last executing test programs: 11.581543297s ago: executing program 3 (id=5225): lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0xf1, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) clock_gettime(0x0, &(0x7f0000000100)) 11.560175609s ago: executing program 3 (id=5226): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000ffff0000b7030000000000008500000083000000bf090000000000005509010000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000680)={[{@norecovery}, {@dax_never}, {@init_itable}, {@nogrpid}, {@norecovery}, {@orlov}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y") r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000000000060000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd']) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000080022b35c73a6b8dc3429c67560e1994f3fdfa384f61066f21506258a6bde0962943f17fba84216c8883cef93dd69774b5339fcbf136f57d38a804c9f1bcfe0485632fd3d231a342dfb418a3900eaf5603455e9303f770177cbdc8e9639bdd9d06306", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) utime(&(0x7f0000000200)='./file0\x00', 0x0) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="02140000040000001600d0e1010099e51a499a973a", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) fcntl$lock(r7, 0x7, &(0x7f0000000140)={0x0, 0x0, 0xb7400000000}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fcntl$lock(r7, 0x6, &(0x7f00000000c0)={0x1, 0x0, 0x0, 0x2066}) r8 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) fcntl$lock(r8, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x2000000000}) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6, 0xffffffffffffffff}, 0x4) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f00000000c0)=0x39, 0x4) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x10) rmdir(0x0) delete_module(&(0x7f0000000200)='\x00', 0x900) 11.44336148s ago: executing program 3 (id=5229): r0 = io_uring_setup(0x17c7, &(0x7f0000000580)={0x0, 0x0, 0x400, 0x20000000}) r1 = socket$inet(0x2, 0x2, 0x1) keyctl$KEYCTL_MOVE(0x4, 0x0, 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r2}, 0x10) sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000400)="08001efbb07d586e", 0xffe8}], 0x1, &(0x7f0000000040)=[@ip_tos_int={{0x14, 0x0, 0x7}}], 0x18}, 0x0) r3 = socket$rxrpc(0x21, 0x2, 0xa) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="eb0000000000000000000000000000000000000000000000000043dd6ced9a10b704026556cc0d3a32418a2a9fc5a00bc750abb770cfadb76433eb7ee99695ac0efc8e313dd90000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5], 0x0, 0x10c, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0) bind$rxrpc(r3, 0x0, 0x0) listen(r3, 0x4) close_range(r0, 0xffffffffffffffff, 0x0) 11.349020529s ago: executing program 3 (id=5230): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}]}, @NFT_MSG_NEWSETELEM={0x6c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x40, 0x3, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x30, 0xb, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x5}, @NFTA_LIMIT_UNIT={0xc}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xf0}}, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) getresgid(&(0x7f0000002300)=0x0, &(0x7f0000002340), 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002a40)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000480)="be6e95f2e359d00a8812098f4943a4a4007098ef0c56141274bcc84dec83121c70fb160dbe4757f35b70df80b90f27c8611a94a49eb56e67674ddd1171affab786fcf77f20a5198b45a58e61a7bf4108723ab4b4ffe0b65f1ef560e32b80a0a66d8f4525d394468da94bd75157d378e8058110e043a249881c4d6189dc2bcfb5f364c5d460e184726c4eb3e6fb5bdc9dca80387e275eee92667d6cfc3ab4cbc6c1711c886df6b56eb3b4563d7a5ddccec0f04d24f3ec91d73b036eeff0d485a95f6aa41c15ca60162ad67dcf72e4aef01ee61162d332a5280160f207219701e3ec7bd5ce2c92c18717e2d738891da754eb9087e1ea2880cda0ea4e7c1e38e672dae969f5abe275ebfe5120e297f71f832fcacc9d542c9746d06eef754c2473c2edaa802843f2d02bfbd5b854272d6ad711ebb65642a259903cda64999a2861c906810df3b49414f541e5b2175db04619518bf8de7ed19ce7fa3f3ed2a71e703a65ec08526985d576f50d2d6b8effc9c460cd034a03255325f489b89bde242ed4b18c7178a5048bddfe8e448142c4f7f661eb61991e1009ad1eb8d806a72c056c8e6df5fc4c2dfa6b72d417b81ec7fa3b8576a424a676d991bd2267e21b3062bafc8cef6f74f0f41dda1d00a23c038fad61742a29db85c42070e76e919c014e1f06e52ab8015ff526276fdb2aa738a44171a768d4e64ed43d2ebb569f5a30dab0a3909d628a2becd544ab602422bac8b5d1e19b7e4f3a66882bbc8238420e43af098b8d62a8396e050bfac06c5e03aaf377a61b0b394ef68c4bddfa7620fed268aea8ef9dc0015841c72e27bdcecc11cb1416c0e902c0960b53d998c48f63900487e67edb374fdc25f904cf88154cc371abfddc14a97d984a32bd5a1aefa01b3ac076dac2915b19af95d30972ab05ec90ef4531102e136bf32adca0b5303d7b7ef3596b813e379b4e53ac1a7fc5e93477a64322f5dc028c1860d2b84238bf6e68cbcb9b77b8ec0382dd9474bfb69318683c0d6d3211be78116a3ba7dccd0bb8831226498a0b60f7316e23ce69ec789e19a03e635216eff15ba3946b16df72fe66b28d30d6ca9cbd88f285f9d1fd37ff9aa1f0b4904e1c0327d9b29a51f8a864271f76feb049b051905fa98bf41cf1fe61961bed61944d617066fd02e1045fe7966e4d75489efbd60d6f22168494c853bdf83589dac640cff92c16aa45f5b43eebb57d0c6bcc77ac945d73bc30bbaee7bfce5384d208ce96ac94e9791bac890eb01b2c26200679a8941feb12824859782d2576cc1d65eaeb5689fa6ca49b0ccef312fc38e5a44308add8ddf3fe667756cc0aeb37ea53db1f968e927fc29d36249964ae968b7bb27981258e3d46420284ce35cf159f9d0b12f70c963053e3e468c9f4ad8612379d9b76a0afbceaa1c502196f73c0679b140e15e946297596f2e42d86963bb07f115a6430ba4c8addd9ae83dc57b2d64ca32d7aaa5a68140160f2fb27915f28804339dd44d954d7548855c59c4a9fd9350ed0c178cd3a28f56b110547c0d3eec08a7389df4228aa1aa9a0583ed7215c97733805c9c5c271b46f79f64e96981405b21614a48d3bcd00be6910cd50fc5ba63200d750dfacff3eff5ef14a5cb52d0c77d4a1a75456d81f577d865736375f6efd05f472196232801ac226d515138c1fbd2cb284b1b73a71add8e209d2e53ba63b4e5c8771a18362f67cdeb388c76e3a3001199a5e1a950e61a7cf9741c33f0914fdac3f80a82ce75e3c44441091a7fab7bba8ca1609db59cf75570e26beb425a390c5534065ed271c44f572daf5ff9f366261c204c5ef5fca6a8b70a88c18b30c2abb36e9fd85494b42794e78ce6ac34f260b0f1f191ea819c82e0995c470e6f954a419ebb622e20d0c68ece5d4aa3a2d3f3ee4473727a09484b143aa13eaddb2e6171d4b58071d180f53e66eadebf854fb2a8ac397bfa8b30a1ae60226e73109d9efc73fde337664e58986cb01450cf7c35f80dcd4c8f03d61f40c37bd497b6ee83a9faa365a3707eeecd3cc7ed65a450b7417889ef6fbd4d8bb5c5fefd9cdefb658c92ff6adefb0998d60153eb2b252cfacd044a15d3249b64b31385bd03dd0dc95021479c71e1d11c2fbbd62cab8b2a81c975102f0865f8b61ba112ef791e50d45a237baa4e827c38753470c62f72e5169a2463fcb657ee94ee1aac449dbbecdf1f341c663258364ce3a073407ca2c8e5049732f4087cd19784864176c76d64732a13f72fc0310e3bddc8fa7fb0e8170f453d5d557e8e5277bdcad4d70be484229840dbdcd1985c20b477f5b93fc381616d16ad635e1cb9cecaa9845f98f26cfa584f3d8991f9baf32ab462ba72a6be61ec81c1633bccc2a82d326a53653dcb83c2dbb04c9340142a8b5e0257dd4eff7c87cc7555104d8602dc3f4291549924ad53ad9fa526674ca2651f474f58ce3035be504fdf76b58c066dd5c71e4e4b22a208c7c43e05c903a00a7e7666748117284ea59ec991f9ba369f9331dd0c7bea61a36f984830b48856177ce9e4eb5be9791f65a722c52c00acc5a3982b29d468bd9db44caa1c2e15c9dd7a918fe79dcd8684f0ed6d5c4cc52fb10fd463d1bc7d8cdd0f29f169ec4125e88da0b1123327e1148aa1acbcc7868f1e39a43cd9f9e47c335b8c3fd742cdb9a56d1aceca721a9052d4afc1c97831033b4d3970e9f26f34c00cff020812344eb6479030949b531dec59d1180b3e7c9b9c76fb711a07f10ff097f3ef940c8341667a8d0df64931b9d8365e2a55eb8b28653c8ca0330ba061513d5cf7269132c469b71e0216a44bdd598d198a306708fb12878dca5ff65d2ca9bc437735b51e14732dea27ddca812abfd6045331dbd8446386531e1d6304c112f21b424a00e88763678097716d332bda3d4f07f57e303e1c067a86b3d6c1761c1ed0861dcec4d6be298eb35056df25b1d7da1fdea782c8ed5327a55cf5671da7cc9d6f5f2d68e4eb972c8feefc3e4701fd3e326762a26cc70b7d29df731772149034f03f38f00bb39effd3bfcf008e90a7484287b5d7abd441b1a87ab74139d47f4ad219ffc524a3ae8db623a2e773dc02f0f78ed9b9c8d4f7ce67adf90e8d21e379a149196a4a6486f6bc593107363d5dfd727df674311c3b5188f28a6bc9faa4032fc2a20c4fa05ae5bc73c46d1d780e90ab13d06ffd7dfe16b6f483aea41c8706ab73eb6a23af7531f0610e5839be7b2f7f34085d4b56dd715f65a95e44066022a7934606639265ee205d0cdf8c9d98472b8fd013b4b6a5f8e520a60a86d969d2756f4220955d5345d344f41c7fd65bee474ba9c532bc8547dd0e72f8e7ed8605dfd8d2579d4753b9ac26741da5c346962f591953f8881d6438fbc95de1a6aa457ee6efb8b9d9b0e05875b8ec36e7bbb2fa1c3fe5c5af4bca29b8287c9e32dd415470ad8fa51665d19946483dd62ac1eca72eef2f862488026f72a12fc48306046ae3c00f924675a8d0aac5da2317c3902668dfa8888418c3d0b64dad3a91c99dd4b53ba029ae270a1bfb1d2ace9eaa75cca7f3b5478ce9cbcfbee3092d1a670098cd581f16451e3eab4257919afded9f11e9f086f6aaaaf65bf8620e58d1b25ac38bc749c3b5d3eb77989753267a548a78832e7e6b902f16213bfd6e30c9ea9f6dccc2948d7bc4b81f897c735403f2f402ec783d432cdb2d95c99210c63c19d3240c59ce4850a6ad25978fada8bdf1e937bbb126bb239a71c70f2b353097de88d0303190c75008a4e5963ef5381ef5a24afd272dc4c04437a43f373f0845b831d0b8d11693ef2e0f1a70975e3e761cfd100c03766d084e0b2e9ead65e592b8314bc487d40b1d5107e15bb0e821c1b1486bcd962cc6adc3af8843b247eeb34cc3cf6f68db5c1773ec739fc6cc4dd1da1c259a8cd7746b5fdf84d34c470f4de97c9fcc6d2868e61aafef729656e5300b6e8f727710e41e0375dca450e4c37e778ee83b443aeb7d91674f9cffa84ba6df24c8ba000865ff076cedf204515dda8d744d2a9f7e2eb685db89e5990ae63f5a95a33e2cb0127b828bbc9328108feb0aae67ee46abecc86ecb8ea421dbdf315b99172c59a51525d20612cee5c3a408e0998c8dc214c92101cacec3eea7c2d8eefa18a043f6577d58edd58ba0b5cea1e16b118d1dcc7b2806277c985bb70554340f8d7a8e03d31936fb0d9d697f4bb47bfcc5f25390bdc0c1fa31a2bc43293c38e78a5528805c28818a03bab9929ecc07203f4b765006878e2c15413fe92faa7646d00f452e8aa7e1ada4ac0c550f2b133e8cc31a31fdea3cf915cd111271c12a809b8eebe35ce0e87a1280a26ad9eb3476424f82196769c6e410a28e83fc970e9df7b7d3cccef441721d8d4a2a3a1544a3da045a29a68d092367fb2cd2f008404a2c40dfd6fb1882559a7ceec6154d3ff352fb5d42f520ba3dce0434b30e7d7a2c8858754d4687becac3e0b27aad819c1f14de761d5af90159aeaa220c4df893592cab0c2db4e84722f6cc321f61ad684cb6db44d1622c256877420ef4c9b195f44799ba60e95645abe11eb911e32f27680be738c66479c65c929d3b123d3d9db3a887291eb4483288f95cd7fceaf7b50927cbf5ffd054cd671032aff1a1847e522d56794b105abf226b5c70482ed7ec470fb115d91db8b6fc1e3bfa3acb2c18333a9039774a3be56b87b322f6b529f266552352f700adf8d9c5c378d42c9b339043d87c58b72b094f37d2ea7d47495ade0d50932fe432e0b501d44997fc04316a3e66dbde84f66c8e06a4422c10d974e006997938cd15b871c830c3c3f620bbcf75da0c415108a686e22ee90831760c6257cc9350cae7fefe57b3990e217ca664c924d6dc1c6255ff5ba30b8fd6cb7ce083bc292ae43ac3d1088fd7185ecc331b8ad38b574ce4a7d20b9f528edfd4600de29e3597294821d45002ea88534ec84e84658c5dfc368fd92b7860ef1b2dd71a316aabe23fc603015ce804aac5d9e1ddb97bb25d6d3942a2f2b0f87e9392ef9fdf3b12f47326723bbab713859c62e769c18dc4e8f244b3b48987bb35ff4718ee358e20e7480c26170e34064c22ee118ccb8da3bf1f82280c948f6607a033cb62dbca2872d045472e8077bc0a17cd803add427f1dd7d5e085611e3958b31f42be3d58a8d9b8c1ef825b17c6b3ed4b6a106ef28cc629a58fdaf26a9badbf2aa6fe1ef7f363bb27ecc73960b2e59f4014042a2b9952550c5a1c7ba1edc31366207069234e8d692595cdfa78860b88271599315393243366805e4df745fc659ecf9606d8168087f72275e64052610c59f0e86657eb8c2ed812e5c5127d9809ef5ded1d0a82e756fd802e834d84aed7be76f3c53d9850ca86e8f9dd9f0776483e1698a90e4d24799291b9e4f1b5c23039873729999c0c4ab8d2534a63d8f6a4c3caf3410a542962c8a14651c499f8738cfac1755eace52f7a952f73e630f143e7f74958c17d8403dcf9484f3471078c2e85e8b9550548cd8f77a28b00bfeae204048febf32b9cc68ec1fec15b490474db527d4e66dfe3059e2d77457e1e7bedefb1bf33b1e98d74228f559e7b4eb848e2baead68b40aa9ec467249a13ddfa2efa2e2154bd4b8d9535c16bf0c539e9d744d06ee744f1c373d5a3ac623c94a6d50d072c22aa9c5039fbd8588f11cb4c2d115e4560131977993e8e0494df4893e718cc48a509a8b6742dc66a995e10af14b0542701f3e6af49bcfcdbd19edd5b7a449efabfee687c9b9e57f179a4a756428b49917c34659a091174ad4947809596903779d56f30c5546", 0x1000}], 0x1, &(0x7f0000001580)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x58, 0x40}}, {{&(0x7f0000001600)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001ac0)=[{&(0x7f0000001680)="b4bca4169ff7c7d3ce761091f9c2f23d50472eeec144596a4ff0e20ffd5e2f79c462df5b7af24fb73d3db235375cb227a3a2dfcf91a030db7801eaa8553580eb428f081e24f1d661eaf70b605b9c6dab32acf7a76c40f6d4d5386c49f75f5b76547b4e7d40b1ce6644e5c0db2ce3a421c771134153530bd4a40714fc4ef7ae754579a55828fedc05e4302abe32bec95f8cf910cf50221407992c4fd913b975aedaba89cff8778adc1c0eb6f9d67426234d3cd061b935a2f59eba", 0xba}, {&(0x7f0000001740)="001251a33618b639d4e7c79c4720b63a42c59810efed924e1ce6ecf023f887d5f0064fdbef9e34e31b2e80ecfd88431319305a632952b1008ccbed071da4ee672c09520106514c5465f3ee6a8648d92745b3911ec4d0e395138d54eba6b74e618e46e58560bff0d71fd0eebaa47dba067887df84c310ff9cc3f10fe9f60a1a225748c8dc33ea2d85b97517497632448b2ca9d7cd2a4de6193fe5128083ce4e8951f6545f1d3086d21aee5f88e0e1589069a8fdb4341d3e1f22c61a3bfcbf143843a3b174650f888e59417f24c13e525788bdd23e8fe7f6289ac107aeaa33", 0xde}, {&(0x7f0000001840)}, {&(0x7f0000001880)="41bce2e53578163830a5e2c2f303c3a363f9fa5bbd02da77a776f8d63d1ebb05582d1b66fca5c13408afe5c4acbd2b3e79edbc00297fe5ad2411d99bba5a5fe286531546e733a93349c48a9e1fc59ac8e54907375ab88573f852ce0de63f94a926eda981258258c28c23a31884f8f57c3d57b5f7c728b5027851fb", 0x7b}, {&(0x7f0000001900)="2b192d31833ff11fde05d8528cb6604eda61b6ab66abbd720eb2522a71b6b99e20c8e987ed967925cc1dacd422bf570fb092f0b8a3091e392d0c2af52500dee75e947240eddee113b4899014c8107b8f469b8e0cf2cb2c853d4f6befdeb7c0e36d5f93909831", 0x66}, {&(0x7f0000001980)="57ed31", 0x3}, {&(0x7f00000019c0)="6a46535335a029bf35ba810e6a9487d774006146ad0be7fffcacfeba0b8f66e963796773e82823dc094e4ea57a9d411e6a583ef2e139ab292446c03783a3dc7b5ee52d1899816f71d04ac94805fedc722103a4e4d115bbdd2e6416d7e243986419e759f355a4375beeccd58222d84414ce9f5551b4427fc236d4932af2284333098dd07987a6df241b20130d8102a32ad59c2b94f49089de8ec4fd232e8c3ec67f761a06c07f9f25dd0f02fe60277dbcaf2acaffea8e81da3d5e0b3b963e8ae71302491a9b887962662de9c29a3c4ec8a911b7e33c0d08fd0da4b355041d6bb36f05236555d6016b35fe5a", 0xeb}], 0x7, &(0x7f0000001c00)=[@rights={{0x18, 0x1, 0x1, [r0, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x120, 0x40c0}}, {{&(0x7f0000001d40)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000001e40)=[{&(0x7f0000001dc0)="e87aa91f4d9583dda18eefe94b209548f536f47399557891236e9fcfd3395a573a80935a96faf76a24a054b64f693105912aa17b0ded93638357b4994c5cc03451dde3f8559b6047bb1290d935b6fd3194bcdacf2d863757d774c1452aea558aa51fc9c4ebac760be1c2bd8fd8e4242021419aa0", 0x74}], 0x1, &(0x7f0000001f80)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, r1, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58, 0x4004}}, {{0x0, 0x0, &(0x7f0000002280)=[{&(0x7f0000002000)="82b4cb926f083b7ffe0de9885d2b1eac18634b72df195d64e53f1d2094858c46a45b76e1267580b670d526a5279a321d8eb7c45898b8dca1b216781dfe166c358b9a470102d6a2a6786e093850e85d0e810a1c15e7c8c3b361685950153bb006f5bc633f5ba7e59b9e842835450190e5ab59d4", 0x73}, {&(0x7f0000002080)="a201207889c1dace62d51c834190e37f249d8db345241a51", 0x18}, {&(0x7f00000020c0)="9e564c2dcbde23546bb4bb97420e51c67f1902153c848a1fe216289a4c7a18c808f56f947615d6fbf74ebd56363adbc7ce77b78134690ddc09469eaf9a0c725b96271e7d65da703eac5a2a9027d8744aa616817096c803c73a8c2e0daf65a9cf32e5308ee878452f3b3b8d8548edc846f120495a9d78ed994d0936302a2f82ab1382bcc570984862e7a2111865bc89931b9423ba19db30cc4957d68e7b7e703610c614833ff2eda5c22772970c487210343bb4c7dac629937d7dc2ee1d8e8b4bb7ea9b46656261fb7db168b5", 0xcc}, {&(0x7f00000021c0)="aef6f289bf7efb1037bfc9cf0ca317ff828b3d918f0f3fe75a6a4b565a895b93154de8aa3710ed78cb6fbbb5ead5054ff537b6e28437d0df36aa7d1150a6adc4362e66d0735d41718b07766357383c03e9d3a0c38d40194d16b00c9a6946920e6fd698c75f6005e2c5411a6e436f", 0x6e}, {&(0x7f0000002240)="5c2a8c95b0", 0x5}], 0x5, &(0x7f00000023c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x118, 0x4}}, {{0x0, 0x0, &(0x7f0000002840)=[{&(0x7f0000002500)="fbe29f7223549e7ea3f93943889b7dfc82377e16557c80a0cf15c6cfe156702950f013b17360bcf02eb8abad9023c52673433e88f5d66d55cc641f225f609ae9b38d3d", 0x43}, {&(0x7f0000002580)="2986f7a8d222ac628156304191b4cf826c839272be5a9e255d0da2946dea48cd061620281873c58c4dc6348cda35bc386dee62a901e1ca21b9c7dce81b410d3347a01a05201ea7dc5b7ded2f5f143abccb7f2e", 0x53}, {&(0x7f0000002600)="cdc309173dd5d4a31d90ec7192361760bbec91594bb179d4ee21ad7a151967eaa48a59b1f1fd7a55400e885d2e4c435231803161d806a4fec43018821675b60f1fa577fc755652cf47a7afb2be8c7a77ca5025ea8799cc1a9f3e440f68d9d0d633754d672f255cdee928dd2aabc6b3f6432fc33b9ae935ac2c49e31173be16eef0febe4fff1bcdfc4242f82d03ac2b247ec1c1a38c5fa8484933a741c5c554c459769a833a2ecfac9e", 0xa9}, {&(0x7f00000026c0)="599bdf7f41ba3ca374dc31162cd055e405c4dfab55346864a68755bb7a550332d20f76104e6da12fc9c976c26cf02a054c34a462d8e99341e00f2315cfb9a20dabd8a057703ab9c4e4f7a6445b628d4b4d829defe08d8df9c450f9e82428b8429944c5ae853fc1117f4b289927e06c41754991b8ab02a97144d343faeb6bb1d5dd3f8bb624d366e9b41dd17a4364f70ee6046c1e09d84920d4", 0x99}, {&(0x7f0000002780)="8a31890a400724c80829dde6f86c61e0313bf31b92b2f1f8bd8722e6c8e73dd1dde5be5afa614308679be2eda32b6304a2834d4a4adc1ac70dd7e5a1e6d89e7a421bce58db802222eb9f5c132e29ff869b68f5b1c17e2e90bfa3c9a96b14b5c1940f77ddb0c3f5b587d6e87ecaddf1a401f12e8fe03ffc948b49fe3885134e546acb4ef8", 0x84}], 0x5, &(0x7f00000028c0)=[@rights={{0x28, 0x1, 0x1, [r1, 0xffffffffffffffff, r2, 0xffffffffffffffff, 0xffffffffffffffff, r1]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @rights={{0x38, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [r1, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x170, 0x8000}}], 0x5, 0x200408c0) 11.33539429s ago: executing program 3 (id=5231): r0 = syz_io_uring_setup(0x6129, &(0x7f0000000600)={0x0, 0x0, 0x10100}, &(0x7f00000005c0), &(0x7f0000000140)=0x0) bpf$TOKEN_CREATE(0x24, &(0x7f0000000400)={0x0, r0}, 0x8) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r2}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x38}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000240)='signal_deliver\x00'}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r4}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 11.312463052s ago: executing program 3 (id=5232): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10) ptrace(0x10, 0x1) 2.762451967s ago: executing program 0 (id=5330): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffc, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x77, 0x101601) r3 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000600)='$h', 0x0) close(r3) ioctl$USBDEVFS_DROP_PRIVILEGES(r2, 0x4004551e, &(0x7f0000000180)=0x4ba54771) ioctl$USBDEVFS_BULK(r2, 0x80045515, &(0x7f0000001200)={{{0x1, 0x1}}, 0x0, 0x2, 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="adda3cb41f67000000ddc3e0644370d114ed00000000000000000000e8e909", @ANYBLOB, @ANYBLOB='\x00'/18], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={0x0, r4}, 0x18) open_tree(0xffffffffffffffff, 0x0, 0x800) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeef, 0x8031, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) 1.883887098s ago: executing program 2 (id=5340): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 1.869590549s ago: executing program 0 (id=5341): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000ffff0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008500"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000680)={[{@norecovery}, {@dax_never}, {@init_itable}, {@nogrpid}, {@norecovery}, {@orlov}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y") r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000000000060000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd']) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000080022b35c73a6b8dc3429c67560e1994f3fdfa384f61066f21506258a6bde0962943f17fba84216c8883cef93dd69774b5339fcbf136f57d38a804c9f1bcfe0485632fd3d231a342dfb418a3900eaf5603455e9303f770177cbdc8e9639bdd9d06306", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) utime(&(0x7f0000000200)='./file0\x00', 0x0) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="02140000040000001600d0e1010099e51a499a973a", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) fcntl$lock(r7, 0x7, &(0x7f0000000140)={0x0, 0x0, 0xb7400000000}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fcntl$lock(r7, 0x6, &(0x7f00000000c0)={0x1, 0x0, 0x0, 0x2066}) r8 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) fcntl$lock(r8, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x2000000000}) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6, 0xffffffffffffffff}, 0x4) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f00000000c0)=0x39, 0x4) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x10) rmdir(0x0) delete_module(&(0x7f0000000200)='\x00', 0x900) 1.7516079s ago: executing program 2 (id=5343): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x1f}]}, @NFT_MSG_NEWSETELEM={0x6c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x40, 0x3, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x30, 0xb, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x5}, @NFTA_LIMIT_UNIT={0xc}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xf0}}, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) getresgid(&(0x7f0000002300)=0x0, &(0x7f0000002340), 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002a40)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000480)="be6e95f2e359d00a8812098f4943a4a4007098ef0c56141274bcc84dec83121c70fb160dbe4757f35b70df80b90f27c8611a94a49eb56e67674ddd1171affab786fcf77f20a5198b45a58e61a7bf4108723ab4b4ffe0b65f1ef560e32b80a0a66d8f4525d394468da94bd75157d378e8058110e043a249881c4d6189dc2bcfb5f364c5d460e184726c4eb3e6fb5bdc9dca80387e275eee92667d6cfc3ab4cbc6c1711c886df6b56eb3b4563d7a5ddccec0f04d24f3ec91d73b036eeff0d485a95f6aa41c15ca60162ad67dcf72e4aef01ee61162d332a5280160f207219701e3ec7bd5ce2c92c18717e2d738891da754eb9087e1ea2880cda0ea4e7c1e38e672dae969f5abe275ebfe5120e297f71f832fcacc9d542c9746d06eef754c2473c2edaa802843f2d02bfbd5b854272d6ad711ebb65642a259903cda64999a2861c906810df3b49414f541e5b2175db04619518bf8de7ed19ce7fa3f3ed2a71e703a65ec08526985d576f50d2d6b8effc9c460cd034a03255325f489b89bde242ed4b18c7178a5048bddfe8e448142c4f7f661eb61991e1009ad1eb8d806a72c056c8e6df5fc4c2dfa6b72d417b81ec7fa3b8576a424a676d991bd2267e21b3062bafc8cef6f74f0f41dda1d00a23c038fad61742a29db85c42070e76e919c014e1f06e52ab8015ff526276fdb2aa738a44171a768d4e64ed43d2ebb569f5a30dab0a3909d628a2becd544ab602422bac8b5d1e19b7e4f3a66882bbc8238420e43af098b8d62a8396e050bfac06c5e03aaf377a61b0b394ef68c4bddfa7620fed268aea8ef9dc0015841c72e27bdcecc11cb1416c0e902c0960b53d998c48f63900487e67edb374fdc25f904cf88154cc371abfddc14a97d984a32bd5a1aefa01b3ac076dac2915b19af95d30972ab05ec90ef4531102e136bf32adca0b5303d7b7ef3596b813e379b4e53ac1a7fc5e93477a64322f5dc028c1860d2b84238bf6e68cbcb9b77b8ec0382dd9474bfb69318683c0d6d3211be78116a3ba7dccd0bb8831226498a0b60f7316e23ce69ec789e19a03e635216eff15ba3946b16df72fe66b28d30d6ca9cbd88f285f9d1fd37ff9aa1f0b4904e1c0327d9b29a51f8a864271f76feb049b051905fa98bf41cf1fe61961bed61944d617066fd02e1045fe7966e4d75489efbd60d6f22168494c853bdf83589dac640cff92c16aa45f5b43eebb57d0c6bcc77ac945d73bc30bbaee7bfce5384d208ce96ac94e9791bac890eb01b2c26200679a8941feb12824859782d2576cc1d65eaeb5689fa6ca49b0ccef312fc38e5a44308add8ddf3fe667756cc0aeb37ea53db1f968e927fc29d36249964ae968b7bb27981258e3d46420284ce35cf159f9d0b12f70c963053e3e468c9f4ad8612379d9b76a0afbceaa1c502196f73c0679b140e15e946297596f2e42d86963bb07f115a6430ba4c8addd9ae83dc57b2d64ca32d7aaa5a68140160f2fb27915f28804339dd44d954d7548855c59c4a9fd9350ed0c178cd3a28f56b110547c0d3eec08a7389df4228aa1aa9a0583ed7215c97733805c9c5c271b46f79f64e96981405b21614a48d3bcd00be6910cd50fc5ba63200d750dfacff3eff5ef14a5cb52d0c77d4a1a75456d81f577d865736375f6efd05f472196232801ac226d515138c1fbd2cb284b1b73a71add8e209d2e53ba63b4e5c8771a18362f67cdeb388c76e3a3001199a5e1a950e61a7cf9741c33f0914fdac3f80a82ce75e3c44441091a7fab7bba8ca1609db59cf75570e26beb425a390c5534065ed271c44f572daf5ff9f366261c204c5ef5fca6a8b70a88c18b30c2abb36e9fd85494b42794e78ce6ac34f260b0f1f191ea819c82e0995c470e6f954a419ebb622e20d0c68ece5d4aa3a2d3f3ee4473727a09484b143aa13eaddb2e6171d4b58071d180f53e66eadebf854fb2a8ac397bfa8b30a1ae60226e73109d9efc73fde337664e58986cb01450cf7c35f80dcd4c8f03d61f40c37bd497b6ee83a9faa365a3707eeecd3cc7ed65a450b7417889ef6fbd4d8bb5c5fefd9cdefb658c92ff6adefb0998d60153eb2b252cfacd044a15d3249b64b31385bd03dd0dc95021479c71e1d11c2fbbd62cab8b2a81c975102f0865f8b61ba112ef791e50d45a237baa4e827c38753470c62f72e5169a2463fcb657ee94ee1aac449dbbecdf1f341c663258364ce3a073407ca2c8e5049732f4087cd19784864176c76d64732a13f72fc0310e3bddc8fa7fb0e8170f453d5d557e8e5277bdcad4d70be484229840dbdcd1985c20b477f5b93fc381616d16ad635e1cb9cecaa9845f98f26cfa584f3d8991f9baf32ab462ba72a6be61ec81c1633bccc2a82d326a53653dcb83c2dbb04c9340142a8b5e0257dd4eff7c87cc7555104d8602dc3f4291549924ad53ad9fa526674ca2651f474f58ce3035be504fdf76b58c066dd5c71e4e4b22a208c7c43e05c903a00a7e7666748117284ea59ec991f9ba369f9331dd0c7bea61a36f984830b48856177ce9e4eb5be9791f65a722c52c00acc5a3982b29d468bd9db44caa1c2e15c9dd7a918fe79dcd8684f0ed6d5c4cc52fb10fd463d1bc7d8cdd0f29f169ec4125e88da0b1123327e1148aa1acbcc7868f1e39a43cd9f9e47c335b8c3fd742cdb9a56d1aceca721a9052d4afc1c97831033b4d3970e9f26f34c00cff020812344eb6479030949b531dec59d1180b3e7c9b9c76fb711a07f10ff097f3ef940c8341667a8d0df64931b9d8365e2a55eb8b28653c8ca0330ba061513d5cf7269132c469b71e0216a44bdd598d198a306708fb12878dca5ff65d2ca9bc437735b51e14732dea27ddca812abfd6045331dbd8446386531e1d6304c112f21b424a00e88763678097716d332bda3d4f07f57e303e1c067a86b3d6c1761c1ed0861dcec4d6be298eb35056df25b1d7da1fdea782c8ed5327a55cf5671da7cc9d6f5f2d68e4eb972c8feefc3e4701fd3e326762a26cc70b7d29df731772149034f03f38f00bb39effd3bfcf008e90a7484287b5d7abd441b1a87ab74139d47f4ad219ffc524a3ae8db623a2e773dc02f0f78ed9b9c8d4f7ce67adf90e8d21e379a149196a4a6486f6bc593107363d5dfd727df674311c3b5188f28a6bc9faa4032fc2a20c4fa05ae5bc73c46d1d780e90ab13d06ffd7dfe16b6f483aea41c8706ab73eb6a23af7531f0610e5839be7b2f7f34085d4b56dd715f65a95e44066022a7934606639265ee205d0cdf8c9d98472b8fd013b4b6a5f8e520a60a86d969d2756f4220955d5345d344f41c7fd65bee474ba9c532bc8547dd0e72f8e7ed8605dfd8d2579d4753b9ac26741da5c346962f591953f8881d6438fbc95de1a6aa457ee6efb8b9d9b0e05875b8ec36e7bbb2fa1c3fe5c5af4bca29b8287c9e32dd415470ad8fa51665d19946483dd62ac1eca72eef2f862488026f72a12fc48306046ae3c00f924675a8d0aac5da2317c3902668dfa8888418c3d0b64dad3a91c99dd4b53ba029ae270a1bfb1d2ace9eaa75cca7f3b5478ce9cbcfbee3092d1a670098cd581f16451e3eab4257919afded9f11e9f086f6aaaaf65bf8620e58d1b25ac38bc749c3b5d3eb77989753267a548a78832e7e6b902f16213bfd6e30c9ea9f6dccc2948d7bc4b81f897c735403f2f402ec783d432cdb2d95c99210c63c19d3240c59ce4850a6ad25978fada8bdf1e937bbb126bb239a71c70f2b353097de88d0303190c75008a4e5963ef5381ef5a24afd272dc4c04437a43f373f0845b831d0b8d11693ef2e0f1a70975e3e761cfd100c03766d084e0b2e9ead65e592b8314bc487d40b1d5107e15bb0e821c1b1486bcd962cc6adc3af8843b247eeb34cc3cf6f68db5c1773ec739fc6cc4dd1da1c259a8cd7746b5fdf84d34c470f4de97c9fcc6d2868e61aafef729656e5300b6e8f727710e41e0375dca450e4c37e778ee83b443aeb7d91674f9cffa84ba6df24c8ba000865ff076cedf204515dda8d744d2a9f7e2eb685db89e5990ae63f5a95a33e2cb0127b828bbc9328108feb0aae67ee46abecc86ecb8ea421dbdf315b99172c59a51525d20612cee5c3a408e0998c8dc214c92101cacec3eea7c2d8eefa18a043f6577d58edd58ba0b5cea1e16b118d1dcc7b2806277c985bb70554340f8d7a8e03d31936fb0d9d697f4bb47bfcc5f25390bdc0c1fa31a2bc43293c38e78a5528805c28818a03bab9929ecc07203f4b765006878e2c15413fe92faa7646d00f452e8aa7e1ada4ac0c550f2b133e8cc31a31fdea3cf915cd111271c12a809b8eebe35ce0e87a1280a26ad9eb3476424f82196769c6e410a28e83fc970e9df7b7d3cccef441721d8d4a2a3a1544a3da045a29a68d092367fb2cd2f008404a2c40dfd6fb1882559a7ceec6154d3ff352fb5d42f520ba3dce0434b30e7d7a2c8858754d4687becac3e0b27aad819c1f14de761d5af90159aeaa220c4df893592cab0c2db4e84722f6cc321f61ad684cb6db44d1622c256877420ef4c9b195f44799ba60e95645abe11eb911e32f27680be738c66479c65c929d3b123d3d9db3a887291eb4483288f95cd7fceaf7b50927cbf5ffd054cd671032aff1a1847e522d56794b105abf226b5c70482ed7ec470fb115d91db8b6fc1e3bfa3acb2c18333a9039774a3be56b87b322f6b529f266552352f700adf8d9c5c378d42c9b339043d87c58b72b094f37d2ea7d47495ade0d50932fe432e0b501d44997fc04316a3e66dbde84f66c8e06a4422c10d974e006997938cd15b871c830c3c3f620bbcf75da0c415108a686e22ee90831760c6257cc9350cae7fefe57b3990e217ca664c924d6dc1c6255ff5ba30b8fd6cb7ce083bc292ae43ac3d1088fd7185ecc331b8ad38b574ce4a7d20b9f528edfd4600de29e3597294821d45002ea88534ec84e84658c5dfc368fd92b7860ef1b2dd71a316aabe23fc603015ce804aac5d9e1ddb97bb25d6d3942a2f2b0f87e9392ef9fdf3b12f47326723bbab713859c62e769c18dc4e8f244b3b48987bb35ff4718ee358e20e7480c26170e34064c22ee118ccb8da3bf1f82280c948f6607a033cb62dbca2872d045472e8077bc0a17cd803add427f1dd7d5e085611e3958b31f42be3d58a8d9b8c1ef825b17c6b3ed4b6a106ef28cc629a58fdaf26a9badbf2aa6fe1ef7f363bb27ecc73960b2e59f4014042a2b9952550c5a1c7ba1edc31366207069234e8d692595cdfa78860b88271599315393243366805e4df745fc659ecf9606d8168087f72275e64052610c59f0e86657eb8c2ed812e5c5127d9809ef5ded1d0a82e756fd802e834d84aed7be76f3c53d9850ca86e8f9dd9f0776483e1698a90e4d24799291b9e4f1b5c23039873729999c0c4ab8d2534a63d8f6a4c3caf3410a542962c8a14651c499f8738cfac1755eace52f7a952f73e630f143e7f74958c17d8403dcf9484f3471078c2e85e8b9550548cd8f77a28b00bfeae204048febf32b9cc68ec1fec15b490474db527d4e66dfe3059e2d77457e1e7bedefb1bf33b1e98d74228f559e7b4eb848e2baead68b40aa9ec467249a13ddfa2efa2e2154bd4b8d9535c16bf0c539e9d744d06ee744f1c373d5a3ac623c94a6d50d072c22aa9c5039fbd8588f11cb4c2d115e4560131977993e8e0494df4893e718cc48a509a8b6742dc66a995e10af14b0542701f3e6af49bcfcdbd19edd5b7a449efabfee687c9b9e57f179a4a756428b49917c34659a091174ad4947809596903779d56f30c5546", 0x1000}], 0x1, &(0x7f0000001580)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x58, 0x40}}, {{&(0x7f0000001600)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001ac0)=[{&(0x7f0000001680)="b4bca4169ff7c7d3ce761091f9c2f23d50472eeec144596a4ff0e20ffd5e2f79c462df5b7af24fb73d3db235375cb227a3a2dfcf91a030db7801eaa8553580eb428f081e24f1d661eaf70b605b9c6dab32acf7a76c40f6d4d5386c49f75f5b76547b4e7d40b1ce6644e5c0db2ce3a421c771134153530bd4a40714fc4ef7ae754579a55828fedc05e4302abe32bec95f8cf910cf50221407992c4fd913b975aedaba89cff8778adc1c0eb6f9d67426234d3cd061b935a2f59eba", 0xba}, {&(0x7f0000001740)="001251a33618b639d4e7c79c4720b63a42c59810efed924e1ce6ecf023f887d5f0064fdbef9e34e31b2e80ecfd88431319305a632952b1008ccbed071da4ee672c09520106514c5465f3ee6a8648d92745b3911ec4d0e395138d54eba6b74e618e46e58560bff0d71fd0eebaa47dba067887df84c310ff9cc3f10fe9f60a1a225748c8dc33ea2d85b97517497632448b2ca9d7cd2a4de6193fe5128083ce4e8951f6545f1d3086d21aee5f88e0e1589069a8fdb4341d3e1f22c61a3bfcbf143843a3b174650f888e59417f24c13e525788bdd23e8fe7f6289ac107aeaa33", 0xde}, {&(0x7f0000001840)}, {&(0x7f0000001880)="41bce2e53578163830a5e2c2f303c3a363f9fa5bbd02da77a776f8d63d1ebb05582d1b66fca5c13408afe5c4acbd2b3e79edbc00297fe5ad2411d99bba5a5fe286531546e733a93349c48a9e1fc59ac8e54907375ab88573f852ce0de63f94a926eda981258258c28c23a31884f8f57c3d57b5f7c728b5027851fb", 0x7b}, {&(0x7f0000001900)="2b192d31833ff11fde05d8528cb6604eda61b6ab66abbd720eb2522a71b6b99e20c8e987ed967925cc1dacd422bf570fb092f0b8a3091e392d0c2af52500dee75e947240eddee113b4899014c8107b8f469b8e0cf2cb2c853d4f6befdeb7c0e36d5f93909831", 0x66}, {&(0x7f0000001980)="57ed31", 0x3}, {&(0x7f00000019c0)="6a46535335a029bf35ba810e6a9487d774006146ad0be7fffcacfeba0b8f66e963796773e82823dc094e4ea57a9d411e6a583ef2e139ab292446c03783a3dc7b5ee52d1899816f71d04ac94805fedc722103a4e4d115bbdd2e6416d7e243986419e759f355a4375beeccd58222d84414ce9f5551b4427fc236d4932af2284333098dd07987a6df241b20130d8102a32ad59c2b94f49089de8ec4fd232e8c3ec67f761a06c07f9f25dd0f02fe60277dbcaf2acaffea8e81da3d5e0b3b963e8ae71302491a9b887962662de9c29a3c4ec8a911b7e33c0d08fd0da4b355041d6bb36f05236555d6016b35fe5a", 0xeb}], 0x7, &(0x7f0000001c00)=[@rights={{0x18, 0x1, 0x1, [r0, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x120, 0x40c0}}, {{&(0x7f0000001d40)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000001e40)=[{&(0x7f0000001dc0)="e87aa91f4d9583dda18eefe94b209548f536f47399557891236e9fcfd3395a573a80935a96faf76a24a054b64f693105912aa17b0ded93638357b4994c5cc03451dde3f8559b6047bb1290d935b6fd3194bcdacf2d863757d774c1452aea558aa51fc9c4ebac760be1c2bd8fd8e4242021419aa0", 0x74}], 0x1, &(0x7f0000001f80)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, r1, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x58, 0x4004}}, {{0x0, 0x0, &(0x7f0000002280)=[{&(0x7f0000002000)="82b4cb926f083b7ffe0de9885d2b1eac18634b72df195d64e53f1d2094858c46a45b76e1267580b670d526a5279a321d8eb7c45898b8dca1b216781dfe166c358b9a470102d6a2a6786e093850e85d0e810a1c15e7c8c3b361685950153bb006f5bc633f5ba7e59b9e842835450190e5ab59d4", 0x73}, {&(0x7f0000002080)="a201207889c1dace62d51c834190e37f249d8db345241a51", 0x18}, {&(0x7f00000020c0)="9e564c2dcbde23546bb4bb97420e51c67f1902153c848a1fe216289a4c7a18c808f56f947615d6fbf74ebd56363adbc7ce77b78134690ddc09469eaf9a0c725b96271e7d65da703eac5a2a9027d8744aa616817096c803c73a8c2e0daf65a9cf32e5308ee878452f3b3b8d8548edc846f120495a9d78ed994d0936302a2f82ab1382bcc570984862e7a2111865bc89931b9423ba19db30cc4957d68e7b7e703610c614833ff2eda5c22772970c487210343bb4c7dac629937d7dc2ee1d8e8b4bb7ea9b46656261fb7db168b5", 0xcc}, {&(0x7f00000021c0)="aef6f289bf7efb1037bfc9cf0ca317ff828b3d918f0f3fe75a6a4b565a895b93154de8aa3710ed78cb6fbbb5ead5054ff537b6e28437d0df36aa7d1150a6adc4362e66d0735d41718b07766357383c03e9d3a0c38d40194d16b00c9a6946920e6fd698c75f6005e2c5411a6e436f", 0x6e}, {&(0x7f0000002240)="5c2a8c95b0", 0x5}], 0x5, &(0x7f00000023c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x118, 0x4}}, {{0x0, 0x0, &(0x7f0000002840)=[{&(0x7f0000002500)="fbe29f7223549e7ea3f93943889b7dfc82377e16557c80a0cf15c6cfe156702950f013b17360bcf02eb8abad9023c52673433e88f5d66d55cc641f225f609ae9b38d3d", 0x43}, {&(0x7f0000002580)="2986f7a8d222ac628156304191b4cf826c839272be5a9e255d0da2946dea48cd061620281873c58c4dc6348cda35bc386dee62a901e1ca21b9c7dce81b410d3347a01a05201ea7dc5b7ded2f5f143abccb7f2e", 0x53}, {&(0x7f0000002600)="cdc309173dd5d4a31d90ec7192361760bbec91594bb179d4ee21ad7a151967eaa48a59b1f1fd7a55400e885d2e4c435231803161d806a4fec43018821675b60f1fa577fc755652cf47a7afb2be8c7a77ca5025ea8799cc1a9f3e440f68d9d0d633754d672f255cdee928dd2aabc6b3f6432fc33b9ae935ac2c49e31173be16eef0febe4fff1bcdfc4242f82d03ac2b247ec1c1a38c5fa8484933a741c5c554c459769a833a2ecfac9e", 0xa9}, {&(0x7f00000026c0)="599bdf7f41ba3ca374dc31162cd055e405c4dfab55346864a68755bb7a550332d20f76104e6da12fc9c976c26cf02a054c34a462d8e99341e00f2315cfb9a20dabd8a057703ab9c4e4f7a6445b628d4b4d829defe08d8df9c450f9e82428b8429944c5ae853fc1117f4b289927e06c41754991b8ab02a97144d343faeb6bb1d5dd3f8bb624d366e9b41dd17a4364f70ee6046c1e09d84920d4", 0x99}, {&(0x7f0000002780)="8a31890a400724c80829dde6f86c61e0313bf31b92b2f1f8bd8722e6c8e73dd1dde5be5afa614308679be2eda32b6304a2834d4a4adc1ac70dd7e5a1e6d89e7a421bce58db802222eb9f5c132e29ff869b68f5b1c17e2e90bfa3c9a96b14b5c1940f77ddb0c3f5b587d6e87ecaddf1a401f12e8fe03ffc948b49fe3885134e546acb4ef8", 0x84}], 0x5, &(0x7f00000028c0)=[@rights={{0x28, 0x1, 0x1, [r1, 0xffffffffffffffff, r2, 0xffffffffffffffff, 0xffffffffffffffff, r1]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r3}}}, @rights={{0x38, 0x1, 0x1, [r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [r1, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x150, 0x8000}}], 0x5, 0x200408c0) 1.580841975s ago: executing program 0 (id=5346): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file1\x00', 0x10, &(0x7f0000000680), 0x1, 0x254, &(0x7f00000006c0)="$eJzs3T1oJGUcBvBnZnc9c7fIqY0gfoCIaCCcnWBzNgoHchwiggonojbKRYgJdomVjYXWKqlsgtgZLSVNsFEEq6gpYiNosDBYaLGyOxvJx+qqm+zIze8HszPvzsd/Zneed7bY2Q3QWOeTXEzSSjKbpJOkOLjA3dVwfthcndm8mvR6T/xcDJar2pX99c4lWUnyUJKNssjL7WRp/ZmdX7ceu++txc69H6w/PTPVgxza3dl+fO/9y29+fOnBpS+//vFykYvpHjquk1eMeK5dJLecRrH/iaJd9x7wT1x5/aNv+rm/Nck9g/x3UqZ6895euGGjkwfe+6t13/npq9unua/Ayev1Ov1r4EoPaJwySTdFOZekmi7LubnqM/y3rbPlK/MLr82+NL947YW6eyrgpHST7Uc/PfPJuSP5/6FV5X+oVetOAqein/8nr6x915/ek3JohjuqUT//s88t3x/5h8aRf2iQFw+1SvmH5hqf/1q+ogNMges/NJf8Q3PJP1zHOn8/W/6hueQfmkv+obkO5h8AaJbembrvQAbqUnf/AwAAAAAAAAAAAAAAAAAAHLc6s3l1f5hWzc/fTXYfSdIeVb81+D/i5MbB49lfiv5ifyqq1Sby7F0TbmBCH9Z89/VN30/8Ek7kizvrrJ4sX0tW3khyod0+fv4Vw/Pvv7t5zPzO8xMW+JeKI+2Hn5pu/aN+X6u3/qWt5LN+/3NhVP9T5rbBeHT/0x3/E8tjvfrbhBsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgav4IAAD//7ANbcM=") prctl$PR_MCE_KILL(0x23, 0x8, 0x7fffffffeffe) r0 = creat(&(0x7f0000000280)='./bus\x00', 0x2) pwritev2(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)="ec", 0x1}], 0x1, 0xfffff, 0x0, 0x0) sendto$inet_nvme_pdu(r0, &(0x7f0000000000)=@r2t={{0x9, 0x2, 0x18, 0x0, 0x3ff}, 0xf000, 0x5, 0x9, 0x200}, 0x80, 0x0, 0x0, 0x0) socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@newqdisc={0x24}, 0x24}}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000280)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc000ff}]}) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$inet_mptcp_buf(r5, 0x6, 0x3, 0xfffffffffffffffd, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x80082102, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0) perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef) close(r8) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffdac, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10) dup2(0xffffffffffffffff, 0xffffffffffffffff) recvmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) 1.52957824s ago: executing program 2 (id=5348): r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108) r1 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000200)={0x6, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="8e"], 0x1) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000200)={0x0, @local, @local}, &(0x7f0000000340)=0xa) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x40, r2}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x801}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="0000000000002000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='rdma.current\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0b00000007000000010001000800000001000000", @ANYRES32, @ANYBLOB="0000000000aa6800"/20, @ANYRESOCT, @ANYRES32, @ANYBLOB="00000000000000000000000000000000fda0000000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r10}, 0x10) ptrace(0x10, r7) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0xffffffff}]}) mount$cgroup(0x20000000, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r7) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYRES16=r9, @ANYBLOB="9b9cab8cddf1fca51239", @ANYRES64=r4, @ANYRES32=r3, @ANYRESHEX=r6, @ANYBLOB='\x00'/28], 0x48) r12 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r13 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1e000000bc0800007f00000004060000008004000a63a911f4392d3d0ca866813fa2a11c72a775fd9ce7af8debdc46e587707953e0fa97d0a943b623a47a34f8cb951870174f5b3db96542932b18b153e5b01ff2b2f3a39a1a979893a6f2792216161e164f2bfd717a71e26620cad734403b49d4389834c9dec945e00ad384793bc767fbb86fb21591ef328eb5721304ac77956022a854bbf7e81fc1e9c031678dcc0b", @ANYRES32=r11, @ANYBLOB="030000000000000000000044ae2a3c52c2e44693", @ANYRES32=r0, @ANYRES32=r5, @ANYRESHEX=r6, @ANYRESDEC=r12, @ANYBLOB="1df5cc7d"], 0x50) r14 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r13, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000f600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bind$inet(r5, &(0x7f0000000400)={0x2, 0x4e23, @remote}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='io_uring_create\x00', r14}, 0x18) msgsnd(0x0, 0x0, 0x401, 0x0) 1.387063203s ago: executing program 4 (id=5353): set_mempolicy(0x4003, &(0x7f0000000080)=0x7, 0x3) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000080000000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10) syz_clone3(&(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000240)=[0x0], 0x1}, 0x58) 1.342269008s ago: executing program 4 (id=5354): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = memfd_secret(0x0) ftruncate(r2, 0x5) finit_module(r2, 0x0, 0x0) 1.31372314s ago: executing program 4 (id=5356): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_int(r4, 0x0, 0x19, &(0x7f0000000000)=0x2, 0x4) sendto$inet(r4, &(0x7f00000000c0)="f461c5bbd75c3583", 0x8, 0x0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10) recvmmsg(r4, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r5 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r3, &(0x7f0000000080)) close_range(r2, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf20000000000000160005003f1b48013d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006702000003000000360600000ee600f0bf052000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) (async) socket$inet6_tcp(0xa, 0x1, 0x0) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) (async) socket$inet_icmp_raw(0x2, 0x3, 0x1) (async) setsockopt$inet_int(r4, 0x0, 0x19, &(0x7f0000000000)=0x2, 0x4) (async) sendto$inet(r4, &(0x7f00000000c0)="f461c5bbd75c3583", 0x8, 0x0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10) (async) recvmmsg(r4, &(0x7f0000000f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) (async) epoll_create1(0x0) (async) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r3, &(0x7f0000000080)) (async) close_range(r2, 