last executing test programs: 1m28.161242547s ago: executing program 2 (id=490): fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) pwritev2(r0, 0x0, 0x0, 0x7000, 0x0, 0x3) 1m28.115590748s ago: executing program 2 (id=492): r0 = syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="014000000000000000000200000014000200626fcbc73000000000000000000000000900010073797a3000000000"], 0x34}}, 0x0) sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010028bd7000fbdbdf250406020069000400010000000900010073444aca184272fb3e34c05340e74c1c8856797a32000000000900030073797a31000000001400020073797a6b616c6c6572d600000000000005000400010000000000000fecaef8f9d12898a11276abb727536b57000000000073ced27204547a6d07c0bd696f5152a541e8cd301c21e878a281ee7d36b163bf71ed06b6b80863ef92805ab7f18eed842a502a84cda493efcca70efc4404d90eb7c91881aa1d15d3ccdda584b5e2fb7e633fc114d5a988f2defe2d40719b5f3a44616e94fa74e0c2d78ed9062852d945fc130109781531b13ac22b93111f632233275d9157ce5f70e6f4022d35daec5362e0ce8d407cbcebbbc1761854a003b1755084e8a222cf0c5f4f21e6825583f05304bf567f252b81a5"], 0x68}, 0x1, 0x40030000000000, 0x0, 0x8050}, 0x14) 1m28.074502109s ago: executing program 2 (id=493): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18) writev(r0, &(0x7f0000000500)=[{&(0x7f0000000080)="2e9b5b0007e03dd65193dfb6c575963f86dd6067", 0x14}, {&(0x7f0000000200)="b700000000000000000000f1dd0fccd5de05", 0x12}, {0x0}], 0x3) 1m27.99251417s ago: executing program 2 (id=497): bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xa, 0x4, 0x8, 0xc, 0x0, 0x1}, 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x200}, [@call={0x85, 0x0, 0x0, 0xae}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) getdents(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @remote, 0x15, 0x3, 'dh\x00', 0x0, 0x4, 0x76}, 0x2c) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000040000000100000027bf00000005"], 0x48) mmap(&(0x7f0000fa2000/0x3000)=nil, 0x3000, 0x1, 0x13, r3, 0x5c137000) setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @broadcast, 0x4e24, 0x3, 'lc\x00', 0xb, 0x323b, 0x3a}, {@rand_addr=0x64010102, 0x4e23, 0x0, 0xc3, 0x12d5c, 0x12d5c}}, 0x44) setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r0, 0x0, 0x10000}, 0x18) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) 1m27.891640252s ago: executing program 2 (id=500): syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @tcp={{0xa, 0x4, 0x0, 0x0, 0x3c, 0x1100, 0x0, 0x3, 0x6, 0x0, @remote, @local, {[@timestamp_addr={0x44, 0x14, 0xe, 0x1, 0x0, [{@local, 0x1f82}, {@broadcast, 0x9}]}]}}, {{0x200, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) r2 = socket(0x2, 0x80805, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r3, 0x0) close(0x3) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @remote}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x7a, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e23, 0x206, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x4}}}, &(0x7f0000000040)=0x84) sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000002c0)=@assoc_value={r4, 0x7ff}, 0x8) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000002c0)=0x10) symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, 0x1, 0x4, 0x401, 0x0, 0x0, {}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x1c}}, 0x0) sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x0) sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="c00000001200050929bd7000fddbdf250a0904fe4e224e24fbffffff240900002600000006000000fdffffff050000000100000002000000", @ANYRES32=0x0, @ANYBLOB="000001000010000006000000ffffffff71000100006cae4f89d499a3616b848a0b3f9a23741454aed59b8af6f89e6a6066005654f4034787f26a000000ffcdb376405072b9d28ea842fb58c3219f095d3ac77216d25521e56373878b4b90a80668110511a0b21609f0b3e8b57d02f2cc8a05c4b6e9e2b29561235c21d31e00000d"], 0xc0}, 0x1, 0x0, 0x0, 0x2000051}, 0x800) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="0b00000005000000070000000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000400000000002b050000000000e3ffffffbfe8ffffff2800000600"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="9e0c9a2100ff0300000000000008000001010c007b8af8ff00000000bfa200000000000007020000000000b704000000004000850000000300000095000000fa0e43490000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0) r7 = socket$key(0xf, 0x3, 0x2) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r9}, 0x10) sendmsg$key(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x14) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYRES16=r9, @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r10}, 0x10) socket$nl_route(0x10, 0x3, 0x0) 1m27.813805484s ago: executing program 2 (id=504): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x1adc51, 0x0) mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) 1m12.720483776s ago: executing program 32 (id=504): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x1adc51, 0x0) mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) 3.092016001s ago: executing program 3 (id=1768): perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x1}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0x6, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$tipc(0x1e, 0x5, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x3}, 0x18) r2 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)={0x28, 0x18, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x800, 0x0, 0x0, @ipv4=@multicast2}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r3}]}]}, 0x28}}, 0x0) r4 = socket$tipc(0x1e, 0x5, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r6}, 0x10) ioprio_get$uid(0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000002000010300c99526dea0985b0a0000000000000001000000140003006c6f"], 0x30}, 0x1, 0x0, 0x0, 0x90}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="b1f19d4fb21b05770a0300008100"], 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r9}, 0x10) mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x3200890, 0x0) r10 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1a1) r11 = open_tree(r10, &(0x7f00000002c0)='./file0\x00', 0x0) r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0xf) r13 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r13, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000f140164c4bd7000fcdbdf25090045"], 0x1c}, 0x1, 0x0, 0x0, 0x4000840}, 0x4004804) move_mount(r11, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262) bind$tipc(r4, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43, 0x4}}, 0x10) 3.044468282s ago: executing program 3 (id=1772): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="06000000040000"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x802}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0xfffffffffffffe30, 0x0, 0x0) 2.965530673s ago: executing program 3 (id=1776): prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x200000000005}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002580000000e0a01020000000000000000010000000900020073797a32000000001800038014000080100001800400028006000180000000000900010073797a30"], 0xc8}}, 0x0) 2.958075263s ago: executing program 3 (id=1779): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x800) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f00000000c0)={0x6, 0x6, 0xfffffffc}) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 2.929095034s ago: executing program 3 (id=1780): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = syz_open_dev$evdev(0x0, 0x2, 0x400000) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dd"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='rxrpc_call\x00', r1, 0x0, 0x8000000000000003}, 0x18) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r2, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24) sendmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x8804) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffb}]}) close_range(r3, 0xffffffffffffffff, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0) ioctl$EVIOCGABS2F(r0, 0x8018456f, &(0x7f0000000080)=""/151) 2.894495684s ago: executing program 3 (id=1783): syz_clone(0x201000, &(0x7f0000000000)="7a49dae99530b98234a6ca032ebc294e060524fac916bafa7ff8a4281d202a155ac62a88715f6d2336f22885aeff3b68bf9d2dc5ab2183443c5e008d142a6d01e09369cbef1a8fbda470222e2ed8d8618612be5682d8e9ec60b059b244f580a08df02c67c7d11db0f0bf2cb3ec5f9f0e96e925aea984e178c71c894746dda649298588422a3cc77f12fbbb574888aeb43a892e7aa64f14400866ea529d0afa68a38c5137c82c795b66ad0930f865865b39679b038cf8627b2b0020afe4aa96f396a4de8eaf9aef7fc54d883b5c776159efa3b812abe5fda5537283676b2fa690f1c1ca9cbf23c683363f2a31805ee67b043cc898f3013a97506ad7f9", 0xfc, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="75e5cac08182abfbfaf7db4e255a79827baad63d08cdd9ddeb0673191e6d5459bab6adc1b71c25e3685ad6b6712b116b147811abfcbf14f40f2ffeb6ae40ed03885aeb4794d481fbfa36798401eeaca7f424e31103b071ccbbeb9f75a8d4ecc1f5dafc929b66f375fddf32a6c26e511043b4cef685ba57b87ca105b5295e14ad3bf95f85b0a15418e1505a54fbf2") r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff00000000180012800e0001007769726567756172640000000400028008000a00bc"], 0x40}}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="01000000ff0300000401000008664f0001000000", @ANYRES32, @ANYBLOB='\x00\x00@\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001940), 0x2000cc0, r2}, 0x38) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r2}, 0x38) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x2982, 0x0) ioctl$TCSBRKP(r4, 0x5425, 0x4) ioctl$TIOCGLCKTRMIOS(r4, 0x5456, &(0x7f0000000100)={0x2, 0xffe, 0x4, 0x5, 0x14, "96ca27ffc5378471bb975d7e50f0e580d6dbfe"}) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}, 0x1, 0x0, 0x0, 0x20004000}, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x85, &(0x7f0000000600)={0x0, @in6={{0xa, 0x4e23, 0x7, @dev={0xfe, 0x80, '\x00', 0x30}, 0x2001}}, 0x6, 0x6}, 0x90) r8 = syz_open_procfs(0x0, &(0x7f0000000300)='net/arp\x00') read(r8, 0x0, 0x0) pread64(r8, &(0x7f0000000080)=""/220, 0xdc, 0x4009) syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x572, &(0x7f0000001600)="$eJzs3d9rU+cbAPDnpKm/v99WENnGGAUv5nCmtt0PB7twl2OTCdu9C2ks0tRIk4rthOnFvNnNkMEYE8but3svZf/A/gphCjKkbBe76TjpSW1t0jbamur5fCDyvnlP+p7nvOd5fU9OQgLIrZH0n0LEqxHxXRIxFBFJ1laMrHFkebvFR9cq6SOJpaXP/0pa26X19t9qv+5gVnklIn7/JuJEYX2/jfmF6XKtVp3N6qPNmcujjfmFkxdnylPVqeql8YmJ0+9OjH/w/nvbFutb5/758bO7H5/+9tjiD789OHwriTNxKGtbHcem9nVtub66MhIj2TEZjDNPbDjWy46/AJJ+7wBPZSDL88FI54ChGMiyHnj5fR0RS0BOJfIfcqq9Dmhf2/d0HfwSePjR8gXQ+viLy++NxL7WtdGBxWTNlVF6vTu8Df2nfdy5f/tW+ohe34cAeAbXb0TEqWJx/fyXZPPf0zu1hW2e7MP8B8/P3XT983an9U9hZf0THdY/Bzvk7tPYPP8LD7ahm67S9d+HHde/Kzethgey2v9aa77B5MLFWjWd2/4fEcdjcG9a3+h+zunFe0vd2lav/+6kh/rRtUp7LZjtx4Pi3rWvmSw3y88S82oPb0S81nH9m6yMf9Jh/NPjcW6LfRyt3n6jW9ua+O/fvrW4Lv6dtfRLxJsdx//xHa1k4/uTo63zYbR9Vqz3982jf3Trv9/xp+N/YOP4h5PV92sbvffx875/q93a1sQfneLvfP7vSb5olfdkz10tN5uzYxF7kk/XPz/++LXtenv7NP7jxzae/zqd//sj4sstxn/zyK+vbyn+Po3/ZE/j33vh3idf/dSt/83jT8f/nVbpePZMNv8NbRTXVnfwWY8fAAAAAAAA7CaFiDgUSaG0Ui4USqXlz3cciQOFWr3RPHGhPndpMlrflR2OwUL7TvfQqs9DjGWfh23Xx5+oT0TE4Yj4fmB/q16q1GuT/Q4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/pzoN97B+w4P/kN+bVp/m/HLz0Bu5L//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+rc2bPpY2nx0bVKWp+8Mj83Xb9ycrLamC7NzFVKlfrs5dJUvT5Vq5Yq9ZnN/l6tXr88Nh5zV0eb1UZztDG/cH6mPnepef7iTHmqer46+FyiAgAAAAAAAAAAAAAAAAAAgBdLY35hulyrVWd3qpDsfBcK/SwUd8du5KdQjOfSV79nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB47L8AAAD//84fMw8=") r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x20042, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00'}, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x100000000}, 0x18) set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9) perf_event_open$cgroup(&(0x7f0000000380)={0x0, 0x80, 0x2, 0x4, 0xd3, 0x2, 0x0, 0x7fffffff, 0x20042, 0xa, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x401, 0x2, @perf_bp={&(0x7f0000000280)}, 0x1000, 0x0, 0x1, 0x6, 0x73ab2884, 0x9, 0x80, 0x0, 0x8, 0x0, 0x90cc}, 0xffffffffffffffff, 0xf, r9, 0x8) 2.441798993s ago: executing program 5 (id=1793): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = syz_open_dev$evdev(0x0, 0x2, 0x400000) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dd"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='rxrpc_call\x00', r1, 0x0, 0x8000000000000003}, 0x18) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r2, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24) sendmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x8804) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffb}]}) close_range(r3, 0xffffffffffffffff, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0) ioctl$EVIOCGABS2F(r0, 0x8018456f, &(0x7f0000000080)=""/151) 2.372180145s ago: executing program 5 (id=1794): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000500)='kfree\x00'}, 0x18) r1 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/notes', 0x0, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000380), &(0x7f00000003c0)=r3}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r4, 0x0, 0x7}, 0x18) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1") r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r6}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={r6, 0x3a, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, &(0x7f00000000c0), &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xda, &(0x7f00000002c0)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xa3, 0x8, 0x8, &(0x7f0000000380)}}, 0x16) mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000) syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x1, 0x539, &(0x7f00000005c0)="$eJzs3V9v01YfwPGfS8tT5ZHQo+d5hFBV4FA2qZVKcBIIirjBc07SA44d2Q5qr1BFW1SRwkSZtPaOG7ZJ24vgdi9id7va7d4G2kvY5D8tKW2S0pIGVd9PBOfEPjnnd1LLPzmJbQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGK5ddsuWeIZv7Os+nPrYdAasH4i72/hQDFgXBEr+SfT03IlW3Tl/x9WX07+m5NZkT9FZFamk+fTsvvvy/+5/7/Jib3XDwjoTGzv7D5f7XbXX407kDFpat9EgWk5Ta1MFKhatWrfXmpEqmE8Ha1EsW4pN9ROHIRq3l1QpVqtonRxJej4zbrj6b2F926VbbuqHhbb2gmjwL/9sBi5S8bzjN9M2ySrkzb3kg3xkYlVrJ2WUhub3fXKsCCTRqXjNCoPa1S2y+VSqVwuVe/W7t6z7clDC+yPyKEW499oMV4j2IsDJzOR53/xxIgvHVkWdeTDlbqEEkjrwNIH+7VcmvgnZOHr2w8Gjtub/2ezRbNXPqyekTT/X8ueXeuX//vEenaPbdmRXXkuq9KVrqzLq5P2dH38cznJoylafDESSSBGWuKkS1S+RElNqlIVW57IkjQkEiUNMeKJlkhWJJJYdLpFuRKKFkdiCSQUJfPiyoIoKUlNalIRJVqKsiKBdMSXptTFSXvZkM30fa8MiHG/Uek4jcoDGpH/cXqj2I0DJ/L3Xv4HAAAAAADnlpV++p4c/0/J1bTWMJ62xx0WAAAAAAD4jNJv/meTYiqpXRWL438AAAAAAM4bKz3HzhKRglzPantnQvEhAAAAAAAA50T6/f+1pCgkteticfwPAAAAAMB58+P+1Xf7XWM3av/L+u0vCcMp6017+Stry0naOVsXstdd+LjHuDFjXco7SYvqZP7M1bNWfvXL/Ytgvs+LjWFxWJ8hAPlZbmRtbqxl5dremmyUQsN4uugG3v2SOM6liVgvx9+92Pxe0un/5LcuWbKx2V0vPn3ZXUtjeZP08mYrv4DioesoDojldXq9hfSciyNnPJWeiJGPW8jGtXvnn99yYeITxnwrc1mbuUJWFg7OfzoZs1S8X5LJo2afR1E65czfys2szc35m1lxRBTl4oe/wR95nweiKPdGcaL34hhRVIr9toQ8isopowCAcdkYkoWsw4n/BHu5Q9n94iiy+1uZz9rMz6Q71smZI/bo9rA9un3K7PbroXsg9cuxybi/fJRV3yUveNd33MgrW8lbeOH11rdyeXtn99bm1uqz9WfrL8rlStW+Y9t3yzKVTiMvyD0AgCMMv8fO0BbWnSFH1f/d/0lBUZ7KS+nKmiymZxukvzg4stdCz88QFocctRZ67vCyOOSortBzo5fjt62cwV8CAICzMzckDx8n/y8OOe4+mMsHHx335vIhBt9gEAAA9KXD91Yh/sEKQ9N+UqrVSk68pFUYuI9UaOpNrYwf69BdcvymVu0wiAM38JLKY1PXkYo67XYQxqoRhKodRGY5vfO7ym/9HumW48fGjdqediKt3MCPHTdWdRO5qt35xjPRkg7TF0dt7ZqG+T3/xDvohK4uKhVp3dPQ1LUfm4ZJqr5qh6blhCvqceB1WlrVdeSGph0HWYd7Yxm/EYQtJzaBXxz3mw0AwBdie2f3+Wq3u/5qhJVxzxEAABxElgYAAAAAAAAAAAAAAAAAAAAA4Ms3stP+LuYDjPTMQiojrHzqtjHxBcRM5eSVi3JgyZh3TABG7p8AAAD//xR6Tls=") ioctl$TIOCGPTPEER(r1, 0x5441, 0xfffffffffffffff8) r8 = fsopen(0x0, 0x0) r9 = fsmount(r8, 0x0, 0x8) fchdir(r9) syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r10 = socket$nl_route(0x10, 0x3, 0x0) socket(0x1, 0x803, 0x0) sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000d00)=ANY=[@ANYRES8=r7, @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800e00010069703665727370616e0000001c00028004eb110014000600fe800000e600000000000000000001aa080003008dada18218116a87e2df6fbbe10a0f0badc8d7d839076109e10bd43fdbe5b1803c4d351c9bcc346f95cff6f062d9f8027acdc248cbc12a10aeedf1db2b5e31fd6f01e27f878d7f27501138d4bd46d945d5a01aa7ccac2b0774b2f898250ca92d1025e060ed4883ee064f5d78342fd14978c7f2a46b8e76f3eda06e7ac70d269a281436e1f9c73e8a9ad45ceb13a005e8efad49ecefd704f6cbc7a02f2e00ac5f72", @ANYRES32, @ANYBLOB], 0x58}}, 0x4000000) finit_module(r1, 0x0, 0x7) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000180)=0x7, 0x4) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e25, 0x0, @remote, 0x7}, 0x1c) 1.828313465s ago: executing program 5 (id=1799): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000010080)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x18) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000840)={{r0}, &(0x7f00000007c0), &(0x7f0000000800)='%-5lx \x00'}, 0x20) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0) ioctl$TCSETSW2(r2, 0x5453, 0x0) 1.756731346s ago: executing program 5 (id=1801): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0) ioctl$TIOCNOTTY(r0, 0x5422) setreuid(0xee01, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r2}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000007000000faffffff95"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) munlockall() syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000059c0)='./bus\x00', 0x1400e, &(0x7f0000000100)={[{@quota}]}, 0x1, 0x441, &(0x7f00000009c0)="$eJzs28tvG8UfAPDvrp3219cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgpC5YgqcUcckfgLOMEFASckrnBHlSrUSwsno7V3E8exncQ4ccGfj7TJzO5EM1/vjD2zEwcwtMayH0nE7oj4NSJGG9mVBcYav+7cujLz560rM0nUam/8kdTL3b51ZaYoWvzdriJTjkg/SeJgm3oXLl0+N12tzl3M8xOL59+dWLh0+Zmz56fPzJ2ZuzB18uTxY5PPnZh6ti9xZnHdPvDB/KH9r7x1/bWZU9ff/vHrpIi/JY4+Get28fFarc/VDdaepnRSHmBD2JBSY5jGSH38j0Yplm/eaLz88UAbB2yqWq1Wu6/z5as14D8siUG3ABiM4oM+W/8WxxZNPe4KN19oLICyuO/kR+NKOdK8zEjL+rafxiLi1NW/vsiO2JznEAAAK3ybzX+ebjf/S6P5udD/8z2USkTcExF7I+JEROyLiHsj6mXvj4gHNlh/6ybJ6vlPeqOnwNYpm/89n+9trZz/FbO/qJTy3J56/CPJ6bPVuaP5a3IkRrZn+ckudXz30i+fdbrWPP/Ljqz+Yi6Yt+NGeXufgm3j5kcRB8rt4k+WdgKSiNgfEQd6rOPsk18d6nRt7fi76MM+U+3LiCca9/9qtMRfSLrvT078L6pzRyeKXrHaTz9fe71T/euKP/nncXaS3f+dEVF0sdXx76kkzfu1Cxuv49pvn3Zc0/TS/2enF6e3JW+uOPf+9OLixcmIbcmr9Xyl+fxUS7mp5fJZ/EcOtx//e2P5lTgYEVknfjAiHoqIh/O2PxIRj0bE4S7x//DiY+/0Hv/myuKfbfv+t9TpWu7/cmJbtJ5pnyid+/6bFZVWNhJ/dv+P11NH8jPZ/V8rrvW0q7feDAAAAP8+aUTsjiQdX0qn6fh443/498XOtDq/sPjU6fn3Lsw2viNQiZG0eNI12vQ8dDJf1hf5sZb8sfy58eelHfX8+Mx8dXbQwcOQ29Vh/Gd+Lw26dcCm830tGF7GPwwv4x+Gl/EPw6vN+N8xiHYAW6/d5/+HA2gHsPVaxr9tPxgi1v8wvMrW+zC0fP7DUFrYEWt/SV5CYlUi0ruiGRI9JtKI6FZm0O9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/fF3AAAA//+edt38") bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x6}, 0x18) writev(0xffffffffffffffff, &(0x7f0000000180), 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) writev(r4, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x69000}], 0x1) 1.672110388s ago: executing program 1 (id=1804): bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = syz_open_dev$evdev(0x0, 0x2, 0x400000) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837d"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='rxrpc_call\x00', r1, 0x0, 0x8000000000000003}, 0x18) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r2, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24) sendmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x8804) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffb}]}) close_range(r3, 0xffffffffffffffff, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0) ioctl$EVIOCGABS2F(r0, 0x8018456f, &(0x7f0000000080)=""/151) 1.671479828s ago: executing program 0 (id=1805): mkdir(&(0x7f0000000580)='./file0\x00', 0x92) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='ext3\x00', 