e\x81\'jB\xca\f\xccz\x15x\x1cn\xe4\xf3\xbd\xb4q{\xb33\xffM\x95Jm\x90\x00\x15\r\xc8R\xb4\xf89>\xb7\x1e\xe3\x99\x99_~\xdb\xdc\xfd\x0f\x8f\xfc\xe4\xa4\xe8\x03K\xea\xb2\x91H|EB\xfd2\x10atXE\xee\xf4\x13c\xb5u\x85w$\xd3}\x19\xe7n\xf9\xe7\x11@\xceB\xd7/\xde\x80F\xe0\xd0dI\xedfq]\xb1\xaa\x9b)\\o\xd1\xdcx\x06\x80\x9f\xb3\xcc\r\b\xcb\xb1\x1c\x03G\xe4\xf0H`\x0e\xe1\xc7\x13\x9e%J\xe6\xe2\xe6\xb4:\xa8\xf51~\xc5\x8a\xfe++s\x0f\xa9\x00\x00A\xb8\xf1\xdb', &(0x7f00000000c0)="8c", 0xff57) ftruncate(r2, 0x8001) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='gid=', @ANYRESHEX]) mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100)) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000010001000900000001"], 0x48) r6 = eventfd2(0xf, 0x800) io_setup(0x6, &(0x7f0000000040)=0x0) io_submit(r7, 0x1, &(0x7f0000002900)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x7, 0x3511, r6, 0x0, 0x0, 0x0, 0x0, 0x1, r6}]) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000170000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000200)='kmem_cache_free\x00', r8}, 0x10) mbind(&(0x7f0000978000/0x2000)=nil, 0x2000, 0x4, 0x0, 0x4000000000000000, 0x2) mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2) r9 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000cab000)=0xc) mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2204c7b, &(0x7f0000000180)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=r10]) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3080044, &(0x7f0000000580)={[{@delalloc}, {@grpid}, {@barrier_val={'barrier', 0x3d, 0x1}}, {@bsdgroups}, {@nouid32}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@abort}, {@grpquota}, {@nobh}, {@data_writeback}, {@dioread_lock}, {@dioread_nolock}], [{@uid_gt={'uid>', r10}}, {@subj_role={'subj_role', 0x3d, '}!'}}]}, 0x1, 0x567, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTX/sp66DMVRECntwMpeurT8m+DAfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EN/13cfhP+BfMdDBkFH0wZfKTW+6dE3atMuaznw+cMM590fOPbn3nHxPTkIC6Fuj2UMh4uWI+CaJOBIRSb5tMPKNo6v7LT+6MZUtSaysfPpXUt8vyzeeq3HcoTzzUkT89lXEqcLGcquLS7Olcjmdz/NjtbmrY9XFpdOX50oz6Ux6ZWJy8uzbkxPvvftO1+r6xoV/vv/k3odnvz6x/N0vD47eSeJcHM63NddjZ4azh5vNa0ZjNH9NhuLcE3uPP11he07S6xNgRwbydj4UWR9wJAbyVg/8/30ZEStAn0rat/9IdvVMgN3ViAMaY/vNx8EvrqWaj32ePfxgdQC0sf6Dq5+NxP762OjgcrJuZJSNd0e6UH5Wxq9/3r2TLdGVzyEAOnPzVkScGRzc2P8lef+3c2dar97fnHmyDP0f7J57WfzzZqv4p7AW/0SL+OdQi7a7E1u3/8KDLhTTVhb/vd8y/l2btBoZyHMv1GO+oeTS5XJ6Jo+GT8bQviy/2XzO2eX7bWPl5vgvW7LyG7Fgfh4PBvetP2a6VCvVP7jrgoe3Il5pGf8ma9c/aXH9s9fjQodlHE/vvtZu29b1f7ZWfop4veX1fzyjlWw+PzlWvx/GGnfFRn/fPv57u/J7Xf/s+h/cvP4jSfN8bXX7Zfy4/9+03bZ19Y/O7//h5LN6ejhfd71Uq82PRwwnH29cP/H42Ea+sX9W/5MnNu//Wt3/ByLi8w7rf/vYz692VP8eXf/pbV3/7Sfuf/TFD+3K76z/e6ueOpmvqfd/W+j0BJ/mtQMAAAAAAIC9phARhyMpFNfShUKxuPr9jmNxsFCuVGunLlUWrkxH/beyIzFUaMx0H2n6PsR4/n3YRn7iifxkRByNiG8HDtTzxalKebrXlQcAAAAAAAAAAAAAAAAAAIA94lCb3/9n/hjo9dkBz5y//Ib+tWX778Y/PQF7kvd/6F/aP/Qv7R/6l/YP/Uv7h/61rv2b9Ie+4v0f+pf2DwAAAAAAAAAAAAAAAAAAAAAAAAAAAF114fz5bFlZfnRjKstPX1tcmK1cOz2dVmeLcwtTxanK/NXiTKUyU06LU5W5rZ6vXKlcHZ+IhetjtbRaG6suLl2cqyxcqV28PFeaSS+mQ7tSKwAAAAAAAAAAAAAAAAAAAHi+VBeXZkvlcjovIbGjxODeOA2JLid63TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGP/BQAA///oaTpO") 1.407905998s ago: executing program 7 (id=2573): bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000680)='kfree\x00'}, 0x18) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x597, &(0x7f0000000b80)="$eJzs3U1sG2UaAOB3xvH2L9t0pV1pd9VDtYtUpKpO0h8onNorolKlHpC4lMhxoyhOHMUONFEO6b1C9IAA9VJucOAI4sABcUHiwpULiDNSRSOQmh7AyH9pm9jBKXWdxs8jjT3ffON5v2/G73hmNCMHMLCO1V7SiP9ExKUkYuShuqFoVh5rzLe+tpK/v7aST6JavfxzEklE3FtbybfmT5rvhyJiNSL+HRFfZSNOpFvjlpeWZyaKxcJCszxamZ0fLS8tn5yenZgqTBXmTr/40tlzZ86Onxrv3Pjszvp644ebb9/49pXbNz/+5Ohq/t2JJM7HcLPu4X48SY11ko3zm6af6UWwPkr63QAeS6aZ57VU+leMRKaZ9e1UR55q04Aeq+6LqO5Esrqj2YHdLNlZ/gN7Rus4oHb+2xoeOUDI9Pb4486FxglILe56c2jUDDWuTcT++rnJwV+SR85MauebR3rbNAbA6vWIGBsa2vr9T5rfv8c39iQaSE99eaGxobZu/3Rj/xNt9j/DrWunf1Fr/7e+Zf/3IH6mw/7vUpcxfnv9xw86xr8e8d+28ZON+Emb+GlEvNFl/FuvfX6uU131w4jj0T5+S7L99eHRq9PFwljjtW2ML44ffXm7/h/sEL9xzXZ//Wem3fqf77L/n3396f9Wt4n//P+33/7t1v+BiHiny/j/uPfRq53q7lxP7taOAna6/WvTbncZ/4Xzx77vUHWgy0UAAAAAAAAAAABtpPV72ZI0tzGeprlc4xnef8bBtFgqV05cLS3OTTbueTsS2bR1p9VIo5zUyuPN+3Fb5VObyqdb9xFnDtTLuXypONnnvgMAAAAAAAAAAAAAAAAAAMBucWjT8/+/ZurP/2/+u2pgr+r8l9/AXif/YXA9mv9JxL6+NQV4yvz+w8Cqyn8YXPIfBpf8h8El/2FwyX8YXPIfBpf8BwAAAAAAAAAAAAAAAAAAAAAAAACAnrh08WJtqN5fW8nXypNDS4szpTdPThbKM7nZxXwuX1qYz02VSlPFQi5fmv2z5RVLpfmxmFu8NloplCuj5aXlK7OlxbnKlenZianClUL2qfQKAAAAAAAAAAAAAAAAAAAAni3D9SFJcxGR1sfTNJeL+HtEHIlscnW6WBiLiMMR8V0mu69WHu93owEAAAAAAAAAAAAAAAAAAGCPKS8tz0wUi4WFARkZ2jLlm84zR8Tqk21GbYk7/lS2ua12yzp81kYObz9PJvrewt040ucdEwAAAAAAAAAAAAAAAAAADKAHD/12+4nfe9sgAAAAAAAAAAAAAAAAAAAAGEjpT0lE1IbjI88Nb679W7Keqb9HxFu3Lr93baJSWRivTb+7Mb3yfnP6qX60H+hWK09beQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8UF5anpkoFgsLPRzpdx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHscfAQAA//+aXtbd") r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0xffff3dd8}, 0x8) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xb, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x42) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) r3 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES8=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x126b65ee3d8af682, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000"], 0x48) r6 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x4001, 0x8000000, 0x238, 0xf8, 0x720d, 0x148, 0xf8, 0x148, 0x1c8, 0x240, 0x240, 0x1c8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@remote, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x298) sendto$inet(r6, 0x0, 0x0, 0x24000080, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000a80)='svc_alloc_arg_err\x00', r4, 0x0, 0x3}, 0x18) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r7}, 0x10) close(r3) socket$vsock_stream(0x28, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="020000000400000006000000aa0b"], 0x48) setsockopt$ARPT_SO_SET_REPLACE(r6, 0x0, 0x60, &(0x7f0000000600)={'filter\x00', 0x7, 0x4, 0x418, 0x110, 0x0, 0x0, 0x330, 0x330, 0x330, 0x4, &(0x7f0000000000), {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @remote, @local, 0x2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="59115445b467", @empty, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@local, @broadcast, @dev={0xac, 0x14, 0x14, 0x2c}, 0xf}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, &(0x7f00000002c0)=""/251, &(0x7f0000000940), &(0x7f0000000200), 0xa7c, r8}, 0x38) socket$nl_netfilter(0x10, 0x3, 0xc) 1.129655812s ago: executing program 5 (id=2574): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)={0x2c, r4, 0x1, 0xd0, 0x25dfdbfb, {}, [@ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x4008800) 1.110434572s ago: executing program 5 (id=2575): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r2, 0x0, 0xfffffffffffffffe}, 0x18) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x0, 0x0, 0x20000000, 0x2}, 0x2}) statx(0xffffffffffffffff, &(0x7f00000027c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3100, 0x2, 0x0) 1.075586063s ago: executing program 3 (id=2576): bpf$MAP_CREATE(0x0, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$inet(0x2, 0x2, 0x0) r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x400}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a0000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000"], 0xfc}}, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x81, 0x6, &(0x7f0000000000)=0x1) 1.075136933s ago: executing program 5 (id=2577): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) socket$kcm(0x2, 0xa, 0x2) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000340)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x78, 0x78, 0x9, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x7, 0x4}]}, @var={0x9, 0x0, 0x0, 0xe, 0x3, 0x1}, @enum={0x8, 0x9, 0x0, 0x6, 0x4, [{0x7, 0x4}, {0x0, 0x2}, {0x9, 0x1}, {0x10, 0x15af}, {0x4, 0x3}, {0xa, 0xa}, {0xa, 0x3ff}, {0x3, 0x81}, {0x8, 0xfffffff7}]}]}, {0x0, [0x5f, 0x30, 0x0, 0x4f, 0xe, 0x30, 0x2e]}}, &(0x7f0000000600)=""/134, 0x99, 0x86, 0x1, 0x3, 0x0, @void, @value}, 0x28) pipe2(&(0x7f00000001c0), 0x84800) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'batadv0\x00'}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r1, 0x3) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x4, 0x2, 0x0, 0x0, {[@md5sig={0x13, 0x12, "6507a7a66980f31377d5a387917edd1d"}]}}}}}}}, 0x0) write$tun(r0, &(0x7f0000000080)=ANY=[@ANYRES64], 0x82) 1.049582003s ago: executing program 5 (id=2578): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a074"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e) r2 = io_uring_setup(0x3efa, &(0x7f0000000240)={0x0, 0x0, 0x1840, 0x2, 0xfb}) io_uring_register$IORING_REGISTER_RESTRICTIONS(r2, 0xb, &(0x7f0000000540), 0x65) 865.184716ms ago: executing program 7 (id=2579): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000ffff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000180)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs") 790.789567ms ago: executing program 7 (id=2580): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) io_uring_setup(0x66ed, &(0x7f00000004c0)={0x0, 0x5f0d, 0x8, 0x7, 0x1a3}) r0 = syz_io_uring_setup(0xbc3, 0x0, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/10, @ANYBLOB="00000000000000000000000000000000000000000000000000000000f93a674d5638dc56a67b3456e42faa78792be44f121445faf30c20a1ed632786afd3a080e7e6f8033a835cda48c59db847c0b40de8e15e57e6bd3042419cd13d1098337002b1a3fb1699a652d9c5bc66e4268c9c86d9f6b0a9d6a559607b1217baf3c8a2a1d72082f65d5da32ca1570c300423278e62798dea1c34dbab5f006babe871d9bda7216fdaacf85a7681a65e7f70a5ef40b4e2d50f02d3edbaafb7a9c2b8c28fc236bfda39d4ea2286f1e9fd823ebfe5d6a75bac99d06f5b483858de84f1"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000010100008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x10) io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000480)=0x8) getpid() gettid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_process_fork\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r7, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r7, &(0x7f0000001280), 0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x30) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48) 554.552421ms ago: executing program 1 (id=2581): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00'}, 0x18) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x8, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000140)=r2}, 0x20) r4 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r4) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r5, @ANYBLOB="0000400000000002280012000c00010076657468"], 0x48}}, 0x0) socket$netlink(0x10, 0x3, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[@ANYBLOB="2000000014002101feffffff0000000002000000", @ANYRES32=r6, @ANYBLOB="080002006401210119d201864178fe41edf092776ff1c55956fa05e69f204ee3c2019aec281995e401fba0c07a70c3d5817b6d2d19a61afa4b00971ebc8b8cd6091f26d0af"], 0x20}}, 0x20040000) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r3, &(0x7f0000000040)}, 0x20) 395.314554ms ago: executing program 1 (id=2582): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x10000) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r1, 0x54a3) r2 = socket$xdp(0x2c, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x400000000000004) r4 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000240)={'syz_tun\x00', 0x0}) bind$packet(r5, &(0x7f0000000300)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @remote}, 0x14) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r8, 0x0, 0x6}, 0x18) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1) 116.466008ms ago: executing program 5 (id=2583): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x202, 0x40020, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x1, 0x0, 0x100009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000300000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) openat$nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x121880, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x567, 0x72, 0x0, 0x0, 0x0) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$nci(r2, 0x0, 0xfffffeea) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, 0x0) 0s ago: executing program 5 (id=2584): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendfile(r2, r1, 0x0, 0x20000023893) kernel console output (not intermixed with test programs): rite+0x42/0x50 [ 213.237717][ T9330] x64_sys_call+0x2a45/0x2e10 [ 213.237752][ T9330] do_syscall_64+0xc9/0x1c0 [ 213.237788][ T9330] ? clear_bhb_loop+0x25/0x80 [ 213.237811][ T9330] ? clear_bhb_loop+0x25/0x80 [ 213.237831][ T9330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.237924][ T9330] RIP: 0033:0x7f2843ccd169 [ 213.237943][ T9330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.237963][ T9330] RSP: 002b:00007f284232f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 213.237986][ T9330] RAX: ffffffffffffffda RBX: 00007f2843ee5fa0 RCX: 00007f2843ccd169 [ 213.237998][ T9330] RDX: 00000000000000a2 RSI: 0000200000000400 RDI: 0000000000000005 [ 213.238010][ T9330] RBP: 00007f284232f090 R08: 0000000000000000 R09: 0000000000000000 [ 213.238089][ T9330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 213.238103][ T9330] R13: 0000000000000000 R14: 00007f2843ee5fa0 R15: 00007ffd24a9b6b8 [ 213.238125][ T9330] [ 213.699876][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 213.752035][ T9343] loop3: detected capacity change from 0 to 512 [ 213.762402][ T9343] journal_path: Non-blockdev passed as './bus' [ 213.773265][ T9343] EXT4-fs: error: could not find journal device path [ 213.828352][ T9350] serio: Serial port ptm0 [ 214.133922][ T9357] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1854'. [ 214.657539][ T9368] netlink: 76 bytes leftover after parsing attributes in process `syz.6.1857'. [ 214.737322][ T9365] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1857'. [ 214.758279][ T9365] loop6: detected capacity change from 0 to 1024 [ 215.011507][ T9365] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 215.581683][ T9387] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1864'. [ 215.597624][ T9387] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1864'. [ 215.868147][ T9405] loop7: detected capacity change from 0 to 512 [ 215.893997][ T9405] journal_path: Non-blockdev passed as './bus' [ 215.905909][ T9405] EXT4-fs: error: could not find journal device path [ 215.912000][ T9407] loop5: detected capacity change from 0 to 512 [ 215.927913][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.943063][ T9407] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 215.983403][ T9407] EXT4-fs (loop5): 1 truncate cleaned up [ 215.995361][ T9407] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 216.034950][ T9410] loop6: detected capacity change from 0 to 512 [ 216.052345][ T9410] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 216.128523][ T9410] ext4 filesystem being mounted at /323/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 216.161127][ T29] kauditd_printk_skb: 