0xffffffffffffffff, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf20000000000000160005003f1b48013d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006702000003000000360600000ee600f0bf052000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async) 1.250041906s ago: executing program 1 (id=5357): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000ffff0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000680)={[{@norecovery}, {@dax_never}, {@init_itable}, {@nogrpid}, {@norecovery}, {@orlov}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y") r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000000000060000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd']) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000080022b35c73a6b8dc3429c67560e1994f3fdfa384f61066f21506258a6bde0962943f17fba84216c8883cef93dd69774b5339fcbf136f57d38a804c9f1bcfe0485632fd3d231a342dfb418a3900eaf5603455e9303f770177cbdc8e9639bdd9d06306", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) utime(&(0x7f0000000200)='./file0\x00', 0x0) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="02140000040000001600d0e1010099e51a499a973a", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) fcntl$lock(r7, 0x7, &(0x7f0000000140)={0x0, 0x0, 0xb7400000000}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fcntl$lock(r7, 0x6, &(0x7f00000000c0)={0x1, 0x0, 0x0, 0x2066}) r8 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) fcntl$lock(r8, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x2000000000}) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6, 0xffffffffffffffff}, 0x4) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f00000000c0)=0x39, 0x4) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x10) rmdir(0x0) delete_module(&(0x7f0000000200)='\x00', 0x900) 1.167933333s ago: executing program 4 (id=5359): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) r2 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x2, 0x15c}, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0) connect$unix(r0, &(0x7f0000000140)=@file={0x8700, './file0\x00'}, 0x6e) 1.134215066s ago: executing program 1 (id=5360): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/14], 0x48) prctl$PR_SET_IO_FLUSHER(0x39, 0x1) socket$nl_route(0x10, 0x3, 0x0) mknodat(0xffffffffffffff9c, 0x0, 0x4000, 0x2) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@usrjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@noblock_validity}]}, 0x1, 0x44e, &(0x7f0000000d80)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x6, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000300007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffeffff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f0000000040)}, 0x20) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a00)={{0x14}, [@NFT_MSG_DELCHAIN={0xdc, 0x5, 0xa, 0x201, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_USERDATA={0xbe, 0xc, "975ad8534cd3bc8802ca3e3f1120e0ec5d587a0683da1793ff89f06dacae0462ac80e590e894c27471895ea55c56668fe60ea8d13eef1784812657031a68807c512ddae11c6e815d9beb921b6bf601849b376b8cb284910771a0c159c71eabbdd36bd8571cef30e5a110a599883f4218acd93b6f3002315ca8f40ddedd229bb3e143b4dc93a7268f40a8378000b2eb08f1a1183158153433586afaa8a16f30e1c52d1b48b51f33376c19c540dc0f00e34e7b1b08a92cbfef7efa"}, @NFTA_CHAIN_POLICY={0x8, 0x5, 0x1, 0x0, 0xfffffffffffffffc}]}], {0x14}}, 0x104}, 0x1, 0x0, 0x0, 0x10}, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0xb, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000002c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r6}, 0x10) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r7, &(0x7f0000000180)=ANY=[@ANYRES64], 0xfdef) 1.042084615s ago: executing program 1 (id=5361): r0 = syz_io_uring_setup(0x6129, &(0x7f0000000600)={0x0, 0x0, 0x10100}, &(0x7f00000005c0), &(0x7f0000000140)=0x0) bpf$TOKEN_CREATE(0x24, &(0x7f0000000400)={0x0, r0}, 0x8) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r2}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000700)=ANY=[@ANYBLOB="3800000012002102000000000000000007"], 0x38}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYRESDEC=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000240)='signal_deliver\x00'}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r4}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) 1.026958456s ago: executing program 1 (id=5362): symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00') ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0/../file0/file0\x00'}) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000001c0)=@nat={'nat\x00', 0x1b, 0x5, 0x3c0, 0x0, 0xa8, 0xffffffff, 0x1c8, 0xa8, 0x328, 0x328, 0xffffffff, 0x328, 0x328, 0x5, &(0x7f0000000100), {[{{@ip={@local, @rand_addr=0x64010102, 0xffffffff, 0xffffffff, 'vlan1\x00', 'veth1\x00', {0xff}, {0xff}, 0x6, 0x3, 0x10}, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x4, @loopback, @broadcast, @icmp_id=0x66, @icmp_id=0x65}}}}, {{@ip={@rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x12}, 0xff, 0xff000000, 'veth1_to_bond\x00', 'pim6reg1\x00', {}, {0xff}, 0x6c, 0x3, 0x4}, 0x0, 0xd8, 0x120, 0x0, {}, [@common=@set={{0x40}, {{0x4, [0x0, 0x1, 0x1, 0x1, 0x5], 0x5}}}, @common=@ttl={{0x28}, {0x0, 0x8}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x16, @ipv6=@ipv4={'\x00', '\xff\xff', @remote}, @ipv4=@remote, @icmp_id=0x66, @icmp_id=0x64}}}, {{@ip={@remote, @rand_addr=0x64010101, 0xffffff00, 0x66894582a917f0b0, 'veth0_to_batadv\x00', 'wg1\x00', {0xff}, {}, 0x2f, 0x3, 0x39}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x2, @private=0xa010100, @empty, @gre_key=0x1, @port=0x4e23}}}}, {{@ip={@remote, @loopback, 0xff, 0xff, 'bond0\x00', 'bond_slave_0\x00', {0xff}, {}, 0x1d, 0x3, 0x40}, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x8, @ipv4=@remote, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @port=0x4e20, @port=0x4e23}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x420) mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r1 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x759, &(0x7f0000000c00)={[{@noload}, {@noblock_validity}, {@discard}, {@errors_remount}, {@inode_readahead_blks, 0x0}, {@noauto_da_alloc}, {@noload}, {@journal_checksum}, {@mblk_io_submit}, {@noacl}, {@usrjquota}, {@nolazytime}, {@journal_dev={'journal_dev', 0x3d, 0x765}}, {@norecovery}, {@nobarrier}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@resgid}], [{@audit}, {@euid_gt}], 0x2c}, 0x2, 0x4f8, &(0x7f0000000700)="$eJzs3EtvVGUfAPD/mbaUvtC3fXm9cVFG0dhopLRcFy6AaMLGxERjcFnbQpAChtYESCPFGEhcaPgEXnYmfgJXujFqXGjcStwaE2K6AV2YY87MmTrt6fTGtGPp75fM8JzbPM//nPMwz2VOA9iwytlbErE1In6OiJ7q4uwdytV/7k5PDv8xPTmcRJq+8ntS2e/O9ORwbdfacVvyhb5SROm9JHYWs+0cv3zl7NDY2OjFfEX/RClPnRs6PXp69PzgkSMH9ncdPjR4sClxZmW6s+OdC7u2n3j95kvDJ2++8e3nWXnTfHt9HFW9lfdNS86hrbCmHOXZ57LOU0sv+rrQXZdO2rP3UusKw5Jld212uToq9b8n2ipLVT3x4rstLRywqtI0TTsLa2e+y6bSeklSPSBNr6XAfSCJVpcAaI3aF/2d6aynOjlc7Aff324fi0oPKIv7bv6qbmmv9GDLvdW+Uccq5f9ARJyc+vOj7BXzjkMAADTXl8cibhyvtjtqr+qWUjxUt99/87mh3oj4X0Rsi4j/5+2XByMq+z4cEY/UHdO9hFmA8pzlYvvnx648Ud9cbZqs/fd8Prc1u/03U/LetnypuxJ/R3LqzNjovvyc9EVHZ7Y8UPzomWG1r1746cNG+Zfr2n/ZK8u/1hbMy/Fb+5wBupGhiaF7jbvm9rXKib1ajD+J9qSWitgeETtW8PnZOTvzzGe7Gm2fFX8WZyH+Dxp/ePsKCjRH+knE09XrPxVz4o98/i+pzE+ee6t//PKV587Uz08OHD40eLB/c4yN7uuv3RVF3/1w/eU8WehGLHD9a1VjVSfSsuv/n3nv/5mZy94sNTNfO778PK7futGwT7PS+39T8molXZufvTQ0MXFxIGJTMlVcP/jPsZeGumbtn8Xft2f++r8t4q+P8+N2RkR2Ez8aEY9FxO687I9HxBMRsWeB+L85/uSbjbqQi8e/urL4R5Z1/Rsljn4fMf+mtrNff1HI+P1yIf6OaHT9D1RSffmakaGJzYvFtVBJ6xP3fAIBAABgHdgdEVsjKe3NB5q2Rqm0d2/ElpkRlPGJZ09dePv8SPUZgd7oKNVGunrqxkMH8rHhbDk7arBuOdu+vzJunKZp2pUtZ/33se7Whg4b3pYG9T/za/GRFuB+s6x5tEZPtAHr0tz6f2vJRzb/BxnA2mrC72iAdUr9h41ryfV/tZ6CA1pmvvp/NeJuC4oCrLH56v9rhTVH16QswNrS/4eNa+X1348BYL3z/Q8b0pIekl9BYtuJBfZJ2lcn08aJUiz8VwB6I2pram2ahT/wl1JEc0rY1tRIu2Zd09K8+2yOZuQVpUX3aV/GH2JY20Tp31GMaqIzIha5e2dutqu1xJXVLlilEnza2v+dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7t3fAQAA///tUdPr") r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000160a0103000000000000000002000000540003804000038014000100626f6e645f736c6176655f300000000014000100736974300000000000000000000000001400010073697430000000000000000000000000080002400000000008000140000000000900020073797a31000000000900010073797a30"], 0xa8}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000640)={{0x1, 0x1, 0x18, r1, {0x0, 0xffffffffffffffff}}, './file0\x00'}) quotactl$Q_GETNEXTQUOTA(0xffffffff80000902, &(0x7f0000000600)=@md0, r7, &(0x7f0000000680)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) r8 = syz_open_dev$tty1(0xc, 0x4, 0x1) fstatfs(r0, &(0x7f0000000040)=""/13) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEV(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x2c, r10, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_SEC_DEVICE={0xc, 0x2e, 0x0, 0x1, [@NL802154_DEV_ATTR_FRAME_COUNTER={0x6}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x2c}}, 0x0) ioctl$VT_ACTIVATE(r8, 0x4b44, 0x10000000000004) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000380)=ANY=[]) r11 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x10, 0x13, &(0x7f0000000ec0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xffffff80, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_fd={0x18, 0x0, 0x1, 0x0, r11}, @map_fd={0x18, 0xb, 0x1, 0x0, r2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r12}, 0x10) r13 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$BLKTRACESETUP(r13, 0xc0481273, &(0x7f00000004c0)={'\x00', 0x0, 0x3, 0x3}) 734.965793ms ago: executing program 2 (id=5363): prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4) syz_emit_ethernet(0x3e, &(0x7f0000000640)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x1c, 0x0, @gue={{0x2}, "175d277c7a0fd404fd2d6876"}}}}}}, 0x0) (fail_nth: 6) 654.292911ms ago: executing program 0 (id=5364): lsetxattr$trusted_overlay_upper(0x0, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000f800b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0xf1, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) clock_gettime(0x0, &(0x7f0000000100)) 628.434253ms ago: executing program 0 (id=5365): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) epoll_pwait(0xffffffffffffffff, 0xfffffffffffffffc, 0x41ac5d3, 0x0, 0x0, 0x12) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r1) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) rt_sigtimedwait(0x0, 0x0, 0x0, 0x0) 612.392864ms ago: executing program 1 (id=5366): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = memfd_secret(0x0) ftruncate(r2, 0x5) finit_module(r2, 0x0, 0x0) 587.305176ms ago: executing program 0 (id=5367): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 582.606327ms ago: executing program 1 (id=5368): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x10) ptrace(0x10, 0x1) 97.654062ms ago: executing program 4 (id=5369): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000ffff0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xa00008, &(0x7f0000000680)={[{@norecovery}, {@dax_never}, {@init_itable}, {@nogrpid}, {@norecovery}, {@orlov}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x7ad, &(0x7f00000007c0)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JruwsFn2sBQaCLTnJEZWTGrZCpYcYmNIQin00kNLD4XmknPTprdc++PaXvo39FAS0tYJTemhuIw0SmRbcpzEklL8+cBY782M9N533sybZ82gCWDfGk//5CIORwykydFsfhLZjOiPOFlf7+H6WiGdktjYeOW7pLbOg/W1QjS9J3Uwy/wxIj57I+JIbnu5lZXV+ZlSqbiU5SerCxcnKyurRy8szMwV54qLx6emp4+d+MeJ43sX6w9frh66+/b///rRyZ9e/8Ottz5P4mQcypY1x7FXxmM82yYD6Sbc5H97XViPJb2uAM8kPTT76kd5HI7R6NuhJf/T1ZoBAJ1yJSI2AIB9JnH+B4B9pvE9wIP1tUJjivr1nKs9/WKiS+79NyKG6/E3rm/Wl/TXr9l9NVy7DjryIKldI2lIImJsD8ofj4jrt8/cTKfo0HVIgFauXouIc2PjW/v/tIfbes/C0/rbLtYZ35LX/0H3fJKOf/65ffwXkcuO/+Ha363jn6EWx+6zePLxn7uzKTuwB4U2Scd//266t+1hU/yZsb4s95vamG8gOX+hVEz7tt9GxEQMDKX5qR3KmLj/8/12y5rHf9+/89oHafnp6+M1cnf6hza/Z3amOvM8MTe7dy3iT/2t4k8etX/SZvx7epdlvPSvN99vtyyNP423MW2Pv7M2bkT8pWX7P74PKtnx/sTJ2u4w2dgpWvj46/dG2pXf3P7Xb6clrRUa/wt0Q9r+IzvHP5Y0369Zefoyvrgx+mm7ZZvjP3MzLX9z/K33/8Hk1Vp6MJt3eaZaXZqKGExe3j7/2OP3NvKN9dP4J/7c+vjfaf9Pu6FzWXrjCTc/9t/99sNnj7+z0vhn0/ZPsiCe2P5Pn7j1cL6vXfm7a//pWmoim7O9/+vf9rm7reBzbTwAAAAAAAAAAAAAAAAAAAAAAAAA2KVcRByKJJd/lM7l8vn6M7x/HyO5UrlSPXK+vLw4G7VnZY/FQK7xU5ejTb+HOpX9Hn4jf2xL/u8R8buIeHfoQC2fL5RLs70OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyB9s8/z/1zVCvawcAdMxwrysAAHSd8z8A7D9tzv+DrWcf6GhdAIDuqJ3/k/5eVwMA6CLf/wPA/uP8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQIedPnUqnTZ+XF8rpPnZSyvL8+VLR2eLlfn8wnIhXygvXczPlctzpWK+UF5o+0FX6y+lcvnidCwuX56sFivVycrK6tmF8vJi9eyFhZm54tniQNciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDdq6yszs+USsUliZ0TV16IalzLmq3XW0PihUgMRUSnimjuJQ70pnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BX4JQAA//9qsh/Y") r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000000000060000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd']) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000080022b35c73a6b8dc3429c67560e1994f3fdfa384f61066f21506258a6bde0962943f17fba84216c8883cef93dd69774b5339fcbf136f57d38a804c9f1bcfe0485632fd3d231a342dfb418a3900eaf5603455e9303f770177cbdc8e9639bdd9d06306", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10) utime(&(0x7f0000000200)='./file0\x00', 0x0) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="02140000040000001600d0e1010099e51a499a973a", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) fcntl$lock(r7, 0x7, &(0x7f0000000140)={0x0, 0x0, 0xb7400000000}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fcntl$lock(r7, 0x6, &(0x7f00000000c0)={0x1, 0x0, 0x0, 0x2066}) r8 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0) fcntl$lock(r8, 0x7, &(0x7f0000000140)={0x0, 0x0, 0x2000000000}) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6, 0xffffffffffffffff}, 0x4) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f00000000c0)=0x39, 0x4) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r10}, 0x10) rmdir(0x0) delete_module(&(0x7f0000000200)='\x00', 0x900) 97.013402ms ago: executing program 2 (id=5370): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000002dc0)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") r0 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) pwrite64(r1, &(0x7f0000000280)='+', 0x1, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2810000, &(0x7f0000000380)={[{@user_xattr}, {@noquota}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@block_validity}, {@dioread_nolock}, {@noquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x8}}, {@delalloc}, {@user_xattr}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ") r2 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0) open_by_handle_at(r2, &(0x7f0000000000)=@GFS2_SMALL_FH_SIZE={0x10, 0x4, {0x4, 0x0, 0x6, 0x6}}, 0x2000) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000100)={0x7, [0xc70f, 0x8001, 0xfff9, 0x6, 0x5, 0x5, 0x533]}, &(0x7f0000000140)=0x12) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r4}, 0x10) r5 = epoll_create1(0x0) epoll_pwait2(r5, &(0x7f0000000480)=[{}], 0x1, &(0x7f0000000500), 0x0, 0x0) r6 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) copy_file_range(r6, 0x0, r0, &(0x7f00000000c0)=0x10000, 0x6, 0x0) r7 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0) sendfile(r7, r7, 0x0, 0x100000001) 9.92323ms ago: executing program 4 (id=5371): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x28011, 0xffffffffffffffff, 0x2000) ftruncate(0xffffffffffffffff, 0xc17a) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000580)={{r1}, &(0x7f0000000500), &(0x7f0000000540)='%+9llu \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01010000fcffffff0000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000214000000110001000000"], 0x64}}, 0x0) 0s ago: executing program 2 (id=5372): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r0, 0x5437, 0x2) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) kernel console output (not intermixed with test programs): 7f4fdde8def9 [ 316.057025][T22850] RDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000003 [ 316.057042][T22850] RBP: 00007f4fdcb07090 R08: 0000000000000004 R09: 0000000000000000 [ 316.057059][T22850] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001 [ 316.057076][T22850] R13: 0000000000000000 R14: 00007f4fde045f80 R15: 00007ffd128dac18 [ 316.057133][T22850] [ 316.244368][T22866] netlink: 'syz.1.4527': attribute type 1 has an invalid length. [ 316.318710][T22868] netlink: 100 bytes leftover after parsing attributes in process `syz.0.4528'. [ 316.854857][T22881] loop3: detected capacity change from 0 to 512 [ 316.933417][ T35] vhci_hcd: vhci_device speed not set [ 316.942294][T22885] FAULT_INJECTION: forcing a failure. [ 316.942294][T22885] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 316.955387][T22885] CPU: 1 UID: 0 PID: 22885 Comm: syz.0.4533 Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 316.965854][T22885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 316.975941][T22885] Call Trace: [ 316.979241][T22885] [ 316.982190][T22885] dump_stack_lvl+0xf2/0x150 [ 316.986814][T22885] dump_stack+0x15/0x20 [ 316.991025][T22885] should_fail_ex+0x223/0x230 [ 316.995775][T22885] should_fail+0xb/0x10 [ 316.999951][T22885] should_fail_usercopy+0x1a/0x20 [ 317.005064][T22885] strncpy_from_user+0x25/0x270 [ 317.009940][T22885] ? kmem_cache_alloc_noprof+0x10c/0x290 [ 317.015597][T22885] getname_flags+0xb0/0x3b0 [ 317.020120][T22885] getname+0x17/0x20 [ 317.024098][T22885] do_sys_openat2+0x67/0x120 [ 317.028720][T22885] __x64_sys_openat+0xf3/0x120 [ 317.033518][T22885] x64_sys_call+0x1025/0x2d60 [ 317.038248][T22885] do_syscall_64+0xc9/0x1c0 [ 317.042768][T22885] ? clear_bhb_loop+0x55/0xb0 [ 317.047481][T22885] ? clear_bhb_loop+0x55/0xb0 [ 317.052194][T22885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.058146][T22885] RIP: 0033:0x7fe5081bdef9 [ 317.062584][T22885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 317.082261][T22885] RSP: 002b:00007fe506def038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 317.090790][T22885] RAX: ffffffffffffffda RBX: 00007fe508376130 RCX: 00007fe5081bdef9 [ 317.098824][T22885] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 317.106811][T22885] RBP: 00007fe506def090 R08: 0000000000000000 R09: 0000000000000000 [ 317.114855][T22885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 317.122838][T22885] R13: 0000000000000000 R14: 00007fe508376130 R15: 00007ffcd180e2b8 [ 317.130895][T22885] [ 317.232532][T22881] netlink: 'syz.3.4534': attribute type 1 has an invalid length. [ 317.295449][T22887] loop4: detected capacity change from 0 to 512 [ 317.352158][T22887] EXT4-fs: Ignoring removed mblk_io_submit option [ 317.419023][T22887] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.4532: corrupted in-inode xattr: invalid ea_ino [ 317.519755][T22887] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.4532: couldn't read orphan inode 15 (err -117) [ 317.628739][T22887] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 317.842394][ T3978] hid-generic 0002:0002:0400.0008: item fetching failed at offset 0/1 [ 317.859161][ T3978] hid-generic 0002:0002:0400.0008: probe with driver hid-generic failed with error -22 [ 318.075893][T22912] FAULT_INJECTION: forcing a failure. [ 318.075893][T22912] name failslab, interval 1, probability 0, space 0, times 0 [ 318.088684][T22912] CPU: 1 UID: 0 PID: 22912 Comm: syz.1.4542 Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 318.099136][T22912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 318.109246][T22912] Call Trace: [ 318.112537][T22912] [ 318.115476][T22912] dump_stack_lvl+0xf2/0x150 [ 318.120108][T22912] dump_stack+0x15/0x20 [ 318.124408][T22912] should_fail_ex+0x223/0x230 [ 318.129116][T22912] ? l2tp_tunnel_create+0x67/0x1d0 [ 318.134333][T22912] should_failslab+0x8f/0xb0 [ 318.139063][T22912] __kmalloc_cache_noprof+0x4b/0x2a0 [ 318.144480][T22912] l2tp_tunnel_create+0x67/0x1d0 [ 318.149444][T22912] pppol2tp_connect+0x3af/0xa50 [ 318.154318][T22912] ? __pfx_pppol2tp_connect+0x10/0x10 [ 318.159713][T22912] __sys_connect+0x19d/0x1b0 [ 318.164444][T22912] __x64_sys_connect+0x41/0x50 [ 318.169233][T22912] x64_sys_call+0x2220/0x2d60 [ 318.173921][T22912] do_syscall_64+0xc9/0x1c0 [ 318.178447][T22912] ? clear_bhb_loop+0x55/0xb0 [ 318.183172][T22912] ? clear_bhb_loop+0x55/0xb0 [ 318.187866][T22912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.193816][T22912] RIP: 0033:0x7f4fdde8def9 [ 318.198309][T22912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 318.217929][T22912] RSP: 002b:00007f4fdcb07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 318.226374][T22912] RAX: ffffffffffffffda RBX: 00007f4fde045f80 RCX: 00007f4fdde8def9 [ 318.234372][T22912] RDX: 0000000000000032 RSI: 0000000020000980 RDI: 0000000000000005 [ 318.242392][T22912] RBP: 00007f4fdcb07090 R08: 0000000000000000 R09: 0000000000000000 [ 318.250464][T22912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 318.258439][T22912] R13: 0000000000000000 R14: 00007f4fde045f80 R15: 00007ffd128dac18 [ 318.266488][T22912] [ 318.351625][T22920] netlink: 'syz.0.4545': attribute type 1 has an invalid length. [ 318.490402][T22930] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4551'. [ 318.599666][T22936] RDS: rds_bind could not find a transport for ::ffff:172.30.1.1, load rds_tcp or rds_rdma? [ 318.662740][T18727] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 318.753394][T22948] FAULT_INJECTION: forcing a failure. [ 318.753394][T22948] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 318.766533][T22948] CPU: 0 UID: 0 PID: 22948 Comm: syz.4.4557 Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 318.776977][T22948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 318.787114][T22948] Call Trace: [ 318.790416][T22948] [ 318.793378][T22948] dump_stack_lvl+0xf2/0x150 [ 318.797992][T22948] dump_stack+0x15/0x20 [ 318.802225][T22948] should_fail_ex+0x223/0x230 [ 318.806966][T22948] should_fail+0xb/0x10 [ 318.811188][T22948] should_fail_usercopy+0x1a/0x20 [ 318.816357][T22948] _copy_from_user+0x1e/0xd0 [ 318.821138][T22948] kstrtouint_from_user+0x76/0xe0 [ 318.826186][T22948] ? 