0x10090, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70500000800000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) creat(&(0x7f00000000c0)='./file0\x00', 0x48) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) creat(&(0x7f00000003c0)='./file0\x00', 0x2) r4 = inotify_init1(0x800) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000640)={0x0, 0x1c, &(0x7f0000000600)=[@in6={0xa, 0x4e22, 0x8, @local, 0x8}]}, &(0x7f0000000180)=0x10) fsetxattr$trusted_overlay_nlink(r4, &(0x7f00000000c0), &(0x7f0000000480)={'U-', 0x6}, 0x16, 0x1) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000080)=0x8) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_sctp6_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f00000005c0)=@assoc_value={r6, 0xffec}, 0x8) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='oom_adj\x00') preadv(r7, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/131, 0x83}, {0x0}], 0x2, 0xffffff8d, 0x3) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) shutdown(r8, 0x2) recvmsg(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000280)=""/38, 0x26}], 0x1}, 0x10101) inotify_add_watch(r4, &(0x7f00000002c0)='./file0\x00', 0x100080c) memfd_create(&(0x7f0000000300)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xd9\x19\x17\xb0\xed|\xb3\xc2\x017h\xe9kL\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00\x00\x00\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xeepI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f2\xf7]#\xed,\xc7\x03\x00\x00\x00\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb6\xe4R$\xaa\x00U\x92\xd2\x99\xb80x0) r5 = eventfd(0x0) r6 = socket$caif_stream(0x25, 0x1, 0x0) r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r8, 0x0, 0x800000000006}, 0x18) sendmmsg$inet(r6, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000780)="92", 0x1}], 0x1}}], 0x2, 0x2600c054) io_submit(r4, 0x2, &(0x7f0000000040)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0xc2, r5, 0x0, 0x0, 0x36}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3, 0x40, r5, 0x0, 0x0, 0x0, 0x0, 0x2}]) add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) close(r0) 1.466091652s ago: executing program 1 (id=1809): socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='kfree\x00', r4, 0x0, 0xfffffffffffffffd}, 0x18) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000100)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB='&'], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0) recvfrom(r1, &(0x7f0000004000)=""/4112, 0xfffffffffffffedc, 0x2080, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r7}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]}) inotify_init1(0x0) syz_clone(0x40b04000, 0x0, 0x0, 0x0, 0x0, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r9 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r9, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800014004000000", 0x58}], 0x1) 1.02250881s ago: executing program 1 (id=1813): bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x2, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x84, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r0}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800) 794.753345ms ago: executing program 5 (id=1820): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8002, &(0x7f0000000080), 0x1, 0x55f, &(0x7f0000000d00)="$eJzs3c9vHFcdAPDvjH9t0zROoAeogAQoBBRlN960UdVLwwWEqkqIigPikBp7Y5nsZkN2XWoTCfdvAAkkTvAncEDigNQTB24cEELigBDlgFTAAsVIHBbN7Njd2rvNNl7v1t7PR5rMj/dmvu+ts/PevrXnBTC1LkXEdkTMR8RrEbFYHE+KJW52lyzfw50HK7s7D1aS6HRe/WeSp2fHoueczJPFNUsR8fWvRHw7ORy3tbl1Z7ler90v9ivtxr1Ka3Pr6npjea22Vrtbrd5YunHthevPVw+c+Ydzj1vXi41fvPPl9Ze/8etfffLt321/8ftZsc4Wab31GKVu1ef242RmI+Ll4wg2ATPFen7C5eDxpBHxkYj4TP7+X4yZ/H8nAHCadTqL0Vns3R+gNDAFADhh0nwMLEnLEZGmRSeg3B3DezrOpPVmq33ldnPj7mp3rOx8zKW31+u1axcW/vTdPPNcku0v5Wl5er5fPbB/PSIuRMSPFp7I98srzfrqZLo8ADD1nuxt/yPiPwtpWi4PdWqfb/UAgBOjNOkCAABjp/0HgOmj/QeA6TNE+1982b997GUBAMbD538AmD7afwCYPtp/AJgqX3vllWzp7BbPv159fXPjTvP1q6u11p1yY2OlvNK8f6+81myu5c/saTzqevVm897Sc7HxRqVda7Urrc2tW43mxt32rfy53rdqc2OpFQDwfi5cfOuPSURsv/hEvkTPXA7aajjd0hHmAk6WmaOcrIMAJ5rZvmB6DdWE552E3x57WYDJ6Psw71Lfzff6yQcI4veM4EPl8seHH/83xzOcLh9wZP/3xzJJPjARjzf+/9LIywGMn/F/mF6dTnJwzv/5/SQA4FQ6wq/wdX4wqk4IMFGPmsx7JN//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwClzNiK+E0lazucCT7N/03I54qmIOB9zye31eu1aRJyLixExt5DtL0260ADAEaV/T4r5vy4vPnv2YOp88t+FfB0R3/vpqz9+Y7ndvr+UHf/X/vGFvenDqu+ed4R5BQGA4f11mEx5+10t1j0f5B/uPFjZW46xjIe886X9yUdXdnce5Es3ZTY6nU4nopT3Jc78O4nZ4pxSRDwTETMjiL/9ZkR8rF/9k3xs5Hwx82lv/ChiPzXW+Ol74qd5WnedvXwfHUFZYNq8ld1/bvZ7/6VxKV/3f/+X8jvU0eX3v1LE3r1vtyf+bBFppk/87D1/adgYz/3mq4cOdha7aW9GPDPbL36yHz8ZEP/ZIeP/+ROf+uFLA9I6P4u4HP3j98aqtBv3Kq3NravrjeW12lrtbrV6Y+nGtReuP1+t5GPUlb2R6sP+8eKVc4PKltX/zID4pb71n98/93ND1v/n/3vtW59+d3fhYPwvfLb/z//pvvG7sjbx80PGXz7zy4HTd2fxVwfU/1E//ytDxn/7b1urQ2YFAMagtbl1Z7ler90/0kb2KXQU1zm0kRVxuMx73cXBeYoMN9/vOn+JfGNEL8uAjawzNkzmueN6VY99Y3a/rzjaK38zu+KYq5OOvBZH2ng4rliTuR8B43OoeQQAAAAAAAAAAAAAAD50xvGnS5OuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfX/wMAAP//8RXBxA==") mknod$loop(&(0x7f0000001340)='./file0\x00', 0xc000, 0x1) 746.066286ms ago: executing program 0 (id=1821): r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg$inet(r0, &(0x7f0000004c40)=[{{&(0x7f0000000440)={0x2, 0x4e22, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="14000000000000000000000002000000010000000000000010000000000000000000000007000000140000000000000000000000010000000900000000000000380000000000000000000000070000000002891fddac1e0001ac1414bb64010102ac14141eac14143e64010100ac1414aa440419510000001c000000000000000000000008"], 0x98}}], 0x1, 0x0) 745.612896ms ago: executing program 0 (id=1822): prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x200000000005}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000002580000000e0a01020000000000000000010000000900020073797a32000000001800038014000080100001800400028006000180000000000900010073797a30"], 0xc8}}, 0x0) 593.723799ms ago: executing program 0 (id=1824): r0 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f00000001c0)=0x7f, 0x4) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18) statx(0xffffffffffffffff, 0x0, 0x2000, 0x10, 0x0) syslog(0x4, &(0x7f00000000c0)=""/196, 0xc4) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000004c0)='./file1\x00', 0x3000046, &(0x7f00000005c0)={[{@dioread_nolock}, {@data_err_abort}, {@jqfmt_vfsold}, {@abort}, {@data_err_ignore}, {@discard}, {@nodiscard}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@block_validity}, {@errors_remount}]}, 0x1, 0x57c, &(0x7f0000000c00)="$eJzs3U9rHOUfAPDvbJI2/fP7NYVSVEQCPVip3TSJfyp4qEfRYkHvdUm2oWTTLdlNaWLB9mAvXqQIIhbEu949Ft+Ar6KghSIl2IOXyExmmm2ym6TtNpu6nw9seJ6Z2Xmeb2aeZ59nZpYNoG+Npn9KES9HxDdJxKGISPJ1g5GvHF3dbvnBtan0lcTKyqd/Jdl2ab7YV/G+A3nmpYj47auIE6WN5TYWl2YrtVp1Ps+PNecujzUWl05enKvMVGeqlyYmJ0+/PTnx3rvvdC3WN849/P6TOx+e/vrY8ne/3Dt8K4kzcTBf1xrHM7jemhmN0fx/MhRn1m043oXCdpOk1xXgqQzk7Xwo0j7gUAzkrR747/syIlaAPpVo/9CninFAMbePYh78sJejkp1z/4PVCVAR/9p1gMHVayMxnM2N9i8nj82M0vnuSBfKT8v49c/bt9JXdO86BMCWrt+IiFODgxv7vyTv/57U2sXeU9vYen0Z+j/YOXfS8c+b7cY/pRjNrg4PZ7n1458Dbdru09i6/ZfudaGYjtLx3/vRPv7cyECe+1825htKLlysVdO+7f8RcTyG9qb5ze7nnF6+u9Jp3ejqrm8VY8C0/GIsmNfj3uDex98zXWlWniXmVvdvRLzSdvybPBr/Jm2Of1rpc9ss42j19mud1rWOf9vH/3yt/BTxetvjv3ZHK9n8/uRYdj6MFWfFRn/fPPp7p/J7HX96/PdvHv9I0nq/trH5/obbLPtx+J9qp+0fiz+2f/7vST7L0nvyZVcrzeb8eMSe5OONyyfW3lvki+3T+I8f69T/Rcfzf19EfL75v+KRm0d+fnVb8ffo+E8/0fFvTUSyfkm7xN2PvvihU/lbx58e/7ey1PF8yXb6v+3Ua+uzGQAAAAAAAF4spYg4GEmp/ChdKpXLq893HIn9pVq90Txxob5waTqy78qOxFCpuNN9qOV5iPH8edgiP7EuPxkRhyPi24F9Wb48Va9N9zp4AAAAAAAAAAAAAAAAAAAA2CUOdPj+f+qPgV7XDnju/OQ39K8t2383fukJ2JV8/kP/0v6hf2n/0L+y9p/0uhZAL/j8h/6l/UP/0v6hf2n/AAAAAAAAAAAAAAAAAAAAAAAAAAAA0FXnzp5NXyvLD65NpfnpK4sLs/UrJ6erjdny3MJUeao+f7k8U6/P1KrlqfrcVvur1euXxydi4epYs9pojjUWl87P1RcuNc9fnKvMVM9Xh3YkKgAAAAAAAAAAAAAAAAAAAHixNBaXZiu1WnVeQuKpEoO7oxoSXUucyRK97pkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM2/AQAA//+3LjSI") perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x30, 0x1, 0x0, 0x0, 0x0, 0x3, 0x40510, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5, @perf_bp={0x0, 0x8}, 0xb008, 0x10000, 0x1, 0x1, 0x8, 0x20003, 0x2b, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r3 = socket$unix(0x1, 0x1, 0x0) r4 = socket$unix(0x1, 0x1, 0x0) bind$unix(r4, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) listen(r4, 0x0) connect$unix(r3, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r3, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) listen(r4, 0x1) syz_read_part_table(0x618, &(0x7f0000002200)="$eJzs3D+IFGcUAPC3dzc7dwqehUWwiWctBMXSK6LsbQwGZE0IHBb5iwhXXeBgQxY3eEVyheIWYplGApviXKvoFVY5FFIHsTAIW9gETBNiipsws3O3GzgOEjaE4O9XfN/bnTfvzQfTvgn+1yYiKaMsLbY3PtozP5sdxu14r1tbOJtlWfZuRCUuRhJzyYFeRExF9G6NVI2jEbF/pM7tb/ZtfP3rW0n3yYVktH470jiY51YjL1ma2e1R0r99WMZufX5z9urqcv1a/qPe6m+9H3HnRa1x79xapzeZnPkk//9KxMMyf6pYZya27/9wKv5yZQ9fDsPKaP/tl+Py43qrf6v77PjW4frk95dOvTyycf3BiYiVvPL5KF72oeo/P/Oo9fnNrFT0X5m7sdhpnT5299DNk837jxrPJ38vLw9aToynLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/5L1fFmtxrXm/OXH9Vb/q59+fOfOi1rj3rm1Tu/t6pmnlUHewzJ/qtw/i2Z8HklELMVSfBrLu5d/bSc6sBMtVkb7z2/OXl1drg/6/7Ev4tnxrcP17sylUy8XNq4/OFFkVWI63ybGevRd+rf6K3M3Fjut08fuHrp5snn/UeP55CBvKY2Pi+NGRDr+xwAAAAAAAAAAAAAAAAAAAOAVV1s4e+T8m42DeXxxOiJ++aKYss/Sme+imLwfOFruT9PBKP/t6cG3ALpPLvxW/eCHtZ/Lofh2pNGOiP3fJhHx+k6fK8W6/fWASIaV+S/9GQAA///p7o1q") r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{}, &(0x7f0000000380), &(0x7f00000003c0)=r5}, 0x20) close(0x3) 551.99257ms ago: executing program 5 (id=1825): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000140)='sched_switch\x00', r0, 0x0, 0x1000000000000000}, 0x18) r1 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000180)={0x7a2a, 0x9, 0x5a}, 0x8) sendmsg$inet_sctp(r1, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x15}}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1, 0x0, 0x0, 0x2804c044}, 0x0) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0) timer_settime(0x0, 0x1, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0) pwritev2(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000280)="14", 0x1}], 0x1, 0x9, 0xfffffffc, 0xa0) socket$inet6_tcp(0xa, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]}) 416.161682ms ago: executing program 4 (id=1827): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = creat(&(0x7f00000000c0)='./bus\x00', 0x182) cachestat(r2, &(0x7f0000000140)={0x2, 0x3}, &(0x7f00000001c0), 0x0) 354.499724ms ago: executing program 0 (id=1828): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000060000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) r2 = socket(0x1e, 0x805, 0x0) connect$tipc(r2, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x0, 0x200000}, 0x2}}, 0x10) connect$tipc(r2, &(0x7f0000000000)=@id, 0x10) close(r2) 343.925274ms ago: executing program 4 (id=1829): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r2, 0x0, 0x14, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c000", 0x0, 0x86, 0x0, 0x31, 0x0, &(0x7f0000000000)="daf9e846ab156efc71b59652333536dbfd26a6d0546366e36eb77dd0aaa2dbe567d168904cf0d5bce1771889c98ffc0abf", 0x0}, 0x50) 311.458604ms ago: executing program 0 (id=1830): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x21c91c, &(0x7f0000000900)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@noblock_validity}, {@mblk_io_submit}, {@jqfmt_vfsold}, {@nodelalloc}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@resgid, 0x32}]}, 0x1e, 0x4ea, &(0x7f00000009c0)="$eJzs3VFrW9cdAPD/la3MSZzZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYR9gMMY22NOe9jLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHip1GllLr94MjnXt0r/7nXKGje+49XAXQt05HxJmIeFitVs9FxEijPNNIsVVPtfUe3L89W0tJVKvXPkoiknpZbbXxbe95tLHZUET8/jcRf0qejlve2FyaKRYLa43lfGV5NV/e2Dy/uDyzUFgorExNTV6avjx9cXqiI+0cjogrv3rvn3/736+vvPaTm29f/2D8z0mjPOJxOzqt3vRsui+aBiNibT+C9chg2kIAAL4Jmsf5P4yIczESA+nRHAAAAHCQVH8+HF8kEVUAAADgwMqkc2CTTK4xD2A4Mplcrj6H97txJFMslSs/ni+tr8zV58qORjYzv1gsTDTmCo9GNqktT6b5x8sXdixPRcTxiPjHyOF0OTdbKs71+uQHAAAA9ImjO8b/n47Ux//bfN6zygEAAACdM9rrCgAAAAD7zvgfAAAADj7jfwAAADjQfnv1ai1Vm/9/PXdjY32pdOP8XKG8lFten83NltZWcwul0kJ6z77l3d6vWCqt/jRW1m/lK4VyJV/e2Ly+XFpfqVxffOIvsAEAAIAuOv6Du28lEbH1s8NpqjnU60oBXTH4PCu/u3/1ALpvoNcVAHrmuX7/gQMl2+sKAD2X7PJ628k7r3e+LgAAwP4Y+17r6/8Du54b2Mp0qYrAPnH+D/qX6//Qv1z/h/6VjYEwkIf+ttstQIfajRX2fP2/Wn3uSgEAAB01nKYkk4tIzwMMRyaTy0UcS8cE2WR+sViYiIhvR8SbI9lv1ZYn0y2TXecMAwAAAAAAAAAAAAAAAAAAAAAAAAB11WoSVQAAAOBAi8i8n6R3848YGzk7vPP8wKHks5H0OSJu/ufav27NVCprk7Xyjx+VV/7dKL/QizMYAAAAwE7NcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTg/u3ZZupm3A9/GRGjreIPxlD6PBTZiDjySRKD27ZLImKgA/G37kTEiVbxk1q1YrRRi1bxD/c4/tEOxId+drfW//yi1fcvE6fT59bfv0tpD/Xi2vd/mUf930CL+LWyY3uMcfLeK/m28e9EnBxs3f804ydt+p8ze4z/xz9sbrZ7rfrfiLGWvz/JE7HyleXVfHlj8/zi8sxCYaGwMjU1eWn68vTF6Yn8/GKx0HhsGePv33/14bPaf6RN/NFd2n92j+3/8t6t+9+pZ7OPNk8exx8/0/rzP9Emfqbx+f+oka+9PtbMb9Xz2536/xunntX+uTbt3+3zH99j+8/97q/v7HFVAKALyhubSzPFYmGtrzMvtDdqh0UvRStezkxtv379zYf2tYZ/2V6SdObrUDsyfzn2/ItletotAQAA++DpMTAAAAAAAAAAAAAAAAAAAADQbd24nVh2R8yt9LETd88HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOicrwIAAP///B/QPg==") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1}, 0x18) syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0x8a, &(0x7f00000001c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xa3}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@block_validity}, {@minixdf}, {@grpjquota}, {@noinit_itable}]}, 0x1, 0x463, &(0x7f0000001040)="$eJzs3MtvG8UfAPCv17Gbvn7Jr5RHSwuBgqh4JE36oAcuRSBxAAkJDkWcQpJWpW6DmiDRqoLCoRxRJe6IIxJ/ARfKBQEnJK5wR0gV6oXCyWjtXedR24ldJy715yM5ntkZZ+a7u2OPZ20HMLDG0j+FiB0R8WtEjNSzKyuM1e9u3bw88/fNyzOFqFbf+LNQq/fXzcszedX8cdvrmWq1TbtX346YrlTmLmT5icVz700sXLz03Jlz06fnTs+dnzq+cOTw/vKxqaM9iXNn2te9H87v2/PKW9demzl57Z0fv077uyMrXx5Hr4zV925TT/a6sT7buSxdGOpjR+hIMSLSw1Wqjf+RKMbWRtlIvPxJXzsHbKhqNaluaV18pQrcw9KJOjCI8hf69P1vftukqcdd4caJaKxj3Mpu9ZKhSLI6pew90kYYi4iTV/754uRwPT9o+x8A2HzXT0TEs83mf0k8sKze/7JrQ6MR8f+I2BUR90XE7oi4P6JW98GIeKjD9ldfIbl9/lMd6SqwdUrnfy9k17ZWzv/y2V+MFrPczlr8pcKpM5W5Q9k+ORilLWl+sk0b3730y2etyhrzv+yWtp/eL9VI/hhatUA3O704Hauv03XpxscRe4eW4h9uxF9ozHnTdvZExN4u2zjz9Ff7WpWtHX8bPZiUV7+MeKp+/K/EiuO/tHcLza9PHj9yePL5Y1NHJ4ajMndoIj8rbvfTz1dfb9X+HcXfAzeuV2Nb0/O/Ef9oYThi4eKls7XrtQudt3H1t09bvqfp9vwvF96spcvZtg+mFxcvTEaUC6/evn1q6bF5Pq+fnv8HDzQf/7tiaU88HBHpSbw/Ih6JiEezvj8WEY9HxIE28f/w4hPvdh5/m1X5Hkrjn13r+Mfy479m4lJErNhSPPv9N53Hn0uP/5Fa6mC2JX/+a2ddPe3qbAYAAID/nqT2GfhCMt5IJ8n4eP0z/LtjW1KZX1h85tT8++dn65+VH41SsnylK18PnczWhvP81Kr84Wzd+PPi1lp+fGa+Mtvn2GHQbW8x/lO/F/vdO2DD+b4WDC7jHwAGj9d/GFzGPwyuZuP/oz70A9h8a7z+b92sfgCbz/wfBpfxD4PL+IeB1PK78UlalNZY5xfpJe4gUe7ZP/y23NFvNdxBIpK7YtfdQ4lSNC0aWvePWXSZ2NK0qN/PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//gELc7A==") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 239.541286ms ago: executing program 4 (id=1831): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x40, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}}, 0x0) sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r1, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000) 219.087787ms ago: executing program 4 (id=1832): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000200000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x4000) 171.088367ms ago: executing program 4 (id=1833): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYRES16=r1], &(0x7f0000000880)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000000010000081100000900000001"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3d, 0x8, &(0x7f0000000000)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}], 0x0, 0xdf, 0x0, 0x0, 0x41000, 0x10, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000000), &(0x7f00000002c0), 0x1, r3}, 0x38) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x3, r3}, 0x38) r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1900000002000000060000000001000004420000", @ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=r4, @ANYBLOB="04000000020000000400"/28], 0x50) io_setup(0x9, &(0x7f0000000000)=0x0) r6 = eventfd(0x0) r7 = socket$caif_stream(0x25, 0x1, 0x0) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r9, 0x0, 0x800000000006}, 0x18) sendmmsg$inet(r7, &(0x7f0000000940)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000780)="92", 0x1}], 0x1}}], 0x2, 0x2600c054) io_submit(r5, 0x2, &(0x7f0000000040)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0xc2, r6, 0x0, 0x0, 0x36}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3, 0x40, r6, 0x0, 0x0, 0x0, 0x0, 0x2}]) add_key(&(0x7f00000001c0)='ceph\x00', 0x0, &(0x7f0000000840)='\x00\x00\x00\x00\x00\x00\x00\x00\x00*\x00\x00', 0xc, 0xffffffffffffffff) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) close(r0) 65.610639ms ago: executing program 4 (id=1834): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x21c91c, &(0x7f0000000900)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@noblock_validity}, {@mblk_io_submit}, {@jqfmt_vfsold}, {@nodelalloc}, {@nomblk_io_submit}, {@usrjquota}, {@minixdf}, {@resgid, 0x32}]}, 0x1e, 0x4ea, &(0x7f00000009c0)="$eJzs3VFrW9cdAPD/la3MSZzZYXvIAsvCkmGHLZIdL4nZQ7bB2J4C27L3zLNlYyxbxpKT2ITNYR9gMMY22NOe9jLoByiUfIRSCLTvpS0tpU3ah0LbqOhKShxHip1GllLr94MjnXt0r/7nXKGje+49XAXQt05HxJmIeFitVs9FxEijPNNIsVVPtfUe3L89W0tJVKvXPkoiknpZbbXxbe95tLHZUET8/jcRf0qejlve2FyaKRYLa43lfGV5NV/e2Dy/uDyzUFgorExNTV6avjx9cXqiI+0cjogrv3rvn3/736+vvPaTm29f/2D8z0mjPOJxOzqt3vRsui+aBiNibT+C9chg2kIAAL4Jmsf5P4yIczESA+nRHAAAAHCQVH8+HF8kEVUAAADgwMqkc2CTTK4xD2A4Mplcrj6H97txJFMslSs/ni+tr8zV58qORjYzv1gsTDTmCo9GNqktT6b5x8sXdixPRcTxiPjHyOF0OTdbKs71+uQHAAAA9ImjO8b/n47Ux//bfN6zygEAAACdM9rrCgAAAAD7zvgfAAAADj7jfwAAADjQfnv1ai1Vm/9/PXdjY32pdOP8XKG8lFten83NltZWcwul0kJ6z77l3d6vWCqt/jRW1m/lK4VyJV/e2Ly+XFpfqVxffOIvsAEAAIAuOv6Du28lEbH1s8NpqjnU60oBXTH4PCu/u3/1ALpvoNcVAHrmuX7/gQMl2+sKAD2X7PJ628k7r3e+LgAAwP4Y+17r6/8Du54b2Mp0qYrAPnH+D/qX6//Qv1z/h/6VjYEwkIf+ttstQIfajRX2fP2/Wn3uSgEAAB01nKYkk4tIzwMMRyaTy0UcS8cE2WR+sViYiIhvR8SbI9lv1ZYn0y2TXecMAwAAAAAAAAAAAAAAAAAAAAAAAAB11WoSVQAAAOBAi8i8n6R3848YGzk7vPP8wKHks5H0OSJu/ufav27NVCprk7Xyjx+VV/7dKL/QizMYAAAAwE7NcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTg/u3ZZupm3A9/GRGjreIPxlD6PBTZiDjySRKD27ZLImKgA/G37kTEiVbxk1q1YrRRi1bxD/c4/tEOxId+drfW//yi1fcvE6fT59bfv0tpD/Xi2vd/mUf930CL+LWyY3uMcfLeK/m28e9EnBxs3f804ydt+p8ze4z/xz9sbrZ7rfrfiLGWvz/JE7HyleXVfHlj8/zi8sxCYaGwMjU1eWn68vTF6Yn8/GKx0HhsGePv33/14bPaf6RN/NFd2n92j+3/8t6t+9+pZ7OPNk8exx8/0/rzP9Emfqbx+f+oka+9PtbMb9Xz2536/xunntX+uTbt3+3zH99j+8/97q/v7HFVAKALyhubSzPFYmGtrzMvtDdqh0UvRStezkxtv379zYf2tYZ/2V6SdObrUDsyfzn2/ItletotAQAA++DpMTAAAAAAAAAAAAAAAAAAAADQbd24nVh2R8yt9LETd88HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOicrwIAAP///B/QPg==") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000)) 0s ago: executing program 1 (id=1835): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$llc_int(r1, 0x10c, 0x9, &(0x7f0000000040)=0xfffff2fd, 0x4) bpf$MAP_CREATE(0x0, 0x0, 0x48) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x18) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e24, @multicast2}, 0x10) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]}) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18) r7 = signalfd(0xffffffffffffffff, &(0x7f0000000140)={[0x157]}, 0x8) r8 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) r10 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0x10}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x7, 0xe14fe1afe8ab4915, 0x4}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2}, 0x4000000) r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x0) sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r12], 0x1c}}, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000005c0)=0x0) sendmsg$NFC_CMD_FW_DOWNLOAD(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000006c0)={&(0x7f00000007c0)={0x48, 