150 callbacks suppressed [ 216.161189][ T29] audit: type=1400 audit(1744441552.757:4816): avc: denied { ioctl } for pid=9409 comm="syz.6.1873" path="/323/file1/file1" dev="loop6" ino=15 ioctlcmd=0x5820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 216.237650][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.346432][ T4232] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 216.546530][ T9426] serio: Serial port ptm0 [ 216.925031][ T29] audit: type=1400 audit(1744441553.507:4817): avc: denied { create } for pid=9430 comm="syz.3.1880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 216.964989][ T29] audit: type=1400 audit(1744441553.507:4818): avc: denied { connect } for pid=9430 comm="syz.3.1880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 217.065274][ T9433] FAULT_INJECTION: forcing a failure. [ 217.065274][ T9433] name failslab, interval 1, probability 0, space 0, times 0 [ 217.086448][ T9433] CPU: 0 UID: 0 PID: 9433 Comm: syz.7.1881 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 217.086583][ T9433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 217.086596][ T9433] Call Trace: [ 217.086603][ T9433] [ 217.086613][ T9433] dump_stack_lvl+0xf6/0x150 [ 217.086642][ T9433] dump_stack+0x15/0x1a [ 217.086663][ T9433] should_fail_ex+0x261/0x270 [ 217.086757][ T9433] should_failslab+0x8f/0xb0 [ 217.086840][ T9433] __kmalloc_cache_noprof+0x55/0x320 [ 217.086863][ T9433] ? p9_client_create+0x5a/0xbb0 [ 217.086887][ T9433] p9_client_create+0x5a/0xbb0 [ 217.086952][ T9433] ? should_failslab+0x8f/0xb0 [ 217.086989][ T9433] ? __kmalloc_node_track_caller_noprof+0x1ed/0x410 [ 217.087078][ T9433] ? v9fs_session_init+0x7b/0xdb0 [ 217.087141][ T9433] v9fs_session_init+0xfb/0xdb0 [ 217.087163][ T9433] ? obj_cgroup_charge+0xc9/0x170 [ 217.087187][ T9433] ? should_fail_ex+0xd7/0x270 [ 217.087218][ T9433] ? should_failslab+0x8f/0xb0 [ 217.087324][ T9433] ? __kmalloc_cache_noprof+0x18d/0x320 [ 217.087362][ T9433] ? v9fs_mount+0x56/0x580 [ 217.087463][ T9433] v9fs_mount+0x6c/0x580 [ 217.087497][ T9433] ? __pfx_v9fs_mount+0x10/0x10 [ 217.087553][ T9433] legacy_get_tree+0x77/0xd0 [ 217.087585][ T9433] vfs_get_tree+0x56/0x1e0 [ 217.087732][ T9433] do_new_mount+0x246/0x6b0 [ 217.087769][ T9433] path_mount+0x49b/0xb30 [ 217.087804][ T9433] __se_sys_mount+0x28f/0x2e0 [ 217.087847][ T9433] __x64_sys_mount+0x67/0x80 [ 217.087925][ T9433] x64_sys_call+0xd11/0x2e10 [ 217.087979][ T9433] do_syscall_64+0xc9/0x1c0 [ 217.088131][ T9433] ? clear_bhb_loop+0x25/0x80 [ 217.088160][ T9433] ? clear_bhb_loop+0x25/0x80 [ 217.088212][ T9433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.088234][ T9433] RIP: 0033:0x7f4c41d3d169 [ 217.088251][ T9433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.088268][ T9433] RSP: 002b:00007f4c403a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 217.088286][ T9433] RAX: ffffffffffffffda RBX: 00007f4c41f55fa0 RCX: 00007f4c41d3d169 [ 217.088300][ T9433] RDX: 0000200000000100 RSI: 0000200000000040 RDI: 0000000000000000 [ 217.088315][ T9433] RBP: 00007f4c403a7090 R08: 0000200000000200 R09: 0000000000000000 [ 217.088328][ T9433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 217.088340][ T9433] R13: 0000000000000000 R14: 00007f4c41f55fa0 R15: 00007fffac4234c8 [ 217.088433][ T9433] [ 217.609954][ T29] audit: type=1326 audit(1744441554.197:4819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9438 comm="syz.3.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 217.648216][ T29] audit: type=1326 audit(1744441554.197:4820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9438 comm="syz.3.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 217.687374][ T29] audit: type=1326 audit(1744441554.197:4821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9438 comm="syz.3.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 217.722710][ T29] audit: type=1326 audit(1744441554.197:4822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9438 comm="syz.3.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 217.766160][ T29] audit: type=1326 audit(1744441554.197:4823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9438 comm="syz.3.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 217.805667][ T29] audit: type=1326 audit(1744441554.197:4824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9438 comm="syz.3.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 217.838253][ T29] audit: type=1326 audit(1744441554.197:4825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9438 comm="syz.3.1883" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 217.877023][ T9423] loop5: detected capacity change from 0 to 2048 [ 218.015922][ T9450] loop6: detected capacity change from 0 to 512 [ 218.054776][ T9454] loop7: detected capacity change from 0 to 2048 [ 218.062233][ T9423] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 218.110268][ T9450] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 218.128593][ T9450] ext4 filesystem being mounted at /330/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 218.150090][ T9454] Alternate GPT is invalid, using primary GPT. [ 218.157558][ T9454] loop7: p1 p2 p3 [ 218.175271][ T9450] xt_connbytes: Forcing CT accounting to be enabled [ 218.185435][ T9450] Cannot find del_set index 1 as target [ 218.210005][ T9423] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1878'. [ 218.294112][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 218.362141][ T4232] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.385875][ T9465] loop6: detected capacity change from 0 to 512 [ 218.396942][ T9465] journal_path: Non-blockdev passed as './bus' [ 218.408733][ T9465] EXT4-fs: error: could not find journal device path [ 218.436082][ T9467] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1892'. [ 218.454240][ T9467] netlink: 'syz.5.1892': attribute type 3 has an invalid length. [ 218.508225][ T9471] loop5: detected capacity change from 0 to 512 [ 218.516831][ T9471] journal_path: Non-blockdev passed as './bus' [ 218.527493][ T9471] EXT4-fs: error: could not find journal device path [ 218.539185][ T9473] FAULT_INJECTION: forcing a failure. [ 218.539185][ T9473] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 218.560123][ T9473] CPU: 0 UID: 0 PID: 9473 Comm: syz.3.1895 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 218.560157][ T9473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 218.560241][ T9473] Call Trace: [ 218.560248][ T9473] [ 218.560277][ T9473] dump_stack_lvl+0xf6/0x150 [ 218.560304][ T9473] dump_stack+0x15/0x1a [ 218.560325][ T9473] should_fail_ex+0x261/0x270 [ 218.560356][ T9473] should_fail+0xb/0x10 [ 218.560378][ T9473] should_fail_usercopy+0x1a/0x20 [ 218.560457][ T9473] strncpy_from_user+0x25/0x230 [ 218.560496][ T9473] ? getname_flags+0x81/0x3b0 [ 218.560522][ T9473] getname_flags+0xb0/0x3b0 [ 218.560546][ T9473] user_path_at+0x26/0x140 [ 218.560573][ T9473] __x64_sys_umount+0x86/0xe0 [ 218.560651][ T9473] x64_sys_call+0x2883/0x2e10 [ 218.560679][ T9473] do_syscall_64+0xc9/0x1c0 [ 218.560743][ T9473] ? clear_bhb_loop+0x25/0x80 [ 218.560769][ T9473] ? clear_bhb_loop+0x25/0x80 [ 218.560789][ T9473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.560809][ T9473] RIP: 0033:0x7f2843ccd169 [ 218.560900][ T9473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.560919][ T9473] RSP: 002b:00007f284232f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 218.560950][ T9473] RAX: ffffffffffffffda RBX: 00007f2843ee5fa0 RCX: 00007f2843ccd169 [ 218.560965][ T9473] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000200000000180 [ 218.560979][ T9473] RBP: 00007f284232f090 R08: 0000000000000000 R09: 0000000000000000 [ 218.560993][ T9473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 218.561007][ T9473] R13: 0000000000000000 R14: 00007f2843ee5fa0 R15: 00007ffd24a9b6b8 [ 218.561028][ T9473] [ 218.866978][ T9481] loop3: detected capacity change from 0 to 1024 [ 218.893918][ T9481] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 218.908127][ T9481] ext4 filesystem being mounted at /350/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 219.171082][ T9494] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1900'. [ 219.370082][ T9505] FAULT_INJECTION: forcing a failure. [ 219.370082][ T9505] name failslab, interval 1, probability 0, space 0, times 0 [ 219.389540][ T9505] CPU: 1 UID: 0 PID: 9505 Comm: syz.7.1905 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 219.389571][ T9505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 219.389583][ T9505] Call Trace: [ 219.389590][ T9505] [ 219.389598][ T9505] dump_stack_lvl+0xf6/0x150 [ 219.389621][ T9505] dump_stack+0x15/0x1a [ 219.389676][ T9505] should_fail_ex+0x261/0x270 [ 219.389707][ T9505] should_failslab+0x8f/0xb0 [ 219.389760][ T9505] kmem_cache_alloc_noprof+0x59/0x340 [ 219.389787][ T9505] ? skb_clone+0x154/0x1f0 [ 219.389901][ T9505] skb_clone+0x154/0x1f0 [ 219.389946][ T9505] raw6_local_deliver+0x683/0x790 [ 219.389980][ T9505] ip6_protocol_deliver_rcu+0x261/0x10b0 [ 219.390028][ T9505] ip6_input+0xc2/0x1b0 [ 219.390067][ T9505] ? __pfx_ip6_input_finish+0x10/0x10 [ 219.390128][ T9505] ip6_mc_input+0x34a/0x490 [ 219.390205][ T9505] ? __pfx_ip6_mc_input+0x10/0x10 [ 219.390244][ T9505] ip6_rcv_finish+0x323/0x330 [ 219.390334][ T9505] ipv6_rcv+0x78/0x150 [ 219.390438][ T9505] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 219.390471][ T9505] __netif_receive_skb+0xa5/0x290 [ 219.390507][ T9505] netif_receive_skb+0x4f/0x330 [ 219.390535][ T9505] ? tun_vnet_hdr_to_skb+0x56f/0xd90 [ 219.390609][ T9505] ? tun_rx_batched+0xcc/0x450 [ 219.390631][ T9505] tun_rx_batched+0x104/0x450 [ 219.390741][ T9505] tun_get_user+0x1e8d/0x2640 [ 219.390769][ T9505] ? avc_has_perm+0xd6/0x150 [ 219.390829][ T9505] ? ref_tracker_alloc+0x1ff/0x310 [ 219.390876][ T9505] tun_chr_write_iter+0x188/0x240 [ 219.390949][ T9505] vfs_write+0x79b/0x950 [ 219.390980][ T9505] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 219.391086][ T9505] ksys_write+0xeb/0x1b0 [ 219.391121][ T9505] __x64_sys_write+0x42/0x50 [ 219.391210][ T9505] x64_sys_call+0x2a45/0x2e10 [ 219.391235][ T9505] do_syscall_64+0xc9/0x1c0 [ 219.391272][ T9505] ? clear_bhb_loop+0x25/0x80 [ 219.391365][ T9505] ? clear_bhb_loop+0x25/0x80 [ 219.391387][ T9505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.391481][ T9505] RIP: 0033:0x7f4c41d3bc1f [ 219.391497][ T9505] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 219.391515][ T9505] RSP: 002b:00007f4c403a7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 219.391533][ T9505] RAX: ffffffffffffffda RBX: 00007f4c41f55fa0 RCX: 00007f4c41d3bc1f [ 219.391547][ T9505] RDX: 0000000000000066 RSI: 00002000000004c0 RDI: 00000000000000c8 [ 219.391561][ T9505] RBP: 00007f4c403a7090 R08: 0000000000000000 R09: 0000000000000000 [ 219.391575][ T9505] R10: 0000000000000066 R11: 0000000000000293 R12: 0000000000000001 [ 219.391589][ T9505] R13: 0000000000000000 R14: 00007f4c41f55fa0 R15: 00007fffac4234c8 [ 219.391612][ T9505] [ 219.812631][ T9509] loop6: detected capacity change from 0 to 512 [ 219.825149][ T9509] journal_path: Non-blockdev passed as './bus' [ 219.833131][ T9509] EXT4-fs: error: could not find journal device path [ 219.852380][ T9511] netlink: 'syz.5.1908': attribute type 3 has an invalid length. [ 219.948553][ T9513] loop7: detected capacity change from 0 to 2048 [ 220.002653][ T9513] Alternate GPT is invalid, using primary GPT. [ 220.011829][ T9513] loop7: p1 p2 p3 [ 220.097347][ T9532] loop6: detected capacity change from 0 to 764 [ 220.270540][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.316638][ T9541] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1919'. [ 220.337611][ T9531] Symlink component flag not implemented [ 220.351317][ T9541] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1919'. [ 220.368086][ T9531] Symlink component flag not implemented (7) [ 220.583160][ T9546] loop6: detected capacity change from 0 to 512 [ 220.609015][ T9546] journal_path: Non-blockdev passed as './bus' [ 220.617380][ T9546] EXT4-fs: error: could not find journal device path [ 220.661357][ T9553] netlink: 'syz.6.1924': attribute type 3 has an invalid length. [ 220.707890][ T9555] netlink: 'syz.6.1925': attribute type 3 has an invalid length. [ 220.792402][ T9562] loop6: detected capacity change from 0 to 1024 [ 220.942999][ T9562] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 220.963110][ T9562] ext4 filesystem being mounted at /344/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 221.391816][ T9580] FAULT_INJECTION: forcing a failure. [ 221.391816][ T9580] name failslab, interval 1, probability 0, space 0, times 0 [ 221.407391][ T9580] CPU: 1 UID: 0 PID: 9580 Comm: syz.5.1931 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 221.407479][ T9580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 221.407494][ T9580] Call Trace: [ 221.407502][ T9580] [ 221.407510][ T9580] dump_stack_lvl+0xf6/0x150 [ 221.407548][ T9580] dump_stack+0x15/0x1a [ 221.407566][ T9580] should_fail_ex+0x261/0x270 [ 221.407593][ T9580] should_failslab+0x8f/0xb0 [ 221.407631][ T9580] __kvmalloc_node_noprof+0x12c/0x520 [ 221.407707][ T9580] ? xt_alloc_entry_offsets+0x47/0x50 [ 221.407738][ T9580] xt_alloc_entry_offsets+0x47/0x50 [ 221.407763][ T9580] translate_table+0xa2/0x10b0 [ 221.407873][ T9580] ? __memcg_slab_post_alloc_hook+0x473/0x5a0 [ 221.407964][ T9580] ? sysvec_reschedule_ipi+0x21/0x110 [ 221.407998][ T9580] ? do_ip6t_set_ctl+0x69e/0x8c0 [ 221.408192][ T9580] do_ip6t_set_ctl+0x7bb/0x8c0 [ 221.408282][ T9580] ? kstrtouint+0x7b/0xc0 [ 221.408312][ T9580] nf_setsockopt+0x195/0x1b0 [ 221.408339][ T9580] ipv6_setsockopt+0x10f/0x130 [ 221.408429][ T9580] tcp_setsockopt+0x93/0xb0 [ 221.408459][ T9580] sock_common_setsockopt+0x64/0x80 [ 221.408717][ T9580] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 221.408756][ T9580] __sys_setsockopt+0x187/0x200 [ 221.408790][ T9580] __x64_sys_setsockopt+0x66/0x80 [ 221.408818][ T9580] x64_sys_call+0x2a09/0x2e10 [ 221.408847][ T9580] do_syscall_64+0xc9/0x1c0 [ 221.408884][ T9580] ? clear_bhb_loop+0x25/0x80 [ 221.408936][ T9580] ? clear_bhb_loop+0x25/0x80 [ 221.408962][ T9580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.409040][ T9580] RIP: 0033:0x7f29ddccd169 [ 221.409057][ T9580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.409075][ T9580] RSP: 002b:00007f29dc337038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 221.409096][ T9580] RAX: ffffffffffffffda RBX: 00007f29ddee5fa0 RCX: 00007f29ddccd169 [ 221.409111][ T9580] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000006 [ 221.409136][ T9580] RBP: 00007f29dc337090 R08: 0000000000000540 R09: 0000000000000000 [ 221.409151][ T9580] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 221.409167][ T9580] R13: 0000000000000000 R14: 00007f29ddee5fa0 R15: 00007ffd9ad35bd8 [ 221.409190][ T9580] [ 221.732872][ T9455] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 393: padding at end of block bitmap is not set [ 221.811012][ T29] kauditd_printk_skb: 101 callbacks suppressed [ 221.811090][ T29] audit: type=1400 audit(1744441558.407:4927): avc: denied { create } for pid=9582 comm="syz.7.1932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 221.877586][ T9584] 9pnet: Could not find request transport: f [ 221.890348][ T9583] atomic_op ffff88813bd38928 conn xmit_atomic 0000000000000000 [ 221.908462][ T29] audit: type=1400 audit(1744441558.487:4928): avc: denied { bind } for pid=9582 comm="syz.7.1932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 221.933738][ T29] audit: type=1400 audit(1744441558.487:4929): avc: denied { write } for pid=9582 comm="syz.7.1932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 222.004510][ T29] audit: type=1400 audit(1744441558.557:4930): avc: denied { shutdown } for pid=9586 comm="syz.5.1934" laddr=fe80::b lport=56978 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 222.050923][ T29] audit: type=1326 audit(1744441558.627:4931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9589 comm="syz.5.