0xffffffff81000000 [ 318.830380][T22948] proc_fail_nth_write+0x4f/0x150 [ 318.835459][T22948] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 318.841118][T22948] vfs_write+0x26c/0x910 [ 318.845389][T22948] ? __fget_files+0x1d4/0x210 [ 318.850160][T22948] ksys_write+0xeb/0x1b0 [ 318.854538][T22948] __x64_sys_write+0x42/0x50 [ 318.859273][T22948] x64_sys_call+0x27dd/0x2d60 [ 318.863988][T22948] do_syscall_64+0xc9/0x1c0 [ 318.868556][T22948] ? clear_bhb_loop+0x55/0xb0 [ 318.873282][T22948] ? clear_bhb_loop+0x55/0xb0 [ 318.877980][T22948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.883921][T22948] RIP: 0033:0x7f0930fcc9df [ 318.888345][T22948] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 318.908028][T22948] RSP: 002b:00007f092fc47030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 318.916482][T22948] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f0930fcc9df [ 318.924474][T22948] RDX: 0000000000000001 RSI: 00007f092fc470a0 RDI: 0000000000000006 [ 318.932463][T22948] RBP: 00007f092fc47090 R08: 0000000000000000 R09: 0000000000000000 [ 318.940453][T22948] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001 [ 318.948508][T22948] R13: 0000000000000000 R14: 00007f0931185f80 R15: 00007ffee29b7bc8 [ 318.956540][T22948] [ 319.070044][T22955] xt_addrtype: output interface limitation not valid in PREROUTING and INPUT [ 319.082350][T22953] loop4: detected capacity change from 0 to 512 [ 319.115280][T22953] netlink: 'syz.4.4559': attribute type 1 has an invalid length. [ 319.531489][T22968] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4564'. [ 319.601016][T22970] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4565'. [ 319.647504][T22970] netlink: 100 bytes leftover after parsing attributes in process `syz.0.4565'. [ 319.751076][T22985] netlink: 'syz.0.4570': attribute type 1 has an invalid length. [ 319.837233][T22995] netlink: 2 bytes leftover after parsing attributes in process `syz.2.4574'. [ 319.895950][T23003] loop4: detected capacity change from 0 to 256 [ 320.010140][T10337] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.084515][T10337] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.132070][T23031] netlink: 'syz.2.4585': attribute type 1 has an invalid length. [ 320.144157][T10337] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.186236][T23041] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 320.192976][T23041] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 320.200606][T23041] vhci_hcd vhci_hcd.0: Device attached [ 320.239020][T10337] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 320.319251][T23041] lo speed is unknown, defaulting to 1000 [ 320.353306][T10337] bridge0: port 3(team0) entered disabled state [ 320.398012][T10337] bridge_slave_1: left allmulticast mode [ 320.403691][T10337] bridge_slave_1: left promiscuous mode [ 320.409421][T10337] bridge0: port 2(bridge_slave_1) entered disabled state [ 320.430152][T10337] bridge_slave_0: left allmulticast mode [ 320.435983][T10337] bridge_slave_0: left promiscuous mode [ 320.441717][T10337] bridge0: port 1(bridge_slave_0) entered disabled state [ 320.496126][ T3978] usb 3-1: new high-speed USB device number 5 using vhci_hcd [ 320.639144][T10337] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 320.652941][T10337] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 320.676504][T10337] bond0 (unregistering): Released all slaves [ 320.695412][T23084] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4594'. [ 320.729519][T23084] bridge0: port 1(bridge_slave_0) entered disabled state [ 320.745205][T23084] bridge_slave_0 (unregistering): left allmulticast mode [ 320.752368][T23084] bridge_slave_0 (unregistering): left promiscuous mode [ 320.759369][T23084] bridge0: port 1(bridge_slave_0) entered disabled state [ 320.824860][T10337] hsr_slave_0: left promiscuous mode [ 320.837062][T10337] hsr_slave_1: left promiscuous mode [ 320.844692][T10337] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 320.852303][T10337] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 320.862794][T10337] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 320.870247][T10337] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 320.886999][T23117] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4599'. [ 320.896244][T10337] veth1_macvtap: left promiscuous mode [ 320.901829][T10337] veth0_macvtap: left promiscuous mode [ 320.907435][T10337] veth1_vlan: left promiscuous mode [ 320.912691][T10337] veth0_vlan: left promiscuous mode [ 321.063196][T10337] team_slave_1 (unregistering): left promiscuous mode [ 321.070350][T10337] team_slave_1 (unregistering): left allmulticast mode [ 321.097488][T10337] team0 (unregistering): Port device team_slave_1 removed [ 321.118031][T10337] team_slave_0 (unregistering): left promiscuous mode [ 321.124819][T10337] team_slave_0 (unregistering): left allmulticast mode [ 321.146785][T10337] team0 (unregistering): Port device team_slave_0 removed [ 321.204972][T23032] lo speed is unknown, defaulting to 1000 [ 321.207085][T23114] netlink: 'syz.0.4597': attribute type 1 has an invalid length. [ 321.403524][T23032] chnl_net:caif_netlink_parms(): no params data found [ 321.433264][ T29] kauditd_printk_skb: 413 callbacks suppressed [ 321.433279][ T29] audit: type=1326 audit(2000000048.420:20237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23236 comm="syz.2.4605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 321.473319][ T29] audit: type=1326 audit(2000000048.420:20238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23236 comm="syz.2.4605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 321.497097][ T29] audit: type=1326 audit(2000000048.420:20239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23236 comm="syz.2.4605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 321.520702][ T29] audit: type=1326 audit(2000000048.420:20240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23236 comm="syz.2.4605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 321.592192][T23042] vhci_hcd: connection reset by peer [ 321.617506][T12337] vhci_hcd: stop threads [ 321.622033][T12337] vhci_hcd: release socket [ 321.626614][T12337] vhci_hcd: disconnect device [ 321.651097][ T29] audit: type=1326 audit(2000000048.640:20241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.1.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 321.674830][ T29] audit: type=1326 audit(2000000048.640:20242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.1.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 321.698517][ T29] audit: type=1326 audit(2000000048.640:20243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.1.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 321.722177][ T29] audit: type=1326 audit(2000000048.640:20244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.1.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 321.745863][ T29] audit: type=1326 audit(2000000048.640:20245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.1.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 321.765725][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.769610][ T29] audit: type=1326 audit(2000000048.640:20246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23258 comm="syz.1.4609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 321.777051][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.808038][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.815465][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.822970][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x4 [ 321.830395][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.837848][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x2 [ 321.845272][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.852750][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.860171][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.867582][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.874978][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x4 [ 321.882389][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.889847][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.897340][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.904854][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.912262][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.919690][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.927132][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.929411][T23274] loop3: detected capacity change from 0 to 512 [ 321.934658][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.934681][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.934704][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.953105][T23276] netlink: 'syz.2.4611': attribute type 25 has an invalid length. [ 321.955759][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.955782][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.955835][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 321.993442][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.000866][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.008373][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.015818][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.023229][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.030765][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.038298][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.045756][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.053176][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.058149][T23279] netlink: 'syz.2.4612': attribute type 25 has an invalid length. [ 322.060616][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.075919][ T2929] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 322.090280][ T2929] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz0 [ 322.102894][T23274] netlink: 'syz.3.4610': attribute type 1 has an invalid length. [ 322.139489][T23032] bridge0: port 1(bridge_slave_0) entered blocking state [ 322.146674][T23032] bridge0: port 1(bridge_slave_0) entered disabled state [ 322.153881][T23032] bridge_slave_0: entered allmulticast mode [ 322.166689][T23032] bridge_slave_0: entered promiscuous mode [ 322.238035][T23032] bridge0: port 2(bridge_slave_1) entered blocking state [ 322.245167][T23032] bridge0: port 2(bridge_slave_1) entered disabled state [ 322.254359][T23032] bridge_slave_1: entered allmulticast mode [ 322.260881][T23032] bridge_slave_1: entered promiscuous mode [ 322.302163][T23032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 322.312598][T23032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 322.344587][T23032] team0: Port device team_slave_0 added [ 322.354747][T23032] team0: Port device team_slave_1 added [ 322.370634][T23389] netlink: 'syz.3.4621': attribute type 25 has an invalid length. [ 322.405901][T23389] loop3: detected capacity change from 0 to 1024 [ 322.413533][T23032] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 322.420658][T23032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 322.446641][T23032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 322.460640][T23032] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 322.467651][T23032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 322.493584][T23032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 322.505941][T23389] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.532961][T23032] hsr_slave_0: entered promiscuous mode [ 322.539333][T23032] hsr_slave_1: entered promiscuous mode [ 322.554450][T23032] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 322.564073][T23389] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.4621: attempt to clear invalid blocks 1886221359 len 1 [ 322.586366][T23032] Cannot create hsr debugfs directory [ 322.626977][T18092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 322.748195][T23492] netlink: 'syz.2.4628': attribute type 19 has an invalid length. [ 322.917808][T23543] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 322.924422][T23543] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 322.932056][T23543] vhci_hcd vhci_hcd.0: Device attached [ 323.007706][T23543] lo speed is unknown, defaulting to 1000 [ 323.066433][T23032] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 323.089821][T23032] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 323.129765][T23032] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 323.158016][T23576] netlink: 'syz.2.4637': attribute type 6 has an invalid length. [ 323.165804][T23032] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 323.278218][T23032] 8021q: adding VLAN 0 to HW filter on device bond0 [ 323.305400][T23032] 8021q: adding VLAN 0 to HW filter on device team0 [ 323.362045][T12337] bridge0: port 1(bridge_slave_0) entered blocking state [ 323.369235][T12337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 323.398044][T23544] vhci_hcd: connection closed [ 323.400389][T12337] bridge0: port 2(bridge_slave_1) entered blocking state [ 323.412475][T12337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 323.437710][T11105] vhci_hcd: stop threads [ 323.441963][T11105] vhci_hcd: release socket [ 323.446451][T11105] vhci_hcd: disconnect device [ 323.482749][T23602] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4640'. [ 323.504495][T23602] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.526004][T23602] bridge_slave_0 (unregistering): left allmulticast mode [ 323.533197][T23602] bridge_slave_0 (unregistering): left promiscuous mode [ 323.540289][T23602] bridge0: port 1(bridge_slave_0) entered disabled state [ 323.562982][T23032] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 323.573396][T23032] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 323.788843][T23032] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 324.017433][T23652] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 324.024000][T23652] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 324.031713][T23652] vhci_hcd vhci_hcd.0: Device attached [ 324.063152][T23032] veth0_vlan: entered promiscuous mode [ 324.083327][T23653] vhci_hcd: connection closed [ 324.083529][T12321] vhci_hcd: stop threads [ 324.087397][T23032] veth1_vlan: entered promiscuous mode [ 324.088261][T12321] vhci_hcd: release socket [ 324.102534][T12321] vhci_hcd: disconnect device [ 324.127919][T23032] veth0_macvtap: entered promiscuous mode [ 324.149222][T23660] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4654'. [ 324.159772][T23032] veth1_macvtap: entered promiscuous mode [ 324.181169][T23032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.191778][T23032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.201789][T23032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.212485][T23032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.222323][T23032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.232768][T23032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.242600][T23032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.253048][T23032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.262954][T23032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 324.273402][T23032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.324308][T23032] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 324.367371][T23032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 324.377916][T23032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.387796][T23032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 324.398246][T23032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.408077][T23032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 324.418644][T23032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.428513][T23032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 324.439125][T23032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.448999][T23032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 324.459581][T23032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 324.470772][T23032] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 324.479183][T23032] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 324.488019][T23032] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 324.496811][T23032] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 324.505589][T23032] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 324.624523][T23694] validate_nla: 1 callbacks suppressed [ 324.624541][T23694] netlink: 'syz.2.4663': attribute type 1 has an invalid length. [ 324.678781][T23699] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4665'. [ 324.740454][T23707] loop3: detected capacity change from 0 to 512 [ 324.788969][T23707] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 324.831711][T23707] ext4 filesystem being mounted at /253/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 324.890544][T18092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 324.921591][T23729] loop4: detected capacity change from 0 to 2048 [ 324.928721][T23729] EXT4-fs: dax option not supported [ 324.968266][T23748] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4680'. [ 324.977493][T23729] 9pnet: Could not find request transport: fd• [ 324.996173][T23745] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 325.002839][T23745] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 325.010472][T23745] vhci_hcd vhci_hcd.0: Device attached [ 325.035242][T23752] netlink: 'syz.2.4681': attribute type 1 has an invalid length. [ 325.062689][T23749] vhci_hcd: connection closed [ 325.064140][T12321] vhci_hcd: stop threads [ 325.073130][T12321] vhci_hcd: release socket [ 325.077591][T12321] vhci_hcd: disconnect device [ 325.145304][T23762] loop4: detected capacity change from 0 to 2048 [ 325.154285][T23762] EXT4-fs: dax option not supported [ 325.191202][T23762] 9pnet: Could not find request transport: fd• [ 325.616213][ T3978] vhci_hcd: vhci_device speed not set [ 325.636731][T23793] loop4: detected capacity change from 0 to 128 [ 325.698649][T23797] lo speed is unknown, defaulting to 1000 [ 325.712449][T23809] loop4: detected capacity change from 0 to 512 [ 325.763303][T23809] netlink: 'syz.4.4703': attribute type 1 has an invalid length. [ 325.879261][T23842] loop3: detected capacity change from 0 to 512 [ 325.936277][T23842] netlink: 'syz.3.4706': attribute type 1 has an invalid length. [ 326.034410][T23850] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 326.041041][T23850] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 326.045709][T23854] loop4: detected capacity change from 0 to 512 [ 326.048759][T23850] vhci_hcd vhci_hcd.0: Device