0x0, 0x8, 0x70bd27, 0x25dfdbfc, {}, [@NFC_ATTR_FIRMWARE_NAME={0x5, 0x14, '\xcb'}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r12}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r13}, @NFC_ATTR_FIRMWARE_NAME={0x14, 0x14, 'kmem_cache_free\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x8000) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f00000004c0)={0xd, {{0x2, 0x4e22, @rand_addr=0x64010100}}}, 0x88) r14 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r15 = ioctl$LOOP_CTL_GET_FREE(r14, 0x4c82) ioctl$LOOP_CTL_REMOVE(r14, 0x4c81, r15) sendmmsg$inet(r3, &(0x7f0000000480)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)="fa", 0x1}], 0x1}}], 0x1, 0x24044890) kernel console output (not intermixed with test programs): atman_adv: batadv0: Adding interface: batadv_slave_1 [ 126.963814][ T8425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.989804][ T8425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 127.001193][ T8498] FAULT_INJECTION: forcing a failure. [ 127.001193][ T8498] name failslab, interval 1, probability 0, space 0, times 0 [ 127.013939][ T8498] CPU: 1 UID: 0 PID: 8498 Comm: syz.5.1311 Not tainted syzkaller #0 PREEMPT(voluntary) [ 127.013974][ T8498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 127.014028][ T8498] Call Trace: [ 127.014035][ T8498] [ 127.014045][ T8498] __dump_stack+0x1d/0x30 [ 127.014071][ T8498] dump_stack_lvl+0xe8/0x140 [ 127.014096][ T8498] dump_stack+0x15/0x1b [ 127.014117][ T8498] should_fail_ex+0x265/0x280 [ 127.014163][ T8498] should_failslab+0x8c/0xb0 [ 127.014188][ T8498] __kmalloc_node_track_caller_noprof+0xa4/0x410 [ 127.014221][ T8498] ? make_vfsuid+0x49/0xa0 [ 127.014252][ T8498] ? v9fs_session_init+0x4b/0xde0 [ 127.014295][ T8498] kstrdup+0x3e/0xd0 [ 127.014384][ T8498] v9fs_session_init+0x4b/0xde0 [ 127.014406][ T8498] ? __rcu_read_unlock+0x4f/0x70 [ 127.014433][ T8498] ? avc_has_perm_noaudit+0x1b1/0x200 [ 127.014480][ T8498] ? should_fail_ex+0xdb/0x280 [ 127.014568][ T8498] ? v9fs_mount+0x51/0x5c0 [ 127.014622][ T8498] ? should_failslab+0x8c/0xb0 [ 127.014719][ T8498] ? __kmalloc_cache_noprof+0x189/0x320 [ 127.014756][ T8498] v9fs_mount+0x67/0x5c0 [ 127.014788][ T8498] ? selinux_capable+0x31/0x40 [ 127.014845][ T8498] ? __pfx_v9fs_mount+0x10/0x10 [ 127.014879][ T8498] legacy_get_tree+0x78/0xd0 [ 127.014961][ T8498] vfs_get_tree+0x57/0x1d0 [ 127.014989][ T8498] do_new_mount+0x207/0x5e0 [ 127.015011][ T8498] ? security_capable+0x83/0x90 [ 127.015039][ T8498] path_mount+0x4a4/0xb20 [ 127.015061][ T8498] ? user_path_at+0x109/0x130 [ 127.015126][ T8498] __se_sys_mount+0x28f/0x2e0 [ 127.015149][ T8498] ? fput+0x8f/0xc0 [ 127.015250][ T8498] __x64_sys_mount+0x67/0x80 [ 127.015330][ T8498] x64_sys_call+0x2b4d/0x2ff0 [ 127.015356][ T8498] do_syscall_64+0xd2/0x200 [ 127.015396][ T8498] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 127.015427][ T8498] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 127.015466][ T8498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.015485][ T8498] RIP: 0033:0x7f87dffdec29 [ 127.015498][ T8498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.015514][ T8498] RSP: 002b:00007f87dea3f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 127.015602][ T8498] RAX: ffffffffffffffda RBX: 00007f87e0225fa0 RCX: 00007f87dffdec29 [ 127.015613][ T8498] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000 [ 127.015623][ T8498] RBP: 00007f87dea3f090 R08: 0000200000000400 R09: 0000000000000000 [ 127.015633][ T8498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 127.015698][ T8498] R13: 00007f87e0226038 R14: 00007f87e0225fa0 R15: 00007fff1bd646b8 [ 127.015715][ T8498] [ 127.318580][ T8504] loop4: detected capacity change from 0 to 512 [ 127.326994][ T8502] loop5: detected capacity change from 0 to 512 [ 127.335902][ T8425] hsr_slave_0: entered promiscuous mode [ 127.342410][ T8425] hsr_slave_1: entered promiscuous mode [ 127.355101][ T8502] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 127.367257][ T8502] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1313: bg 0: block 328: padding at end of block bitmap is not set [ 127.386685][ T8504] ext4 filesystem being mounted at /296/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 127.404082][ T8504] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1314: bg 0: block 328: padding at end of block bitmap is not set [ 127.494787][ T29] kauditd_printk_skb: 297 callbacks suppressed [ 127.494883][ T29] audit: type=1326 audit(1758418390.663:13419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.4.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21b9d3ec29 code=0x7ffc0000 [ 127.526678][ T29] audit: type=1326 audit(1758418390.663:13420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.4.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f21b9d3ec29 code=0x7ffc0000 [ 127.550425][ T29] audit: type=1326 audit(1758418390.663:13421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.4.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21b9d3ec29 code=0x7ffc0000 [ 127.574171][ T29] audit: type=1326 audit(1758418390.663:13422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.4.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21b9d3ec29 code=0x7ffc0000 [ 127.597731][ T29] audit: type=1326 audit(1758418390.663:13423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.4.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21b9d3ec29 code=0x7ffc0000 [ 127.597768][ T29] audit: type=1326 audit(1758418390.663:13424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.4.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21b9d3ec29 code=0x7ffc0000 [ 127.597794][ T29] audit: type=1326 audit(1758418390.663:13425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.4.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21b9d3ec29 code=0x7ffc0000 [ 127.597820][ T29] audit: type=1326 audit(1758418390.663:13426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.4.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f21b9d3ec29 code=0x7ffc0000 [ 127.597892][ T29] audit: type=1326 audit(1758418390.663:13427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.4.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21b9d3ec29 code=0x7ffc0000 [ 127.716596][ T29] audit: type=1326 audit(1758418390.663:13428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8519 comm="syz.4.1318" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f21b9d3ec29 code=0x7ffc0000 [ 127.937366][ T3377] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 128.002126][ T8425] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 128.012545][ T8425] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 128.024328][ T8425] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 128.033692][ T8425] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 128.100163][ T8425] 8021q: adding VLAN 0 to HW filter on device bond0 [ 128.114971][ T8425] 8021q: adding VLAN 0 to HW filter on device team0 [ 128.125621][ T7004] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.132805][ T7004] bridge0: port 1(bridge_slave_0) entered forwarding state [ 128.145051][ T7004] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.152210][ T7004] bridge0: port 2(bridge_slave_1) entered forwarding state [ 128.193492][ T8543] FAULT_INJECTION: forcing a failure. [ 128.193492][ T8543] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 128.206759][ T8543] CPU: 1 UID: 0 PID: 8543 Comm: syz.4.1324 Not tainted syzkaller #0 PREEMPT(voluntary) [ 128.206815][ T8543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 128.206830][ T8543] Call Trace: [ 128.206837][ T8543] [ 128.206897][ T8543] __dump_stack+0x1d/0x30 [ 128.206920][ T8543] dump_stack_lvl+0xe8/0x140 [ 128.206943][ T8543] dump_stack+0x15/0x1b [ 128.206962][ T8543] should_fail_ex+0x265/0x280 [ 128.206991][ T8543] should_fail+0xb/0x20 [ 128.207018][ T8543] should_fail_usercopy+0x1a/0x20 [ 128.207048][ T8543] _copy_from_user+0x1c/0xb0 [ 128.207086][ T8543] memdup_user+0x5e/0xd0 [ 128.207188][ T8543] hidraw_send_report+0xb9/0x230 [ 128.207238][ T8543] hidraw_ioctl+0x526/0x710 [ 128.207271][ T8543] ? __pfx_hidraw_ioctl+0x10/0x10 [ 128.207346][ T8543] __se_sys_ioctl+0xce/0x140 [ 128.207366][ T8543] __x64_sys_ioctl+0x43/0x50 [ 128.207444][ T8543] x64_sys_call+0x1816/0x2ff0 [ 128.207471][ T8543] do_syscall_64+0xd2/0x200 [ 128.207620][ T8543] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 128.207649][ T8543] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 128.207685][ T8543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.207746][ T8543] RIP: 0033:0x7f21b9d3ec29 [ 128.207761][ T8543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.207782][ T8543] RSP: 002b:00007f21b875d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 128.207804][ T8543] RAX: ffffffffffffffda RBX: 00007f21b9f86180 RCX: 00007f21b9d3ec29 [ 128.207819][ T8543] RDX: 0000200000000440 RSI: 00000000c0404806 RDI: 0000000000000008 [ 128.207833][ T8543] RBP: 00007f21b875d090 R08: 0000000000000000 R09: 0000000000000000 [ 128.207927][ T8543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.207941][ T8543] R13: 00007f21b9f86218 R14: 00007f21b9f86180 R15: 00007ffe482ff5d8 [ 128.207964][ T8543] [ 128.252974][ T8425] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 128.484139][ T8425] veth0_vlan: entered promiscuous mode [ 128.492157][ T8425] veth1_vlan: entered promiscuous mode [ 128.510738][ T8425] veth0_macvtap: entered promiscuous mode [ 128.518663][ T8425] veth1_macvtap: entered promiscuous mode [ 128.531437][ T8425] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 128.543987][ T8425] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 128.556408][ T6999] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.567467][ T6999] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.582130][ T6999] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.600433][ T6999] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 128.621812][ T8556] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1291'. [ 128.635414][ T8556] netlink: 'syz.0.1291': attribute type 4 has an invalid length. [ 128.645791][ T8556] netlink: 'syz.0.1291': attribute type 4 has an invalid length. [ 128.706774][ T8560] loop5: detected capacity change from 0 to 512 [ 128.720113][ T8560] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 128.723203][ T8562] netlink: 'syz.0.1327': attribute type 10 has an invalid length. [ 128.738176][ T8562] bridge0: port 2(bridge_slave_1) entered disabled state [ 128.745393][ T8562] bridge0: port 1(bridge_slave_0) entered disabled state [ 128.752061][ T8560] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 128.769132][ T8560] EXT4-fs (loop5): 1 truncate cleaned up [ 128.778406][ T8562] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.785580][ T8562] bridge0: port 2(bridge_slave_1) entered forwarding state [ 128.793140][ T8562] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.800388][ T8562] bridge0: port 1(bridge_slave_0) entered forwarding state [ 128.812649][ T8562] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 128.901007][ T8576] loop1: detected capacity change from 0 to 512 [ 128.907413][ T8570] lo speed is unknown, defaulting to 1000 [ 128.907868][ T8570] lo speed is unknown, defaulting to 1000 [ 128.954368][ T8576] EXT4-fs (loop1): too many log groups per flexible block group [ 128.962384][ T8576] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 128.974633][ T8576] EXT4-fs (loop1): mount failed [ 128.996322][ T8576] loop1: detected capacity change from 0 to 164 [ 129.004551][ T8576] ISOFS: unable to read i-node block [ 129.009885][ T8576] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 129.030854][ T8587] hub 8-0:1.0: USB hub found [ 129.040557][ T8587] hub 8-0:1.0: 8 ports detected [ 129.066138][ T8595] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1337'. [ 129.124215][ T8601] netlink: 'syz.4.1340': attribute type 10 has an invalid length. [ 129.383000][ T8621] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1344'. [ 129.545423][ T8626] loop3: detected capacity change from 0 to 512 [ 129.583274][ T8626] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 129.619733][ T8635] openvswitch: netlink: Message has 6 unknown bytes. [ 129.634328][ T8637] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1350'. [ 129.655020][ T3359] hid_parser_main: 44 callbacks suppressed [ 129.655038][ T3359] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 129.668436][ T3359] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 129.675875][ T3359] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 129.683312][ T3359] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 129.690821][ T3359] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 129.698426][ T3359] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 129.706017][ T3359] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 129.713446][ T3359] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 129.716166][ T8639] loop5: detected capacity change from 0 to 512 [ 129.720909][ T3359] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 129.734615][ T3359] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 129.735143][ T8639] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 129.754569][ T8626] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1345: bg 0: block 328: padding at end of block bitmap is not set [ 129.790408][ T8639] EXT4-fs (loop5): 1 truncate cleaned up [ 129.796467][ T3359] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz1 [ 129.797121][ T8644] netlink: 'syz.4.1347': attribute type 4 has an invalid length. [ 129.824443][ T3395] lo speed is unknown, defaulting to 1000 [ 129.830348][ T3395] syz0: Port: 1 Link DOWN [ 129.854992][ T8635] netlink: 'syz.4.1347': attribute type 4 has an invalid length. [ 129.864598][ T3359] lo speed is unknown, defaulting to 1000 [ 129.870395][ T3359] syz0: Port: 1 Link ACTIVE [ 129.894230][ T8646] netlink: 'syz.0.1353': attribute type 10 has an invalid length. [ 129.914843][ T8646] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.922131][ T8646] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.941512][ T8652] netlink: 20 bytes leftover after parsing attributes in process `gtp'. [ 129.986209][ T8654] loop4: detected capacity change from 0 to 1024 [ 130.011765][ T8654] EXT4-fs: Ignoring removed nomblk_io_submit option [ 130.028759][ T8654] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 130.070608][ T8660] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51918 sclass=netlink_route_socket pid=8660 comm=syz.3.1359 [ 130.098521][ T8673] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1360'. [ 130.138865][ T8678] smc: net device bond0 applied user defined pnetid SYZ0 [ 130.159751][ T8678] smc: net device bond0 erased user defined pnetid SYZ0 [ 130.199681][ T8683] loop3: detected capacity change from 0 to 512 [ 130.206530][ T8683] EXT4-fs: Ignoring removed mblk_io_submit option [ 130.215121][ T8683] EXT4-fs: Ignoring removed nomblk_io_submit option [ 130.236722][ T8683] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 130.245271][ T8683] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 130.258930][ T8685] FAULT_INJECTION: forcing a failure. [ 130.258930][ T8685] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.272172][ T8685] CPU: 1 UID: 0 PID: 8685 Comm: syz.4.1366 Not tainted syzkaller #0 PREEMPT(voluntary) [ 130.272210][ T8685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 130.272226][ T8685] Call Trace: [ 130.272311][ T8685] [ 130.272320][ T8685] __dump_stack+0x1d/0x30 [ 130.272341][ T8685] dump_stack_lvl+0xe8/0x140 [ 130.272363][ T8685] dump_stack+0x15/0x1b [ 130.272383][ T8685] should_fail_ex+0x265/0x280 [ 130.272413][ T8685] should_fail+0xb/0x20 [ 130.272478][ T8685] should_fail_usercopy+0x1a/0x20 [ 130.272507][ T8685] strncpy_from_user+0x25/0x230 [ 130.272546][ T8685] ? kmem_cache_alloc_noprof+0x186/0x310 [ 130.272575][ T8685] ? getname_flags+0x80/0x3b0 [ 130.272678][ T8685] getname_flags+0xae/0x3b0 [ 130.272764][ T8685] io_renameat_prep+0x105/0x1b0 [ 130.272788][ T8685] io_submit_sqes+0x5ec/0x1060 [ 130.272823][ T8685] __se_sys_io_uring_enter+0x1c1/0x1b70 [ 130.272849][ T8685] ? 0xffffffff81000000 [ 130.272930][ T8685] ? __rcu_read_unlock+0x4f/0x70 [ 130.272959][ T8685] ? get_pid_task+0x96/0xd0 [ 130.272981][ T8685] ? proc_fail_nth_write+0x13b/0x160 [ 130.273009][ T8685] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 130.273055][ T8685] ? vfs_write+0x7e8/0x960 [ 130.273078][ T8685] ? __rcu_read_unlock+0x4f/0x70 [ 130.273168][ T8685] ? __fget_files+0x184/0x1c0 [ 130.273200][ T8685] ? fput+0x8f/0xc0 [ 130.273277][ T8685] __x64_sys_io_uring_enter+0x78/0x90 [ 130.273324][ T8685] x64_sys_call+0x2de1/0x2ff0 [ 130.273351][ T8685] do_syscall_64+0xd2/0x200 [ 130.273392][ T8685] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 130.273417][ T8685] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 130.273502][ T8685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.273524][ T8685] RIP: 0033:0x7f21b9d3ec29 [ 130.273555][ T8685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.273574][ T8685] RSP: 002b:00007f21b879f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 130.273593][ T8685] RAX: ffffffffffffffda RBX: 00007f21b9f85fa0 RCX: 00007f21b9d3ec29 [ 130.273642][ T8685] RDX: 00000000000096f0 RSI: 0000000010007b0f RDI: 0000000000000006 [ 130.273655][ T8685] RBP: 00007f21b879f090 R08: 0000000000000000 R09: 0000000000000000 [ 130.273667][ T8685] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001 [ 130.273679][ T8685] R13: 00007f21b9f86038 R14: 00007f21b9f85fa0 R15: 00007ffe482ff5d8 [ 130.273701][ T8685] [ 130.522016][ T8683] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1365: Allocating blocks 41-42 which overlap fs metadata [ 130.541396][ T8683] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1365: Failed to acquire dquot type 1 [ 130.553956][ T8683] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 130.582192][ T8683] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1365: corrupted inode contents [ 130.598670][ T8683] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #12: comm syz.3.1365: mark_inode_dirty error [ 130.613872][ T8683] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1365: corrupted inode contents [ 130.627590][ T8683] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.1365: mark_inode_dirty error [ 130.639322][ T8683] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1365: corrupted inode contents [ 130.652982][ T8683] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 130.672557][ T8683] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1365: corrupted inode contents [ 130.687615][ T8691] netlink: 'syz.0.1368': attribute type 10 has an invalid length. [ 130.691280][ T8693] netlink: 20 bytes leftover after parsing attributes in process `gtp'. [ 130.709085][ T8683] EXT4-fs error (device loop3): ext4_truncate:4666: inode #12: comm syz.3.1365: mark_inode_dirty error [ 130.740730][ T8695] serio: Serial port ptm0 [ 130.765808][ T8683] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 130.775175][ T8683] EXT4-fs (loop3): 1 truncate cleaned up [ 130.781335][ T8683] EXT4-fs mount: 55 callbacks suppressed [ 130.781350][ T8683] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.814433][ T8683] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 130.847884][ T7112] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.851703][ T8706] smc: net device bond0 applied user defined pnetid SYZ0 [ 130.865585][ T8706] smc: net device bond0 erased user defined pnetid SYZ0 [ 130.911066][ T8711] loop3: detected capacity change from 0 to 512 [ 130.920078][ T8711] EXT4-fs (loop3): failed to initialize system zone (-117) [ 130.929144][ T8711] EXT4-fs (loop3): mount failed [ 130.985317][ T8725] random: crng reseeded on system resumption [ 131.001784][ T8711] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1374'. [ 131.024539][ T8730] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1381'. [ 131.101009][ T8740] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 131.107616][ T8740] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 131.115014][ T8741] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(6) [ 131.121542][ T8741] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 131.129007][ T8740] vhci_hcd vhci_hcd.0: Device attached [ 131.129067][ T8741] vhci_hcd vhci_hcd.0: Device attached [ 131.141366][ T8740] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 131.151324][ T8740] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(15) [ 131.157940][ T8740] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 131.165402][ T8740] vhci_hcd vhci_hcd.0: Device attached [ 131.171504][ T8740] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(17) [ 131.178150][ T8740] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 131.186006][ T8740] vhci_hcd vhci_hcd.0: Device attached [ 131.192866][ T8740] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(19) [ 131.199608][ T8740] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 131.207452][ T8740] vhci_hcd vhci_hcd.0: Device attached [ 131.312346][ T3359] vhci_hcd: vhci_device speed not set [ 131.372330][ T3359] usb 3-1: new full-speed USB device number 3 using vhci_hcd [ 131.506883][ T8748] vhci_hcd: connection closed [ 131.506898][ T8743] vhci_hcd: connection closed [ 131.506997][ T8746] vhci_hcd: connection closed [ 131.511964][ T8750] vhci_hcd: connection closed [ 131.517318][ T8742] vhci_hcd: connection reset by peer [ 131.521412][ T6999] vhci_hcd: stop threads [ 131.535732][ T6999] vhci_hcd: release socket [ 131.540175][ T6999] vhci_hcd: disconnect device [ 131.546745][ T8755] FAULT_INJECTION: forcing a failure. [ 131.546745][ T8755] name failslab, interval 1, probability 0, space 0, times 0 [ 131.559482][ T8755] CPU: 0 UID: 0 PID: 8755 Comm: syz.1.1385 Not tainted syzkaller #0 PREEMPT(voluntary) [ 131.559515][ T8755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 131.559531][ T8755] Call Trace: [ 131.559538][ T8755] [ 131.559546][ T8755] __dump_stack+0x1d/0x30 [ 131.559570][ T8755] dump_stack_lvl+0xe8/0x140 [ 131.559652][ T8755] dump_stack+0x15/0x1b [ 131.559671][ T8755] should_fail_ex+0x265/0x280 [ 131.559702][ T8755] should_failslab+0x8c/0xb0 [ 131.559731][ T8755] kmem_cache_alloc_node_noprof+0x57/0x320 [ 131.559840][ T8755] ? __alloc_skb+0x101/0x320 [ 131.559868][ T8755] __alloc_skb+0x101/0x320 [ 131.559892][ T8755] ? selinux_file_permission+0x1e4/0x320 [ 131.559933][ T8755] ppp_write+0x87/0x310 [ 131.559955][ T8755] ? vfs_write+0x250/0x960 [ 131.560049][ T8755] ? __pfx_ppp_write+0x10/0x10 [ 131.560073][ T8755] vfs_write+0x266/0x960 [ 131.560100][ T8755] ? __rcu_read_unlock+0x4f/0x70 [ 131.560176][ T8755] ? __fget_files+0x184/0x1c0 [ 131.560212][ T8755] ksys_write+0xda/0x1a0 [ 131.560244][ T8755] __x64_sys_write+0x40/0x50 [ 131.560273][ T8755] x64_sys_call+0x27fe/0x2ff0 [ 131.560315][ T8755] do_syscall_64+0xd2/0x200 [ 131.560356][ T8755] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 131.560386][ T8755] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 131.560470][ T8755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.560497][ T8755] RIP: 0033:0x7f58a616ec29 [ 131.560516][ T8755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.560538][ T8755] RSP: 002b:00007f58a4bd7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 131.560562][ T8755] RAX: ffffffffffffffda RBX: 00007f58a63b5fa0 RCX: 00007f58a616ec29 [ 131.560578][ T8755] RDX: 0000000000000009 RSI: 0000200000000100 RDI: 0000000000000004 [ 131.560619][ T8755] RBP: 00007f58a4bd7090 R08: 0000000000000000 R09: 0000000000000000 [ 131.560634][ T8755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 131.560649][ T8755] R13: 00007f58a63b6038 R14: 00007f58a63b5fa0 R15: 00007ffd5b6ceaa8 [ 131.560675][ T8755] [ 131.772428][ T6999] vhci_hcd: stop threads [ 131.776700][ T6999] vhci_hcd: release socket [ 131.781129][ T6999] vhci_hcd: disconnect device [ 131.786217][ T6999] vhci_hcd: stop threads [ 131.790463][ T6999] vhci_hcd: release socket [ 131.795023][ T6999] vhci_hcd: disconnect device [ 131.810691][ T6999] vhci_hcd: stop threads [ 131.815224][ T6999] vhci_hcd: release socket [ 131.819689][ T6999] vhci_hcd: disconnect device [ 131.824774][ T6999] vhci_hcd: stop threads [ 131.829027][ T6999] vhci_hcd: release socket [ 131.833594][ T6999] vhci_hcd: disconnect device [ 131.874116][ T8757] sd 0:0:1:0: device reset [ 131.896495][ T8764] loop1: detected capacity change from 0 to 512 [ 131.904776][ T8766] FAULT_INJECTION: forcing a failure. [ 131.904776][ T8766] name failslab, interval 1, probability 0, space 0, times 0 [ 131.917460][ T8766] CPU: 1 UID: 0 PID: 8766 Comm: syz.4.1389 Not tainted syzkaller #0 PREEMPT(voluntary) [ 131.917491][ T8766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 131.917503][ T8766] Call Trace: [ 131.917510][ T8766] [ 131.917517][ T8766] __dump_stack+0x1d/0x30 [ 131.917539][ T8766] dump_stack_lvl+0xe8/0x140 [ 131.917582][ T8766] dump_stack+0x15/0x1b [ 131.917602][ T8766] should_fail_ex+0x265/0x280 [ 131.917732][ T8766] ? alloc_pipe_info+0xae/0x350 [ 131.917770][ T8766] should_failslab+0x8c/0xb0 [ 131.917822][ T8766] __kmalloc_cache_noprof+0x4c/0x320 [ 131.917861][ T8766] alloc_pipe_info+0xae/0x350 [ 131.917902][ T8766] splice_direct_to_actor+0x592/0x680 [ 131.917922][ T8766] ? kstrtouint_from_user+0x9f/0xf0 [ 131.917947][ T8766] ? __pfx_direct_splice_actor+0x10/0x10 [ 131.917967][ T8766] ? __rcu_read_unlock+0x4f/0x70 [ 131.918061][ T8766] ? get_pid_task+0x96/0xd0 [ 131.918080][ T8766] ? avc_policy_seqno+0x15/0x30 [ 131.918110][ T8766] ? selinux_file_permission+0x1e4/0x320 [ 131.918134][ T8766] do_splice_direct+0xda/0x150 [ 131.918157][ T8766] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 131.918183][ T8766] do_sendfile+0x380/0x650 [ 131.918281][ T8766] __x64_sys_sendfile64+0x105/0x150 [ 131.918312][ T8766] x64_sys_call+0x2bb0/0x2ff0 [ 131.918332][ T8766] do_syscall_64+0xd2/0x200 [ 131.918399][ T8766] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 131.918423][ T8766] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 131.918501][ T8766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.918522][ T8766] RIP: 0033:0x7f21b9d3ec29 [ 131.918540][ T8766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.918558][ T8766] RSP: 002b:00007f21b879f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 131.918577][ T8766] RAX: ffffffffffffffda RBX: 00007f21b9f85fa0 RCX: 00007f21b9d3ec29 [ 131.918590][ T8766] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006 [ 131.918605][ T8766] RBP: 00007f21b879f090 R08: 0000000000000000 R09: 0000000000000000 [ 131.918641][ T8766] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001 [ 131.918657][ T8766] R13: 00007f21b9f86038 R14: 00007f21b9f85fa0 R15: 00007ffe482ff5d8 [ 131.918682][ T8766] [ 132.156801][ T8764] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 132.172540][ T8764] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 132.186883][ T8764] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1390: bg 0: block 328: padding at end of block bitmap is not set [ 132.204384][ T8775] random: crng reseeded on system resumption [ 132.273674][ T8783] loop3: detected capacity change from 0 to 512 [ 132.282705][ T8785] serio: Serial port ptm0 [ 132.287934][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.296040][ T8783] EXT4-fs (loop3): failed to initialize system zone (-117) [ 132.304471][ T8783] EXT4-fs (loop3): mount failed [ 132.323305][ T8788] loop1: detected capacity change from 0 to 128 [ 132.326731][ T8783] __nla_validate_parse: 1 callbacks suppressed [ 132.326751][ T8783] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1396'. [ 132.365217][ T8791] loop4: detected capacity change from 0 to 512 [ 132.373384][ T8791] EXT4-fs (loop4): failed to initialize system zone (-117) [ 132.380801][ T8791] EXT4-fs (loop4): mount failed [ 132.397177][ T8791] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1399'. [ 133.125297][ T8800] loop5: detected capacity change from 0 to 1024 [ 133.174902][ T8805] loop3: detected capacity change from 0 to 512 [ 133.185503][ T8800] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.209027][ T8805] EXT4-fs (loop3): too many log groups per flexible block group [ 133.216816][ T8805] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 133.238571][ T29] kauditd_printk_skb: 277 callbacks suppressed [ 133.238591][ T29] audit: type=1400 audit(1758418396.393:13703): avc: denied { setattr } for pid=8809 comm="syz.0.1404" name="tty2" dev="devtmpfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1 [ 133.239532][ T8805] EXT4-fs (loop3): mount failed [ 133.312077][ T8820] loop4: detected capacity change from 0 to 512 [ 133.331857][ T8821] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1409'. [ 133.347598][ T8820] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.387740][ T8820] ext4 filesystem being mounted at /319/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 133.409082][ T29] audit: type=1400 audit(1758418396.573:13704): avc: denied { write } for pid=8818 comm="syz.4.1408" path="/319/file1/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 133.443380][ T8826] lo speed is unknown, defaulting to 1000 [ 133.449851][ T8826] lo speed is unknown, defaulting to 1000 [ 133.478573][ T29] audit: type=1326 audit(1758418396.613:13705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.1.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 133.502433][ T29] audit: type=1326 audit(1758418396.613:13706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.1.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 133.526023][ T29] audit: type=1326 audit(1758418396.613:13707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.1.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 133.549877][ T29] audit: type=1326 audit(1758418396.613:13708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.1.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 133.573613][ T29] audit: type=1326 audit(1758418396.613:13709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8828 comm="syz.1.1412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 133.597274][ T29] audit: type=1326 audit(1758418396.633:13710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8830 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a6969ec29 code=0x7ffc0000 [ 133.620935][ T8835] loop1: detected capacity change from 0 to 128 [ 133.621396][ T29] audit: type=1326 audit(1758418396.633:13711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8830 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a6969ec29 code=0x7ffc0000 [ 133.659662][ T29] audit: type=1326 audit(1758418396.643:13712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8830 comm="syz.0.1413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6a6969ec29 code=0x7ffc0000 [ 133.678541][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.768855][ T8841] wireguard0: entered promiscuous mode [ 133.774980][ T8841] wireguard0: entered allmulticast mode [ 133.788437][ T7145] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.799585][ T8847] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1416'. [ 133.848653][ T8858] loop1: detected capacity change from 0 to 512 [ 133.850320][ T8855] loop5: detected capacity change from 0 to 1024 [ 133.868070][ T8858] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 133.869281][ T8851] netlink: 'syz.4.1420': attribute type 10 has an invalid length. [ 133.890254][ T8858] EXT4-fs (loop1): 1 truncate cleaned up [ 133.898694][ T8855] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 133.924043][ T8858] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.955128][ T8872] loop4: detected capacity change from 0 to 128 [ 133.974605][ T8874] tmpfs: Bad value for 'mpol' [ 133.996713][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.058832][ T8882] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8882 comm=syz.0.1432 [ 134.154582][ T8855] netlink: 148 bytes leftover after parsing attributes in process `syz.5.1419'. [ 134.164465][ T8855] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1419'. [ 134.691754][ T8912] loop3: detected capacity change from 0 to 512 [ 134.698973][ T8912] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 134.724162][ T8912] EXT4-fs (loop3): 1 truncate cleaned up [ 134.735063][ T8912] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.758717][ T7145] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.812064][ T7112] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.932932][ T8932] loop5: detected capacity change from 0 to 512 [ 134.966406][ T8932] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.005275][ T8932] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 135.051940][ T8932] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1450: bg 0: block 328: padding at end of block bitmap is not set [ 135.068187][ T8938] SELinux: failed to load policy [ 135.075826][ T8940] random: crng reseeded on system resumption [ 135.150398][ T7145] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.166888][ T8945] loop1: detected capacity change from 0 to 1024 [ 135.171725][ T8948] loop4: detected capacity change from 0 to 512 [ 135.180765][ T8948] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 135.187708][ T8945] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 135.201596][ T8945] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 135.219328][ T8948] EXT4-fs (loop4): 1 truncate cleaned up [ 135.219756][ T8945] JBD2: no valid journal superblock found [ 135.230935][ T8945] EXT4-fs (loop1): Could not load journal inode [ 135.231154][ T8948] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.281141][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.351422][ T8961] loop4: detected capacity change from 0 to 512 [ 135.366155][ T8961] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.366251][ T8961] ext4 filesystem being mounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 135.367549][ T8961] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1462: bg 0: block 328: padding at end of block bitmap is not set [ 135.370088][ T8965] loop5: detected capacity change from 0 to 512 [ 135.386302][ T8965] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 135.386545][ T8965] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 135.389018][ T8965] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1463: bg 0: block 328: padding at end of block bitmap is not set [ 135.390080][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.471801][ T7145] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.497418][ T8972] SELinux: policydb table sizes (0,0) do not match mine (8,7) [ 135.497449][ T8972] SELinux: failed to load policy [ 135.828547][ T8991] loop5: detected capacity change from 0 to 512 [ 135.828861][ T8991] EXT4-fs: Ignoring removed mblk_io_submit option [ 135.828897][ T8991] EXT4-fs: Ignoring removed nomblk_io_submit option [ 135.829341][ T8991] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 135.829375][ T8991] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 135.834243][ T8991] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1473: Allocating blocks 41-42 which overlap fs metadata [ 135.882407][ T8991] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1473: Allocating blocks 41-42 which overlap fs metadata [ 135.883073][ T8991] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1473: Failed to acquire dquot type 1 [ 135.883592][ T8991] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 135.883817][ T8991] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1473: corrupted inode contents [ 135.884038][ T8991] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #12: comm syz.5.1473: mark_inode_dirty error [ 135.946970][ T8991] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1473: corrupted inode contents [ 135.947150][ T8991] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.1473: mark_inode_dirty error [ 135.947374][ T8991] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1473: corrupted inode contents [ 135.947491][ T8991] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 135.947592][ T8991] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1473: corrupted inode contents [ 135.947763][ T8991] EXT4-fs error (device loop5): ext4_truncate:4666: inode #12: comm syz.5.1473: mark_inode_dirty error [ 135.947871][ T8991] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 135.948124][ T8991] EXT4-fs (loop5): 1 truncate cleaned up [ 135.948657][ T8991] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.049443][ T8995] loop3: detected capacity change from 0 to 512 [ 136.064065][ T8995] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.077475][ T8991] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 136.078287][ T8995] ext4 filesystem being mounted at /98/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.111546][ T8995] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1474: bg 0: block 328: padding at end of block bitmap is not set [ 136.159432][ T9001] netlink: 20 bytes leftover after parsing attributes in process `gtp'. [ 136.169249][ T7112] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.182813][ T7145] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.372503][ T9021] lo speed is unknown, defaulting to 1000 [ 136.385954][ T9021] lo speed is unknown, defaulting to 1000 [ 136.446457][ T3359] usb 3-1: enqueue for inactive port 0 [ 136.467130][ T3359] usb 3-1: enqueue for inactive port 0 [ 136.551233][ T9031] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1488'. [ 136.572382][ T3359] vhci_hcd: vhci_device speed not set [ 136.608411][ T9036] loop4: detected capacity change from 0 to 512 [ 136.650415][ T9038] loop1: detected capacity change from 0 to 1024 [ 136.660375][ T9036] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.676537][ T9038] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.690720][ T9036] ext4 filesystem being mounted at /337/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 136.705831][ T9036] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1489: bg 0: block 328: padding at end of block bitmap is not set [ 136.761943][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.792283][ T9046] loop4: detected capacity change from 0 to 512 [ 136.800546][ T9046] EXT4-fs (loop4): failed to initialize system zone (-117) [ 136.809763][ T9046] EXT4-fs (loop4): mount failed [ 136.830527][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.854770][ T9046] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1492'. [ 137.135478][ T9056] serio: Serial port ptm0 [ 137.377323][ T9067] ÿÿÿÿÿÿ: renamed from vlan1 (while UP) [ 137.387616][ T9067] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1499'. [ 137.530649][ T9053] syz.1.1493 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 137.544930][ T9053] CPU: 1 UID: 0 PID: 9053 Comm: syz.1.1493 Not tainted syzkaller #0 PREEMPT(voluntary) [ 137.544957][ T9053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 137.544969][ T9053] Call Trace: [ 137.544977][ T9053] [ 137.545067][ T9053] __dump_stack+0x1d/0x30 [ 137.545096][ T9053] dump_stack_lvl+0xe8/0x140 [ 137.545121][ T9053] dump_stack+0x15/0x1b [ 137.545142][ T9053] dump_header+0x81/0x220 [ 137.545184][ T9053] oom_kill_process+0x342/0x400 [ 137.545280][ T9053] out_of_memory+0x979/0xb80 [ 137.545320][ T9053] try_charge_memcg+0x5e6/0x9e0 [ 137.545422][ T9053] obj_cgroup_charge_pages+0xa6/0x150 [ 137.545518][ T9053] __memcg_kmem_charge_page+0x9f/0x170 [ 137.545596][ T9053] __alloc_frozen_pages_noprof+0x188/0x360 [ 137.545636][ T9053] alloc_pages_mpol+0xb3/0x250 [ 137.545678][ T9053] alloc_pages_noprof+0x90/0x130 [ 137.545750][ T9053] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 137.545811][ T9053] __kvmalloc_node_noprof+0x30f/0x4e0 [ 137.545850][ T9053] ? ip_set_alloc+0x1f/0x30 [ 137.545889][ T9053] ? ip_set_alloc+0x1f/0x30 [ 137.545968][ T9053] ? __kmalloc_cache_noprof+0x189/0x320 [ 137.546007][ T9053] ip_set_alloc+0x1f/0x30 [ 137.546061][ T9053] hash_netiface_create+0x282/0x740 [ 137.546094][ T9053] ? __pfx_hash_netiface_create+0x10/0x10 [ 137.546124][ T9053] ip_set_create+0x3c9/0x960 [ 137.546191][ T9053] ? __nla_parse+0x40/0x60 [ 137.546226][ T9053] nfnetlink_rcv_msg+0x4c3/0x590 [ 137.546357][ T9053] netlink_rcv_skb+0x123/0x220 [ 137.546385][ T9053] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 137.546418][ T9053] nfnetlink_rcv+0x16b/0x1690 [ 137.546446][ T9053] ? nlmon_xmit+0x4f/0x60 [ 137.546558][ T9053] ? consume_skb+0x49/0x150 [ 137.546591][ T9053] ? nlmon_xmit+0x4f/0x60 [ 137.546630][ T9053] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 137.546666][ T9053] ? __dev_queue_xmit+0x1200/0x2000 [ 137.546741][ T9053] ? __dev_queue_xmit+0x182/0x2000 [ 137.546791][ T9053] ? ref_tracker_free+0x37d/0x3e0 [ 137.546834][ T9053] ? __netlink_deliver_tap+0x4dc/0x500 [ 137.546947][ T9053] netlink_unicast+0x5bd/0x690 [ 137.546980][ T9053] netlink_sendmsg+0x58b/0x6b0 [ 137.547033][ T9053] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.547073][ T9053] __sock_sendmsg+0x142/0x180 [ 137.547114][ T9053] ____sys_sendmsg+0x31e/0x4e0 [ 137.547226][ T9053] ___sys_sendmsg+0x17b/0x1d0 [ 137.547341][ T9053] __x64_sys_sendmsg+0xd4/0x160 [ 137.547381][ T9053] x64_sys_call+0x191e/0x2ff0 [ 137.547409][ T9053] do_syscall_64+0xd2/0x200 [ 137.547446][ T9053] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 137.547494][ T9053] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 137.547571][ T9053] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.547593][ T9053] RIP: 0033:0x7f58a616ec29 [ 137.547612][ T9053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.547703][ T9053] RSP: 002b:00007f58a4bb6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 137.547769][ T9053] RAX: ffffffffffffffda RBX: 00007f58a63b6090 RCX: 00007f58a616ec29 [ 137.547865][ T9053] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000008 [ 137.547881][ T9053] RBP: 00007f58a61f1e41 R08: 0000000000000000 R09: 0000000000000000 [ 137.547893][ T9053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.547907][ T9053] R13: 00007f58a63b6128 R14: 00007f58a63b6090 R15: 00007ffd5b6ceaa8 [ 137.547928][ T9053] [ 137.547935][ T9053] memory: usage 307200kB, limit 307200kB, failcnt 539 [ 137.692831][ T9087] loop4: detected capacity change from 0 to 512 [ 137.695365][ T9053] memory+swap: usage 307600kB, limit 9007199254740988kB, failcnt 0 [ 137.702781][ T9087] EXT4-fs: Ignoring removed mblk_io_submit option [ 137.705779][ T9053] kmem: usage 307160kB, limit 9007199254740988kB, failcnt 0 [ 137.710428][ T9087] EXT4-fs: Ignoring removed nomblk_io_submit option [ 137.714685][ T9053] Memory cgroup stats for /syz1: [ 137.715950][ T9053] cache 4096 [ 137.745878][ T9087] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 137.750315][ T9053] rss 0 [ 137.750327][ T9053] shmem 0 [ 137.750335][ T9053] mapped_file 0 [ 137.750366][ T9053] dirty 0 [ 137.750372][ T9053] writeback 8192 [ 137.750379][ T9053] workingset_refault_anon 249 [ 137.750386][ T9053] workingset_refault_file 2489 [ 137.750393][ T9053] swap 430080 [ 137.750400][ T9053] swapcached 8192 [ 137.755218][ T9087] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 137.760606][ T9053] pgpgin 94302 [ 137.760617][ T9053] pgpgout 94296 [ 137.760625][ T9053] pgfault 95412 [ 137.760634][ T9053] pgmajfault 186 [ 137.861006][ T9096] serio: Serial port ptm1 [ 137.864488][ T9053] inactive_anon 0 [ 137.864499][ T9053] active_anon 8192 [ 137.864508][ T9053] inactive_file 0 [ 137.864516][ T9053] active_file 12288 [ 137.864525][ T9053] unevictable 0 [ 137.864534][ T9053] hierarchical_memory_limit 314572800 [ 137.874374][ T9094] loop5: detected capacity change from 0 to 128 [ 137.880523][ T9053] hierarchical_memsw_limit 9223372036854771712 [ 137.890875][ T9087] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1507: Allocating blocks 41-42 which overlap fs metadata [ 137.896626][ T9053] total_cache 4096 [ 137.896638][ T9053] total_rss 0 [ 137.896646][ T9053] total_shmem 0 [ 137.896655][ T9053] total_mapped_file 0 [ 137.906356][ T9087] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1507: Allocating blocks 41-42 which overlap fs metadata [ 137.911032][ T9053] total_dirty 0 [ 137.911043][ T9053] total_writeback 8192 [ 137.918796][ T9087] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1507: Failed to acquire dquot type 1 [ 137.925195][ T9053] total_workingset_refault_anon 249 [ 137.931711][ T9087] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, [ 137.933607][ T9053] total_workingset_refault_file 2489 [ 137.941951][ T9087] inode 12: [ 137.944922][ T9053] total_swap 430080 [ 137.947840][ T9087] block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 137.951296][ T9053] total_swapcached 8192 [ 137.951308][ T9053] total_pgpgin 94302 [ 137.967104][ T9087] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1507: corrupted inode contents [ 137.968218][ T9053] total_pgpgout 94296 [ 137.971702][ T9087] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #12: comm syz.4.1507: mark_inode_dirty error [ 137.975430][ T9053] total_pgfault 95412 [ 137.975441][ T9053] total_pgmajfault 186 [ 137.975450][ T9053] total_inactive_anon 0 [ 137.975458][ T9053] total_active_anon 8192 [ 137.986583][ T9087] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1507: corrupted inode contents [ 137.988011][ T9053] total_inactive_file 0 [ 137.991758][ T9087] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.1507: mark_inode_dirty error [ 137.995194][ T9053] total_active_file 12288 [ 137.999092][ T9087] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1507: corrupted inode contents [ 138.003150][ T9053] total_unevictable 0 [ 138.008408][ T9087] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 138.010509][ T9053] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0 [ 138.044475][ T9087] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1507: corrupted inode contents [ 138.053769][ T9053] ,oom_memcg= [ 138.060346][ T9087] EXT4-fs error (device loop4): ext4_truncate:4666: inode #12: comm syz.4.1507: mark_inode_dirty error [ 138.061061][ T9053] /syz1,task_memcg=/syz1 [ 138.064753][ T9087] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 138.068583][ T9053] ,task=syz.1.1493,pid=9048,uid=0 [ 138.085641][ T9087] EXT4-fs (loop4): 1 truncate cleaned up [ 138.085860][ T9053] Memory cgroup out of memory: Killed process 9048 (syz.1.1493) total-vm:95940kB, anon-rss:1072kB, file-rss:22312kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 138.102013][ T9087] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.353409][ T9105] ÿÿÿÿÿÿ: renamed from vlan1 (while UP) [ 138.363744][ T9087] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 138.377475][ T9103] loop3: detected capacity change from 0 to 1024 [ 138.389818][ T9105] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1512'. [ 138.406185][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.429595][ T9103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.561018][ T7112] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.625352][ T9132] loop4: detected capacity change from 0 to 512 [ 138.632456][ T9132] EXT4-fs: Ignoring removed mblk_io_submit option [ 138.636244][ T9130] serio: Serial port ptm0 [ 138.639249][ T9132] EXT4-fs: Ignoring removed nomblk_io_submit option [ 138.653567][ T9132] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 138.662108][ T9132] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 138.680076][ T9132] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1524: Allocating blocks 41-42 which overlap fs metadata [ 138.700444][ T29] kauditd_printk_skb: 345 callbacks suppressed [ 138.700460][ T29] audit: type=1326 audit(1758418401.863:14050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9129 comm="syz.1.1523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 138.712452][ T9132] Quota error (device loop4): write_blk: dquota write failed [ 138.730360][ T29] audit: type=1326 audit(1758418401.863:14051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9129 comm="syz.1.1523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 138.737766][ T9132] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5 [ 138.770398][ T29] audit: type=1326 audit(1758418401.863:14052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9129 comm="syz.1.1523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 138.793914][ T29] audit: type=1326 audit(1758418401.863:14053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9129 comm="syz.1.1523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 138.796194][ T9132] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 138.817651][ T29] audit: type=1326 audit(1758418401.863:14054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9129 comm="syz.1.1523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 138.830815][ T9132] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1524: Failed to acquire dquot type 1 [ 138.851138][ T29] audit: type=1326 audit(1758418401.863:14055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9129 comm="syz.1.1523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 138.851176][ T29] audit: type=1326 audit(1758418401.863:14056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9129 comm="syz.1.1523" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f58a616ec29 code=0x7ffc0000 [ 138.915254][ T9132] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 138.930159][ T9132] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1524: corrupted inode contents [ 138.945553][ T9132] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #12: comm syz.4.1524: mark_inode_dirty error [ 138.965369][ T9141] I/O error, dev loop3, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 138.974900][ T9141] isofs_fill_super: bread failed, dev=loop3, iso_blknum=16, block=32 [ 138.983483][ T9132] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1524: corrupted inode contents [ 138.997897][ T9132] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.1524: mark_inode_dirty error [ 139.009700][ T9132] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1524: corrupted inode contents [ 139.023251][ T9132] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 139.031983][ T9132] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1524: corrupted inode contents [ 139.037133][ T9147] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1526'. [ 139.045580][ T9132] EXT4-fs error (device loop4): ext4_truncate:4666: inode #12: comm syz.4.1524: mark_inode_dirty error [ 139.067581][ T9132] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 139.070647][ T9146] loop5: detected capacity change from 0 to 512 [ 139.076938][ T9132] EXT4-fs (loop4): 1 truncate cleaned up [ 139.089509][ T9132] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.105200][ T9146] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.118177][ T9146] ext4 filesystem being mounted at /102/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 139.128101][ T9132] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 139.135465][ T9146] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1528: bg 0: block 328: padding at end of block bitmap is not set [ 139.166234][ T7145] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.166938][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.380786][ T9152] loop4: detected capacity change from 0 to 256 [ 139.397480][ T9152] FAT-fs (loop4): bogus number of FAT sectors [ 139.409971][ T9152] FAT-fs (loop4): Can't find a valid FAT filesystem [ 139.581476][ T9173] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1539'. [ 139.657417][ T9181] smc: net device bond0 applied user defined pnetid SYZ0 [ 139.665137][ T9181] smc: net device bond0 erased user defined pnetid SYZ0 [ 139.742156][ T9191] serio: Serial port ptm0 [ 139.906660][ T9202] FAULT_INJECTION: forcing a failure. [ 139.906660][ T9202] name failslab, interval 1, probability 0, space 0, times 0 [ 139.919604][ T9202] CPU: 0 UID: 0 PID: 9202 Comm: syz.3.1550 Not tainted syzkaller #0 PREEMPT(voluntary) [ 139.919632][ T9202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 139.919645][ T9202] Call Trace: [ 139.919653][ T9202] [ 139.919663][ T9202] __dump_stack+0x1d/0x30 [ 139.919689][ T9202] dump_stack_lvl+0xe8/0x140 [ 139.919712][ T9202] dump_stack+0x15/0x1b [ 139.919798][ T9202] should_fail_ex+0x265/0x280 [ 139.919826][ T9202] should_failslab+0x8c/0xb0 [ 139.919896][ T9202] kmem_cache_alloc_node_noprof+0x57/0x320 [ 139.919944][ T9202] ? __alloc_skb+0x101/0x320 [ 139.919971][ T9202] __alloc_skb+0x101/0x320 [ 139.919993][ T9202] alloc_skb_with_frags+0x7d/0x470 [ 139.920081][ T9202] ? selinux_file_open+0x2df/0x330 [ 139.920163][ T9202] sock_alloc_send_pskb+0x43a/0x4f0 [ 139.920214][ T9202] ? mntput+0x4b/0x80 [ 139.920245][ T9202] tun_get_user+0x9b3/0x2680 [ 139.920339][ T9202] ? ref_tracker_alloc+0x1f2/0x2f0 [ 139.920367][ T9202] ? selinux_file_permission+0x1e4/0x320 [ 139.920397][ T9202] tun_chr_write_iter+0x15e/0x210 [ 139.920424][ T9202] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 139.920486][ T9202] vfs_write+0x527/0x960 [ 139.920521][ T9202] ksys_write+0xda/0x1a0 [ 139.920546][ T9202] __x64_sys_write+0x40/0x50 [ 139.920630][ T9202] x64_sys_call+0x27fe/0x2ff0 [ 139.920651][ T9202] do_syscall_64+0xd2/0x200 [ 139.920683][ T9202] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 139.920775][ T9202] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 139.920806][ T9202] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.920827][ T9202] RIP: 0033:0x7faf2310ec29 [ 139.920871][ T9202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.920888][ T9202] RSP: 002b:00007faf21b77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 139.920913][ T9202] RAX: ffffffffffffffda RBX: 00007faf23355fa0 RCX: 00007faf2310ec29 [ 139.920925][ T9202] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 00000000000000c8 [ 139.920940][ T9202] RBP: 00007faf21b77090 R08: 0000000000000000 R09: 0000000000000000 [ 139.920955][ T9202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.920971][ T9202] R13: 00007faf23356038 R14: 00007faf23355fa0 R15: 00007ffec921a528 [ 139.921042][ T9202] [ 140.214615][ T9206] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1553'. [ 140.293560][ T9216] netlink: 20 bytes leftover after parsing attributes in process `gtp'. [ 140.317880][ T9218] smc: net device bond0 applied user defined pnetid SYZ0 [ 140.333799][ T9218] smc: net device bond0 erased user defined pnetid SYZ0 [ 140.604430][ T9235] vhci_hcd: invalid port number 96 [ 140.605446][ T9237] random: crng reseeded on system resumption [ 140.609607][ T9235] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 140.654037][ T9243] random: crng reseeded on system resumption [ 140.696582][ T9245] loop5: detected capacity change from 0 to 1024 [ 140.753235][ T9245] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.773341][ T9257] FAULT_INJECTION: forcing a failure. [ 140.773341][ T9257] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 140.786604][ T9257] CPU: 0 UID: 0 PID: 9257 Comm: syz.1.1576 Not tainted syzkaller #0 PREEMPT(voluntary) [ 140.786631][ T9257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 140.786643][ T9257] Call Trace: [ 140.786729][ T9257] [ 140.786738][ T9257] __dump_stack+0x1d/0x30 [ 140.786782][ T9257] dump_stack_lvl+0xe8/0x140 [ 140.786806][ T9257] dump_stack+0x15/0x1b [ 140.786826][ T9257] should_fail_ex+0x265/0x280 [ 140.786856][ T9257] should_fail+0xb/0x20 [ 140.786879][ T9257] should_fail_usercopy+0x1a/0x20 [ 140.786963][ T9257] _copy_from_user+0x1c/0xb0 [ 140.787031][ T9257] ___sys_sendmsg+0xc1/0x1d0 [ 140.787095][ T9257] __x64_sys_sendmsg+0xd4/0x160 [ 140.787127][ T9257] x64_sys_call+0x191e/0x2ff0 [ 140.787153][ T9257] do_syscall_64+0xd2/0x200 [ 140.787191][ T9257] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 140.787295][ T9257] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 140.787396][ T9257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.787417][ T9257] RIP: 0033:0x7f58a616ec29 [ 140.787434][ T9257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.787456][ T9257] RSP: 002b:00007f58a4bd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 140.787480][ T9257] RAX: ffffffffffffffda RBX: 00007f58a63b5fa0 RCX: 00007f58a616ec29 [ 140.787495][ T9257] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003 [ 140.787510][ T9257] RBP: 00007f58a4bd7090 R08: 0000000000000000 R09: 0000000000000000 [ 140.787599][ T9257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 140.787614][ T9257] R13: 00007f58a63b6038 R14: 00007f58a63b5fa0 R15: 00007ffd5b6ceaa8 [ 140.787638][ T9257] [ 141.010632][ T9265] serio: Serial port ptm0 [ 141.052745][ T9264] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1578'. [ 141.138264][ T9275] loop1: detected capacity change from 0 to 512 [ 141.146946][ T9275] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 141.165135][ T9275] EXT4-fs (loop1): 1 truncate cleaned up [ 141.171323][ T9275] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.202597][ T7145] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.226381][ T9280] loop5: detected capacity change from 0 to 512 [ 141.236817][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.253409][ T9280] EXT4-fs (loop5): failed to initialize system zone (-117) [ 141.264070][ T9280] EXT4-fs (loop5): mount failed [ 141.296609][ T9280] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1584'. [ 141.323776][ T9283] smc: net device bond0 applied user defined pnetid SYZ0 [ 141.331326][ T9283] smc: net device bond0 erased user defined pnetid SYZ0 [ 141.590030][ T9293] netlink: 20 bytes leftover after parsing attributes in process `gtp'. [ 141.644597][ T9297] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1590'. [ 141.677047][ T9299] loop3: detected capacity change from 0 to 512 [ 141.695277][ T9299] EXT4-fs (loop3): too many log groups per flexible block group [ 141.703218][ T9299] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 141.710148][ T9299] EXT4-fs (loop3): mount failed [ 141.720588][ T9299] loop3: detected capacity change from 0 to 164 [ 141.727486][ T9299] ISOFS: unable to read i-node block [ 141.732890][ T9299] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 141.789172][ T9305] loop3: detected capacity change from 0 to 1024 [ 141.801436][ T9287] loop1: detected capacity change from 0 to 512 [ 141.809364][ T9287] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 