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 222.080656][ T29] audit: type=1326 audit(1744441558.627:4932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9589 comm="syz.5.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 222.113826][ T29] audit: type=1326 audit(1744441558.637:4933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9589 comm="syz.5.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 222.149068][ T29] audit: type=1326 audit(1744441558.637:4934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9589 comm="syz.5.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 222.181320][ T29] audit: type=1326 audit(1744441558.637:4935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9589 comm="syz.5.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 222.212707][ T29] audit: type=1326 audit(1744441558.637:4936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9589 comm="syz.5.1937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 222.286245][ T9595] loop3: detected capacity change from 0 to 2048 [ 222.298203][ T9599] loop5: detected capacity change from 0 to 512 [ 222.333911][ T9603] loop7: detected capacity change from 0 to 2048 [ 222.347045][ T9599] EXT4-fs error (device loop5): ext4_orphan_get:1390: inode #15: comm syz.5.1938: casefold flag without casefold feature [ 222.386206][ T9595] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 222.410046][ T9599] EXT4-fs error (device loop5): ext4_orphan_get:1395: comm syz.5.1938: couldn't read orphan inode 15 (err -117) [ 222.445196][ T9599] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 222.470241][ T9595] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1935'. [ 222.489021][ T9599] EXT4-fs error (device loop5): ext4_check_dx_root:2205: inode #2: comm syz.5.1938: Corrupt dir, invalid name_len for '.', running e2fsck is recommended [ 222.489717][ T9603] Alternate GPT is invalid, using primary GPT. [ 222.523262][ T9603] loop7: p1 p2 p3 [ 222.589119][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 222.627224][ T4232] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.102862][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.191831][ T9623] loop7: detected capacity change from 0 to 512 [ 223.201395][ T9623] EXT4-fs error (device loop7): ext4_orphan_get:1390: inode #15: comm syz.7.1945: iget: bad extended attribute block 1 [ 223.223154][ T9623] EXT4-fs error (device loop7): ext4_orphan_get:1395: comm syz.7.1945: couldn't read orphan inode 15 (err -117) [ 223.244070][ T9623] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 223.261251][ T9623] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 223.491212][ T9636] FAULT_INJECTION: forcing a failure. [ 223.491212][ T9636] name failslab, interval 1, probability 0, space 0, times 0 [ 223.507756][ T9636] CPU: 1 UID: 0 PID: 9636 Comm: syz.6.1950 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 223.507850][ T9636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 223.507863][ T9636] Call Trace: [ 223.507872][ T9636] [ 223.507882][ T9636] dump_stack_lvl+0xf6/0x150 [ 223.507909][ T9636] dump_stack+0x15/0x1a [ 223.507926][ T9636] should_fail_ex+0x261/0x270 [ 223.507957][ T9636] should_failslab+0x8f/0xb0 [ 223.508057][ T9636] __kvmalloc_node_noprof+0x12c/0x520 [ 223.508088][ T9636] ? snd_seq_pool_init+0x50/0x200 [ 223.508114][ T9636] ? should_failslab+0x8f/0xb0 [ 223.508151][ T9636] snd_seq_pool_init+0x50/0x200 [ 223.508173][ T9636] snd_seq_fifo_resize+0x75/0x1b0 [ 223.508281][ T9636] snd_seq_ioctl_set_client_pool+0x23c/0x300 [ 223.508410][ T9636] snd_seq_ioctl+0x16b/0x2c0 [ 223.508520][ T9636] ? __pfx_snd_seq_ioctl+0x10/0x10 [ 223.508545][ T9636] __se_sys_ioctl+0xc9/0x140 [ 223.508636][ T9636] __x64_sys_ioctl+0x43/0x50 [ 223.508711][ T9636] x64_sys_call+0x168d/0x2e10 [ 223.508733][ T9636] do_syscall_64+0xc9/0x1c0 [ 223.508767][ T9636] ? clear_bhb_loop+0x25/0x80 [ 223.508793][ T9636] ? clear_bhb_loop+0x25/0x80 [ 223.508822][ T9636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.508844][ T9636] RIP: 0033:0x7f03fa9ad169 [ 223.508862][ T9636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.508962][ T9636] RSP: 002b:00007f03f900f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 223.508981][ T9636] RAX: ffffffffffffffda RBX: 00007f03fabc5fa0 RCX: 00007f03fa9ad169 [ 223.508993][ T9636] RDX: 0000200000000040 RSI: 000000004058534c RDI: 0000000000000006 [ 223.509005][ T9636] RBP: 00007f03f900f090 R08: 0000000000000000 R09: 0000000000000000 [ 223.509016][ T9636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 223.509028][ T9636] R13: 0000000000000000 R14: 00007f03fabc5fa0 R15: 00007fffc93f91b8 [ 223.509050][ T9636] [ 223.827295][ T9641] FAULT_INJECTION: forcing a failure. [ 223.827295][ T9641] name failslab, interval 1, probability 0, space 0, times 0 [ 223.841703][ T9641] CPU: 0 UID: 0 PID: 9641 Comm: syz.1.1953 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 223.841731][ T9641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 223.841744][ T9641] Call Trace: [ 223.841751][ T9641] [ 223.841759][ T9641] dump_stack_lvl+0xf6/0x150 [ 223.841784][ T9641] dump_stack+0x15/0x1a [ 223.841804][ T9641] should_fail_ex+0x261/0x270 [ 223.841866][ T9641] should_failslab+0x8f/0xb0 [ 223.841963][ T9641] kmem_cache_alloc_lru_noprof+0x5e/0x330 [ 223.841987][ T9641] ? __d_alloc+0x3d/0x350 [ 223.842087][ T9641] __d_alloc+0x3d/0x350 [ 223.842113][ T9641] ? mpol_shared_policy_init+0xd2/0x510 [ 223.842147][ T9641] d_alloc_pseudo+0x1e/0x80 [ 223.842171][ T9641] alloc_file_pseudo+0x75/0x160 [ 223.842196][ T9641] __shmem_file_setup+0x1bb/0x1f0 [ 223.842360][ T9641] shmem_file_setup+0x3b/0x50 [ 223.842395][ T9641] __se_sys_memfd_create+0x2e1/0x5a0 [ 223.842542][ T9641] __x64_sys_memfd_create+0x31/0x40 [ 223.842583][ T9641] x64_sys_call+0x1163/0x2e10 [ 223.842667][ T9641] do_syscall_64+0xc9/0x1c0 [ 223.842698][ T9641] ? clear_bhb_loop+0x25/0x80 [ 223.842721][ T9641] ? clear_bhb_loop+0x25/0x80 [ 223.842766][ T9641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.842791][ T9641] RIP: 0033:0x7fa1ce11d169 [ 223.842811][ T9641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.842833][ T9641] RSP: 002b:00007fa1cc786e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 223.842933][ T9641] RAX: ffffffffffffffda RBX: 000000000000042f RCX: 00007fa1ce11d169 [ 223.842945][ T9641] RDX: 00007fa1cc786ef0 RSI: 0000000000000000 RDI: 00007fa1ce19f32c [ 223.842957][ T9641] RBP: 0000200000000940 R08: 00007fa1cc786bb7 R09: 00007fa1cc786e40 [ 223.842970][ T9641] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0 [ 223.842985][ T9641] R13: 00007fa1cc786ef0 R14: 00007fa1cc786eb0 R15: 0000200000000200 [ 223.843008][ T9641] [ 224.587965][ T9654] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(5) [ 224.597141][ T9654] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 224.606742][ T9654] vhci_hcd vhci_hcd.0: Device attached [ 224.640586][ T9655] vhci_hcd: connection closed [ 224.684913][ T3829] vhci_hcd: stop threads [ 224.696376][ T3829] vhci_hcd: release socket [ 224.702030][ T3829] vhci_hcd: disconnect device [ 224.924781][ T9669] netlink: 'syz.1.1961': attribute type 3 has an invalid length. [ 225.207660][ T9683] loop6: detected capacity change from 0 to 1024 [ 225.420660][ T9683] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 225.435324][ T9689] loop3: detected capacity change from 0 to 512 [ 225.435702][ T9683] ext4 filesystem being mounted at /348/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 225.466895][ T9689] journal_path: Non-blockdev passed as './bus' [ 225.475225][ T9689] EXT4-fs: error: could not find journal device path [ 225.880960][ T9695] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1968'. [ 225.982447][ T9705] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1969'. [ 226.290074][ T9723] loop3: detected capacity change from 0 to 1024 [ 226.382233][ T9723] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 226.423791][ T9723] ext4 filesystem being mounted at /365/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 226.702163][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.827803][ T9743] loop6: detected capacity change from 0 to 512 [ 226.846727][ T9743] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 226.910050][ T9743] EXT4-fs (loop6): 1 truncate cleaned up [ 226.928925][ T9743] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 226.946414][ T9743] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.195816][ T9752] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1984'. [ 227.210489][ T9752] netlink: 'syz.1.1984': attribute type 3 has an invalid length. [ 227.412767][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 227.646967][ T9767] FAULT_INJECTION: forcing a failure. [ 227.646967][ T9767] name failslab, interval 1, probability 0, space 0, times 0 [ 227.663375][ T9767] CPU: 1 UID: 0 PID: 9767 Comm: syz.7.1989 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 227.663428][ T9767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 227.663443][ T9767] Call Trace: [ 227.663452][ T9767] [ 227.663461][ T9767] dump_stack_lvl+0xf6/0x150 [ 227.663489][ T9767] dump_stack+0x15/0x1a [ 227.663506][ T9767] should_fail_ex+0x261/0x270 [ 227.663605][ T9767] should_failslab+0x8f/0xb0 [ 227.663642][ T9767] __kmalloc_noprof+0xad/0x410 [ 227.663668][ T9767] ? security_msg_msg_alloc+0x44/0x100 [ 227.663714][ T9767] ? should_fail_ex+0xd7/0x270 [ 227.663742][ T9767] security_msg_msg_alloc+0x44/0x100 [ 227.663819][ T9767] load_msg+0x234/0x2f0 [ 227.663839][ T9767] ? proc_fail_nth_write+0x12d/0x160 [ 227.663864][ T9767] do_msgsnd+0xd7/0xb20 [ 227.663886][ T9767] ? __rcu_read_unlock+0x4e/0x70 [ 227.663920][ T9767] ? bpf_trace_run2+0x12c/0x1d0 [ 227.663971][ T9767] __x64_sys_msgsnd+0xa1/0xc0 [ 227.663991][ T9767] x64_sys_call+0x2711/0x2e10 [ 227.664026][ T9767] do_syscall_64+0xc9/0x1c0 [ 227.664062][ T9767] ? clear_bhb_loop+0x25/0x80 [ 227.664088][ T9767] ? clear_bhb_loop+0x25/0x80 [ 227.664151][ T9767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.664175][ T9767] RIP: 0033:0x7f4c41d3d169 [ 227.664192][ T9767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.664214][ T9767] RSP: 002b:00007f4c403a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000045 [ 227.664235][ T9767] RAX: ffffffffffffffda RBX: 00007f4c41f55fa0 RCX: 00007f4c41d3d169 [ 227.664249][ T9767] RDX: 000000000000000e RSI: 0000200000000100 RDI: 0000000000000000 [ 227.664264][ T9767] RBP: 00007f4c403a7090 R08: 0000000000000000 R09: 0000000000000000 [ 227.664286][ T9767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.664299][ T9767] R13: 0000000000000000 R14: 00007f4c41f55fa0 R15: 00007fffac4234c8 [ 227.664322][ T9767] [ 227.911791][ T9765] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 228.031690][ T9776] loop7: detected capacity change from 0 to 1024 [ 228.050251][ T9776] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 228.069536][ T9776] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 228.404601][ T29] kauditd_printk_skb: 47 callbacks suppressed [ 228.404691][ T29] audit: type=1326 audit(1744441564.997:4984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9789 comm="syz.5.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 228.488519][ T29] audit: type=1326 audit(1744441564.997:4985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9789 comm="syz.5.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 228.525531][ T29] audit: type=1326 audit(1744441565.047:4986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9789 comm="syz.5.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 228.557856][ T29] audit: type=1326 audit(1744441565.047:4987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9789 comm="syz.5.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 228.589418][ T29] audit: type=1326 audit(1744441565.047:4988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9789 comm="syz.5.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 228.622521][ T29] audit: type=1326 audit(1744441565.047:4989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9789 comm="syz.5.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 228.649192][ T29] audit: type=1326 audit(1744441565.047:4990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9789 comm="syz.5.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 228.675054][ T29] audit: type=1326 audit(1744441565.047:4991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9789 comm="syz.5.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 228.706604][ T29] audit: type=1326 audit(1744441565.057:4992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9789 comm="syz.5.