attached [ 326.091303][T23852] vhci_hcd: connection closed [ 326.091585][T12321] vhci_hcd: stop threads [ 326.100659][T12321] vhci_hcd: release socket [ 326.105148][T12321] vhci_hcd: disconnect device [ 326.141124][T23854] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 326.156232][T23854] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 326.486158][ T29] kauditd_printk_skb: 959 callbacks suppressed [ 326.486257][ T29] audit: type=1326 audit(2000000053.450:21206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.1.4711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 326.516179][ T29] audit: type=1326 audit(2000000053.450:21207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.1.4711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 326.539794][ T29] audit: type=1326 audit(2000000053.460:21208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.1.4711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 326.563411][ T29] audit: type=1326 audit(2000000053.460:21209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.1.4711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 326.587007][ T29] audit: type=1326 audit(2000000053.460:21210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.1.4711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 326.610634][ T29] audit: type=1326 audit(2000000053.460:21211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.1.4711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 326.634195][ T29] audit: type=1326 audit(2000000053.460:21212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.1.4711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 326.657863][ T29] audit: type=1326 audit(2000000053.460:21213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.1.4711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 326.681664][ T29] audit: type=1326 audit(2000000053.460:21214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.1.4711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 326.705408][ T29] audit: type=1326 audit(2000000053.460:21215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23862 comm="syz.1.4711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 327.205142][T23872] loop3: detected capacity change from 0 to 512 [ 327.251736][T23872] netlink: 'syz.3.4715': attribute type 1 has an invalid length. [ 327.387916][T23890] netlink: 'syz.0.4720': attribute type 1 has an invalid length. [ 327.477874][T23908] netlink: 'syz.3.4728': attribute type 25 has an invalid length. [ 327.500856][T23908] loop3: detected capacity change from 0 to 1024 [ 327.561383][T23910] netlink: 'syz.2.4729': attribute type 1 has an invalid length. [ 327.570080][T23908] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.603493][T23908] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.4728: attempt to clear invalid blocks 1886221359 len 1 [ 328.002889][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.197576][T18092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.278067][T23962] loop4: detected capacity change from 0 to 1024 [ 328.289270][T23968] netlink: 'syz.3.4745': attribute type 25 has an invalid length. [ 328.301999][T23966] netlink: 'syz.2.4744': attribute type 1 has an invalid length. [ 328.320400][T23962] EXT4-fs: Ignoring removed i_version option [ 328.330904][T23968] loop3: detected capacity change from 0 to 1024 [ 328.410856][T23962] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 328.440874][T23968] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 328.490276][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.509061][T23968] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.4745: attempt to clear invalid blocks 1886221359 len 1 [ 328.546153][T23988] FAULT_INJECTION: forcing a failure. [ 328.546153][T23988] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 328.559264][T23988] CPU: 1 UID: 0 PID: 23988 Comm: syz.1.4752 Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 328.569750][T23988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 328.579813][T23988] Call Trace: [ 328.583098][T23988] [ 328.586050][T23988] dump_stack_lvl+0xf2/0x150 [ 328.590698][T23988] dump_stack+0x15/0x20 [ 328.594934][T23988] should_fail_ex+0x223/0x230 [ 328.599689][T23988] should_fail+0xb/0x10 [ 328.603889][T23988] should_fail_usercopy+0x1a/0x20 [ 328.608974][T23988] _copy_to_user+0x1e/0xa0 [ 328.613474][T23988] simple_read_from_buffer+0xa0/0x110 [ 328.618852][T23988] proc_fail_nth_read+0xf9/0x140 [ 328.623857][T23988] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 328.629454][T23988] vfs_read+0x195/0x720 [ 328.633649][T23988] ? __rcu_read_unlock+0x4e/0x70 [ 328.638644][T23988] ? __fget_files+0x1d4/0x210 [ 328.643353][T23988] ksys_read+0xeb/0x1b0 [ 328.647569][T23988] __x64_sys_read+0x42/0x50 [ 328.652090][T23988] x64_sys_call+0x27d3/0x2d60 [ 328.656795][T23988] do_syscall_64+0xc9/0x1c0 [ 328.661348][T23988] ? clear_bhb_loop+0x55/0xb0 [ 328.666064][T23988] ? clear_bhb_loop+0x55/0xb0 [ 328.670751][T23988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.676677][T23988] RIP: 0033:0x7f4fdde8c93c [ 328.681095][T23988] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 328.700768][T23988] RSP: 002b:00007f4fdcb07030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 328.709213][T23988] RAX: ffffffffffffffda RBX: 00007f4fde045f80 RCX: 00007f4fdde8c93c [ 328.717188][T23988] RDX: 000000000000000f RSI: 00007f4fdcb070a0 RDI: 0000000000000004 [ 328.725196][T23988] RBP: 00007f4fdcb07090 R08: 0000000000000000 R09: 0000000000000000 [ 328.733320][T23988] R10: 0000000010004810 R11: 0000000000000246 R12: 0000000000000001 [ 328.741305][T23988] R13: 0000000000000000 R14: 00007f4fde045f80 R15: 00007ffd128dac18 [ 328.749293][T23988] [ 328.767409][T18092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 328.831016][T23995] tipc: Started in network mode [ 328.835968][T23995] tipc: Node identity , cluster identity 4711 [ 328.842123][T23995] tipc: Failed to set node id, please configure manually [ 328.849174][T23995] tipc: Enabling of bearer rejected, failed to enable media [ 328.859539][T24002] SELinux: failed to load policy [ 328.913859][T24002] lo speed is unknown, defaulting to 1000 [ 328.922532][T24013] FAULT_INJECTION: forcing a failure. [ 328.922532][T24013] name failslab, interval 1, probability 0, space 0, times 0 [ 328.935240][T24013] CPU: 0 UID: 0 PID: 24013 Comm: syz.1.4758 Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 328.945834][T24013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 328.955937][T24013] Call Trace: [ 328.959232][T24013] [ 328.962173][T24013] dump_stack_lvl+0xf2/0x150 [ 328.966829][T24013] dump_stack+0x15/0x20 [ 328.971085][T24013] should_fail_ex+0x223/0x230 [ 328.975788][T24013] ? alloc_vfsmnt+0x2b/0x300 [ 328.980465][T24013] should_failslab+0x8f/0xb0 [ 328.985206][T24013] kmem_cache_alloc_noprof+0x4c/0x290 [ 328.990608][T24013] alloc_vfsmnt+0x2b/0x300 [ 328.995057][T24013] clone_mnt+0x45/0x7a0 [ 328.999230][T24013] copy_tree+0xba/0x7f0 [ 329.003511][T24013] ? proc_alloc_inum+0x4c/0x70 [ 329.008435][T24013] copy_mnt_ns+0x11e/0x5c0 [ 329.012866][T24013] ? create_new_namespaces+0x3c/0x430 [ 329.018278][T24013] ? kmem_cache_alloc_noprof+0x1a6/0x290 [ 329.023944][T24013] create_new_namespaces+0x89/0x430 [ 329.029223][T24013] ? security_capable+0x81/0x90 [ 329.034159][T24013] unshare_nsproxy_namespaces+0xe6/0x120 [ 329.039936][T24013] ksys_unshare+0x3da/0x720 [ 329.044623][T24013] __x64_sys_unshare+0x1f/0x30 [ 329.049428][T24013] x64_sys_call+0x2c8d/0x2d60 [ 329.054176][T24013] do_syscall_64+0xc9/0x1c0 [ 329.058767][T24013] ? clear_bhb_loop+0x55/0xb0 [ 329.063483][T24013] ? clear_bhb_loop+0x55/0xb0 [ 329.068222][T24013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.074247][T24013] RIP: 0033:0x7f4fdde8def9 [ 329.078727][T24013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 329.098445][T24013] RSP: 002b:00007f4fdcb07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 329.106892][T24013] RAX: ffffffffffffffda RBX: 00007f4fde045f80 RCX: 00007f4fdde8def9 [ 329.114898][T24013] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000024020400 [ 329.122987][T24013] RBP: 00007f4fdcb07090 R08: 0000000000000000 R09: 0000000000000000 [ 329.131061][T24013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 329.139109][T24013] R13: 0000000000000000 R14: 00007f4fde045f80 R15: 00007ffd128dac18 [ 329.147112][T24013] [ 329.683103][T24074] loop4: detected capacity change from 0 to 512 [ 329.710639][T24074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 329.744987][T24074] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 329.809673][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.856053][T24016] coredump: 996(syz.2.4756): written to core: VMAs: 29, size 89030656; core: 60134062 bytes, pos 89038848 [ 329.903089][T24098] validate_nla: 2 callbacks suppressed [ 329.903109][T24098] netlink: 'syz.4.4778': attribute type 25 has an invalid length. [ 329.961555][T24098] loop4: detected capacity change from 0 to 1024 [ 329.990665][T24098] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.030142][T24098] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #14: comm syz.4.4778: attempt to clear invalid blocks 1886221359 len 1 [ 330.087364][T24107] netlink: 596 bytes leftover after parsing attributes in process `syz.0.4781'. [ 330.096563][T24107] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4781'. [ 330.120620][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.231188][T24129] loop4: detected capacity change from 0 to 512 [ 330.269047][T24129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 330.282127][T24129] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 330.314261][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.431609][T24153] netlink: 'syz.4.4796': attribute type 25 has an invalid length. [ 330.444657][T24153] loop4: detected capacity change from 0 to 1024 [ 330.452690][T24151] netlink: 'syz.2.4795': attribute type 1 has an invalid length. [ 330.469729][T24153] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.483695][T24153] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #14: comm syz.4.4796: attempt to clear invalid blocks 1886221359 len 1 [ 330.511719][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.568624][T24165] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 330.652709][T24196] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks [ 330.769490][T24201] bond1: entered promiscuous mode [ 330.774664][T24201] bond1: entered allmulticast mode [ 330.785553][T24201] 8021q: adding VLAN 0 to HW filter on device bond1 [ 330.800836][T24201] bond1 (unregistering): Released all slaves [ 330.839573][T24271] netlink: 'syz.0.4811': attribute type 25 has an invalid length. [ 330.998369][T24283] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 331.045160][T24296] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 331.051725][T24296] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 331.059351][T24296] vhci_hcd vhci_hcd.0: Device attached [ 331.070056][T24300] netlink: 'syz.1.4820': attribute type 1 has an invalid length. [ 331.165256][T24307] netlink: 'syz.1.4822': attribute type 25 has an invalid length. [ 331.296150][ T3978] usb 1-1: new high-speed USB device number 6 using vhci_hcd [ 331.507681][ T29] kauditd_printk_skb: 681 callbacks suppressed [ 331.507706][ T29] audit: type=1326 audit(2000000058.500:21897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24320 comm="syz.1.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 331.537627][ T29] audit: type=1326 audit(2000000058.500:21898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24320 comm="syz.1.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 331.561282][ T29] audit: type=1326 audit(2000000058.500:21899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24320 comm="syz.1.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 331.585052][ T29] audit: type=1326 audit(2000000058.500:21900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24320 comm="syz.1.4828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fdde8def9 code=0x7ffc0000 [ 331.614611][ T29] audit: type=1326 audit(2000000058.600:21901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24316 comm="syz.4.4827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 331.638385][ T29] audit: type=1326 audit(2000000058.600:21902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24316 comm="syz.4.4827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 331.688028][ T29] audit: type=1326 audit(2000000058.600:21903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24316 comm="syz.4.4827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 331.711679][ T29] audit: type=1326 audit(2000000058.600:21904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24316 comm="syz.4.4827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 331.735384][ T29] audit: type=1326 audit(2000000058.600:21905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24316 comm="syz.4.4827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 331.759197][ T29] audit: type=1326 audit(2000000058.660:21906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24316 comm="syz.4.4827" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 331.788800][T24333] loop4: detected capacity change from 0 to 512 [ 331.801682][T24333] netlink: 'syz.4.4833': attribute type 1 has an invalid length. [ 331.874206][T24297] vhci_hcd: connection reset by peer [ 331.881138][T12321] vhci_hcd: stop threads [ 331.885463][T12321] vhci_hcd: release socket [ 331.889964][T12321] vhci_hcd: disconnect device [ 331.920424][T24341] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4838'. [ 331.931698][T24351] loop4: detected capacity change from 0 to 128 [ 331.943956][T24354] loop3: detected capacity change from 0 to 512 [ 331.951771][T24351] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 331.968063][T24351] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 331.979249][T24354] netlink: 'syz.3.4843': attribute type 1 has an invalid length. [ 332.068600][T24362] loop3: detected capacity change from 0 to 2048 [ 332.085396][T24365] netlink: 'syz.2.4846': attribute type 1 has an invalid length. [ 332.222564][T24388] netlink: 'syz.4.4850': attribute type 25 has an invalid length. [ 332.244731][T24388] loop4: detected capacity change from 0 to 1024 [ 332.286575][T24388] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 332.302573][T24388] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #14: comm syz.4.4850: attempt to clear invalid blocks 1886221359 len 1 [ 332.330140][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.592111][T24417] netlink: 100 bytes leftover after parsing attributes in process `syz.0.4861'. [ 332.672833][T24418] loop4: detected capacity change from 0 to 1024 [ 332.679819][T24418] EXT4-fs: test_dummy_encryption option not supported [ 333.031301][T24428] hsr_slave_0: left promiscuous mode [ 333.037298][T24428] hsr_slave_1: left promiscuous mode [ 333.470178][T24457] netlink: 100 bytes leftover after parsing attributes in process `syz.4.4876'. [ 333.625685][T24464] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4880'. [ 335.174805][T24470] loop4: detected capacity change from 0 to 2048 [ 335.181906][T24470] EXT4-fs: dax option not supported [ 335.191872][T24470] 9pnet_fd: Insufficient options for proto=fd [ 335.264184][T24480] loop4: detected capacity change from 0 to 512 [ 335.274357][T24478] validate_nla: 2 callbacks suppressed [ 335.274372][T24478] netlink: 'syz.0.4884': attribute type 1 has an invalid length. [ 335.288835][T24472] netlink: 'syz.2.4882': attribute type 1 has an invalid length. [ 335.297160][T24480] netlink: 'syz.4.4885': attribute type 1 has an invalid length. [ 335.354212][T24488] loop3: detected capacity change from 0 to 128 [ 335.361374][T24488] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 335.379751][T24490] loop4: detected capacity change from 0 to 512 [ 335.391176][T24488] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 335.451437][T24502] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4893'. [ 335.466449][T24490] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 335.479209][T24490] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 335.613706][T24521] loop3: detected capacity change from 0 to 512 [ 335.628777][T24521] netlink: 'syz.3.4898': attribute type 1 has an invalid length. [ 335.640169][T24516] netlink: 'syz.2.4897': attribute type 1 has an invalid length. [ 335.661443][T24527] loop3: detected capacity change from 0 to 512 [ 335.680504][T24527] netlink: 'syz.3.4900': attribute type 1 has an invalid length. [ 335.791603][T24543] netlink: 'syz.3.4908': attribute type 25 has an invalid length. [ 335.810864][T24543] loop3: detected capacity change from 0 to 1024 [ 335.851793][T24543] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 335.891818][T24543] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.4908: attempt to clear invalid blocks 1886221359 len 1 [ 335.921642][T24556] netlink: 'syz.2.4912': attribute type 1 has an invalid length. [ 335.936700][T18092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.960930][T24561] netlink: 'syz.2.4914': attribute type 1 has an invalid length. [ 336.124832][T24584] netlink: 'syz.3.4923': attribute type 25 has an invalid length. [ 336.158120][T24584] loop3: detected capacity change from 0 to 1024 [ 336.206210][T24595] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(4) [ 336.206651][T24584] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 336.212745][T24595] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 336.228160][T24584] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.4923: attempt to clear invalid blocks 1886221359 len 1 [ 336.232417][T24595] vhci_hcd vhci_hcd.0: Device attached [ 336.248056][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.270564][T18092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.333712][T24612] loop3: detected capacity change from 0 to 1024 [ 336.351056][T24608] loop4: detected capacity change from 0 to 2048 [ 336.359924][T24612] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 336.371193][T24612] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 336.427191][ T3978] vhci_hcd: vhci_device speed not set [ 336.449230][T24619] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4932'. [ 336.501020][ T35] usb 5-1: new high-speed USB device number 3 using vhci_hcd [ 336.540531][ T29] kauditd_printk_skb: 542 callbacks suppressed [ 336.540549][ T29] audit: type=1326 audit(2000000063.530:22449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24622 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 336.582077][ T29] audit: type=1326 audit(2000000063.560:22450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24622 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 336.605833][ T29] audit: type=1326 audit(2000000063.560:22451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24622 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 336.629538][ T29] audit: type=1326 audit(2000000063.560:22452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24622 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 336.653308][ T29] audit: type=1326 audit(2000000063.560:22453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24622 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 336.676964][ T29] audit: type=1326 audit(2000000063.560:22454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24622 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 336.700575][ T29] audit: type=1326 audit(2000000063.560:22455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24622 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 336.724605][ T29] audit: type=1326 audit(2000000063.560:22456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24622 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 336.748433][ T29] audit: type=1326 audit(2000000063.560:22457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24622 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 336.772199][ T29] audit: type=1326 audit(2000000063.560:22458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24622 comm="syz.4.4934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 336.882590][T24630] loop4: detected capacity change from 0 to 512 [ 337.012920][T24634] loop4: detected capacity change from 0 to 512 [ 337.030986][T24596] vhci_hcd: connection reset by peer [ 337.038220][T10337] vhci_hcd: stop threads [ 337.042498][T10337] vhci_hcd: release socket [ 337.046952][T10337] vhci_hcd: disconnect device [ 337.058540][T24634] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 337.071341][T24634] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 337.178050][T18092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.199096][T24643] netlink: 100 bytes leftover after parsing attributes in process `syz.3.4938'. [ 337.234767][T24645] loop3: detected capacity change from 0 to 1024 [ 337.249839][T24645] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 337.264106][T24645] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.4939: attempt to clear invalid blocks 1886221359 len 1 [ 337.286681][T18092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.565041][T24653] loop3: detected capacity change from 0 to 128 [ 337.573751][T24653] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 337.589172][T24653] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 337.838880][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.857388][T24695] FAULT_INJECTION: forcing a failure. [ 337.857388][T24695] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 337.870572][T24695] CPU: 1 UID: 0 PID: 24695 Comm: syz.3.4955 Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 337.881097][T24695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 337.891171][T24695] Call Trace: [ 337.894615][T24695] [ 337.897614][T24695] dump_stack_lvl+0xf2/0x150 [ 337.902237][T24695] dump_stack+0x15/0x20 [ 337.906423][T24695] should_fail_ex+0x223/0x230 [ 337.911151][T24695] should_fail+0xb/0x10 [ 337.915387][T24695] should_fail_usercopy+0x1a/0x20 [ 337.920440][T24695] _copy_to_user+0x1e/0xa0 [ 337.924912][T24695] simple_read_from_buffer+0xa0/0x110 [ 337.930350][T24695] proc_fail_nth_read+0xf9/0x140 [ 337.935331][T24695] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 337.941023][T24695] vfs_read+0x195/0x720 [ 337.945254][T24695] ? __rcu_read_unlock+0x4e/0x70 [ 337.950213][T24695] ? __fget_files+0x1d4/0x210 [ 337.954921][T24695] ksys_read+0xeb/0x1b0 [ 337.959098][T24695] __x64_sys_read+0x42/0x50 [ 337.963700][T24695] x64_sys_call+0x27d3/0x2d60 [ 337.968435][T24695] do_syscall_64+0xc9/0x1c0 [ 337.973034][T24695] ? clear_bhb_loop+0x55/0xb0 [ 337.977736][T24695] ? clear_bhb_loop+0x55/0xb0 [ 337.982478][T24695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.988396][T24695] RIP: 0033:0x7fb7810dc93c [ 337.992815][T24695] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 338.012475][T24695] RSP: 002b:00007fb77fd57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 338.021016][T24695] RAX: ffffffffffffffda RBX: 00007fb781295f80 RCX: 00007fb7810dc93c [ 338.028991][T24695] RDX: 000000000000000f RSI: 00007fb77fd570a0 RDI: 0000000000000003 [ 338.037025][T24695] RBP: 00007fb77fd57090 R08: 0000000000000000 R09: 0000000000000000 [ 338.045038][T24695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 338.053064][T24695] R13: 0000000000000000 R14: 00007fb781295f80 R15: 00007ffcab169b48 [ 338.061074][T24695] [ 338.150854][T24706] loop3: detected capacity change from 0 to 2048 [ 338.165509][T24706] EXT4-fs: dax option not supported [ 338.183505][T24706] 9pnet: Could not find request transport: fd• [ 338.264841][T24718] loop3: detected capacity change from 0 to 512 [ 338.343150][T24727] loop3: detected capacity change from 0 to 512 [ 338.724973][T24748] loop3: detected capacity change from 0 to 1024 [ 338.770432][T24748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 338.845109][T24748] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.4969: attempt to clear invalid blocks 1886221359 len 1 [ 338.909312][T24760] loop4: detected capacity change from 0 to 512 [ 338.931366][T18092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.283869][T24776] loop3: detected capacity change from 0 to 256 [ 339.386033][T24782] loop3: detected capacity change from 0 to 512 [ 339.409470][T24785] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4984'. [ 339.686160][T24811] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 339.692746][T24811] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 339.700492][T24811] vhci_hcd vhci_hcd.0: Device attached [ 339.946158][ T3340] usb 9-1: new high-speed USB device number 3 using vhci_hcd [ 339.988525][T24832] loop3: detected capacity change from 0 to 2048 [ 340.015443][T24832] EXT4-fs: dax option not supported [ 340.052263][T24832] 9pnet: Could not find request transport: fd• [ 340.491768][T24814] vhci_hcd: connection reset by peer [ 340.499054][T12337] vhci_hcd: stop threads [ 340.503325][T12337] vhci_hcd: release socket [ 340.507807][T12337] vhci_hcd: disconnect device [ 340.737666][T24867] loop3: detected capacity change from 0 to 2048 [ 340.764525][T24867] EXT4-fs: dax option not supported [ 340.807782][T24867] 9pnet: Could not find request transport: fd• [ 341.051468][T24877] loop4: detected capacity change from 0 to 1024 [ 341.216982][T24877] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 341.358297][T24877] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #14: comm syz.4.5014: attempt to clear invalid blocks 1886221359 len 1 [ 341.387901][T24885] validate_nla: 9 callbacks suppressed [ 341.387975][T24885] netlink: 'syz.2.5017': attribute type 1 has an invalid length. [ 341.412729][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 341.519031][T24892] netlink: 'syz.2.5020': attribute type 1 has an invalid length. [ 341.609913][ T29] kauditd_printk_skb: 312 callbacks suppressed [ 341.609929][ T29] audit: type=1326 audit(2000000068.600:22771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24895 comm="syz.2.5022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 341.639925][ T35] vhci_hcd: vhci_device speed not set [ 341.685847][ T29] audit: type=1326 audit(2000000068.640:22772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24895 comm="syz.2.5022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 341.709519][ T29] audit: type=1326 audit(2000000068.640:22773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24895 comm="syz.2.5022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 341.733182][ T29] audit: type=1326 audit(2000000068.640:22774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24895 comm="syz.2.5022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 341.756822][ T29] audit: type=1326 audit(2000000068.640:22775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24895 comm="syz.2.5022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 341.780484][ T29] audit: type=1326 audit(2000000068.640:22776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24895 comm="syz.2.5022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 341.804081][ T29] audit: type=1326 audit(2000000068.640:22777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24895 comm="syz.2.5022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 341.827751][ T29] audit: type=1326 audit(2000000068.640:22778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24895 comm="syz.2.5022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 341.851417][ T29] audit: type=1326 audit(2000000068.640:22779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24895 comm="syz.2.5022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 341.875144][ T29] audit: type=1326 audit(2000000068.640:22780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24895 comm="syz.2.5022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 341.913874][T24901] loop3: detected capacity change from 0 to 128 [ 341.920721][T24901] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 341.939156][T24901] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 342.048076][T11105] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.079533][T24919] netlink: 'syz.0.5030': attribute type 1 has an invalid length. [ 342.090835][T11105] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.092379][T24922] loop4: detected capacity change from 0 to 1024 [ 342.149889][T11105] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.161486][T24922] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 342.194316][T24922] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #14: comm syz.4.5029: attempt to clear invalid blocks 1886221359 len 1 [ 342.220065][T11105] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.240954][T24941] loop3: detected capacity change from 0 to 2048 [ 342.249652][T24941] EXT4-fs: dax option not supported [ 342.255797][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.285229][T24917] lo speed is unknown, defaulting to 1000 [ 342.300461][T24941] 9pnet: Could not find request transport: fd• [ 342.363602][T11105] bridge0: port 3(team0) entered disabled state [ 342.380264][T11105] bridge_slave_1: left allmulticast mode [ 342.386026][T11105] bridge_slave_1: left promiscuous mode [ 342.391885][T11105] bridge0: port 2(bridge_slave_1) entered disabled state [ 342.458112][T25034] loop4: detected capacity change from 0 to 512 [ 342.475191][T25036] loop3: detected capacity change from 0 to 128 [ 342.492282][T25036] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 342.518541][T25036] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 342.549397][T11105] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 342.561704][T11105] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 342.573127][T11105] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 342.585104][T11105] bond0 (unregistering): Released all slaves [ 342.607741][T25034] netlink: 'syz.4.5042': attribute type 1 has an invalid length. [ 342.653012][T24917] chnl_net:caif_netlink_parms(): no params data found [ 342.657812][T25089] loop3: detected capacity change from 0 to 256 [ 342.697765][T11105] hsr_slave_0: left promiscuous mode [ 342.703653][T11105] hsr_slave_1: left promiscuous mode [ 342.709831][T11105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 342.717369][T11105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 342.730544][T11105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 342.738030][T11105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 342.754251][T11105] veth1_macvtap: left promiscuous mode [ 342.759874][T11105] veth0_macvtap: left promiscuous mode [ 342.765409][T11105] veth1_vlan: left promiscuous mode [ 342.770767][T11105] veth0_vlan: left promiscuous mode [ 342.885133][T11105] team_slave_1 (unregistering): left promiscuous mode [ 342.892081][T11105] team_slave_1 (unregistering): left allmulticast mode [ 342.900385][T11105] team0 (unregistering): Port device team_slave_1 removed [ 342.911750][T11105] team_slave_0 (unregistering): left promiscuous mode [ 342.918655][T11105] team_slave_0 (unregistering): left allmulticast mode [ 342.928262][T11105] team0 (unregistering): Port device team_slave_0 removed [ 342.997276][T24917] bridge0: port 1(bridge_slave_0) entered blocking state [ 343.004387][T24917] bridge0: port 1(bridge_slave_0) entered disabled state [ 343.024312][T25167] loop3: detected capacity change from 0 to 512 [ 343.026803][T24917] bridge_slave_0: entered allmulticast mode [ 343.037188][T24917] bridge_slave_0: entered promiscuous mode [ 343.044059][T24917] bridge0: port 2(bridge_slave_1) entered blocking state [ 343.051444][T24917] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.058710][T24917] bridge_slave_1: entered allmulticast mode [ 343.065332][T24917] bridge_slave_1: entered promiscuous mode [ 343.072894][T25168] loop4: detected capacity change from 0 to 128 [ 343.080584][T25168] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 343.105275][T25168] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 343.119538][T25167] netlink: 'syz.3.5057': attribute type 1 has an invalid length. [ 343.138573][T24917] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 343.149617][T24917] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 343.157275][T25201] loop3: detected capacity change from 0 to 1024 [ 343.180427][T24917] team0: Port device team_slave_0 added [ 343.187176][T24917] team0: Port device team_slave_1 added [ 343.206411][T24917] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 343.213379][T24917] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.239409][T24917] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 343.252804][T24917] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 343.259810][T24917] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.267688][T25201] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 343.285755][T24917] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 343.303180][T25201] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.5059: attempt to clear invalid blocks 1886221359 len 1 [ 343.375904][T24917] hsr_slave_0: entered promiscuous mode [ 343.385870][T24917] hsr_slave_1: entered promiscuous mode [ 343.392225][T24917] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 343.402728][T24917] Cannot create hsr debugfs directory [ 343.429678][T18092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.645602][T25356] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 343.653056][T25356] vhci_hcd: invalid port number 246 [ 343.658314][T25356] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 343.690220][T25365] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 343.696767][T25365] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 343.704435][T25365] vhci_hcd vhci_hcd.0: Device attached [ 343.776036][T24917] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 343.785293][T24917] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 343.795710][T24917] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 343.805447][T24917] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 343.852160][T24917] 8021q: adding VLAN 0 to HW filter on device bond0 [ 343.872054][T24917] 8021q: adding VLAN 0 to HW filter on device team0 [ 343.883492][T10337] bridge0: port 1(bridge_slave_0) entered blocking state [ 343.890657][T10337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 343.916049][T24917] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 343.926515][T24917] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 343.943735][T10337] bridge0: port 2(bridge_slave_1) entered blocking state [ 343.950826][T10337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 344.022940][T24917] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 344.114813][T24917] veth0_vlan: entered promiscuous mode [ 344.125207][T24917] veth1_vlan: entered promiscuous mode [ 344.145312][T24917] veth0_macvtap: entered promiscuous mode [ 344.153749][T24917] veth1_macvtap: entered promiscuous mode [ 344.166021][T24917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.176712][T24917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.186631][T24917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.197134][T24917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.207017][T24917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.217496][T24917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.227356][T24917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.237840][T24917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.247722][T24917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 344.258191][T24917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.270717][T24917] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 344.279426][T24917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.289902][T24917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.299863][T24917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.310324][T24917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.320167][T24917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.330691][T24917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.340517][T24917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.351084][T24917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.360927][T24917] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 344.371552][T24917] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 344.383487][T24917] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 344.401072][T24917] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.410011][T24917] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.418872][T24917] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.427615][T24917] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 344.523929][T25366] vhci_hcd: connection closed [ 344.526720][T11105] vhci_hcd: stop threads [ 344.535782][T11105] vhci_hcd: release socket [ 344.540237][T11105] vhci_hcd: disconnect device [ 344.552319][T25402] netlink: 'syz.1.5069': attribute type 1 has an invalid length. [ 344.698968][T25414] loop3: detected capacity change from 0 to 256 [ 344.749026][T25416] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5075'. [ 344.821161][T25423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5076'. [ 345.056143][ T3340] vhci_hcd: vhci_device speed not set [ 345.063565][T25464] loop4: detected capacity change from 0 to 512 [ 345.092178][T25464] netlink: 'syz.4.5079': attribute type 1 has an invalid length. [ 345.268424][T25476] loop4: detected capacity change from 0 to 512 [ 345.299501][T25476] netlink: 'syz.4.5083': attribute type 1 has an invalid length. [ 345.359304][T25482] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5085'. [ 345.410937][T25486] x_tables: duplicate underflow at hook 1 [ 345.458080][T25494] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5088'. [ 345.495013][T25496] netlink: 140 bytes leftover after parsing attributes in process `syz.0.5086'. [ 345.516418][T25496] caif0 speed is unknown, defaulting to 1000 [ 345.524824][T25496] caif0 speed is unknown, defaulting to 1000 [ 345.534359][T25498] loop4: detected capacity change from 0 to 1024 [ 345.535340][T25496] caif0 speed is unknown, defaulting to 1000 [ 345.570857][T25498] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 345.597706][T25496] infiniband syz1: set down [ 345.602347][T25496] infiniband syz1: added caif0 [ 345.607281][ T3978] caif0 speed is unknown, defaulting to 1000 [ 345.618780][T25498] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #14: comm syz.4.5089: attempt to clear invalid blocks 1886221359 len 1 [ 345.637037][T25504] loop3: detected capacity change from 0 to 512 [ 345.662487][T25504] netlink: 'syz.3.5090': attribute type 1 has an invalid length. [ 345.671065][T25496] RDS/IB: syz1: added [ 345.675130][T25496] smc: adding ib device syz1 with port count 1 [ 345.675145][T25496] smc: ib device syz1 port 1 has pnetid [ 345.675176][ T3978] caif0 speed is unknown, defaulting to 1000 [ 345.675597][T25496] caif0 speed is unknown, defaulting to 1000 [ 345.720569][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 345.730227][T25496] caif0 speed is unknown, defaulting to 1000 [ 345.765293][T25496] caif0 speed is unknown, defaulting to 1000 [ 345.784185][T25518] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 345.790805][T25518] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 345.798485][T25518] vhci_hcd vhci_hcd.0: Device attached [ 345.827041][T25496] caif0 speed is unknown, defaulting to 1000 [ 345.873956][T25496] caif0 speed is unknown, defaulting to 1000 [ 345.914159][T25496] caif0 speed is unknown, defaulting to 1000 [ 345.952202][T25496] caif0 speed is unknown, defaulting to 1000 [ 346.086324][ T3340] usb 9-1: new high-speed USB device number 4 using vhci_hcd [ 346.605497][T25519] vhci_hcd: connection reset by peer [ 346.610989][T12339] vhci_hcd: stop threads [ 346.615282][T12339] vhci_hcd: release socket [ 346.619769][T12339] vhci_hcd: disconnect device [ 347.149617][T25543] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5101'. [ 347.188893][T25550] loop4: detected capacity change from 0 to 512 [ 347.208067][T25550] netlink: 'syz.4.5103': attribute type 1 has an invalid length. [ 347.246877][ T8] hid-generic 0002:0002:0400.000A: item fetching failed at offset 0/1 [ 347.256447][ T29] kauditd_printk_skb: 220 callbacks suppressed [ 347.256465][ T29] audit: type=1326 audit(2000000074.250:23001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25557 comm="syz.4.