141.810247][ T9305] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.821339][ T9287] EXT4-fs (loop1): 1 truncate cleaned up [ 141.838531][ T9287] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.880400][ T9310] loop4: detected capacity change from 0 to 512 [ 141.914250][ T9310] EXT4-fs: Ignoring removed mblk_io_submit option [ 141.931031][ T9310] EXT4-fs: Ignoring removed nomblk_io_submit option [ 141.947055][ T7112] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.957026][ T9310] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 141.965543][ T9314] lo speed is unknown, defaulting to 1000 [ 141.966112][ T9314] lo speed is unknown, defaulting to 1000 [ 141.971314][ T9310] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 141.974247][ T9310] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1594: Allocating blocks 41-42 which overlap fs metadata [ 142.010191][ T9310] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1594: Allocating blocks 41-42 which overlap fs metadata [ 142.034909][ T9310] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1594: Failed to acquire dquot type 1 [ 142.047703][ T9310] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 142.051868][ T9319] FAULT_INJECTION: forcing a failure. [ 142.051868][ T9319] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 142.064103][ T9310] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1594: corrupted inode contents [ 142.075620][ T9319] CPU: 0 UID: 0 PID: 9319 Comm: syz.3.1597 Not tainted syzkaller #0 PREEMPT(voluntary) [ 142.075660][ T9319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 142.075679][ T9319] Call Trace: [ 142.075687][ T9319] [ 142.075694][ T9319] __dump_stack+0x1d/0x30 [ 142.075721][ T9319] dump_stack_lvl+0xe8/0x140 [ 142.075868][ T9319] dump_stack+0x15/0x1b [ 142.075890][ T9319] should_fail_ex+0x265/0x280 [ 142.075925][ T9319] should_fail+0xb/0x20 [ 142.075954][ T9319] should_fail_usercopy+0x1a/0x20 [ 142.076022][ T9319] _copy_from_user+0x1c/0xb0 [ 142.076139][ T9319] mon_bin_ioctl+0x376/0x930 [ 142.076250][ T9319] ? __fget_files+0x184/0x1c0 [ 142.076352][ T9319] ? __pfx_mon_bin_ioctl+0x10/0x10 [ 142.076395][ T9319] __se_sys_ioctl+0xce/0x140 [ 142.076422][ T9319] __x64_sys_ioctl+0x43/0x50 [ 142.076448][ T9319] x64_sys_call+0x1816/0x2ff0 [ 142.076526][ T9319] do_syscall_64+0xd2/0x200 [ 142.076599][ T9319] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 142.076634][ T9319] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 142.076675][ T9319] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.076704][ T9319] RIP: 0033:0x7faf2310ec29 [ 142.076725][ T9319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.076826][ T9319] RSP: 002b:00007faf21b77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 142.076853][ T9319] RAX: ffffffffffffffda RBX: 00007faf23355fa0 RCX: 00007faf2310ec29 [ 142.076869][ T9319] RDX: 00002000000000c0 RSI: 000000004018920a RDI: 0000000000000004 [ 142.076887][ T9319] RBP: 00007faf21b77090 R08: 0000000000000000 R09: 0000000000000000 [ 142.076904][ T9319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.076921][ T9319] R13: 00007faf23356038 R14: 00007faf23355fa0 R15: 00007ffec921a528 [ 142.076950][ T9319] [ 142.278352][ T9310] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #12: comm syz.4.1594: mark_inode_dirty error [ 142.290360][ T9310] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1594: corrupted inode contents [ 142.303908][ T9310] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.1594: mark_inode_dirty error [ 142.315445][ T9310] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1594: corrupted inode contents [ 142.330964][ T9310] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 142.354305][ T9310] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1594: corrupted inode contents [ 142.370043][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.380607][ T9310] EXT4-fs error (device loop4): ext4_truncate:4666: inode #12: comm syz.4.1594: mark_inode_dirty error [ 142.395015][ T9310] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 142.404251][ T9310] EXT4-fs (loop4): 1 truncate cleaned up [ 142.410751][ T9310] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.413018][ T9335] serio: Serial port ptm0 [ 142.433643][ T9338] random: crng reseeded on system resumption [ 142.449135][ T9338] loop5: detected capacity change from 0 to 512 [ 142.458345][ T9338] EXT4-fs: Ignoring removed oldalloc option [ 142.464798][ T9310] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 142.474599][ T9340] loop3: detected capacity change from 0 to 512 [ 142.475991][ T9338] EXT4-fs (loop5): 1 truncate cleaned up [ 142.481321][ T9340] EXT4-fs: Ignoring removed mblk_io_submit option [ 142.488601][ T9338] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.519174][ T9340] EXT4-fs: Ignoring removed nomblk_io_submit option [ 142.530613][ T9346] loop1: detected capacity change from 0 to 512 [ 142.537560][ T9340] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 142.538215][ T9346] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 142.546096][ T9340] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 142.565804][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.567425][ T9346] EXT4-fs (loop1): 1 truncate cleaned up [ 142.581559][ T9346] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.596103][ T9340] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.1605: Allocating blocks 41-42 which overlap fs metadata [ 142.624587][ T9340] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1605: Failed to acquire dquot type 1 [ 142.637408][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.648087][ T9340] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 142.662827][ T9340] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1605: corrupted inode contents [ 142.675152][ T9340] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #12: comm syz.3.1605: mark_inode_dirty error [ 142.688173][ T9340] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1605: corrupted inode contents [ 142.700543][ T9340] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.1605: mark_inode_dirty error [ 142.713552][ T9340] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1605: corrupted inode contents [ 142.731825][ T9358] random: crng reseeded on system resumption [ 142.737917][ T9340] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 142.738136][ T9340] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm syz.3.1605: corrupted inode contents [ 142.759475][ T7145] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.770483][ T9340] EXT4-fs error (device loop3): ext4_truncate:4666: inode #12: comm syz.3.1605: mark_inode_dirty error [ 142.783812][ T9340] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 142.793522][ T9340] EXT4-fs (loop3): 1 truncate cleaned up [ 142.799690][ T9340] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.821286][ T9360] netlink: 20 bytes leftover after parsing attributes in process `gtp'. [ 142.848332][ T9362] lo speed is unknown, defaulting to 1000 [ 142.851334][ T9366] loop4: detected capacity change from 0 to 764 [ 142.861598][ T9362] lo speed is unknown, defaulting to 1000 [ 142.871299][ T9340] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 142.892927][ T9364] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1614'. [ 142.916753][ T7112] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.936914][ T9364] FAULT_INJECTION: forcing a failure. [ 142.936914][ T9364] name failslab, interval 1, probability 0, space 0, times 0 [ 142.943392][ T9375] loop4: detected capacity change from 0 to 512 [ 142.949820][ T9364] CPU: 1 UID: 0 PID: 9364 Comm: syz.1.1614 Not tainted syzkaller #0 PREEMPT(voluntary) [ 142.949870][ T9364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 142.949887][ T9364] Call Trace: [ 142.949896][ T9364] [ 142.949907][ T9364] __dump_stack+0x1d/0x30 [ 142.949970][ T9364] dump_stack_lvl+0xe8/0x140 [ 142.950047][ T9364] dump_stack+0x15/0x1b [ 142.950133][ T9364] should_fail_ex+0x265/0x280 [ 142.950167][ T9364] ? tc_ctl_chain+0x5a0/0xce0 [ 142.950279][ T9364] should_failslab+0x8c/0xb0 [ 142.950315][ T9364] __kmalloc_cache_noprof+0x4c/0x320 [ 142.950359][ T9364] tc_ctl_chain+0x5a0/0xce0 [ 142.950485][ T9364] ? ns_capable+0x7d/0xb0 [ 142.950514][ T9364] ? __pfx_tc_ctl_chain+0x10/0x10 [ 142.950552][ T9364] rtnetlink_rcv_msg+0x657/0x6d0 [ 142.950657][ T9364] netlink_rcv_skb+0x123/0x220 [ 142.950691][ T9364] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 142.950817][ T9364] rtnetlink_rcv+0x1c/0x30 [ 142.950938][ T9364] netlink_unicast+0x5bd/0x690 [ 142.950974][ T9364] netlink_sendmsg+0x58b/0x6b0 [ 142.951014][ T9364] ? __pfx_netlink_sendmsg+0x10/0x10 [ 142.951086][ T9364] __sock_sendmsg+0x142/0x180 [ 142.951149][ T9364] ____sys_sendmsg+0x31e/0x4e0 [ 142.951195][ T9364] ___sys_sendmsg+0x17b/0x1d0 [ 142.951304][ T9364] __x64_sys_sendmsg+0xd4/0x160 [ 142.951349][ T9364] x64_sys_call+0x191e/0x2ff0 [ 142.951379][ T9364] do_syscall_64+0xd2/0x200 [ 142.951434][ T9364] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 142.951494][ T9364] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 142.951578][ T9364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.951606][ T9364] RIP: 0033:0x7f58a616ec29 [ 142.951629][ T9364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.951723][ T9364] RSP: 002b:00007f58a4bd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 142.951786][ T9364] RAX: ffffffffffffffda RBX: 00007f58a63b5fa0 RCX: 00007f58a616ec29 [ 142.951804][ T9364] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000006 [ 142.951821][ T9364] RBP: 00007f58a4bd7090 R08: 0000000000000000 R09: 0000000000000000 [ 142.951845][ T9364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.951880][ T9364] R13: 00007f58a63b6038 R14: 00007f58a63b5fa0 R15: 00007ffd5b6ceaa8 [ 142.951910][ T9364] [ 143.186268][ T9375] EXT4-fs: Ignoring removed mblk_io_submit option [ 143.192782][ T9375] EXT4-fs: Ignoring removed nomblk_io_submit option [ 143.199816][ T9375] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 143.208431][ T9375] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 143.240233][ T9375] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1618: Allocating blocks 41-42 which overlap fs metadata [ 143.262909][ T9375] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1618: Failed to acquire dquot type 1 [ 143.286006][ T9379] loop3: detected capacity change from 0 to 1024 [ 143.299841][ T9375] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 143.314731][ T9375] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1618: corrupted inode contents [ 143.327452][ T9375] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #12: comm syz.4.1618: mark_inode_dirty error [ 143.333551][ T9379] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.353632][ T9375] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1618: corrupted inode contents [ 143.441311][ T9375] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.1618: mark_inode_dirty error [ 143.484147][ T9398] loop5: detected capacity change from 0 to 764 [ 143.492751][ T7112] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.501974][ T9375] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1618: corrupted inode contents [ 143.518507][ T9398] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 143.534931][ T9375] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 143.544347][ T9375] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1618: corrupted inode contents [ 143.557821][ T9375] EXT4-fs error (device loop4): ext4_truncate:4666: inode #12: comm syz.4.1618: mark_inode_dirty error [ 143.572782][ T9375] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 143.581996][ T9375] EXT4-fs (loop4): 1 truncate cleaned up [ 143.590853][ T9375] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.607897][ T9398] Symlink component flag not implemented [ 143.614703][ T9375] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 143.624826][ T9398] Symlink component flag not implemented (7) [ 143.632584][ T9398] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1625'. [ 143.641691][ T9398] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1625'. [ 143.655591][ T9398] Symlink component flag not implemented (7) [ 143.726519][ T9407] loop5: detected capacity change from 0 to 256 [ 143.733268][ T9407] msdos: Bad value for 'check' [ 143.777097][ T29] kauditd_printk_skb: 439 callbacks suppressed [ 143.777111][ T29] audit: type=1400 audit(1758418406.943:14486): avc: denied { create } for pid=9410 comm="syz.5.1631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 143.813637][ T29] audit: type=1400 audit(1758418406.973:14487): avc: denied { connect } for pid=9410 comm="syz.5.1631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 143.846069][ T29] audit: type=1400 audit(1758418407.013:14488): avc: denied { create } for pid=9412 comm="syz.5.1632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 143.866020][ T29] audit: type=1400 audit(1758418407.013:14489): avc: denied { connect } for pid=9412 comm="syz.5.1632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 143.885835][ T29] audit: type=1400 audit(1758418407.013:14490): avc: denied { write } for pid=9412 comm="syz.5.1632" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 143.927382][ T29] audit: type=1326 audit(1758418407.093:14491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9416 comm="syz.5.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 143.972214][ T9391] syz.0.1623 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 143.983344][ T9391] CPU: 1 UID: 0 PID: 9391 Comm: syz.0.1623 Not tainted syzkaller #0 PREEMPT(voluntary) [ 143.983380][ T9391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 143.983395][ T9391] Call Trace: [ 143.983403][ T9391] [ 143.983412][ T9391] __dump_stack+0x1d/0x30 [ 143.983494][ T9391] dump_stack_lvl+0xe8/0x140 [ 143.983648][ T9391] dump_stack+0x15/0x1b [ 143.983664][ T9391] dump_header+0x81/0x220 [ 143.983700][ T9391] oom_kill_process+0x342/0x400 [ 143.983745][ T9391] out_of_memory+0x979/0xb80 [ 143.983829][ T9391] try_charge_memcg+0x5e6/0x9e0 [ 143.983861][ T9391] charge_memcg+0x51/0xc0 [ 143.983902][ T9391] mem_cgroup_swapin_charge_folio+0xcc/0x150 [ 143.984000][ T9391] __read_swap_cache_async+0x1df/0x350 [ 143.984047][ T9391] swap_cluster_readahead+0x277/0x3e0 [ 143.984116][ T9391] swapin_readahead+0xde/0x6f0 [ 143.984199][ T9391] ? __filemap_get_folio+0x4f7/0x6b0 [ 143.984275][ T9391] ? __rcu_read_unlock+0x34/0x70 [ 143.984305][ T9391] ? swap_cache_get_folio+0x77/0x200 [ 143.984344][ T9391] do_swap_page+0x301/0x2430 [ 143.984474][ T9391] ? css_rstat_updated+0xb7/0x240 [ 143.984505][ T9391] ? __pfx_default_wake_function+0x10/0x10 [ 143.984543][ T9391] handle_mm_fault+0x9a5/0x2c20 [ 143.984587][ T9391] do_user_addr_fault+0x636/0x1090 [ 143.984682][ T9391] exc_page_fault+0x62/0xa0 [ 143.984713][ T9391] asm_exc_page_fault+0x26/0x30 [ 143.984739][ T9391] RIP: 0033:0x7f6a69575649 [ 143.984758][ T9391] Code: 37 00 00 0f 8e 09 fe ff ff e8 83 9e fe ff 49 39 c4 72 66 66 0f 1f 44 00 00 69 3d 56 00 ea 00 e8 03 00 00 48 8d 1d 57 09 37 00 32 95 12 00 eb 0c 48 81 c3 f0 00 00 00 48 39 eb 74 24 80 7b 20 [ 143.984860][ T9391] RSP: 002b:00007ffcb0553090 EFLAGS: 00010206 [ 143.984881][ T9391] RAX: 000000000002323d RBX: 00007f6a698e5fa0 RCX: 0000000000022e98 [ 143.984918][ T9391] RDX: 00000000000003a5 RSI: 00007ffcb0553070 RDI: 00000000000003e8 [ 143.984942][ T9391] RBP: 00007f6a698e7da0 R08: 0000000037aa2464 R09: 7fffffffffffffff [ 143.984955][ T9391] R10: 3fffffffffffffff R11: 0000000000000293 R12: 0000000000023331 [ 143.984969][ T9391] R13: 00007ffcb0553180 R14: ffffffffffffffff R15: 00007ffcb05531a0 [ 143.984995][ T9391] [ 143.985004][ T9391] memory: usage 307200kB, limit 307200kB, failcnt 333 [ 143.995511][ T29] audit: type=1326 audit(1758418407.123:14492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9416 comm="syz.5.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 144.005175][ T9391] memory+swap: usage 307384kB, limit 9007199254740988kB, failcnt 0 [ 144.008494][ T29] audit: type=1326 audit(1758418407.123:14493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9416 comm="syz.5.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 144.011458][ T9391] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 144.015986][ T29] audit: type=1326 audit(1758418407.123:14494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9416 comm="syz.5.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 144.020764][ T9391] Memory cgroup stats for [ 144.025043][ T29] audit: type=1326 audit(1758418407.123:14495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9416 comm="syz.5.1633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 144.317483][ T9391] /syz0: [ 144.317915][ T9391] cache 0 [ 144.317997][ T9423] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1636'. [ 144.320795][ T9391] rss 0 [ 144.320804][ T9391] shmem 0 [ 144.320812][ T9391] mapped_file 0 [ 144.320821][ T9391] dirty 0 [ 144.344934][ T9391] writeback 0 [ 144.348245][ T9391] workingset_refault_anon 123 [ 144.353136][ T9391] workingset_refault_file 728 [ 144.357884][ T9391] swap 188416 [ 144.361245][ T9391] swapcached 4096 [ 144.365063][ T9391] pgpgin 60213 [ 144.365745][ T9421] loop1: detected capacity change from 0 to 1024 [ 144.368468][ T9391] pgpgout 60212 [ 144.368479][ T9391] pgfault 83091 [ 144.368488][ T9391] pgmajfault 54 [ 144.368497][ T9391] inactive_anon 0 [ 144.389187][ T9391] active_anon 4096 [ 144.393103][ T9391] inactive_file 0 [ 144.396773][ T9391] active_file 0 [ 144.400280][ T9391] unevictable 0 [ 144.403854][ T9391] hierarchical_memory_limit 314572800 [ 144.405350][ T9421] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 144.409244][ T9391] hierarchical_memsw_limit 9223372036854771712 [ 144.409258][ T9391] total_cache 0 [ 144.409276][ T9391] total_rss 0 [ 144.409285][ T9391] total_shmem 0 [ 144.438206][ T9391] total_mapped_file 0 [ 144.442260][ T9391] total_dirty 0 [ 144.445731][ T9391] total_writeback 0 [ 144.449617][ T9391] total_workingset_refault_anon 123 [ 144.454845][ T9391] total_workingset_refault_file 728 [ 144.460093][ T9391] total_swap 188416 [ 144.463923][ T9391] total_swapcached 4096 [ 144.468171][ T9391] total_pgpgin 60213 [ 144.472095][ T9391] total_pgpgout 60212 [ 144.476102][ T9391] total_pgfault 83091 [ 144.480085][ T9391] total_pgmajfault 54 [ 144.484117][ T9391] total_inactive_anon 0 [ 144.488283][ T9391] total_active_anon 4096 [ 144.492571][ T9391] total_inactive_file 0 [ 144.496822][ T9391] total_active_file 0 [ 144.500820][ T9391] total_unevictable 0 [ 144.504853][ T9391] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1623,pid=9391,uid=0 [ 144.519772][ T9391] Memory cgroup out of memory: Killed process 9391 (syz.0.1623) total-vm:93760kB, anon-rss:1200kB, file-rss:22184kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 144.538051][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.627848][ T3309] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.702807][ T9446] loop3: detected capacity change from 0 to 512 [ 144.710992][ T9446] EXT4-fs (loop3): failed to initialize system zone (-117) [ 144.719531][ T9446] EXT4-fs (loop3): mount failed [ 144.727904][ T9450] loop4: detected capacity change from 0 to 512 [ 144.736329][ T9450] EXT4-fs: Ignoring removed mblk_io_submit option [ 144.755606][ T9450] EXT4-fs: Ignoring removed nomblk_io_submit option [ 144.786315][ T9446] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1646'. [ 