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 228.737258][ T29] audit: type=1326 audit(1744441565.057:4993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9789 comm="syz.5.1995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 228.896441][ T9807] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1999'. [ 228.999778][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.078816][ T9813] Falling back ldisc for ttyS3. [ 229.494995][ T9834] loop3: detected capacity change from 0 to 512 [ 229.509882][ T9834] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 229.538448][ T9834] EXT4-fs (loop3): 1 truncate cleaned up [ 229.558881][ T9834] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.629605][ T9834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.855516][ T9844] loop5: detected capacity change from 0 to 1024 [ 229.890537][ T9844] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.908612][ T9844] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 230.056491][ T9851] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2014'. [ 230.129580][ T9855] FAULT_INJECTION: forcing a failure. [ 230.129580][ T9855] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 230.149144][ T9855] CPU: 1 UID: 0 PID: 9855 Comm: syz.6.2015 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 230.149176][ T9855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 230.149253][ T9855] Call Trace: [ 230.149259][ T9855] [ 230.149331][ T9855] dump_stack_lvl+0xf6/0x150 [ 230.149357][ T9855] dump_stack+0x15/0x1a [ 230.149448][ T9855] should_fail_ex+0x261/0x270 [ 230.149496][ T9855] should_fail+0xb/0x10 [ 230.149525][ T9855] should_fail_usercopy+0x1a/0x20 [ 230.149555][ T9855] strncpy_from_user+0x25/0x230 [ 230.149611][ T9855] ? getname_flags+0x81/0x3b0 [ 230.149633][ T9855] getname_flags+0xb0/0x3b0 [ 230.149653][ T9855] user_path_at+0x26/0x140 [ 230.149683][ T9855] __x64_sys_umount+0x86/0xe0 [ 230.149717][ T9855] x64_sys_call+0x2883/0x2e10 [ 230.149754][ T9855] do_syscall_64+0xc9/0x1c0 [ 230.149790][ T9855] ? clear_bhb_loop+0x25/0x80 [ 230.149817][ T9855] ? clear_bhb_loop+0x25/0x80 [ 230.149841][ T9855] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.149945][ T9855] RIP: 0033:0x7f03fa9ad169 [ 230.149961][ T9855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.149984][ T9855] RSP: 002b:00007f03f900f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 230.150005][ T9855] RAX: ffffffffffffffda RBX: 00007f03fabc5fa0 RCX: 00007f03fa9ad169 [ 230.150020][ T9855] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000200000000180 [ 230.150035][ T9855] RBP: 00007f03f900f090 R08: 0000000000000000 R09: 0000000000000000 [ 230.150119][ T9855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 230.150130][ T9855] R13: 0000000000000000 R14: 00007f03fabc5fa0 R15: 00007fffc93f91b8 [ 230.150149][ T9855] [ 230.781619][ T9877] netlink: 'syz.6.2022': attribute type 3 has an invalid length. [ 230.855940][ T4232] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.962158][ T9888] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2024'. [ 231.001497][ T9885] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2024'. [ 231.017841][ T9885] loop6: detected capacity change from 0 to 1024 [ 231.063916][ T9885] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 231.276718][ T9904] loop3: detected capacity change from 0 to 1024 [ 231.295356][ T9904] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 231.314520][ T9904] FAULT_INJECTION: forcing a failure. [ 231.314520][ T9904] name failslab, interval 1, probability 0, space 0, times 0 [ 231.329304][ T9904] CPU: 0 UID: 0 PID: 9904 Comm: syz.3.2031 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 231.329361][ T9904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 231.329373][ T9904] Call Trace: [ 231.329380][ T9904] [ 231.329389][ T9904] dump_stack_lvl+0xf6/0x150 [ 231.329435][ T9904] dump_stack+0x15/0x1a [ 231.329455][ T9904] should_fail_ex+0x261/0x270 [ 231.329524][ T9904] should_failslab+0x8f/0xb0 [ 231.329562][ T9904] kmem_cache_alloc_lru_noprof+0x5e/0x330 [ 231.329666][ T9904] ? debugfs_alloc_inode+0x34/0x40 [ 231.329704][ T9904] debugfs_alloc_inode+0x34/0x40 [ 231.329799][ T9904] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 231.329831][ T9904] alloc_inode+0x40/0x170 [ 231.329900][ T9904] new_inode+0x1e/0xe0 [ 231.329922][ T9904] __debugfs_create_file+0x110/0x330 [ 231.329955][ T9904] debugfs_create_file_full+0x40/0x60 [ 231.329986][ T9904] do_blk_trace_setup+0x2d1/0x4d0 [ 231.330007][ T9904] blk_trace_setup+0xa9/0x140 [ 231.330096][ T9904] sg_ioctl+0x685/0x18a0 [ 231.330125][ T9904] ? __fget_files+0x186/0x1c0 [ 231.330167][ T9904] ? __pfx_sg_ioctl+0x10/0x10 [ 231.330192][ T9904] __se_sys_ioctl+0xc9/0x140 [ 231.330225][ T9904] __x64_sys_ioctl+0x43/0x50 [ 231.330265][ T9904] x64_sys_call+0x168d/0x2e10 [ 231.330290][ T9904] do_syscall_64+0xc9/0x1c0 [ 231.330353][ T9904] ? clear_bhb_loop+0x25/0x80 [ 231.330377][ T9904] ? clear_bhb_loop+0x25/0x80 [ 231.330402][ T9904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.330426][ T9904] RIP: 0033:0x7f2843ccd169 [ 231.330441][ T9904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.330465][ T9904] RSP: 002b:00007f284232f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 231.330513][ T9904] RAX: ffffffffffffffda RBX: 00007f2843ee5fa0 RCX: 00007f2843ccd169 [ 231.330562][ T9904] RDX: 0000200000000040 RSI: 00000000c0481273 RDI: 0000000000000006 [ 231.330573][ T9904] RBP: 00007f284232f090 R08: 0000000000000000 R09: 0000000000000000 [ 231.330628][ T9904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 231.330642][ T9904] R13: 0000000000000000 R14: 00007f2843ee5fa0 R15: 00007ffd24a9b6b8 [ 231.330708][ T9904] [ 231.330715][ T9904] debugfs: out of free dentries, can not create file 'dropped' [ 231.415575][ T9907] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2030'. [ 231.682467][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.765072][ T9921] loop3: detected capacity change from 0 to 1024 [ 231.801622][ T9921] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 231.817055][ T9926] netlink: 'syz.5.2037': attribute type 3 has an invalid length. [ 231.841236][ T9921] ext4 filesystem being mounted at /378/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 231.874080][ T9928] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.025503][ T9928] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.132633][ T9928] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.227015][ T9928] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 232.305991][ T9928] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.355615][ T9928] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.393016][ T9928] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.432296][ T9928] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 232.453751][ T9950] loop7: detected capacity change from 0 to 2048 [ 232.519979][ T9950] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 232.575436][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.596431][ T9954] netlink: 'syz.5.2048': attribute type 3 has an invalid length. [ 232.639864][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.754848][ T9969] capability: warning: `syz.6.2053' uses deprecated v2 capabilities in a way that may be insecure [ 232.800537][ T9969] loop6: detected capacity change from 0 to 1024 [ 232.816381][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.864394][ T9972] FAULT_INJECTION: forcing a failure. [ 232.864394][ T9972] name failslab, interval 1, probability 0, space 0, times 0 [ 232.881316][ T9972] CPU: 0 UID: 0 PID: 9972 Comm: syz.3.2054 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 232.881547][ T9972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 232.881558][ T9972] Call Trace: [ 232.881564][ T9972] [ 232.881616][ T9972] dump_stack_lvl+0xf6/0x150 [ 232.881702][ T9972] dump_stack+0x15/0x1a [ 232.881717][ T9972] should_fail_ex+0x261/0x270 [ 232.881742][ T9972] should_failslab+0x8f/0xb0 [ 232.881769][ T9972] kmem_cache_alloc_noprof+0x59/0x340 [ 232.881812][ T9972] ? audit_log_start+0x37f/0x6e0 [ 232.881833][ T9972] audit_log_start+0x37f/0x6e0 [ 232.881853][ T9972] ? kstrtouint+0x7b/0xc0 [ 232.881875][ T9972] audit_seccomp+0x4b/0x130 [ 232.881892][ T9972] __seccomp_filter+0x694/0x10e0 [ 232.881957][ T9972] ? vfs_write+0x669/0x950 [ 232.881980][ T9972] ? putname+0xe1/0x100 [ 232.882000][ T9972] __secure_computing+0x7e/0x160 [ 232.882024][ T9972] syscall_trace_enter+0xcf/0x1f0 [ 232.882048][ T9972] ? fpregs_assert_state_consistent+0x83/0xa0 [ 232.882082][ T9972] do_syscall_64+0xaa/0x1c0 [ 232.882108][ T9972] ? clear_bhb_loop+0x25/0x80 [ 232.882126][ T9972] ? clear_bhb_loop+0x25/0x80 [ 232.882145][ T9972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.882197][ T9972] RIP: 0033:0x7f2843ccd169 [ 232.882210][ T9972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.882226][ T9972] RSP: 002b:00007f284232f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000063 [ 232.882485][ T9972] RAX: ffffffffffffffda RBX: 00007f2843ee5fa0 RCX: 00007f2843ccd169 [ 232.882499][ T9972] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 232.882530][ T9972] RBP: 00007f284232f090 R08: 0000000000000000 R09: 0000000000000000 [ 232.882540][ T9972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 232.882550][ T9972] R13: 0000000000000000 R14: 00007f2843ee5fa0 R15: 00007ffd24a9b6b8 [ 232.882629][ T9972] [ 233.293363][ T9985] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.309061][ T9986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2058'. [ 233.361719][ T9986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2058'. [ 233.374047][ T9985] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.416670][ T29] kauditd_printk_skb: 127 callbacks suppressed [ 233.416686][ T29] audit: type=1400 audit(1744441570.007:5119): avc: denied { setopt } for pid=9990 comm="syz.6.2060" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 233.453954][ T9991] loop6: detected capacity change from 0 to 512 [ 233.465440][ T9985] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.510713][ T9991] EXT4-fs (loop6): 1 orphan inode deleted [ 233.517801][ T9991] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 233.532644][ T372] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 233.533027][ T9991] ext4 filesystem being mounted at /365/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 233.542972][ T372] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1 [ 233.576952][ T9985] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 233.660324][ T9985] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.673871][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.696704][ T9985] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.712884][ T9985] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.724928][ T29] audit: type=1326 audit(1744441570.307:5120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9999 comm="syz.6.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 233.752699][ T29] audit: type=1326 audit(1744441570.307:5121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9999 comm="syz.6.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 233.772819][ T9985] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 233.780771][ T29] audit: type=1326 audit(1744441570.307:5122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9999 comm="syz.6.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 233.817082][ T29] audit: type=1326 audit(1744441570.307:5123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9999 comm="syz.6.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 233.844164][ T29] audit: type=1326 audit(1744441570.307:5124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9999 comm="syz.6.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 233.869568][ T29] audit: type=1326 audit(1744441570.307:5125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9999 comm="syz.6.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 233.894439][ T29] audit: type=1326 audit(1744441570.307:5126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9999 comm="syz.6.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 233.919550][ T29] audit: type=1326 audit(1744441570.307:5127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9999 comm="syz.6.2061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 234.071051][T10010] xt_hashlimit: max too large, truncated to 1048576 [ 234.083439][T10010] netlink: 68 bytes leftover after parsing attributes in process `syz.7.2065'. [ 234.161197][T10019] netlink: 172 bytes leftover after parsing attributes in process `syz.7.2067'. [ 235.084275][T10046] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2077'. [ 235.122353][T10048] loop7: detected capacity change from 0 to 1024 [ 235.147681][T10048] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.180363][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.221661][T10057] loop7: detected capacity change from 0 to 2048 [ 235.269450][T10057] Alternate GPT is invalid, using primary GPT. [ 235.276001][T10057] loop7: p1 p2 p3 [ 235.363054][T10064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2083'. [ 235.391318][T10064] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2083'. [ 235.733391][T10069] loop5: detected capacity change from 0 to 128 [ 235.820992][T10069] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 235.864880][T10069] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 236.237002][T10084] FAULT_INJECTION: forcing a failure. [ 236.237002][T10084] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 236.251897][T10084] CPU: 0 UID: 0 PID: 10084 Comm: syz.7.2090 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 236.251927][T10084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 236.252008][T10084] Call Trace: [ 236.252019][T10084] [ 236.252030][T10084] dump_stack_lvl+0xf6/0x150 [ 236.252060][T10084] dump_stack+0x15/0x1a [ 236.252120][T10084] should_fail_ex+0x261/0x270 [ 236.252155][T10084] should_fail+0xb/0x10 [ 236.252260][T10084] should_fail_usercopy+0x1a/0x20 [ 236.252289][T10084] _copy_from_user+0x1c/0xa0 [ 236.252329][T10084] move_addr_to_kernel+0x8c/0x130 [ 236.252372][T10084] copy_msghdr_from_user+0x280/0x2b0 [ 236.252416][T10084] __sys_sendmsg+0x141/0x240 [ 236.252468][T10084] __x64_sys_sendmsg+0x46/0x50 [ 236.252494][T10084] x64_sys_call+0x26f3/0x2e10 [ 236.252526][T10084] do_syscall_64+0xc9/0x1c0 [ 236.252564][T10084] ? clear_bhb_loop+0x25/0x80 [ 236.252669][T10084] ? clear_bhb_loop+0x25/0x80 [ 236.252690][T10084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.252734][T10084] RIP: 0033:0x7f4c41d3d169 [ 236.252752][T10084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.252774][T10084] RSP: 002b:00007f4c403a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 236.252794][T10084] RAX: ffffffffffffffda RBX: 00007f4c41f55fa0 RCX: 00007f4c41d3d169 [ 236.252806][T10084] RDX: 0000000000004800 RSI: 0000200000000200 RDI: 0000000000000003 [ 236.252873][T10084] RBP: 00007f4c403a7090 R08: 0000000000000000 R09: 0000000000000000 [ 236.252888][T10084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 236.252902][T10084] R13: 0000000000000000 R14: 00007f4c41f55fa0 R15: 00007fffac4234c8 [ 236.252925][T10084] [ 236.522045][ T3848] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 236.550480][T10088] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2091'. [ 236.556194][T10087] FAULT_INJECTION: forcing a failure. [ 236.556194][T10087] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 236.578406][T10087] CPU: 1 UID: 0 PID: 10087 Comm: syz.6.2092 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 236.578440][T10087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 236.578456][T10087] Call Trace: [ 236.578465][T10087] [ 236.578473][T10087] dump_stack_lvl+0xf6/0x150 [ 236.578551][T10087] dump_stack+0x15/0x1a [ 236.578586][T10087] should_fail_ex+0x261/0x270 [ 236.578620][T10087] should_fail+0xb/0x10 [ 236.578723][T10087] should_fail_usercopy+0x1a/0x20 [ 236.578757][T10087] _copy_to_iter+0x24e/0xd10 [ 236.578867][T10087] ? __virt_addr_valid+0x1ed/0x250 [ 236.578891][T10087] ? __check_object_size+0x367/0x510 [ 236.578967][T10087] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 236.579043][T10087] __skb_datagram_iter+0xcd/0x640 [ 236.579111][T10087] skb_copy_datagram_iter+0x41/0x130 [ 236.579144][T10087] netlink_recvmsg+0x1af/0x780 [ 236.579175][T10087] ? __pfx_netlink_recvmsg+0x10/0x10 [ 236.579206][T10087] sock_recvmsg+0x13f/0x170 [ 236.579310][T10087] ____sys_recvmsg+0xfb/0x290 [ 236.579354][T10087] do_recvmmsg+0x2a1/0x6e0 [ 