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 347.258998][ T8] hid-generic 0002:0002:0400.000A: probe with driver hid-generic failed with error -22 [ 347.262706][ T29] audit: type=1326 audit(2000000074.250:23002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25557 comm="syz.4.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 347.319703][ T29] audit: type=1326 audit(2000000074.250:23003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25557 comm="syz.4.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 347.343424][ T29] audit: type=1326 audit(2000000074.250:23004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25557 comm="syz.4.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 347.367748][ T29] audit: type=1326 audit(2000000074.250:23005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25557 comm="syz.4.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 347.391529][ T29] audit: type=1326 audit(2000000074.250:23006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25557 comm="syz.4.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 347.416025][ T29] audit: type=1326 audit(2000000074.250:23007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25557 comm="syz.4.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f715050fe17 code=0x7ffc0000 [ 347.439847][ T29] audit: type=1326 audit(2000000074.250:23008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25557 comm="syz.4.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f715050fd8c code=0x7ffc0000 [ 347.463924][ T29] audit: type=1326 audit(2000000074.250:23009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25557 comm="syz.4.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f715050fcc4 code=0x7ffc0000 [ 347.487572][ T29] audit: type=1326 audit(2000000074.250:23010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25557 comm="syz.4.5105" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f715050fcc4 code=0x7ffc0000 [ 347.626953][T25577] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5112'. [ 347.765340][T25584] loop4: detected capacity change from 0 to 1024 [ 347.790299][T25584] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 347.826567][T25584] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #14: comm syz.4.5114: attempt to clear invalid blocks 1886221359 len 1 [ 347.867958][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.038808][T25601] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5118'. [ 348.093958][T25603] netlink: 100 bytes leftover after parsing attributes in process `syz.4.5119'. [ 348.154651][T25605] netlink: 100 bytes leftover after parsing attributes in process `syz.4.5120'. [ 348.200168][T25609] netlink: 'syz.1.5122': attribute type 1 has an invalid length. [ 348.277479][T25621] loop4: detected capacity change from 0 to 256 [ 348.597325][T25644] netlink: 'syz.0.5134': attribute type 1 has an invalid length. [ 348.647582][T25646] netlink: 'syz.1.5135': attribute type 1 has an invalid length. [ 348.797727][T25662] netlink: 'syz.1.5140': attribute type 1 has an invalid length. [ 348.928242][T25676] loop3: detected capacity change from 0 to 512 [ 348.949326][T25676] netlink: 'syz.3.5146': attribute type 1 has an invalid length. [ 349.085051][T25684] loop3: detected capacity change from 0 to 256 [ 349.251092][T25694] loop4: detected capacity change from 0 to 512 [ 349.265151][T25694] netlink: 'syz.4.5152': attribute type 1 has an invalid length. [ 349.373162][T25710] loop4: detected capacity change from 0 to 1024 [ 349.410874][T25710] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 349.450174][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 349.572112][T25723] loop4: detected capacity change from 0 to 2048 [ 349.610297][T25723] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 349.686152][T25723] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 349.713438][T25731] FAULT_INJECTION: forcing a failure. [ 349.713438][T25731] name failslab, interval 1, probability 0, space 0, times 0 [ 349.726127][T25731] CPU: 1 UID: 0 PID: 25731 Comm: syz.2.5163 Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 349.736573][T25731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 349.746702][T25731] Call Trace: [ 349.749984][T25731] [ 349.752988][T25731] dump_stack_lvl+0xf2/0x150 [ 349.757603][T25731] dump_stack+0x15/0x20 [ 349.761774][T25731] should_fail_ex+0x223/0x230 [ 349.766482][T25731] ? __alloc_skb+0x10b/0x310 [ 349.771118][T25731] should_failslab+0x8f/0xb0 [ 349.775725][T25731] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 349.781562][T25731] __alloc_skb+0x10b/0x310 [ 349.786030][T25731] audit_log_start+0x368/0x6b0 [ 349.790846][T25731] audit_seccomp+0x4b/0x130 [ 349.795498][T25731] __seccomp_filter+0x6fa/0x1180 [ 349.800525][T25731] ? proc_fail_nth_write+0x12a/0x150 [ 349.805933][T25731] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 349.811617][T25731] ? vfs_write+0x580/0x910 [ 349.816150][T25731] ? __fget_files+0x1d4/0x210 [ 349.820912][T25731] __secure_computing+0x9f/0x1c0 [ 349.825865][T25731] syscall_trace_enter+0xd1/0x1f0 [ 349.830998][T25731] ? fpregs_assert_state_consistent+0x83/0xa0 [ 349.837194][T25731] do_syscall_64+0xaa/0x1c0 [ 349.841721][T25731] ? clear_bhb_loop+0x55/0xb0 [ 349.846485][T25731] ? clear_bhb_loop+0x55/0xb0 [ 349.851240][T25731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.857349][T25731] RIP: 0033:0x7f69291fdef9 [ 349.861867][T25731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.876250][T25723] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 349.881592][T25731] RSP: 002b:00007f6927e77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 349.881618][T25731] RAX: ffffffffffffffda RBX: 00007f69293b5f80 RCX: 00007f69291fdef9 [ 349.881636][T25731] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002040400 [ 349.893876][T25723] EXT4-fs (loop4): This should not happen!! Data will be lost [ 349.893876][T25723] [ 349.902243][T25731] RBP: 00007f6927e77090 R08: 0000000000000000 R09: 0000000000000000 [ 349.910229][T25723] EXT4-fs (loop4): Total free blocks count 0 [ 349.918200][T25731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 349.918219][T25731] R13: 0000000000000000 R14: 00007f69293b5f80 R15: 00007ffd9e1d8358 [ 349.927891][T25723] EXT4-fs (loop4): Free/Dirty block details [ 349.935798][T25731] [ 349.941772][T25723] EXT4-fs (loop4): free_blocks=2415919104 [ 349.972760][T25723] EXT4-fs (loop4): dirty_blocks=48 [ 349.977930][T25723] EXT4-fs (loop4): Block reservation details [ 349.983945][T25723] EXT4-fs (loop4): i_reserved_data_blocks=3 [ 350.004883][T25722] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 32 with max blocks 1 with error 28 [ 350.041948][T25735] netlink: 'syz.1.5165': attribute type 1 has an invalid length. [ 350.115754][T25743] loop4: detected capacity change from 0 to 1024 [ 350.151526][T25743] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 350.174949][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.186574][T25747] netlink: 'syz.1.5171': attribute type 1 has an invalid length. [ 350.195697][T25753] __nla_validate_parse: 7 callbacks suppressed [ 350.195755][T25753] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5172'. [ 350.252043][T25761] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5175'. [ 350.261398][T25759] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5174'. [ 350.271340][T25761] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5175'. [ 350.288427][T25762] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551359) [ 350.298944][T25762] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 350.458031][T25774] netlink: 'syz.2.5180': attribute type 1 has an invalid length. [ 351.137720][T25808] 9pnet_fd: Insufficient options for proto=fd [ 351.209812][T25823] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5199'. [ 351.216129][ T3340] vhci_hcd: vhci_device speed not set [ 351.293419][T25831] loop4: detected capacity change from 0 to 512 [ 351.364660][T25844] loop4: detected capacity change from 0 to 1024 [ 351.381523][T25844] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 351.404521][T25844] JBD2: no valid journal superblock found [ 351.410435][T25844] EXT4-fs (loop4): Could not load journal inode [ 351.431155][T25854] netlink: 140 bytes leftover after parsing attributes in process `syz.1.5205'. [ 351.457940][T25854] rdma_rxe: rxe_newlink: failed to add caif0 [ 351.514446][T25862] loop4: detected capacity change from 0 to 512 [ 351.564805][T25867] loop4: detected capacity change from 0 to 256 [ 352.288892][T25886] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5217'. [ 352.352247][ T29] kauditd_printk_skb: 677 callbacks suppressed [ 352.352265][ T29] audit: type=1326 audit(2000000079.340:23686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25895 comm="syz.2.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 352.413535][ T29] audit: type=1326 audit(2000000079.340:23687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25895 comm="syz.2.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 352.437261][ T29] audit: type=1326 audit(2000000079.380:23688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25895 comm="syz.2.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 352.460912][ T29] audit: type=1326 audit(2000000079.380:23689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25895 comm="syz.2.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 352.484596][ T29] audit: type=1326 audit(2000000079.380:23690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25895 comm="syz.2.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 352.508318][ T29] audit: type=1326 audit(2000000079.380:23691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25895 comm="syz.2.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 352.521511][T25904] loop3: detected capacity change from 0 to 512 [ 352.531915][ T29] audit: type=1326 audit(2000000079.380:23692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25895 comm="syz.2.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 352.561743][ T29] audit: type=1326 audit(2000000079.380:23693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25895 comm="syz.2.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 352.585545][ T29] audit: type=1326 audit(2000000079.380:23694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25895 comm="syz.2.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 352.609265][ T29] audit: type=1326 audit(2000000079.380:23695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25895 comm="syz.2.5221" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f69291fdef9 code=0x7ffc0000 [ 352.650524][T25907] validate_nla: 4 callbacks suppressed [ 352.650541][T25907] netlink: 'syz.3.5223': attribute type 1 has an invalid length. [ 352.686635][T25911] loop3: detected capacity change from 0 to 256 [ 352.749150][T25917] loop3: detected capacity change from 0 to 2048 [ 352.759473][T25917] EXT4-fs: dax option not supported [ 352.785693][T25921] loop4: detected capacity change from 0 to 512 [ 352.799915][T25917] 9pnet_fd: Insufficient options for proto=fd [ 352.808383][T25921] netlink: 'syz.4.5227': attribute type 1 has an invalid length. [ 353.080665][T25939] netlink: 100 bytes leftover after parsing attributes in process `syz.1.5233'. [ 353.214078][T25945] netlink: 'syz.2.5235': attribute type 1 has an invalid length. [ 353.330577][T25953] netlink: 'syz.1.5239': attribute type 1 has an invalid length. [ 353.877854][T25978] netlink: 'syz.2.5248': attribute type 1 has an invalid length. [ 353.985758][T25986] netlink: 'syz.2.5252': attribute type 1 has an invalid length. [ 354.123168][T12336] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.180208][T12336] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.241555][T12336] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.289230][T25994] lo speed is unknown, defaulting to 1000 [ 354.295561][T25994] caif0 speed is unknown, defaulting to 1000 [ 354.380254][T12336] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 354.487626][T12336] bridge0: port 3(team0) entered disabled state [ 354.494603][T12336] bridge_slave_1: left allmulticast mode [ 354.500360][T12336] bridge_slave_1: left promiscuous mode [ 354.506105][T12336] bridge0: port 2(bridge_slave_1) entered disabled state [ 354.648850][T12336] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 354.666735][T12336] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 354.684777][T12336] bond0 (unregistering): Released all slaves [ 354.699827][T25994] chnl_net:caif_netlink_parms(): no params data found [ 354.765288][T25994] bridge0: port 1(bridge_slave_0) entered blocking state [ 354.772558][T25994] bridge0: port 1(bridge_slave_0) entered disabled state [ 354.790947][T25994] bridge_slave_0: entered allmulticast mode [ 354.797479][T25994] bridge_slave_0: entered promiscuous mode [ 354.804754][T12336] hsr_slave_0: left promiscuous mode [ 354.816199][T12336] hsr_slave_1: left promiscuous mode [ 354.822014][T12336] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 354.829607][T12336] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 354.846645][T12336] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 354.854108][T12336] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 354.866395][T12336] veth1_macvtap: left promiscuous mode [ 354.871944][T12336] veth0_macvtap: left promiscuous mode [ 354.967691][T12336] team_slave_1 (unregistering): left promiscuous mode [ 354.974555][T12336] team_slave_1 (unregistering): left allmulticast mode [ 354.983926][T12336] team0 (unregistering): Port device team_slave_1 removed [ 354.994191][T12336] team_slave_0 (unregistering): left promiscuous mode [ 355.001017][T12336] team_slave_0 (unregistering): left allmulticast mode [ 355.018091][T12336] team0 (unregistering): Port device team_slave_0 removed [ 355.064432][T25994] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.071549][T25994] bridge0: port 2(bridge_slave_1) entered disabled state [ 355.078790][T25994] bridge_slave_1: entered allmulticast mode [ 355.085245][T25994] bridge_slave_1: entered promiscuous mode [ 355.110145][T25994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 355.122744][T25994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 355.146624][T25994] team0: Port device team_slave_0 added [ 355.153287][T25994] team0: Port device team_slave_1 added [ 355.173317][T25994] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 355.180309][T25994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 355.206385][T25994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 355.217798][T25994] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 355.224784][T25994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 355.250828][T25994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 355.280767][T25994] hsr_slave_0: entered promiscuous mode [ 355.286847][T25994] hsr_slave_1: entered promiscuous mode [ 355.518047][T26343] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4) [ 355.524696][T26343] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 355.532385][T26343] vhci_hcd vhci_hcd.0: Device attached [ 355.541326][T26344] vhci_hcd: connection closed [ 355.541483][T12336] vhci_hcd: stop threads [ 355.550631][T12336] vhci_hcd: release socket [ 355.555051][T12336] vhci_hcd: disconnect device [ 355.623446][T25994] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 355.633858][T25994] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 355.642840][T25994] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 355.653786][T25994] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 355.698662][T25994] 8021q: adding VLAN 0 to HW filter on device bond0 [ 355.715476][T25994] 8021q: adding VLAN 0 to HW filter on device team0 [ 355.725913][T12321] bridge0: port 1(bridge_slave_0) entered blocking state [ 355.733025][T12321] bridge0: port 1(bridge_slave_0) entered forwarding state [ 355.745335][T12336] bridge0: port 2(bridge_slave_1) entered blocking state [ 355.752528][T12336] bridge0: port 2(bridge_slave_1) entered forwarding state [ 355.828994][T25994] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 355.914694][T25994] veth0_vlan: entered promiscuous mode [ 355.922393][T26372] loop4: detected capacity change from 0 to 512 [ 355.932603][T25994] veth1_vlan: entered promiscuous mode [ 355.949838][T26372] netlink: 'syz.4.5260': attribute type 1 has an invalid length. [ 355.977761][T25994] veth0_macvtap: entered promiscuous mode [ 355.987718][T25994] veth1_macvtap: entered promiscuous mode [ 356.013309][T25994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 356.023911][T25994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.033954][T25994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 356.044448][T25994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.054311][T25994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 356.064755][T25994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.068732][T26381] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 356.074663][T25994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 356.074680][T25994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.074694][T25994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 356.081195][T26381] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 356.081274][T26381] vhci_hcd vhci_hcd.0: Device attached [ 356.091630][T25994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.095555][T25994] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 356.149303][T25994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 356.159951][T25994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.169869][T25994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 356.180392][T25994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.190302][T25994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 356.200857][T25994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.210746][T25994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 356.221429][T25994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.231406][T25994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 356.241852][T25994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 356.254584][T25994] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 356.268263][T26385] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 356.277175][T26385] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 356.286034][T26385] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 356.295116][T26385] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 356.306231][T26385] geneve2: entered promiscuous mode [ 356.311618][T26385] geneve2: entered allmulticast mode [ 356.321219][T25994] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 356.330027][T25994] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 356.338734][T25994] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 356.347730][T25994] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 356.356767][ T24] usb 9-1: new high-speed USB device number 5 using vhci_hcd [ 356.419011][T26389] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 356.429815][T26389] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 356.867291][T26382] vhci_hcd: connection reset by peer [ 356.873125][T12337] vhci_hcd: stop threads [ 356.877472][T12337] vhci_hcd: release socket [ 356.881916][T12337] vhci_hcd: disconnect device [ 356.963834][T26428] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5270'. [ 357.403507][ T29] kauditd_printk_skb: 351 callbacks suppressed [ 357.403533][ T29] audit: type=1326 audit(2000000084.390:24047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26432 comm="syz.4.5272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 357.444492][ T29] audit: type=1326 audit(2000000084.420:24048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26432 comm="syz.4.5272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 357.468142][ T29] audit: type=1326 audit(2000000084.430:24049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26432 comm="syz.4.5272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 357.491724][ T29] audit: type=1326 audit(2000000084.430:24050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26432 comm="syz.4.5272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 