144.795874][ T9452] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1645'. [ 144.805080][ T9454] TCP: TCP_TX_DELAY enabled [ 144.820032][ T9450] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 144.828549][ T9450] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 144.877777][ T9450] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1647: Allocating blocks 41-42 which overlap fs metadata [ 144.894617][ T9450] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1647: Failed to acquire dquot type 1 [ 144.916359][ T9450] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 144.936080][ T9450] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1647: corrupted inode contents [ 144.949258][ T9450] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #12: comm syz.4.1647: mark_inode_dirty error [ 144.964796][ T9450] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1647: corrupted inode contents [ 144.977182][ T9450] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.1647: mark_inode_dirty error [ 144.997450][ T9450] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1647: corrupted inode contents [ 145.012909][ T9450] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 145.022936][ T9450] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1647: corrupted inode contents [ 145.046918][ T9450] EXT4-fs error (device loop4): ext4_truncate:4666: inode #12: comm syz.4.1647: mark_inode_dirty error [ 145.058393][ T9450] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 145.068729][ T9450] EXT4-fs (loop4): 1 truncate cleaned up [ 145.075990][ T9450] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 145.102139][ T9450] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 145.151145][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 145.241109][ T9480] batadv_slave_0: entered promiscuous mode [ 145.247376][ T9480] batadv_slave_0: left promiscuous mode [ 145.268960][ T9483] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1659'. [ 145.283341][ T9483] loop1: detected capacity change from 0 to 512 [ 145.294327][ T9483] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 145.302455][ T9483] EXT4-fs (loop1): orphan cleanup on readonly fs [ 145.310737][ T9483] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1659: corrupted inode contents [ 145.312538][ T9486] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.1658'. [ 145.326114][ T9483] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.1659: mark_inode_dirty error [ 145.343710][ T9483] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1659: corrupted inode contents [ 145.345263][ T9480] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.1658'. [ 145.366598][ T9483] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.1659: mark_inode_dirty error [ 145.383678][ T9483] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1659: corrupted inode contents [ 145.403699][ T9483] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 145.412665][ T9483] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.1659: corrupted inode contents [ 145.424874][ T9483] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.1659: mark_inode_dirty error [ 145.442989][ T9483] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 145.463664][ T9483] EXT4-fs (loop1): 1 truncate cleaned up [ 145.464009][ T6999] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:15: Failed to release dquot type 1 [ 145.464564][ T9483] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 145.488640][ T9497] loop5: detected capacity change from 0 to 512 [ 145.503501][ T9497] EXT4-fs: Ignoring removed mblk_io_submit option [ 145.509986][ T9497] EXT4-fs: Ignoring removed nomblk_io_submit option [ 145.517658][ T9497] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 145.526234][ T9497] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 145.557998][ T9497] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1664: Allocating blocks 41-42 which overlap fs metadata [ 145.581318][ T9497] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1664: Failed to acquire dquot type 1 [ 145.593237][ T9497] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 145.607883][ T9497] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1664: corrupted inode contents [ 145.622592][ T9497] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #12: comm syz.5.1664: mark_inode_dirty error [ 145.653959][ T9497] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1664: corrupted inode contents [ 145.676492][ T9497] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.1664: mark_inode_dirty error [ 145.688526][ T9514] FAULT_INJECTION: forcing a failure. [ 145.688526][ T9514] name failslab, interval 1, probability 0, space 0, times 0 [ 145.688554][ T9514] CPU: 0 UID: 0 PID: 9514 Comm: syz.3.1671 Not tainted syzkaller #0 PREEMPT(voluntary) [ 145.688582][ T9514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 145.688598][ T9514] Call Trace: [ 145.688606][ T9514] [ 145.688616][ T9514] __dump_stack+0x1d/0x30 [ 145.688691][ T9514] dump_stack_lvl+0xe8/0x140 [ 145.688721][ T9514] dump_stack+0x15/0x1b [ 145.688744][ T9514] should_fail_ex+0x265/0x280 [ 145.688832][ T9514] should_failslab+0x8c/0xb0 [ 145.688858][ T9514] kmem_cache_alloc_noprof+0x50/0x310 [ 145.688969][ T9514] ? prepare_creds+0x37/0x4c0 [ 145.689058][ T9514] prepare_creds+0x37/0x4c0 [ 145.689091][ T9514] copy_creds+0x8f/0x3f0 [ 145.689122][ T9514] copy_process+0x658/0x2000 [ 145.689230][ T9514] ? kstrtouint+0x76/0xc0 [ 145.689263][ T9514] ? __rcu_read_unlock+0x4f/0x70 [ 145.689377][ T9514] kernel_clone+0x16c/0x5c0 [ 145.689414][ T9514] ? vfs_write+0x7e8/0x960 [ 145.689445][ T9514] __x64_sys_clone+0xe6/0x120 [ 145.689567][ T9514] x64_sys_call+0x119c/0x2ff0 [ 145.689597][ T9514] do_syscall_64+0xd2/0x200 [ 145.689718][ T9514] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 145.689752][ T9514] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 145.689793][ T9514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.689823][ T9514] RIP: 0033:0x7faf2310ec29 [ 145.689845][ T9514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.689869][ T9514] RSP: 002b:00007faf21b76fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 145.689895][ T9514] RAX: ffffffffffffffda RBX: 00007faf23355fa0 RCX: 00007faf2310ec29 [ 145.689912][ T9514] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000008010e000 [ 145.689969][ T9514] RBP: 00007faf21b77090 R08: 0000000000000000 R09: 0000000000000000 [ 145.689986][ T9514] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 145.690003][ T9514] R13: 00007faf23356038 R14: 00007faf23355fa0 R15: 00007ffec921a528 [ 145.690057][ T9514] [ 145.701564][ T9514] loop3: detected capacity change from 0 to 1024 [ 145.735084][ T9497] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1664: corrupted inode contents [ 145.861179][ T9514] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.873445][ T9497] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 145.942445][ T9497] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1664: corrupted inode contents [ 145.944969][ T9497] EXT4-fs error (device loop5): ext4_truncate:4666: inode #12: comm syz.5.1664: mark_inode_dirty error [ 145.968459][ T9497] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 145.977950][ T9497] EXT4-fs (loop5): 1 truncate cleaned up [ 145.991176][ T9497] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 146.028281][ T9525] random: crng reseeded on system resumption [ 146.099885][ T9533] loop4: detected capacity change from 0 to 512 [ 146.109373][ T9533] EXT4-fs (loop4): failed to initialize system zone (-117) [ 146.117008][ T9533] EXT4-fs (loop4): mount failed [ 146.158940][ T9538] loop5: detected capacity change from 0 to 1024 [ 146.228244][ T9547] syzkaller1: entered promiscuous mode [ 146.233803][ T9547] syzkaller1: entered allmulticast mode [ 146.359846][ T9558] random: crng reseeded on system resumption [ 146.490929][ T9573] loop5: detected capacity change from 0 to 512 [ 146.497808][ T9573] EXT4-fs: Ignoring removed mblk_io_submit option [ 146.504946][ T9573] EXT4-fs: Ignoring removed nomblk_io_submit option [ 146.512385][ T9573] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 146.520897][ T9573] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended [ 146.540122][ T9573] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1692: Allocating blocks 41-42 which overlap fs metadata [ 146.554273][ T9573] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1692: Allocating blocks 41-42 which overlap fs metadata [ 146.568438][ T9573] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1692: Failed to acquire dquot type 1 [ 146.580695][ T9573] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 146.595558][ T9573] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1692: corrupted inode contents [ 146.607976][ T9573] EXT4-fs error (device loop5): ext4_dirty_inode:6538: inode #12: comm syz.5.1692: mark_inode_dirty error [ 146.620852][ T9573] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1692: corrupted inode contents [ 146.635154][ T9573] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.1692: mark_inode_dirty error [ 146.647867][ T9573] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1692: corrupted inode contents [ 146.661308][ T9573] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem [ 146.670220][ T9573] EXT4-fs error (device loop5): ext4_do_update_inode:5653: inode #12: comm syz.5.1692: corrupted inode contents [ 146.684313][ T9573] EXT4-fs error (device loop5): ext4_truncate:4666: inode #12: comm syz.5.1692: mark_inode_dirty error [ 146.684488][ T9573] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem [ 146.684652][ T9573] EXT4-fs (loop5): 1 truncate cleaned up [ 146.720026][ T9573] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 146.788293][ T9589] smc: net device bond0 applied user defined pnetid SYZ0 [ 146.794763][ T9591] random: crng reseeded on system resumption [ 146.795840][ T9589] smc: net device bond0 erased user defined pnetid SYZ0 [ 146.830235][ T9594] loop3: detected capacity change from 0 to 512 [ 146.839224][ T9594] EXT4-fs (loop3): failed to initialize system zone (-117) [ 146.848671][ T9594] EXT4-fs (loop3): mount failed [ 147.267466][ T9616] random: crng reseeded on system resumption [ 147.284618][ T9618] smc: net device bond0 applied user defined pnetid SYZ0 [ 147.292029][ T9618] smc: net device bond0 erased user defined pnetid SYZ0 [ 147.374752][ T9626] FAULT_INJECTION: forcing a failure. [ 147.374752][ T9626] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 147.388070][ T9626] CPU: 0 UID: 0 PID: 9626 Comm: syz.5.1716 Not tainted syzkaller #0 PREEMPT(voluntary) [ 147.388106][ T9626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 147.388179][ T9626] Call Trace: [ 147.388188][ T9626] [ 147.388197][ T9626] __dump_stack+0x1d/0x30 [ 147.388224][ T9626] dump_stack_lvl+0xe8/0x140 [ 147.388249][ T9626] dump_stack+0x15/0x1b [ 147.388298][ T9626] should_fail_ex+0x265/0x280 [ 147.388323][ T9626] should_fail+0xb/0x20 [ 147.388346][ T9626] should_fail_usercopy+0x1a/0x20 [ 147.388376][ T9626] strncpy_from_user+0x25/0x230 [ 147.388460][ T9626] ? __kmalloc_cache_noprof+0x189/0x320 [ 147.388508][ T9626] __se_sys_memfd_create+0x1ff/0x590 [ 147.388533][ T9626] __x64_sys_memfd_create+0x31/0x40 [ 147.388560][ T9626] x64_sys_call+0x2abe/0x2ff0 [ 147.388654][ T9626] do_syscall_64+0xd2/0x200 [ 147.388717][ T9626] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 147.388741][ T9626] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 147.388789][ T9626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.388816][ T9626] RIP: 0033:0x7f87dffdec29 [ 147.388836][ T9626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.388915][ T9626] RSP: 002b:00007f87dea3ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 147.388935][ T9626] RAX: ffffffffffffffda RBX: 0000000000000519 RCX: 00007f87dffdec29 [ 147.389011][ T9626] RDX: 00007f87dea3eef0 RSI: 0000000000000000 RDI: 00007f87e0062810 [ 147.389027][ T9626] RBP: 00002000000009c0 R08: 00007f87dea3ebb7 R09: 00007f87dea3ee40 [ 147.389062][ T9626] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000980 [ 147.389077][ T9626] R13: 00007f87dea3eef0 R14: 00007f87dea3eeb0 R15: 0000200000000100 [ 147.389102][ T9626] [ 147.663142][ T9615] loop4: detected capacity change from 0 to 512 [ 147.665490][ T9634] block device autoloading is deprecated and will be removed. [ 147.677426][ T9615] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 147.707251][ T9615] EXT4-fs (loop4): 1 truncate cleaned up [ 147.886386][ T9658] __nla_validate_parse: 7 callbacks suppressed [ 147.886402][ T9658] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1730'. [ 147.923512][ T9658] loop0: detected capacity change from 0 to 512 [ 147.934016][ T9658] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 147.945725][ T9658] EXT4-fs (loop0): orphan cleanup on readonly fs [ 147.961635][ T9672] FAULT_INJECTION: forcing a failure. [ 147.961635][ T9672] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 147.965450][ T9670] loop5: detected capacity change from 0 to 1024 [ 147.974788][ T9672] CPU: 0 UID: 0 PID: 9672 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) [ 147.974823][ T9672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 147.974841][ T9672] Call Trace: [ 147.974850][ T9672] [ 147.974862][ T9672] __dump_stack+0x1d/0x30 [ 147.974900][ T9672] dump_stack_lvl+0xe8/0x140 [ 147.974926][ T9672] dump_stack+0x15/0x1b [ 147.974950][ T9672] should_fail_ex+0x265/0x280 [ 147.974986][ T9672] should_fail+0xb/0x20 [ 147.975075][ T9672] should_fail_usercopy+0x1a/0x20 [ 147.975118][ T9672] strncpy_from_user+0x25/0x230 [ 147.975164][ T9672] ? kmem_cache_alloc_noprof+0x186/0x310 [ 147.975271][ T9672] ? getname_flags+0x80/0x3b0 [ 147.975312][ T9672] getname_flags+0xae/0x3b0 [ 147.975359][ T9672] do_sys_openat2+0x60/0x110 [ 147.975436][ T9672] __x64_sys_openat+0xf2/0x120 [ 147.975550][ T9672] x64_sys_call+0x2e9c/0x2ff0 [ 147.975591][ T9672] do_syscall_64+0xd2/0x200 [ 147.975636][ T9672] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 147.975717][ T9672] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 147.975767][ T9672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.975797][ T9672] RIP: 0033:0x7f21b9d3ec29 [ 147.975820][ T9672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.975866][ T9672] RSP: 002b:00007f21b879f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 147.975892][ T9672] RAX: ffffffffffffffda RBX: 00007f21b9f85fa0 RCX: 00007f21b9d3ec29 [ 147.975910][ T9672] RDX: 0000000000084d03 RSI: 0000200000000380 RDI: ffffffffffffff9c [ 147.975927][ T9672] RBP: 00007f21b879f090 R08: 0000000000000000 R09: 0000000000000000 [ 147.975943][ T9672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 147.975960][ T9672] R13: 00007f21b9f86038 R14: 00007f21b9f85fa0 R15: 00007ffe482ff5d8 [ 147.975984][ T9672] [ 148.133898][ T9658] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1730: corrupted inode contents [ 148.141120][ T9670] EXT4-fs: Ignoring removed bh option [ 148.188808][ T9670] EXT4-fs: inline encryption not supported [ 148.195633][ T9658] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #16: comm syz.0.1730: mark_inode_dirty error [ 148.208890][ T9670] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 148.220886][ T9658] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1730: corrupted inode contents [ 148.235127][ T9658] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #16: comm syz.0.1730: mark_inode_dirty error [ 148.246943][ T9658] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1730: corrupted inode contents [ 148.260638][ T9670] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 148.269738][ T9670] EXT4-fs (loop5): orphan cleanup on readonly fs [ 148.294395][ T9670] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 2: comm syz.5.1736: lblock 2 mapped to illegal pblock 2 (length 1) [ 148.320016][ T9658] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 148.344995][ T9693] loop1: detected capacity change from 0 to 512 [ 148.354656][ T9670] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 48: comm syz.5.1736: lblock 0 mapped to illegal pblock 48 (length 1) [ 148.370775][ T9670] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.1736: Failed to acquire dquot type 0 [ 148.372624][ T9658] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #16: comm syz.0.1730: corrupted inode contents [ 148.384190][ T9693] EXT4-fs (loop1): too many log groups per flexible block group [ 148.401654][ T9693] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 148.420142][ T9658] EXT4-fs error (device loop0): ext4_truncate:4666: inode #16: comm syz.0.1730: mark_inode_dirty error [ 148.431658][ T9693] EXT4-fs (loop1): mount failed [ 148.442359][ T9670] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 148.463471][ T9658] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 148.473530][ T9670] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.1736: mark_inode_dirty error [ 148.489731][ T9658] EXT4-fs (loop0): 1 truncate cleaned up [ 148.496964][ T56] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:4: Failed to release dquot type 1 [ 148.512169][ T9693] loop1: detected capacity change from 0 to 164 [ 148.518764][ T9670] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 148.534897][ T9670] EXT4-fs (loop5): 1 orphan inode deleted [ 148.540863][ T6999] EXT4-fs error (device loop5): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:15: lblock 1 mapped to illegal pblock 1 (length 1) [ 148.556074][ T6999] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:15: Failed to release dquot type 0 [ 148.567805][ T9693] ISOFS: unable to read i-node block [ 148.573199][ T9693] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 148.577523][ T9690] random: crng reseeded on system resumption [ 148.632996][ T9712] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 148.661495][ T9712] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 149.421393][ T29] kauditd_printk_skb: 334 callbacks suppressed [ 149.421426][ T29] audit: type=1400 audit(1758418412.583:14813): avc: denied { read write } for pid=9729 comm="syz.3.1760" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 149.452870][ T29] audit: type=1400 audit(1758418412.583:14814): avc: denied { open } for pid=9729 comm="syz.3.1760" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 149.501320][ T9732] FAULT_INJECTION: forcing a failure. [ 149.501320][ T9732] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 149.514653][ T9732] CPU: 0 UID: 0 PID: 9732 Comm: syz.5.1761 Not tainted syzkaller #0 PREEMPT(voluntary) [ 149.514687][ T9732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 149.514704][ T9732] Call Trace: [ 149.514712][ T9732] [ 149.514722][ T9732] __dump_stack+0x1d/0x30 [ 149.514821][ T9732] dump_stack_lvl+0xe8/0x140 [ 149.514849][ T9732] dump_stack+0x15/0x1b [ 149.514872][ T9732] should_fail_ex+0x265/0x280 [ 149.514963][ T9732] should_fail+0xb/0x20 [ 149.514991][ T9732] should_fail_usercopy+0x1a/0x20 [ 149.515025][ T9732] _copy_from_user+0x1c/0xb0 [ 149.515065][ T9732] __sys_sendto+0x19e/0x330 [ 149.515145][ T9732] __x64_sys_sendto+0x76/0x90 [ 149.515172][ T9732] x64_sys_call+0x2d05/0x2ff0 [ 149.515254][ T9732] do_syscall_64+0xd2/0x200 [ 149.515299][ T9732] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 149.515330][ T9732] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 149.515437][ T9732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.515459][ T9732] RIP: 0033:0x7f87dffdec29 [ 149.515474][ T9732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.515493][ T9732] RSP: 002b:00007f87dea3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 149.515512][ T9732] RAX: ffffffffffffffda RBX: 00007f87e0225fa0 RCX: 00007f87dffdec29 [ 149.515547][ T9732] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 149.515596][ T9732] RBP: 00007f87dea3f090 R08: 0000200000b63fe4 R09: 000000000000001c [ 149.515610][ T9732] R10: 0000000020000004 R11: 0000000000000246 R12: 0000000000000001 [ 149.515636][ T9732] R13: 00007f87e0226038 R14: 00007f87e0225fa0 R15: 00007fff1bd646b8 [ 149.515658][ T9732] [ 149.517134][ T29] audit: type=1400 audit(1758418412.663:14815): avc: denied { name_bind } for pid=9731 comm="syz.5.1761" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 149.559836][ T9709] syz.1.1751 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 149.676194][ T9734] @: renamed from vlan0 (while UP) [ 149.677294][ T9709] CPU: 1 UID: 0 PID: 9709 Comm: syz.1.1751 Not tainted syzkaller #0 PREEMPT(voluntary) [ 149.677382][ T9709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 149.677402][ T9709] Call Trace: [ 149.677411][ T9709] [ 149.677420][ T9709] __dump_stack+0x1d/0x30 [ 149.677450][ T9709] dump_stack_lvl+0xe8/0x140 [ 149.677478][ T9709] dump_stack+0x15/0x1b [ 149.677503][ T9709] dump_header+0x81/0x220 [ 149.677698][ T9709] oom_kill_process+0x342/0x400 [ 149.677748][ T9709] out_of_memory+0x979/0xb80 [ 149.677798][ T9709] try_charge_memcg+0x5e6/0x9e0 [ 149.677884][ T9709] obj_cgroup_charge_pages+0xa6/0x150 [ 149.677931][ T9709] __memcg_kmem_charge_page+0x9f/0x170 [ 149.678046][ T9709] __alloc_frozen_pages_noprof+0x188/0x360 [ 149.678103][ T9709] alloc_pages_mpol+0xb3/0x250 [ 149.678151][ T9709] alloc_pages_noprof+0x90/0x130 [ 149.678198][ T9709] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 149.678360][ T9709] __kvmalloc_node_noprof+0x30f/0x4e0 [ 149.678405][ T9709] ? ip_set_alloc+0x1f/0x30 [ 149.678512][ T9709] ? ip_set_alloc+0x1f/0x30 [ 149.678540][ T9709] ? __kmalloc_cache_noprof+0x189/0x320 [ 149.678583][ T9709] ip_set_alloc+0x1f/0x30 [ 149.678696][ T9709] hash_netiface_create+0x282/0x740 [ 149.678729][ T9709] ? __pfx_hash_netiface_create+0x10/0x10 [ 149.678763][ T9709] ip_set_create+0x3c9/0x960 [ 149.678811][ T9709] ? __nla_parse+0x40/0x60 [ 149.678859][ T9709] nfnetlink_rcv_msg+0x4c3/0x590 [ 149.678915][ T9709] netlink_rcv_skb+0x123/0x220 [ 149.678948][ T9709] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 149.678994][ T9709] nfnetlink_rcv+0x16b/0x1690 [ 149.679032][ T9709] ? nlmon_xmit+0x4f/0x60 [ 149.679077][ T9709] ? consume_skb+0x49/0x150 [ 149.679110][ T9709] ? nlmon_xmit+0x4f/0x60 [ 149.679187][ T9709] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 149.679228][ T9709] ? __dev_queue_xmit+0x1200/0x2000 [ 149.679267][ T9709] ? __dev_queue_xmit+0x182/0x2000 [ 149.679337][ T9709] ? ref_tracker_free+0x37d/0x3e0 [ 149.679379][ T9709] ? __netlink_deliver_tap+0x4dc/0x500 [ 149.679421][ T9709] netlink_unicast+0x5bd/0x690 [ 149.679501][ T9709] netlink_sendmsg+0x58b/0x6b0 [ 149.679541][ T9709] ? __pfx_netlink_sendmsg+0x10/0x10 [ 149.679581][ T9709] __sock_sendmsg+0x142/0x180 [ 149.679654][ T9709] ____sys_sendmsg+0x31e/0x4e0 [ 149.679697][ T9709] ___sys_sendmsg+0x17b/0x1d0 [ 149.679778][ T9709] __x64_sys_sendmsg+0xd4/0x160 [ 149.679823][ T9709] x64_sys_call+0x191e/0x2ff0 [ 149.679855][ T9709] do_syscall_64+0xd2/0x200 [ 149.679902][ T9709] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 149.679948][ T9709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.680036][ T9709] RIP: 0033:0x7f58a616ec29 [ 149.680058][ T9709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.680151][ T9709] RSP: 002b:00007f58a4bd7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 149.680178][ T9709] RAX: ffffffffffffffda RBX: 00007f58a63b5fa0 RCX: 00007f58a616ec29 [ 149.680275][ T9709] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000006 [ 149.680293][ T9709] RBP: 00007f58a61f1e41 R08: 0000000000000000 R09: 0000000000000000 [ 149.680310][ T9709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 149.680328][ T9709] R13: 00007f58a63b6038 R14: 00007f58a63b5fa0 R15: 00007ffd5b6ceaa8 [ 149.680356][ T9709] [ 149.680368][ T9709] memory: usage 307200kB, limit 307200kB, failcnt 772 [ 149.685579][ T29] audit: type=1400 audit(1758418412.843:14816): avc: denied { ioctl } for pid=9729 comm="syz.3.1760" path="socket:[27762]" dev="sockfs" ino=27762 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 149.688499][ T9709] memory+swap: usage 307616kB, limit 9007199254740988kB, failcnt 0 [ 149.753590][ T29] audit: type=1326 audit(1758418412.923:14817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9735 comm="syz.5.1762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 149.755488][ T9709] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0 [ 149.755507][ T9709] Memory cgroup stats for [ 149.759860][ T29] audit: type=1326 audit(1758418412.923:14818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9735 comm="syz.5.1762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 149.764465][ T9709] /syz1: [ 149.770795][ T29] audit: type=1326 audit(1758418412.933:14819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9735 comm="syz.5.1762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=187 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 149.775315][ T9709] cache 0 [ 149.777977][ T29] audit: type=1326 audit(1758418412.933:14820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9735 comm="syz.5.1762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 149.782776][ T9709] rss 0 [ 149.782787][ T9709] shmem 0 [ 149.792109][ T29] audit: type=1326 audit(1758418412.953:14821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9735 comm="syz.5.1762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 149.793097][ T9709] mapped_file 0 [ 149.793108][ T9709] dirty 0 [ 149.793195][ T9709] writeback 0 [ 149.793203][ T9709] workingset_refault_anon 280 [ 149.793213][ T9709] workingset_refault_file 3261 [ 149.793223][ T9709] swap 425984 [ 149.793231][ T9709] swapcached 0 [ 149.793239][ T9709] pgpgin 107355 [ 149.793247][ T9709] pgpgout 107350 [ 149.793256][ T9709] pgfault 113958 [ 149.793264][ T9709] pgmajfault 209 [ 149.793272][ T9709] inactive_anon 0 [ 149.793281][ T9709] active_anon 0 [ 149.793289][ T9709] inactive_file 0 [ 149.793297][ T9709] active_file 20480 [ 149.793303][ T9709] unevictable 0 [ 149.793356][ T9709] hierarchical_memory_limit 314572800 [ 149.793393][ T9709] hierarchical_memsw_limit 9223372036854771712 [ 149.793402][ T9709] total_cache 0 [ 149.793410][ T9709] total_rss 0 [ 149.793418][ T9709] total_shmem 0 [ 149.793426][ T9709] total_mapped_file 0 [ 149.793435][ T9709] total_dirty 0 [ 149.793443][ T9709] total_writeback 0 [ 149.793524][ T9709] total_workingset_refault_anon 280 [ 149.793534][ T9709] total_workingset_refault_file 3261 [ 149.793545][ T9709] total_swap 425984 [ 149.793554][ T9709] total_swapcached 0 [ 149.793562][ T9709] total_pgpgin 107355 [ 149.793571][ T9709] total_pgpgout 107350 [ 149.793580][ T9709] total_pgfault 113958 [ 149.793589][ T9709] total_pgmajfault 209 [ 149.793598][ T9709] total_inactive_anon 0 [ 149.793607][ T9709] total_active_anon 0 [ 149.793654][ T9709] total_inactive_file 0 [ 149.793664][ T9709] total_active_file 20480 [ 149.793673][ T9709] total_unevictable 0 [ 149.793682][ T9709] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1751,pid=9708,uid=0 [ 149.793804][ T9709] Memory cgroup out of memory: Killed process 9708 (syz.1.1751) total-vm:93760kB, anon-rss:1052kB, file-rss:22296kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 149.986900][ T9738] netlink: 'syz.5.1762': attribute type 1 has an invalid length. [ 150.004497][ T29] audit: type=1326 audit(1758418412.953:14822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9735 comm="syz.5.1762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87dffdec29 code=0x7ffc0000 [ 150.598247][ T9767] smc: net device bond0 applied user defined pnetid SYZ0 [ 150.612360][ T9767] smc: net device bond0 erased user defined pnetid SYZ0 [ 150.624388][ T9772] netlink: 20 bytes leftover after parsing attributes in process `gtp'. [ 150.652552][ T9776] smc: net device bond0 applied user defined pnetid SYZ0 [ 150.660698][ T9776] smc: net device bond0 erased user defined pnetid SYZ0 [ 150.700659][ T9783] loop5: detected capacity change from 0 to 512 [ 150.707897][ T9786] loop1: detected capacity change from 0 to 512 [ 150.723488][ T9786] EXT4-fs (loop1): too many log groups per flexible block group [ 150.731296][ T9786] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 150.740891][ T9788] wireguard0: entered promiscuous mode [ 150.741299][ T9783] EXT4-fs (loop5): too many log groups per flexible block group [ 150.746446][ T9788] wireguard0: entered allmulticast mode [ 150.759811][ T9783] EXT4-fs (loop5): failed to initialize mballoc (-12) [ 150.766687][ T9786] EXT4-fs (loop1): mount failed [ 150.775263][ T9783] EXT4-fs (loop5): mount failed [ 150.786268][ T9786] loop1: detected capacity change from 0 to 164 [ 150.793353][ T9786] ISOFS: unable to read i-node block [ 150.798689][ T9786] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 150.839060][ T9783] loop5: detected capacity change from 0 to 164 [ 150.853022][ T9798] loop1: detected capacity change from 0 to 128 [ 150.877519][ T9783] ISOFS: unable to read i-node block [ 150.882953][ T9783] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 151.066582][ T9804] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1786'. [ 151.142530][ T9818] smc: net device bond0 applied user defined pnetid SYZ0 [ 151.168120][ T9818] smc: net device bond0 erased user defined pnetid SYZ0 [ 151.262036][ T9825] loop5: detected capacity change from 0 to 512 [ 151.367384][ T9827] loop1: detected capacity change from 0 to 512 [ 151.583952][ T9827] ext4 filesystem being mounted at /377/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 151.597257][ T9825] EXT4-fs (loop5): too many log groups per flexible block group [ 151.605125][ T9825] EXT4-fs (loop5): failed to initialize mballoc (-12) [ 151.636135][ T9827] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1795: bg 0: block 328: padding at end of block bitmap is not set [ 151.665565][ T9825] EXT4-fs (loop5): mount failed [ 151.689646][ T9838] loop4: detected capacity change from 0 to 1024 [ 151.700210][ T9825] loop5: detected capacity change from 0 to 164 [ 151.712959][ T9825] ISOFS: unable to read i-node block [ 151.718497][ T9825] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 151.954059][ T9853] No source specified [ 152.008230][ T9851] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1803'. [ 152.210465][ T9867] lo speed is unknown, defaulting to 1000 [ 152.223895][ T9867] lo speed is unknown, defaulting to 1000 [ 152.427877][ T9847] loop5: detected capacity change from 0 to 512 [ 152.435377][ T9847] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 152.448265][ T9847] EXT4-fs (loop5): 1 truncate cleaned up [ 152.568680][ T9877] program syz.4.1812 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 152.771632][ T9890] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1818'. [ 152.842970][ T9896] loop5: detected capacity change from 0 to 512 [ 152.881538][ T9896] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 152.893803][ T9900] netlink: 20 bytes leftover after parsing attributes in process `gtp'. [ 152.928068][ T9896] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1820: bg 0: block 328: padding at end of block bitmap is not set [ 152.955254][ T9904] netlink: 'syz.4.1823': attribute type 4 has an invalid length. [ 152.974523][ T1035] lo speed is unknown, defaulting to 1000 [ 152.980301][ T1035] syz0: Port: 1 Link DOWN [ 152.986376][ T9904] netlink: 'syz.4.1823': attribute type 4 has an invalid length. [ 153.025286][ T1035] lo speed is unknown, defaulting to 1000 [ 153.031089][ T1035] syz0: Port: 1 Link ACTIVE [ 153.047460][ T9906] loop0: detected capacity change from 0 to 1024 [ 153.316298][ T9923] loop0: detected capacity change from 0 to 512 [ 153.340681][ T9925] smc: net device bond0 applied user defined pnetid SYZ0 [ 153.344891][ T9923] EXT4-fs: Ignoring removed mblk_io_submit option [ 153.361457][ T9925] smc: net device bond0 erased user defined pnetid SYZ0 [ 153.372361][ T9923] EXT4-fs: Ignoring removed nomblk_io_submit option [ 153.397001][ T9923] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 153.405585][ T9923] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 153.457116][ T9923] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.1830: Allocating blocks 41-42 which overlap fs metadata [ 153.490703][ T9923] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.1830: Allocating blocks 41-42 which overlap fs metadata [ 153.516895][ T9923] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.1830: Failed to acquire dquot type 1 [ 153.558018][ T9923] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 153.572877][ T9933] loop4: detected capacity change from 0 to 512 [ 153.579606][ T9933] EXT4-fs: Ignoring removed mblk_io_submit option [ 153.596350][ T9923] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.1830: corrupted inode contents [ 153.608906][ T9933] EXT4-fs: Ignoring removed nomblk_io_submit option [ 153.612723][ T9923] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #12: comm syz.0.1830: mark_inode_dirty error [ 153.630909][ T9933] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 153.639527][ T9933] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 153.652004][ T9923] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.1830: corrupted inode contents [ 153.667581][ T9923] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm syz.0.1830: mark_inode_dirty error [ 153.680643][ T9933] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.1834: Allocating blocks 41-42 which overlap fs metadata [ 153.695327][ T9923] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.1830: corrupted inode contents [ 153.708345][ T9933] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.1834: Failed to acquire dquot type 1 [ 153.712326][ T9923] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 153.721228][ T9933] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 153.744315][ T9933] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1834: corrupted inode contents [ 153.744326][ T9923] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm syz.0.1830: corrupted inode contents [ 153.744512][ T9933] ================================================================== [ 153.744553][ T9933] BUG: KCSAN: data-race in data_push_tail / vsnprintf [ 153.744592][ T9933] [ 153.744598][ T9933] write to 0xffffffff88e3bf8f of 24 bytes by task 9923 on cpu 1: [ 153.744617][ T9933] vsnprintf+0x2ce/0x890 [ 153.744639][ T9933] pointer+0x833/0xcf0 [ 153.744668][ T9933] vsnprintf+0x491/0x890 [ 153.744696][ T9933] vscnprintf+0x41/0x90 [ 153.744723][ T9933] printk_sprint+0x30/0x2d0 [ 153.744742][ T9933] vprintk_store+0x599/0x860 [ 153.744765][ T9933] vprintk_emit+0x178/0x650 [ 153.744782][ T9933] vprintk_default+0x26/0x30 [ 153.744815][ T9933] vprintk+0x1d/0x30 [ 153.744838][ T9933] _printk+0x79/0xa0 [ 153.744874][ T9933] __ext4_error_inode+0x2ca/0x3f0 [ 153.744909][ T9933] ext4_mark_iloc_dirty+0x35e/0xda0 [ 153.744933][ T9933] __ext4_mark_inode_dirty+0x2e2/0x3f0 [ 153.744968][ T9933] ext4_truncate+0x8e5/0xae0 [ 153.744993][ T9933] ext4_process_orphan+0x110/0x1c0 [ 153.745013][ T9933] ext4_orphan_cleanup+0x6a8/0xa00 [ 153.745033][ T9933] ext4_fill_super+0x3260/0x35d0 [ 153.745074][ T9933] get_tree_bdev_flags+0x28e/0x300 [ 153.745100][ T9933] get_tree_bdev+0x1f/0x30 [ 153.745128][ T9933] ext4_get_tree+0x1c/0x30 [ 153.745163][ T9933] vfs_get_tree+0x57/0x1d0 [ 153.745185][ T9933] do_new_mount+0x207/0x5e0 [ 153.745208][ T9933] path_mount+0x4a4/0xb20 [ 153.745233][ T9933] __se_sys_mount+0x28f/0x2e0 [ 153.745263][ T9933] __x64_sys_mount+0x67/0x80 [ 153.745286][ T9933] x64_sys_call+0x2b4d/0x2ff0 [ 153.745307][ T9933] do_syscall_64+0xd2/0x200 [ 153.745344][ T9933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.745372][ T9933] [ 153.745379][ T9933] read to 0xffffffff88e3bfa0 of 8 bytes by task 9933 on cpu 0: [ 153.745397][ T9933] data_push_tail+0xfd/0x420 [ 153.745437][ T9933] data_alloc+0xbf/0x2b0 [ 153.745469][ T9933] prb_reserve+0x808/0xaf0 [ 153.745499][ T9933] vprintk_store+0x56d/0x860 [ 153.745515][ T9933] vprintk_emit+0x178/0x650 [ 153.745536][ T9933] vprintk_default+0x26/0x30 [ 153.745558][ T9933] vprintk+0x1d/0x30 [ 153.745581][ T9933] _printk+0x79/0xa0 [ 153.745608][ T9933] __ext4_error_inode+0x2ca/0x3f0 [ 153.745648][ T9933] ext4_mark_iloc_dirty+0x35e/0xda0 [ 153.745669][ T9933] __ext4_mark_inode_dirty+0x2e2/0x3f0 [ 153.745698][ T9933] ext4_dirty_inode+0x92/0xc0 [ 153.745722][ T9933] __mark_inode_dirty+0x15f/0x750 [ 153.745761][ T9933] ext4_free_blocks+0xea9/0x1480 [ 153.745799][ T9933] ext4_ext_remove_space+0x177b/0x2900 [ 153.745831][ T9933] ext4_ext_truncate+0xc7/0x170 [ 153.745862][ T9933] ext4_truncate+0x70d/0xae0 [ 153.745889][ T9933] ext4_process_orphan+0x110/0x1c0 [ 153.745916][ T9933] ext4_orphan_cleanup+0x6a8/0xa00 [ 153.745937][ T9933] ext4_fill_super+0x3260/0x35d0 [ 153.745975][ T9933] get_tree_bdev_flags+0x28e/0x300 [ 153.746000][ T9933] get_tree_bdev+0x1f/0x30 [ 153.746022][ T9933] ext4_get_tree+0x1c/0x30 [ 153.746062][ T9933] vfs_get_tree+0x57/0x1d0 [ 153.746088][ T9933] do_new_mount+0x207/0x5e0 [ 153.746116][ T9933] path_mount+0x4a4/0xb20 [ 153.746142][ T9933] __se_sys_mount+0x28f/0x2e0 [ 153.746169][ T9933] __x64_sys_mount+0x67/0x80 [ 153.746195][ T9933] x64_sys_call+0x2b4d/0x2ff0 [ 153.746216][ T9933] do_syscall_64+0xd2/0x200 [ 153.746253][ T9933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.746280][ T9933] [ 153.746287][ T9933] value changed: 0x00000000fffff298 -> 0x0a737473746e6574 [ 153.746300][ T9933] [ 153.746306][ T9933] Reported by Kernel Concurrency Sanitizer on: [ 153.746318][ T9933] CPU: 0 UID: 0 PID: 9933 Comm: syz.4.1834 Not tainted syzkaller #0 PREEMPT(voluntary) [ 153.746343][ T9933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 153.746357][ T9933] ================================================================== [ 153.866215][ T9923] EXT4-fs error (device loop0): ext4_truncate:4666: inode #12: comm syz.0.1830: mark_inode_dirty error [ 153.869578][ T9933] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #12: comm syz.4.1834: mark_inode_dirty error [ 154.047282][ T9923] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 154.054228][ T9933] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1834: corrupted inode contents [ 154.184663][ T9923] EXT4-fs (loop0): 1 truncate cleaned up [ 154.193029][ T9933] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.1834: mark_inode_dirty error [ 154.232029][ T9933] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1834: corrupted inode contents [ 154.253654][ T9923] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 154.272726][ T9933] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 154.291487][ T9933] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.1834: corrupted inode contents [ 154.320510][ T9933] EXT4-fs error (device loop4): ext4_truncate:4666: inode #12: comm syz.4.1834: mark_inode_dirty error [ 154.351083][ T9933] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 154.375707][ T9933] EXT4-fs (loop4): 1 truncate cleaned up [ 154.409637][ T9933] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.