236.579396][T10087] __x64_sys_recvmmsg+0xfb/0x170 [ 236.579430][T10087] x64_sys_call+0x1b90/0x2e10 [ 236.579482][T10087] do_syscall_64+0xc9/0x1c0 [ 236.579515][T10087] ? clear_bhb_loop+0x25/0x80 [ 236.579542][T10087] ? clear_bhb_loop+0x25/0x80 [ 236.579567][T10087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.579637][T10087] RIP: 0033:0x7f03fa9ad169 [ 236.579656][T10087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.579678][T10087] RSP: 002b:00007f03f900f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 236.579702][T10087] RAX: ffffffffffffffda RBX: 00007f03fabc5fa0 RCX: 00007f03fa9ad169 [ 236.579716][T10087] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003 [ 236.579731][T10087] RBP: 00007f03f900f090 R08: 0000200000003700 R09: 0000000000000000 [ 236.579746][T10087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 236.579786][T10087] R13: 0000000000000000 R14: 00007f03fabc5fa0 R15: 00007fffc93f91b8 [ 236.579808][T10087] [ 237.011974][T10111] netlink: 'syz.6.2100': attribute type 3 has an invalid length. [ 237.097953][T10121] loop6: detected capacity change from 0 to 512 [ 237.121351][T10121] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 237.162157][T10115] loop7: detected capacity change from 0 to 512 [ 237.173577][T10115] EXT4-fs: test_dummy_encryption option not supported [ 237.188634][T10115] loop7: detected capacity change from 0 to 512 [ 237.220819][T10121] EXT4-fs (loop6): 1 truncate cleaned up [ 237.223812][T10115] EXT4-fs (loop7): 1 orphan inode deleted [ 237.227714][T10121] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 237.257128][T10121] FAULT_INJECTION: forcing a failure. [ 237.257128][T10121] name failslab, interval 1, probability 0, space 0, times 0 [ 237.274162][T10121] CPU: 1 UID: 0 PID: 10121 Comm: syz.6.2103 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 237.274190][T10121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 237.274202][T10121] Call Trace: [ 237.274209][T10121] [ 237.274217][T10121] dump_stack_lvl+0xf6/0x150 [ 237.274297][T10121] dump_stack+0x15/0x1a [ 237.274317][T10121] should_fail_ex+0x261/0x270 [ 237.274348][T10121] should_failslab+0x8f/0xb0 [ 237.274382][T10121] __kmalloc_node_noprof+0xaf/0x420 [ 237.274460][T10121] ? allocate_slab+0x144/0x3c0 [ 237.274491][T10121] allocate_slab+0x144/0x3c0 [ 237.274519][T10121] ___slab_alloc+0x428/0x980 [ 237.274544][T10121] ? __memcg_slab_post_alloc_hook+0x473/0x5a0 [ 237.274591][T10121] ? alloc_pipe_info+0x1cb/0x360 [ 237.274708][T10121] __kmalloc_noprof+0x256/0x410 [ 237.274731][T10121] ? alloc_pipe_info+0x1cb/0x360 [ 237.274769][T10121] alloc_pipe_info+0x1cb/0x360 [ 237.274807][T10121] splice_direct_to_actor+0x621/0x680 [ 237.274916][T10121] ? __pfx_direct_splice_actor+0x10/0x10 [ 237.274950][T10121] ? __rcu_read_unlock+0x4e/0x70 [ 237.274991][T10121] ? avc_policy_seqno+0x15/0x20 [ 237.275093][T10121] ? selinux_file_permission+0x22d/0x360 [ 237.275116][T10121] do_splice_direct+0xd9/0x150 [ 237.275216][T10121] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 237.275255][T10121] do_sendfile+0x40a/0x690 [ 237.275290][T10121] __x64_sys_sendfile64+0x113/0x160 [ 237.275316][T10121] x64_sys_call+0xfc3/0x2e10 [ 237.275343][T10121] do_syscall_64+0xc9/0x1c0 [ 237.275374][T10121] ? clear_bhb_loop+0x25/0x80 [ 237.275465][T10121] ? clear_bhb_loop+0x25/0x80 [ 237.275491][T10121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.275519][T10121] RIP: 0033:0x7f03fa9ad169 [ 237.275537][T10121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.275570][T10121] RSP: 002b:00007f03f900f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 237.275591][T10121] RAX: ffffffffffffffda RBX: 00007f03fabc5fa0 RCX: 00007f03fa9ad169 [ 237.275603][T10121] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 237.275614][T10121] RBP: 00007f03f900f090 R08: 0000000000000000 R09: 0000000000000000 [ 237.275625][T10121] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001 [ 237.275636][T10121] R13: 0000000000000000 R14: 00007f03fabc5fa0 R15: 00007fffc93f91b8 [ 237.275655][T10121] [ 237.419168][T10115] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 237.597530][ T61] EXT4-fs error (device loop7): ext4_release_dquot:6971: comm kworker/u8:4: Failed to release dquot type 1 [ 237.703178][T10115] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 237.749782][T10140] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 237.766626][T10140] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2107'. [ 237.806290][T10115] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 237.861080][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 238.468008][T10174] loop6: detected capacity change from 0 to 512 [ 238.501908][T10174] EXT4-fs (loop6): orphan cleanup on readonly fs [ 238.514301][T10174] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2118: bg 0: block 248: padding at end of block bitmap is not set [ 238.531464][T10174] __quota_error: 248 callbacks suppressed [ 238.531484][T10174] Quota error (device loop6): write_blk: dquota write failed [ 238.545783][T10174] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 238.555983][T10174] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.2118: Failed to acquire dquot type 1 [ 238.560418][T10177] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2117'. [ 238.582926][T10174] EXT4-fs (loop6): 1 truncate cleaned up [ 238.595132][T10174] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 238.622103][ T29] audit: type=1400 audit(1744441575.217:5375): avc: denied { execute } for pid=10173 comm="syz.6.2118" name="file2" dev="loop6" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 238.622535][T10175] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2117'. [ 238.663786][T10174] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended [ 238.713363][ T29] audit: type=1326 audit(1744441575.307:5376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.6.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 238.741732][ T29] audit: type=1326 audit(1744441575.307:5377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.6.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 238.768367][ T29] audit: type=1326 audit(1744441575.307:5378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.6.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 238.779684][T10177] loop5: detected capacity change from 0 to 1024 [ 238.799037][ T29] audit: type=1326 audit(1744441575.307:5379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.6.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 238.799139][ T29] audit: type=1326 audit(1744441575.307:5380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.6.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 238.799171][ T29] audit: type=1326 audit(1744441575.307:5381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.6.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 238.799279][ T29] audit: type=1326 audit(1744441575.307:5382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10173 comm="syz.6.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03fa9ad169 code=0x7ffc0000 [ 238.866195][T10182] netlink: 'syz.1.2119': attribute type 3 has an invalid length. [ 238.929603][T10174] EXT4-fs error (device loop6): ext4_acquire_dquot:6935: comm syz.6.2118: Failed to acquire dquot type 1 [ 238.962404][T10174] EXT4-fs warning (device loop6): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 238.985383][T10177] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 239.077370][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 239.123484][T10194] loop6: detected capacity change from 0 to 512 [ 239.145407][T10194] EXT4-fs (loop6): blocks per group (71) and clusters per group (20800) inconsistent [ 239.177065][T10193] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2122'. [ 239.190757][T10193] bridge_slave_1: left allmulticast mode [ 239.198451][T10193] bridge_slave_1: left promiscuous mode [ 239.205740][T10193] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.222676][T10193] bridge_slave_0: left allmulticast mode [ 239.231162][T10193] bridge_slave_0: left promiscuous mode [ 239.241579][T10193] bridge0: port 1(bridge_slave_0) entered disabled state [ 239.399264][T10202] loop6: detected capacity change from 0 to 2048 [ 239.468830][T10202] loop6: p1 < > p4 [ 239.483891][T10202] loop6: p4 size 8388608 extends beyond EOD, truncated [ 239.805133][T10210] bond0: (slave bond_slave_0): Releasing backup interface [ 239.824434][T10210] bond0: (slave bond_slave_1): Releasing backup interface [ 239.836089][T10211] x_tables: duplicate underflow at hook 1 [ 239.859237][T10210] team0: Port device team_slave_0 removed [ 239.901706][T10210] team0: Port device team_slave_1 removed [ 239.920694][T10210] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 239.930034][T10210] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 239.970091][T10210] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 239.981023][T10210] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 240.123846][T10218] netlink: 'syz.1.2131': attribute type 3 has an invalid length. [ 240.189808][ T4232] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.427513][T10242] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2140'. [ 240.580748][T10246] netlink: 'syz.3.2142': attribute type 3 has an invalid length. [ 240.817260][T10260] loop7: detected capacity change from 0 to 128 [ 240.833350][T10260] netem: incorrect gi model size [ 240.838911][T10260] netem: change failed [ 240.949545][T10265] loop7: detected capacity change from 0 to 512 [ 240.959008][T10265] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 240.972239][T10265] EXT4-fs (loop7): 1 truncate cleaned up [ 240.979647][T10265] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 240.995493][T10265] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 241.096127][T10274] IPv6: sit2: Disabled Multicast RS [ 241.104322][T10274] sit2: entered allmulticast mode [ 241.239508][T10282] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 241.252136][T10282] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 241.263037][T10282] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 241.273708][T10282] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 241.727304][T10289] x_tables: duplicate underflow at hook 2 [ 242.104830][T10306] loop6: detected capacity change from 0 to 2048 [ 242.162471][T10306] Alternate GPT is invalid, using primary GPT. [ 242.170990][T10306] loop6: p1 p2 p3 [ 242.654613][T10310] loop7: detected capacity change from 0 to 1024 [ 242.672419][T10310] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 242.695929][T10310] ext4 filesystem being mounted at /218/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 242.865364][T10318] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2168'. [ 243.717691][ T29] kauditd_printk_skb: 59 callbacks suppressed [ 243.717706][ T29] audit: type=1400 audit(1744441580.307:5440): avc: denied { ioctl } for pid=10346 comm="syz.3.2179" path="socket:[26716]" dev="sockfs" ino=26716 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 243.758271][ T29] audit: type=1400 audit(1744441580.307:5441): avc: denied { write } for pid=10346 comm="syz.3.2179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 243.777512][T10310] x_tables: duplicate underflow at hook 1 [ 243.914109][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 243.916698][T10355] loop5: detected capacity change from 0 to 256 [ 243.932453][T10355] vfat: Unknown parameter '00000000000000000000000' [ 243.950383][T10355] loop5: detected capacity change from 0 to 256 [ 243.958791][T10355] FAT-fs (loop5): bogus number of FAT sectors [ 243.965954][T10355] FAT-fs (loop5): Can't find a valid FAT filesystem [ 243.992714][ T29] audit: type=1400 audit(1744441580.587:5442): avc: denied { write } for pid=10354 comm="syz.5.2183" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 244.170729][ T29] audit: type=1326 audit(1744441580.757:5443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10371 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ce11d169 code=0x7ffc0000 [ 244.199597][ T29] audit: type=1326 audit(1744441580.757:5444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10371 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1ce11d169 code=0x7ffc0000 [ 244.227096][ T29] audit: type=1326 audit(1744441580.757:5445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10371 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ce11d169 code=0x7ffc0000 [ 244.254967][ T29] audit: type=1326 audit(1744441580.757:5446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10371 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1ce11d169 code=0x7ffc0000 [ 244.279914][ T29] audit: type=1326 audit(1744441580.757:5447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10371 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ce11d169 code=0x7ffc0000 [ 244.305110][ T29] audit: type=1326 audit(1744441580.757:5448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10371 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa1ce11d169 code=0x7ffc0000 [ 244.333872][ T29] audit: type=1326 audit(1744441580.757:5449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10371 comm="syz.1.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1ce11d169 code=0x7ffc0000 [ 244.475726][T10384] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2191'. [ 244.552714][T10386] loop6: detected capacity change from 0 to 2048 [ 244.592502][T10386] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 244.615205][T10386] EXT4-fs error (device loop6): ext4_find_extent:938: inode #2: comm syz.6.2192: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 244.810847][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 245.070490][T10401] FAULT_INJECTION: forcing a failure. [ 245.070490][T10401] name failslab, interval 1, probability 0, space 0, times 0 [ 245.085449][T10401] CPU: 0 UID: 0 PID: 10401 Comm: syz.6.2195 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 245.085478][T10401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 245.085490][T10401] Call Trace: [ 245.085498][T10401] [ 245.085509][T10401] dump_stack_lvl+0xf6/0x150 [ 245.085728][T10401] dump_stack+0x15/0x1a [ 245.085754][T10401] should_fail_ex+0x261/0x270 [ 245.085789][T10401] should_failslab+0x8f/0xb0 [ 245.085827][T10401] kmem_cache_alloc_node_noprof+0x5c/0x340 [ 245.085854][T10401] ? __alloc_skb+0x10d/0x320 [ 245.085879][T10401] __alloc_skb+0x10d/0x320 [ 245.085906][T10401] netlink_ack+0xf1/0x4f0 [ 245.085980][T10401] netlink_rcv_skb+0x19f/0x230 [ 245.086006][T10401] ? __pfx_genl_rcv_msg+0x10/0x10 [ 245.086051][T10401] genl_rcv+0x28/0x40 [ 245.086160][T10401] netlink_unicast+0x605/0x6c0 [ 245.086196][T10401] netlink_sendmsg+0x609/0x720 [ 245.086232][T10401] ? __pfx_netlink_sendmsg+0x10/0x10 [ 245.086332][T10401] __sock_sendmsg+0x140/0x180 [ 245.086351][T10401] ____sys_sendmsg+0x350/0x4e0 [ 245.086389][T10401] __sys_sendmsg+0x1a0/0x240 [ 245.086514][T10401] __x64_sys_sendmsg+0x46/0x50 [ 245.086541][T10401] x64_sys_call+0x26f3/0x2e10 [ 245.086563][T10401] do_syscall_64+0xc9/0x1c0 [ 245.086600][T10401] ? clear_bhb_loop+0x25/0x80 [ 245.086625][T10401] ? clear_bhb_loop+0x25/0x80 [ 245.086699][T10401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.086721][T10401] RIP: 0033:0x7f03fa9ad169 [ 245.086736][T10401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.086753][T10401] RSP: 002b:00007f03f900f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 245.086827][T10401] RAX: ffffffffffffffda RBX: 00007f03fabc5fa0 RCX: 00007f03fa9ad169 [ 245.086842][T10401] RDX: 0000000004000010 RSI: 0000200000000340 RDI: 0000000000000004 [ 245.086856][T10401] RBP: 00007f03f900f090 R08: 0000000000000000 R09: 0000000000000000 [ 245.086870][T10401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 245.086884][T10401] R13: 0000000000000000 R14: 00007f03fabc5fa0 R15: 00007fffc93f91b8 [ 245.086904][T10401] [ 245.957049][T10422] SELinux: security_context_str_to_sid (c) failed with errno=-22 [ 246.092799][T10428] FAULT_INJECTION: forcing a failure. [ 246.092799][T10428] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 246.107516][T10428] CPU: 1 UID: 0 PID: 10428 Comm: syz.3.2208 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 246.107593][T10428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 246.107605][T10428] Call Trace: [ 246.107612][T10428] [ 246.107621][T10428] dump_stack_lvl+0xf6/0x150 [ 246.107650][T10428] dump_stack+0x15/0x1a [ 246.107671][T10428] should_fail_ex+0x261/0x270 [ 246.107703][T10428] should_fail_alloc_page+0xfd/0x110 [ 246.107771][T10428] __alloc_frozen_pages_noprof+0x11d/0x360 [ 246.107810][T10428] alloc_pages_mpol+0xb6/0x260 [ 246.107841][T10428] folio_alloc_mpol_noprof+0x36/0x80 [ 246.107893][T10428] shmem_get_folio_gfp+0x3c1/0xd30 [ 246.107940][T10428] shmem_fault+0xf7/0x260 [ 246.107980][T10428] __do_fault+0xb6/0x200 [ 246.108003][T10428] handle_mm_fault+0xc86/0x2e80 [ 246.108049][T10428] ? mt_find+0x735/0x8a0 [ 246.108127][T10428] ? __rcu_read_lock+0x36/0x50 [ 246.108161][T10428] ? __pte_offset_map_lock+0x1d3/0x290 [ 246.108203][T10428] __get_user_pages+0xf4e/0x2340 [ 246.108313][T10428] __gup_longterm_locked+0x5d7/0xfb0 [ 246.108352][T10428] ? ___pte_offset_map+0xc8/0x140 [ 246.108388][T10428] gup_fast_fallback+0x1561/0x1f70 [ 246.108425][T10428] ? ___kmalloc_large_node+0xc3/0x130 [ 246.108454][T10428] pin_user_pages_fast+0x64/0xa0 [ 246.108481][T10428] io_pin_pages+0xb4/0x170 [ 246.108520][T10428] io_sqe_buffer_register+0x18b/0x12a0 [ 246.108576][T10428] ? __memcg_slab_post_alloc_hook+0x473/0x5a0 [ 246.108639][T10428] ? __kvmalloc_node_noprof+0x39b/0x520 [ 246.108665][T10428] ? io_sqe_buffers_register+0xcf/0x550 [ 246.108690][T10428] io_sqe_buffers_register+0x2bd/0x550 [ 246.108719][T10428] __se_sys_io_uring_register+0xb04/0x1f50 [ 246.108786][T10428] ? kstrtouint_from_user+0xbf/0x100 [ 246.108813][T10428] ? 0xffffffff81000000 [ 246.108826][T10428] ? __rcu_read_unlock+0x4e/0x70 [ 246.108855][T10428] ? get_pid_task+0x94/0xd0 [ 246.108880][T10428] ? proc_fail_nth_write+0x12d/0x160 [ 246.108943][T10428] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 246.108990][T10428] ? vfs_write+0x669/0x950 [ 246.109090][T10428] ? putname+0xe1/0x100 [ 246.109111][T10428] ? __fget_files+0x186/0x1c0 [ 246.109132][T10428] ? fput+0x99/0xd0 [ 246.109155][T10428] ? ksys_write+0x180/0x1b0 [ 246.109224][T10428] __x64_sys_io_uring_register+0x55/0x70 [ 246.109249][T10428] x64_sys_call+0xb9d/0x2e10 [ 246.109274][T10428] do_syscall_64+0xc9/0x1c0 [ 246.109308][T10428] ? clear_bhb_loop+0x25/0x80 [ 246.109338][T10428] ? clear_bhb_loop+0x25/0x80 [ 246.109360][T10428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.109554][T10428] RIP: 0033:0x7f2843ccd169 [ 246.109573][T10428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.109603][T10428] RSP: 002b:00007f284232f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 246.109623][T10428] RAX: ffffffffffffffda RBX: 00007f2843ee5fa0 RCX: 00007f2843ccd169 [ 246.109637][T10428] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000000000000007 [ 246.109650][T10428] RBP: 00007f284232f090 R08: 0000000000000000 R09: 0000000000000000 [ 246.109705][T10428] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000002 [ 246.109719][T10428] R13: 0000000000000000 R14: 00007f2843ee5fa0 R15: 00007ffd24a9b6b8 [ 246.109741][T10428] [ 246.622134][T10430] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2209'. [ 246.675025][T10440] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10440 comm=syz.5.2213 [ 246.693082][T10441] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2211'. [ 246.721355][T10440] netlink: 'syz.5.2213': attribute type 1 has an invalid length. [ 246.749074][T10442] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2211'. [ 246.807382][T10440] 8021q: adding VLAN 0 to HW filter on device bond1 [ 246.845302][T10443] bond1: (slave ip6gretap1): making interface the new active one [ 246.863719][T10443] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 246.876239][T10446] $Hÿ: renamed from bond0 (while UP) [ 246.907498][T10446] $Hÿ: entered promiscuous mode [ 246.958194][T10440] vlan0: entered promiscuous mode [ 246.964345][T10440] bond1: entered promiscuous mode [ 246.972494][T10440] ip6gretap1: entered promiscuous mode [ 246.979293][T10440] vlan0: entered allmulticast mode [ 246.984676][T10440] bond1: entered allmulticast mode [ 246.992046][T10440] ip6gretap1: entered allmulticast mode [ 247.013801][T10443] netlink: 16186 bytes leftover after parsing attributes in process `syz.5.2213'. [ 247.214142][T10469] loop7: detected capacity change from 0 to 1024 [ 247.242313][T10470] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2219'. [ 247.265995][T10469] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 247.288913][T10469] ext4 filesystem being mounted at /229/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 247.354545][T10481] loop5: detected capacity change from 0 to 2048 [ 247.394310][T10481] Alternate GPT is invalid, using primary GPT. [ 247.403374][T10481] loop5: p1 p2 p3 [ 247.427014][T10483] loop6: detected capacity change from 0 to 512 [ 247.457908][T10483] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 247.493337][T10483] EXT4-fs (loop6): 1 truncate cleaned up [ 247.500330][T10483] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 247.515239][T10483] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 247.956543][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.009628][T10492] netlink: 'syz.7.2227': attribute type 3 has an invalid length. [ 248.314782][T10511] loop5: detected capacity change from 0 to 2048 [ 248.360315][T10511] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 248.447305][T10517] loop7: detected capacity change from 0 to 1024 [ 248.461907][T10517] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 248.501221][T10517] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 249.053083][T10525] x_tables: duplicate underflow at hook 1 [ 249.134547][ T4232] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.202278][T10530] netlink: 'syz.6.2240': attribute type 3 has an invalid length. [ 249.290567][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.409903][T10546] loop5: detected capacity change from 0 to 512 [ 249.439523][T10545] loop7: detected capacity change from 0 to 2048 [ 249.449125][T10546] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 249.508204][T10546] EXT4-fs (loop5): 1 truncate cleaned up [ 249.519381][T10546] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.643604][T10546] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 249.677374][T10545] Alternate GPT is invalid, using primary GPT. [ 249.685048][T10545] loop7: p1 p2 p3 [ 250.068323][ T29] kauditd_printk_skb: 61 callbacks suppressed [ 250.068360][ T29] audit: type=1326 audit(1744441586.657:5511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 250.117631][ T29] audit: type=1326 audit(1744441586.697:5512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 250.143788][ T29] audit: type=1326 audit(1744441586.697:5513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 250.168325][ T29] audit: type=1326 audit(1744441586.697:5514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 250.198280][ T29] audit: type=1326 audit(1744441586.697:5515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 250.226025][ T29] audit: type=1326 audit(1744441586.697:5516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 250.252740][ T29] audit: type=1326 audit(1744441586.697:5517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 250.283852][ T29] audit: type=1326 audit(1744441586.697:5518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 250.314173][ T29] audit: type=1326 audit(1744441586.697:5519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 250.339782][ T29] audit: type=1326 audit(1744441586.697:5520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10566 comm="syz.3.2251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2843ccd169 code=0x7ffc0000 [ 250.408000][T10572] loop7: detected capacity change from 0 to 1024 [ 250.442282][T10572] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.459222][T10577] netlink: 'syz.1.2254': attribute type 3 has an invalid length. [ 250.473627][T10572] ext4 filesystem being mounted at /241/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 250.567011][T10588] xt_CT: You must specify a L4 protocol and not use inversions on it [ 250.647820][T10598] netlink: 'syz.1.2261': attribute type 3 has an invalid length. [ 250.837534][T10609] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2264'. [ 250.910798][T10599] x_tables: duplicate underflow at hook 1 [ 251.141090][T10615] netlink: 'syz.5.2266': attribute type 3 has an invalid length. [ 251.431346][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 251.789896][T10634] netlink: 'syz.7.2273': attribute type 3 has an invalid length. [ 251.916309][T10646] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2276'. [ 251.946879][T10645] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2277'. [ 252.010301][T10648] loop6: detected capacity change from 0 to 1024 [ 252.051214][T10648] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.067515][T10648] ext4 filesystem being mounted at /418/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 252.366525][T10658] loop7: detected capacity change from 0 to 2048 [ 252.452393][T10658] Alternate GPT is invalid, using primary GPT. [ 252.461179][T10658] loop7: p1 p2 p3 [ 252.521573][T10655] x_tables: duplicate underflow at hook 1 [ 252.662341][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.777202][T10668] loop5: detected capacity change from 0 to 1024 [ 252.811092][T10668] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.827040][T10668] ext4 filesystem being mounted at /392/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.070068][T10686] netlink: 'syz.3.2286': attribute type 3 has an invalid length. [ 253.135835][T10691] FAULT_INJECTION: forcing a failure. [ 253.135835][T10691] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 253.152394][T10691] CPU: 0 UID: 0 PID: 10691 Comm: syz.6.2288 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 253.152424][T10691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 253.152439][T10691] Call Trace: [ 253.152445][T10691] [ 253.152453][T10691] dump_stack_lvl+0xf6/0x150 [ 253.152476][T10691] dump_stack+0x15/0x1a [ 253.152503][T10691] should_fail_ex+0x261/0x270 [ 253.152535][T10691] should_fail+0xb/0x10 [ 253.152563][T10691] should_fail_usercopy+0x1a/0x20 [ 253.152600][T10691] _copy_from_user+0x1c/0xa0 [ 253.152634][T10691] copy_from_sockptr_offset+0x6d/0xb0 [ 253.152656][T10691] do_ipt_set_ctl+0x68a/0x8a0 [ 253.152676][T10691] ? _raw_spin_unlock_bh+0x36/0x40 [ 253.152754][T10691] ? tcp_release_cb+0x108/0x390 [ 253.152795][T10691] nf_setsockopt+0x195/0x1b0 [ 253.152829][T10691] ip_setsockopt+0xea/0x100 [ 253.152871][T10691] ipv6_setsockopt+0xef/0x130 [ 253.152906][T10691] tcp_setsockopt+0x93/0xb0 [ 253.153009][T10691] sock_common_setsockopt+0x64/0x80 [ 253.153034][T10691] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 253.153060][T10691] __sys_setsockopt+0x187/0x200 [ 253.153093][T10691] __x64_sys_setsockopt+0x66/0x80 [ 253.153139][T10691] x64_sys_call+0x2a09/0x2e10 [ 253.153185][T10691] do_syscall_64+0xc9/0x1c0 [ 253.153243][T10691] ? clear_bhb_loop+0x25/0x80 [ 253.153269][T10691] ? clear_bhb_loop+0x25/0x80 [ 253.153294][T10691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.153320][T10691] RIP: 0033:0x7f03fa9ad169 [ 253.153366][T10691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.153434][T10691] RSP: 002b:00007f03f900f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 253.153457][T10691] RAX: ffffffffffffffda RBX: 00007f03fabc5fa0 RCX: 00007f03fa9ad169 [ 253.153472][T10691] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000007 [ 253.153484][T10691] RBP: 00007f03f900f090 R08: 0000000000000308 R09: 0000000000000000 [ 253.153496][T10691] R10: 0000200000000400 R11: 0000000000000246 R12: 0000000000000001 [ 253.153510][T10691] R13: 0000000000000000 R14: 00007f03fabc5fa0 R15: 00007fffc93f91b8 [ 253.153529][T10691] [ 253.604171][T10705] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2291'. [ 253.794103][T10710] loop7: detected capacity change from 0 to 1024 [ 253.820655][T10710] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 253.848785][T10710] ext4 filesystem being mounted at /250/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 253.868270][ T4232] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.029424][T10717] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2295'. [ 254.161597][T10722] program syz.5.2295 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 254.217164][T10719] xt_CT: You must specify a L4 protocol and not use inversions on it [ 254.232589][T10725] loop6: detected capacity change from 0 to 512 [ 254.240306][T10725] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 254.281563][T10725] EXT4-fs (loop6): 1 truncate cleaned up [ 254.287853][T10725] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.563114][T10736] loop5: detected capacity change from 0 to 2048 [ 254.570520][T10710] x_tables: duplicate underflow at hook 1 [ 254.603392][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.656616][T10736] Alternate GPT is invalid, using primary GPT. [ 254.663801][T10736] loop5: p1 p2 p3 [ 254.669635][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.823797][T10757] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2305'. [ 254.942484][T10760] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2306'. [ 255.220188][T10767] loop7: detected capacity change from 0 to 512 [ 255.227132][T10767] journal_path: Non-blockdev passed as './bus' [ 255.233611][T10767] EXT4-fs: error: could not find journal device path [ 255.264676][ T29] kauditd_printk_skb: 78 callbacks suppressed [ 255.264691][ T29] audit: type=1400 audit(1744441591.857:5599): avc: denied { read write } for pid=10769 comm="syz.7.2310" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 255.307097][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.315921][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.325280][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.335872][ T29] audit: type=1400 audit(1744441591.907:5600): avc: denied { open } for pid=10769 comm="syz.7.2310" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 255.368494][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.379719][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.390741][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.398840][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.408931][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.417411][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.427939][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.436605][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.446983][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.457025][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.467481][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.538922][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.547337][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.555225][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.564986][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.575875][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.585938][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.594676][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.604213][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.612364][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.620750][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.629221][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.637181][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.646413][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.654530][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.662842][ T3380] hid-generic 0000:0000:20000000.000B: unknown main item tag 0x0 [ 255.688738][ T3380] hid-generic 0000:0000:20000000.000B: hidraw0: HID v0.01 Device [syz0] on syz1 [ 255.763170][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.772354][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.780463][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.793327][T10782] loop7: detected capacity change from 0 to 512 [ 255.800340][T10782] EXT4-fs: Ignoring removed orlov option [ 255.806768][T10782] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 255.819188][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.827068][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.835091][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.843411][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.851709][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.861660][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.869777][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.877657][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.886884][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.895456][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.904552][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.916245][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.925258][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.937959][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.949162][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.957316][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.966145][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.974685][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.984007][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 255.995407][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 256.005313][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 256.014360][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 256.023322][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 256.033399][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 256.042652][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 256.051826][ T3380] hid-generic 0000:0000:20000000.000C: unknown main item tag 0x0 [ 256.054080][T10782] EXT4-fs (loop7): 1 truncate cleaned up [ 256.071767][T10782] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.141653][ T3380] hid-generic 0000:0000:20000000.000C: hidraw0: HID v0.01 Device [syz0] on syz1 [ 256.174964][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.330992][T10805] loop6: detected capacity change from 0 to 512 [ 256.338111][T10808] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2322'. [ 256.349129][T10806] loop5: detected capacity change from 0 to 2048 [ 256.356420][T10805] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 256.369165][T10805] EXT4-fs (loop6): 1 truncate cleaned up [ 256.376969][T10805] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.392942][T10806] Alternate GPT is invalid, using primary GPT. [ 256.399416][T10806] loop5: p1 p2 p3 [ 256.433784][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 256.495622][T10815] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2324'. [ 256.669444][T10824] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2326'. [ 256.699578][T10823] loop6: detected capacity change from 0 to 2048 [ 256.736975][T10823] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.776817][T10823] netlink: 68 bytes leftover after parsing attributes in process `syz.6.2327'. [ 257.228623][T10835] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2329'. [ 257.374507][T10840] loop7: detected capacity change from 0 to 1024 [ 257.472805][T10840] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 257.727157][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.765646][T10855] loop6: detected capacity change from 0 to 512 [ 257.777384][T10855] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 257.794819][T10855] EXT4-fs (loop6): 1 truncate cleaned up [ 257.801825][T10855] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.843193][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.906244][T10860] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2335'. [ 258.204642][T10873] loop6: detected capacity change from 0 to 2048 [ 258.259460][T10873] Alternate GPT is invalid, using primary GPT. [ 258.266575][T10873] loop6: p1 p2 p3 [ 258.403704][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.938339][T10903] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2351'. [ 259.396014][ T29] audit: type=1326 audit(1744441595.987:5601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10944 comm="syz.7.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 259.433688][ T29] audit: type=1326 audit(1744441596.017:5602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10944 comm="syz.7.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 259.475147][ T29] audit: type=1326 audit(1744441596.017:5603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10944 comm="syz.7.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 259.507050][ T29] audit: type=1326 audit(1744441596.017:5604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10944 comm="syz.7.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 259.542020][ T29] audit: type=1326 audit(1744441596.027:5605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10944 comm="syz.7.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 259.577150][ T29] audit: type=1326 audit(1744441596.027:5606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10944 comm="syz.7.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 259.610591][ T29] audit: type=1326 audit(1744441596.027:5607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10944 comm="syz.7.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 259.648445][ T29] audit: type=1326 audit(1744441596.177:5608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10944 comm="syz.7.2366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 259.895137][T10959] netlink: 172 bytes leftover after parsing attributes in process `syz.6.2373'. [ 260.324231][ T29] kauditd_printk_skb: 25 callbacks suppressed [ 260.324250][ T29] audit: type=1326 audit(1744441596.917:5634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10972 comm="syz.5.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 260.363428][ T29] audit: type=1326 audit(1744441596.917:5635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10972 comm="syz.5.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 260.388317][ T29] audit: type=1326 audit(1744441596.917:5636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10972 comm="syz.5.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 260.413237][ T29] audit: type=1326 audit(1744441596.917:5637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10972 comm="syz.5.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 260.439375][ T29] audit: type=1326 audit(1744441596.917:5638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10972 comm="syz.5.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 260.465603][ T29] audit: type=1326 audit(1744441596.917:5639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10972 comm="syz.5.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 260.525419][ T29] audit: type=1326 audit(1744441597.107:5640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10972 comm="syz.5.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 260.554531][ T29] audit: type=1326 audit(1744441597.107:5641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10972 comm="syz.5.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 260.579883][ T29] audit: type=1326 audit(1744441597.107:5642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10972 comm="syz.5.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 260.603726][ T29] audit: type=1326 audit(1744441597.107:5643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10972 comm="syz.5.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f29ddccd169 code=0x7ffc0000 [ 260.857089][T10986] IPv6: NLM_F_CREATE should be specified when creating new route [ 260.981658][T10999] netlink: 'syz.1.2389': attribute type 3 has an invalid length. [ 261.001596][T11000] loop6: detected capacity change from 0 to 512 [ 261.009816][T11000] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 261.026389][T11002] netlink: 136 bytes leftover after parsing attributes in process `syz.1.2390'. [ 261.035868][T11002] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 261.059442][T11000] EXT4-fs (loop6): 1 truncate cleaned up [ 261.066542][T11000] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 261.085205][T11000] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 261.376131][T11016] FAULT_INJECTION: forcing a failure. [ 261.376131][T11016] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 261.391285][T11016] CPU: 1 UID: 0 PID: 11016 Comm: syz.1.2395 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 261.391317][T11016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 261.391332][T11016] Call Trace: [ 261.391340][T11016] [ 261.391349][T11016] dump_stack_lvl+0xf6/0x150 [ 261.391378][T11016] dump_stack+0x15/0x1a [ 261.391473][T11016] should_fail_ex+0x261/0x270 [ 261.391504][T11016] should_fail+0xb/0x10 [ 261.391577][T11016] should_fail_usercopy+0x1a/0x20 [ 261.391677][T11016] _copy_from_user+0x1c/0xa0 [ 261.391706][T11016] copy_msghdr_from_user+0x54/0x2b0 [ 261.391754][T11016] ? __fget_files+0x186/0x1c0 [ 261.391781][T11016] __sys_sendmsg+0x141/0x240 [ 261.391828][T11016] __x64_sys_sendmsg+0x46/0x50 [ 261.391855][T11016] x64_sys_call+0x26f3/0x2e10 [ 261.391875][T11016] do_syscall_64+0xc9/0x1c0 [ 261.391910][T11016] ? clear_bhb_loop+0x25/0x80 [ 261.391929][T11016] ? clear_bhb_loop+0x25/0x80 [ 261.391949][T11016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.392030][T11016] RIP: 0033:0x7fa1ce11d169 [ 261.392044][T11016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.392059][T11016] RSP: 002b:00007fa1cc787038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 261.392074][T11016] RAX: ffffffffffffffda RBX: 00007fa1ce335fa0 RCX: 00007fa1ce11d169 [ 261.392084][T11016] RDX: 0000000000000014 RSI: 0000200000004440 RDI: 0000000000000007 [ 261.392094][T11016] RBP: 00007fa1cc787090 R08: 0000000000000000 R09: 0000000000000000 [ 261.392141][T11016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 261.392151][T11016] R13: 0000000000000000 R14: 00007fa1ce335fa0 R15: 00007ffd71521188 [ 261.392167][T11016] [ 262.165494][T11036] netlink: 'syz.6.2401': attribute type 3 has an invalid length. [ 262.219183][T11040] loop6: detected capacity change from 0 to 512 [ 262.227475][T11040] journal_path: Non-blockdev passed as './bus' [ 262.234530][T11040] EXT4-fs: error: could not find journal device path [ 262.346004][T11043] batadv1: entered promiscuous mode [ 263.220340][T11064] FAULT_INJECTION: forcing a failure. [ 263.220340][T11064] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 263.233523][T11064] CPU: 0 UID: 0 PID: 11064 Comm: syz.5.2410 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 263.233601][T11064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 263.233613][T11064] Call Trace: [ 263.233620][T11064] [ 263.233627][T11064] dump_stack_lvl+0xf6/0x150 [ 263.233655][T11064] dump_stack+0x15/0x1a [ 263.233674][T11064] should_fail_ex+0x261/0x270 [ 263.233704][T11064] should_fail+0xb/0x10 [ 263.233767][T11064] should_fail_usercopy+0x1a/0x20 [ 263.233869][T11064] _copy_from_user+0x1c/0xa0 [ 263.233907][T11064] set_selection_user+0x4d/0xf0 [ 263.233933][T11064] tioclinux+0x29e/0x410 [ 263.234022][T11064] vt_ioctl+0x878/0x18e0 [ 263.234046][T11064] ? tty_jobctrl_ioctl+0x2ab/0x810 [ 263.234114][T11064] tty_ioctl+0x813/0xbd0 [ 263.234135][T11064] ? __pfx_tty_ioctl+0x10/0x10 [ 263.234163][T11064] __se_sys_ioctl+0xc9/0x140 [ 263.234239][T11064] __x64_sys_ioctl+0x43/0x50 [ 263.234267][T11064] x64_sys_call+0x168d/0x2e10 [ 263.234293][T11064] do_syscall_64+0xc9/0x1c0 [ 263.234374][T11064] ? clear_bhb_loop+0x25/0x80 [ 263.234400][T11064] ? clear_bhb_loop+0x25/0x80 [ 263.234424][T11064] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.234450][T11064] RIP: 0033:0x7f29ddccd169 [ 263.234467][T11064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 263.234547][T11064] RSP: 002b:00007f29dc337038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 263.234569][T11064] RAX: ffffffffffffffda RBX: 00007f29ddee5fa0 RCX: 00007f29ddccd169 [ 263.234591][T11064] RDX: 0000200000000280 RSI: 000000000000541c RDI: 0000000000000003 [ 263.234605][T11064] RBP: 00007f29dc337090 R08: 0000000000000000 R09: 0000000000000000 [ 263.234659][T11064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 263.234673][T11064] R13: 0000000000000000 R14: 00007f29ddee5fa0 R15: 00007ffd9ad35bd8 [ 263.234695][T11064] [ 263.274173][T11063] bridge0: entered promiscuous mode [ 263.311277][T11072] netlink: 'syz.5.2413': attribute type 3 has an invalid length. [ 263.311937][T11063] macsec1: entered allmulticast mode [ 263.375723][T11076] loop5: detected capacity change from 0 to 1024 [ 263.380216][T11063] bridge0: entered allmulticast mode [ 263.414280][T11063] bridge0: port 1(macsec1) entered blocking state [ 263.463139][T11076] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 263.465663][T11063] bridge0: port 1(macsec1) entered disabled state [ 263.475959][T11076] ext4 filesystem being mounted at /410/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 263.585518][T11063] bridge0: left allmulticast mode [ 263.590756][T11063] bridge0: left promiscuous mode [ 263.947222][T11094] netlink: 'syz.7.2419': attribute type 3 has an invalid length. [ 264.303836][ T4232] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.368206][T11121] loop7: detected capacity change from 0 to 128 [ 264.395474][T11127] netlink: 'syz.7.2425': attribute type 3 has an invalid length. [ 264.492909][T11132] IPv6: NLM_F_CREATE should be specified when creating new route [ 264.563254][T11138] x_tables: duplicate underflow at hook 1 [ 264.572649][T11138] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2430'. [ 264.584893][T11138] netlink: 108 bytes leftover after parsing attributes in process `syz.7.2430'. [ 264.598899][T11138] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2430'. [ 264.608324][T11138] netlink: 108 bytes leftover after parsing attributes in process `syz.7.2430'. [ 264.618117][T11138] netlink: 84 bytes leftover after parsing attributes in process `syz.7.2430'. [ 264.744675][T11146] netlink: 68 bytes leftover after parsing attributes in process `syz.7.2432'. [ 265.307642][T11150] loop5: detected capacity change from 0 to 1024 [ 265.341699][T11150] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 265.372671][T11150] ext4 filesystem being mounted at /414/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 265.458528][T11154] IPVS: stopping master sync thread 4199 ... [ 265.571125][T11161] netlink: 'syz.6.2437': attribute type 3 has an invalid length. [ 265.820545][ T4232] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.047780][T11172] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2442'. [ 266.231441][T11180] loop7: detected capacity change from 0 to 1024 [ 266.252598][T11180] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.265659][T11180] ext4 filesystem being mounted at /279/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 266.693131][T11180] x_tables: duplicate underflow at hook 1 [ 266.784117][T11202] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2449'. [ 266.796376][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.820782][T11204] loop7: detected capacity change from 0 to 512 [ 266.828731][T11204] journal_path: Non-blockdev passed as './bus' [ 266.835142][T11204] EXT4-fs: error: could not find journal device path [ 266.870988][T11206] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2451'. [ 266.904587][T11208] loop7: detected capacity change from 0 to 1024 [ 266.940025][T11208] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.956384][T11208] ext4 filesystem being mounted at /281/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 267.134581][T11216] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2454'. [ 267.223376][T11216] loop6: detected capacity change from 0 to 1024 [ 267.323430][T11222] batadv1: entered promiscuous mode [ 267.337606][T11216] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 267.404571][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.983975][T11237] loop7: detected capacity change from 0 to 512 [ 268.004226][T11237] EXT4-fs (loop7): orphan cleanup on readonly fs [ 268.005631][T11237] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.2461: bg 0: block 248: padding at end of block bitmap is not set [ 268.006181][T11237] __quota_error: 117 callbacks suppressed [ 268.006198][T11237] Quota error (device loop7): write_blk: dquota write failed [ 268.041981][T11237] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota [ 268.052129][T11237] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.2461: Failed to acquire dquot type 1 [ 268.101884][T11237] EXT4-fs (loop7): 1 truncate cleaned up [ 268.123569][T11237] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 268.149997][T11237] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended [ 268.162026][T11237] Quota error (device loop7): write_blk: dquota write failed [ 268.162070][T11237] Quota error (device loop7): qtree_write_dquot: Error -28 occurred while creating quota [ 268.162163][T11237] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.2461: Failed to acquire dquot type 1 [ 268.162482][T11237] EXT4-fs warning (device loop7): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 268.197426][ T29] audit: type=1326 audit(1744441604.787:5761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.7.2461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 268.197466][ T29] audit: type=1326 audit(1744441604.787:5762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.7.2461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 268.197784][ T29] audit: type=1326 audit(1744441604.787:5763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.7.2461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 268.197897][ T29] audit: type=1326 audit(1744441604.787:5764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.7.2461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 268.197930][ T29] audit: type=1326 audit(1744441604.787:5765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.7.2461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 268.198352][ T29] audit: type=1326 audit(1744441604.787:5766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11236 comm="syz.7.2461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 268.237745][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.867395][ T4564] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.996327][T11275] netlink: 'syz.7.2474': attribute type 3 has an invalid length. [ 269.930043][T11300] binfmt_misc: register: failed to install interpreter file ./file2 [ 270.606158][T11324] loop7: detected capacity change from 0 to 512 [ 270.614037][T11324] journal_path: Non-blockdev passed as './bus' [ 270.621085][T11324] EXT4-fs: error: could not find journal device path [ 270.801158][T11333] loop7: detected capacity change from 0 to 512 [ 270.811726][T11333] EXT4-fs (loop7): orphan cleanup on readonly fs [ 270.823016][T11333] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.2496: bg 0: block 248: padding at end of block bitmap is not set [ 270.846856][T11333] EXT4-fs error (device loop7): ext4_acquire_dquot:6935: comm syz.7.2496: Failed to acquire dquot type 1 [ 270.904747][T11333] EXT4-fs (loop7): 1 truncate cleaned up [ 270.921598][T11333] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 270.957608][T11340] __nla_validate_parse: 1 callbacks suppressed [ 270.957680][T11340] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2499'. [ 271.009761][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 271.096710][T11345] loop7: detected capacity change from 0 to 1024 [ 271.123028][T11345] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 271.139420][T11345] ext4 filesystem being mounted at /301/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 271.433364][T11361] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2503'. [ 272.042118][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.451501][T11391] x_tables: duplicate underflow at hook 1 [ 272.785282][T11398] netlink: 'syz.1.2516': attribute type 3 has an invalid length. [ 272.905550][T11401] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2517'. [ 273.012099][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 273.012116][ T29] audit: type=1326 audit(1744441609.607:5772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.7.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 273.053181][ T29] audit: type=1326 audit(1744441609.607:5773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.7.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 273.084089][ T29] audit: type=1326 audit(1744441609.607:5774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.7.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 273.113463][ T29] audit: type=1326 audit(1744441609.607:5775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.7.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 273.147343][ T29] audit: type=1326 audit(1744441609.607:5776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.7.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 273.178002][ T29] audit: type=1326 audit(1744441609.607:5777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.7.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 273.207348][ T29] audit: type=1326 audit(1744441609.607:5778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.7.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 273.236433][ T29] audit: type=1326 audit(1744441609.607:5779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.7.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 273.264614][ T29] audit: type=1326 audit(1744441609.607:5780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.7.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 273.296849][ T29] audit: type=1326 audit(1744441609.607:5781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11402 comm="syz.7.2518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f4c41d3d169 code=0x7ffc0000 [ 273.476038][T11421] SELinux: security_context_str_to_sid (c) failed with errno=-22 [ 273.549625][T11429] netlink: 'syz.3.2527': attribute type 3 has an invalid length. [ 273.915611][T11438] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2530'. [ 274.162091][T11444] loop7: detected capacity change from 0 to 1024 [ 274.182308][T11444] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.198910][T11444] ext4 filesystem being mounted at /306/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 274.713294][T11463] binfmt_misc: register: failed to install interpreter file ./file2 [ 274.791468][T11466] FAULT_INJECTION: forcing a failure. [ 274.791468][T11466] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 274.807731][T11466] CPU: 1 UID: 0 PID: 11466 Comm: syz.3.2537 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 274.807771][T11466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 274.807788][T11466] Call Trace: [ 274.807798][T11466] [ 274.807824][T11466] dump_stack_lvl+0xf6/0x150 [ 274.807911][T11466] dump_stack+0x15/0x1a [ 274.807932][T11466] should_fail_ex+0x261/0x270 [ 274.808113][T11466] should_fail+0xb/0x10 [ 274.808142][T11466] should_fail_usercopy+0x1a/0x20 [ 274.808178][T11466] _copy_from_user+0x1c/0xa0 [ 274.808236][T11466] copy_msghdr_from_user+0x54/0x2b0 [ 274.808278][T11466] ? __fget_files+0x186/0x1c0 [ 274.808306][T11466] __sys_sendmsg+0x141/0x240 [ 274.808476][T11466] __x64_sys_sendmsg+0x46/0x50 [ 274.808509][T11466] x64_sys_call+0x26f3/0x2e10 [ 274.808537][T11466] do_syscall_64+0xc9/0x1c0 [ 274.808575][T11466] ? clear_bhb_loop+0x25/0x80 [ 274.808601][T11466] ? clear_bhb_loop+0x25/0x80 [ 274.808656][T11466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.808683][T11466] RIP: 0033:0x7f2843ccd169 [ 274.808704][T11466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 274.808727][T11466] RSP: 002b:00007f284232f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 274.808749][T11466] RAX: ffffffffffffffda RBX: 00007f2843ee5fa0 RCX: 00007f2843ccd169 [ 274.808765][T11466] RDX: 0000000020000800 RSI: 0000200000000080 RDI: 0000000000000004 [ 274.808790][T11466] RBP: 00007f284232f090 R08: 0000000000000000 R09: 0000000000000000 [ 274.808804][T11466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 274.808818][T11466] R13: 0000000000000000 R14: 00007f2843ee5fa0 R15: 00007ffd24a9b6b8 [ 274.808894][T11466] [ 275.214931][T11478] x_tables: duplicate underflow at hook 1 [ 276.349586][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.576639][T11515] binfmt_misc: register: failed to install interpreter file ./file2 [ 278.239088][T11567] loop7: detected capacity change from 0 to 1024 [ 278.251212][T11567] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.264447][T11567] ext4 filesystem being mounted at /311/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 278.604513][T11582] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2576'. [ 278.686953][T11567] x_tables: duplicate underflow at hook 1 [ 278.771550][ T7099] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.805791][T11588] loop7: detected capacity change from 0 to 512 [ 278.814744][T11588] journal_path: Non-blockdev passed as './bus' [ 278.821299][T11588] EXT4-fs: error: could not find journal device path [ 279.197742][T11597] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2581'. [ 279.653967][T11608] ================================================================== [ 279.662466][T11608] BUG: KCSAN: data-race in hrtimer_interrupt / print_cpu [ 279.670242][T11608] [ 279.672633][T11608] read-write to 0xffff888237c1ae14 of 4 bytes by interrupt on cpu 0: [ 279.680882][T11608] hrtimer_interrupt+0x72/0x4a0 [ 279.685896][T11608] __sysvec_apic_timer_interrupt+0x5c/0x1d0 [ 279.692994][T11608] sysvec_apic_timer_interrupt+0x6e/0x80 [ 279.699977][T11608] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 279.707934][T11608] __raw_callee_save___pv_queued_spin_unlock+0x10/0x18 [ 279.715494][T11608] _raw_spin_unlock+0x26/0x50 [ 279.721128][T11608] shmem_recalc_inode+0x140/0x1b0 [ 279.727171][T11608] shmem_get_folio_gfp+0x796/0xd30 [ 279.732558][T11608] shmem_write_begin+0xa7/0x190 [ 279.737836][T11608] generic_perform_write+0x189/0x4b0 [ 279.743249][T11608] shmem_file_write_iter+0xc2/0xe0 [ 279.748492][T11608] __kernel_write_iter+0x243/0x4c0 [ 279.753920][T11608] dump_user_range+0x5ed/0x8b0 [ 279.758820][T11608] elf_core_dump+0x1d61/0x1ef0 [ 279.764808][T11608] do_coredump+0x1814/0x1f50 [ 279.769777][T11608] get_signal+0xdb7/0x1080 [ 279.774256][T11608] arch_do_signal_or_restart+0x9a/0x4b0 [ 279.779986][T11608] syscall_exit_to_user_mode+0x62/0x120 [ 279.785853][T11608] do_syscall_64+0xd6/0x1c0 [ 279.791025][T11608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.796974][T11608] [ 279.800029][T11608] read to 0xffff888237c1ae14 of 4 bytes by task 11608 on cpu 1: [ 279.807887][T11608] print_cpu+0x354/0x680 [ 279.812551][T11608] timer_list_show+0x115/0x180 [ 279.817453][T11608] seq_read_iter+0x661/0x970 [ 279.823211][T11608] proc_reg_read_iter+0x118/0x190 [ 279.828880][T11608] copy_splice_read+0x390/0x5d0 [ 279.835768][T11608] splice_direct_to_actor+0x26c/0x680 [ 279.841624][T11608] do_splice_direct+0xd9/0x150 [ 279.846742][T11608] do_sendfile+0x40a/0x690 [ 279.851366][T11608] __x64_sys_sendfile64+0x113/0x160 [ 279.857569][T11608] x64_sys_call+0xfc3/0x2e10 [ 279.863260][T11608] do_syscall_64+0xc9/0x1c0 [ 279.868005][T11608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.874805][T11608] [ 279.877665][T11608] value changed: 0x00061caf -> 0x00061cb3 [ 279.884106][T11608] [ 279.888095][T11608] Reported by Kernel Concurrency Sanitizer on: [ 279.895006][T11608] CPU: 1 UID: 0 PID: 11608 Comm: syz.5.2584 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(voluntary) [ 279.909804][T11608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 279.922605][T11608] ==================================================================