357.515409][ T29] audit: type=1326 audit(2000000084.430:24051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26432 comm="syz.4.5272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 357.539114][ T29] audit: type=1326 audit(2000000084.430:24052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26432 comm="syz.4.5272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 357.562842][ T29] audit: type=1326 audit(2000000084.430:24053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26432 comm="syz.4.5272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 357.586499][ T29] audit: type=1326 audit(2000000084.430:24054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26432 comm="syz.4.5272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 357.610151][ T29] audit: type=1326 audit(2000000084.430:24055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26432 comm="syz.4.5272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 357.633815][ T29] audit: type=1326 audit(2000000084.430:24056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26432 comm="syz.4.5272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f715050def9 code=0x7ffc0000 [ 357.694368][T26446] loop4: detected capacity change from 0 to 512 [ 357.723417][T26446] netlink: 'syz.4.5275': attribute type 1 has an invalid length. [ 357.768122][T26450] loop4: detected capacity change from 0 to 128 [ 357.781597][T26450] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 357.808816][ T3339] IPVS: starting estimator thread 0... [ 357.873127][T26457] loop4: detected capacity change from 0 to 1024 [ 357.893076][T26457] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 357.896207][T26453] IPVS: using max 2544 ests per chain, 127200 per kthread [ 357.939847][T23032] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.021925][T26473] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5282'. [ 358.059534][T26476] FAULT_INJECTION: forcing a failure. [ 358.059534][T26476] name failslab, interval 1, probability 0, space 0, times 0 [ 358.072235][T26476] CPU: 0 UID: 0 PID: 26476 Comm: syz.4.5283 Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 358.082756][T26476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 358.092911][T26476] Call Trace: [ 358.096252][T26476] [ 358.099256][T26476] dump_stack_lvl+0xf2/0x150 [ 358.103874][T26476] dump_stack+0x15/0x20 [ 358.108092][T26476] should_fail_ex+0x223/0x230 [ 358.112785][T26476] ? getname_flags+0x81/0x3b0 [ 358.117497][T26476] should_failslab+0x8f/0xb0 [ 358.122161][T26476] kmem_cache_alloc_noprof+0x4c/0x290 [ 358.127611][T26476] getname_flags+0x81/0x3b0 [ 358.132144][T26476] __x64_sys_symlinkat+0x50/0x70 [ 358.137107][T26476] x64_sys_call+0x1dda/0x2d60 [ 358.141889][T26476] do_syscall_64+0xc9/0x1c0 [ 358.146455][T26476] ? clear_bhb_loop+0x55/0xb0 [ 358.151242][T26476] ? clear_bhb_loop+0x55/0xb0 [ 358.155942][T26476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.161887][T26476] RIP: 0033:0x7f715050def9 [ 358.166314][T26476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.185997][T26476] RSP: 002b:00007f714f187038 EFLAGS: 00000246 ORIG_RAX: 000000000000010a [ 358.194421][T26476] RAX: ffffffffffffffda RBX: 00007f71506c5f80 RCX: 00007f715050def9 [ 358.202414][T26476] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000 [ 358.210403][T26476] RBP: 00007f714f187090 R08: 0000000000000000 R09: 0000000000000000 [ 358.218465][T26476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 358.226466][T26476] R13: 0000000000000000 R14: 00007f71506c5f80 R15: 00007ffe7753b4b8 [ 358.234536][T26476] [ 358.318000][T26483] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4) [ 358.324553][T26483] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 358.332285][T26483] vhci_hcd vhci_hcd.0: Device attached [ 359.151244][T26484] vhci_hcd: connection closed [ 359.151421][T12336] vhci_hcd: stop threads [ 359.160396][T12336] vhci_hcd: release socket [ 359.160413][T12336] vhci_hcd: disconnect device [ 359.420361][T26492] lo speed is unknown, defaulting to 1000 [ 359.426773][T26492] caif0 speed is unknown, defaulting to 1000 [ 359.539254][T26492] chnl_net:caif_netlink_parms(): no params data found [ 359.581323][T26492] bridge0: port 1(bridge_slave_0) entered blocking state [ 359.588474][T26492] bridge0: port 1(bridge_slave_0) entered disabled state [ 359.595662][T26492] bridge_slave_0: entered allmulticast mode [ 359.602159][T26492] bridge_slave_0: entered promiscuous mode [ 359.610137][T26492] bridge0: port 2(bridge_slave_1) entered blocking state [ 359.617241][T26492] bridge0: port 2(bridge_slave_1) entered disabled state [ 359.624441][T26492] bridge_slave_1: entered allmulticast mode [ 359.630896][T26492] bridge_slave_1: entered promiscuous mode [ 359.651354][T26492] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 359.662450][T26492] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 359.689960][T26698] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks [ 359.699470][T26492] team0: Port device team_slave_0 added [ 359.713738][T26492] team0: Port device team_slave_1 added [ 359.731075][T26492] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 359.738083][T26492] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 359.764163][T26492] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 359.777320][T26492] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 359.784334][T26492] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 359.810394][T26492] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 359.840623][T26492] hsr_slave_0: entered promiscuous mode [ 359.847212][T26492] hsr_slave_1: entered promiscuous mode [ 359.853186][T26492] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 359.862445][T26492] Cannot create hsr debugfs directory [ 360.000595][T26492] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.007657][T26820] loop4: detected capacity change from 0 to 2048 [ 360.021610][T26820] EXT4-fs: dax option not supported [ 360.027588][T26811] netlink: 'syz.2.5291': attribute type 1 has an invalid length. [ 360.058240][T26820] 9pnet: Could not find request transport: fd• [ 360.069804][T26492] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.143537][T26492] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.169541][T26843] loop4: detected capacity change from 0 to 512 [ 360.181592][T26843] netlink: 'syz.4.5300': attribute type 1 has an invalid length. [ 360.200677][T26492] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.278711][T26492] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 360.287738][T26492] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 360.302148][T26868] netlink: 'syz.2.5304': attribute type 1 has an invalid length. [ 360.315984][T26492] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 360.324842][T26492] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 360.341522][T26492] bridge0: port 2(bridge_slave_1) entered blocking state [ 360.348717][T26492] bridge0: port 2(bridge_slave_1) entered forwarding state [ 360.356153][T26492] bridge0: port 1(bridge_slave_0) entered blocking state [ 360.363213][T26492] bridge0: port 1(bridge_slave_0) entered forwarding state [ 360.396540][T26492] 8021q: adding VLAN 0 to HW filter on device bond0 [ 360.410052][T26492] 8021q: adding VLAN 0 to HW filter on device team0 [ 360.430590][T12337] bridge0: port 1(bridge_slave_0) entered disabled state [ 360.446970][T12337] bridge0: port 2(bridge_slave_1) entered disabled state [ 360.467947][T12337] bridge0: port 1(bridge_slave_0) entered blocking state [ 360.474944][T26889] loop4: detected capacity change from 0 to 512 [ 360.475103][T12337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 360.490111][T12337] bridge0: port 2(bridge_slave_1) entered blocking state [ 360.497274][T12337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 360.510394][T26889] netlink: 'syz.4.5311': attribute type 1 has an invalid length. [ 360.534582][T26492] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 360.545027][T26492] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 360.565845][T26893] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5312'. [ 360.585163][T26896] loop4: detected capacity change from 0 to 128 [ 360.594214][T26896] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 360.626796][T26896] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 360.651619][T26492] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 360.685603][T26909] FAULT_INJECTION: forcing a failure. [ 360.685603][T26909] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 360.698728][T26909] CPU: 1 UID: 0 PID: 26909 Comm: syz.2.5315 Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 360.709279][T26909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 360.719380][T26909] Call Trace: [ 360.722760][T26909] [ 360.725704][T26909] dump_stack_lvl+0xf2/0x150 [ 360.730330][T26909] dump_stack+0x15/0x20 [ 360.731761][T26492] veth0_vlan: entered promiscuous mode [ 360.734487][T26909] should_fail_ex+0x223/0x230 [ 360.743241][T26492] veth1_vlan: entered promiscuous mode [ 360.744684][T26909] should_fail+0xb/0x10 [ 360.754320][T26909] should_fail_usercopy+0x1a/0x20 [ 360.759406][T26909] _copy_to_user+0x1e/0xa0 [ 360.763865][T26909] simple_read_from_buffer+0xa0/0x110 [ 360.769344][T26909] proc_fail_nth_read+0xf9/0x140 [ 360.774386][T26909] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 360.779949][T26909] vfs_read+0x195/0x720 [ 360.784235][T26909] ? kmem_cache_free+0x1e8/0x2d0 [ 360.789238][T26909] ? __rcu_read_unlock+0x4e/0x70 [ 360.794285][T26909] ? __fget_files+0x1d4/0x210 [ 360.799186][T26909] ksys_read+0xeb/0x1b0 [ 360.803532][T26909] __x64_sys_read+0x42/0x50 [ 360.808095][T26909] x64_sys_call+0x27d3/0x2d60 [ 360.812858][T26909] do_syscall_64+0xc9/0x1c0 [ 360.817440][T26909] ? clear_bhb_loop+0x55/0xb0 [ 360.822155][T26909] ? clear_bhb_loop+0x55/0xb0 [ 360.826923][T26909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.832866][T26909] RIP: 0033:0x7fba7573c93c [ 360.837378][T26909] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 360.857048][T26909] RSP: 002b:00007fba74396030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 360.865568][T26909] RAX: ffffffffffffffda RBX: 00007fba758f6058 RCX: 00007fba7573c93c [ 360.873553][T26909] RDX: 000000000000000f RSI: 00007fba743960a0 RDI: 0000000000000005 [ 360.881608][T26909] RBP: 00007fba74396090 R08: 0000000000000000 R09: 0000000000000000 [ 360.889639][T26909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 360.897635][T26909] R13: 0000000000000000 R14: 00007fba758f6058 R15: 00007ffc7e693608 [ 360.905629][T26909] [ 360.954596][T26492] veth0_macvtap: entered promiscuous mode [ 360.962783][T26492] veth1_macvtap: entered promiscuous mode [ 360.974823][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 360.985338][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 360.995308][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.005985][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.016116][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.026790][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.036755][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.047300][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.057206][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.067775][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.077959][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 361.088518][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.108996][T26492] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 361.122592][T26921] loop4: detected capacity change from 0 to 128 [ 361.127498][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.134038][T26921] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 361.139401][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.161136][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.171643][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.181683][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.192165][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.201990][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.212426][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.222385][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.232939][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.242805][T26492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 361.253352][T26492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 361.255530][T26921] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 361.266212][T26492] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 361.281201][T26492] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.289997][T26492] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.298919][T26492] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.307751][T26492] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 361.400020][T26935] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5288'. [ 361.456226][ T24] vhci_hcd: vhci_device speed not set [ 361.481991][T26943] netlink: 'syz.1.5323': attribute type 1 has an invalid length. [ 361.534398][T26960] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5329'. [ 361.649949][T26971] loop4: detected capacity change from 0 to 128 [ 361.668551][T26971] FAT-fs (loop4): invalid media value (0x00) [ 361.674654][T26971] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 361.683861][T26971] FAT-fs (loop4): Can't find a valid FAT filesystem [ 362.428784][ T29] kauditd_printk_skb: 509 callbacks suppressed [ 362.428798][ T29] audit: type=1326 audit(2000000089.420:24566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26994 comm="syz.0.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054a01def9 code=0x7ffc0000 [ 362.458690][ T29] audit: type=1326 audit(2000000089.420:24567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26994 comm="syz.0.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054a01def9 code=0x7ffc0000 [ 362.505259][ T29] audit: type=1326 audit(2000000089.480:24568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26994 comm="syz.0.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f054a01def9 code=0x7ffc0000 [ 362.529025][ T29] audit: type=1326 audit(2000000089.480:24569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26994 comm="syz.0.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054a01def9 code=0x7ffc0000 [ 362.552895][ T29] audit: type=1326 audit(2000000089.480:24570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26994 comm="syz.0.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054a01def9 code=0x7ffc0000 [ 362.578110][ T29] audit: type=1326 audit(2000000089.570:24571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26994 comm="syz.0.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f054a01def9 code=0x7ffc0000 [ 362.601872][ T29] audit: type=1326 audit(2000000089.570:24572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26994 comm="syz.0.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054a01def9 code=0x7ffc0000 [ 362.617304][T27010] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5345'. [ 362.625508][ T29] audit: type=1326 audit(2000000089.570:24573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26994 comm="syz.0.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054a01def9 code=0x7ffc0000 [ 362.658040][ T29] audit: type=1326 audit(2000000089.570:24574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26994 comm="syz.0.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f054a01def9 code=0x7ffc0000 [ 362.681804][ T29] audit: type=1326 audit(2000000089.570:24575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26994 comm="syz.0.5341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f054a01def9 code=0x7ffc0000 [ 362.728204][T27013] loop4: detected capacity change from 0 to 256 [ 363.248890][T27050] lo speed is unknown, defaulting to 1000 [ 363.263826][T27050] caif0 speed is unknown, defaulting to 1000 [ 363.318223][T12339] bridge_slave_1: left allmulticast mode [ 363.323978][T12339] bridge_slave_1: left promiscuous mode [ 363.329704][T12339] bridge0: port 2(bridge_slave_1) entered disabled state [ 363.358715][T12339] bridge_slave_0: left allmulticast mode [ 363.364455][T12339] bridge_slave_0: left promiscuous mode [ 363.370269][T12339] bridge0: port 1(bridge_slave_0) entered disabled state [ 363.493338][T27017] coredump: 44(syz.2.5348): written to core: VMAs: 28, size 88956928; core: 60004666 bytes, pos 88965120 [ 363.509798][T12339] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 363.528322][T12339] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 363.544237][T12339] bond0 (unregistering): Released all slaves [ 363.561382][T27072] netlink: 'syz.1.5362': attribute type 1 has an invalid length. [ 363.729073][T12339] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 363.755027][T12339] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 363.783084][T27188] FAULT_INJECTION: forcing a failure. [ 363.783084][T27188] name failslab, interval 1, probability 0, space 0, times 0 [ 363.795843][T27188] CPU: 1 UID: 0 PID: 27188 Comm: +}[@ Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 363.805754][T27188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 363.815819][T27188] Call Trace: [ 363.819132][T27188] [ 363.822076][T27188] dump_stack_lvl+0xf2/0x150 [ 363.826707][T27188] dump_stack+0x15/0x20 [ 363.830943][T27188] should_fail_ex+0x223/0x230 [ 363.835667][T27188] ? skb_ext_add+0xce/0x380 [ 363.840196][T27188] should_failslab+0x8f/0xb0 [ 363.844815][T27188] kmem_cache_alloc_noprof+0x4c/0x290 [ 363.850216][T27188] skb_ext_add+0xce/0x380 [ 363.854605][T27188] xfrm_input+0x4f0/0x36c0 [ 363.859063][T27188] ? arch_stack_walk+0xe5/0x150 [ 363.864062][T27188] vti_input+0x374/0x3e0 [ 363.868325][T27188] vti_input_proto+0x2a/0x40 [ 363.873028][T27188] xfrm4_rcv_encap+0x1f2/0x280 [ 363.877825][T27188] xfrm4_udp_encap_rcv+0x6d/0xa0 [ 363.882807][T27188] udp_queue_rcv_one_skb+0xae8/0xb80 [ 363.888275][T27188] ? __pfx_xfrm4_udp_encap_rcv+0x10/0x10 [ 363.893987][T27188] udp_queue_rcv_skb+0x1f5/0x2a0 [ 363.898949][T27188] __udp4_lib_mcast_deliver+0x686/0x730 [ 363.904511][T27188] __udp4_lib_rcv+0x987/0x1220 [ 363.909301][T27188] udp_rcv+0x4f/0x60 [ 363.913207][T27188] ? __pfx_udp_rcv+0x10/0x10 [ 363.917973][T27188] ip_protocol_deliver_rcu+0x3d1/0x720 [ 363.923470][T27188] ip_local_deliver_finish+0x17d/0x210 [ 363.929045][T27188] ip_local_deliver+0xec/0x1d0 [ 363.933906][T27188] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 363.939933][T27188] ? __pfx_ip_local_deliver+0x10/0x10 [ 363.945412][T27188] ip_rcv_finish+0x193/0x1b0 [ 363.950033][T27188] ? __pfx_ip_rcv+0x10/0x10 [ 363.954575][T27188] ip_rcv+0x64/0x140 [ 363.958523][T27188] ? __pfx_ip_rcv_finish+0x10/0x10 [ 363.963689][T27188] ? __pfx_ip_rcv+0x10/0x10 [ 363.968285][T27188] __netif_receive_skb+0x10a/0x280 [ 363.973727][T27188] netif_receive_skb+0x4a/0x320 [ 363.978628][T27188] ? virtio_net_hdr_to_skb+0x6d4/0xb90 [ 363.984100][T27188] ? tun_rx_batched+0xba/0x410 [ 363.988880][T27188] tun_rx_batched+0xf0/0x410 [ 363.993522][T27188] tun_get_user+0x1eaf/0x24e0 [ 363.998236][T27188] ? kstrtoull+0x110/0x140 [ 364.002753][T27188] ? ref_tracker_alloc+0x1f5/0x2f0 [ 364.007894][T27188] tun_chr_write_iter+0x188/0x240 [ 364.012944][T27188] vfs_write+0x76a/0x910 [ 364.017231][T27188] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 364.022826][T27188] ksys_write+0xeb/0x1b0 [ 364.027206][T27188] __x64_sys_write+0x42/0x50 [ 364.031851][T27188] x64_sys_call+0x27dd/0x2d60 [ 364.036577][T27188] do_syscall_64+0xc9/0x1c0 [ 364.041162][T27188] ? clear_bhb_loop+0x55/0xb0 [ 364.045990][T27188] ? clear_bhb_loop+0x55/0xb0 [ 364.050700][T27188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.056640][T27188] RIP: 0033:0x7fba7573c9df [ 364.061078][T27188] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 364.080726][T27188] RSP: 002b:00007fba743b7000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 364.089304][T27188] RAX: ffffffffffffffda RBX: 00007fba758f5f80 RCX: 00007fba7573c9df [ 364.097369][T27188] RDX: 000000000000003e RSI: 0000000020000640 RDI: 00000000000000c8 [ 364.105373][T27188] RBP: 00007fba743b7090 R08: 0000000000000000 R09: 0000000000000000 [ 364.113369][T27188] R10: 000000000000003e R11: 0000000000000293 R12: 0000000000000001 [ 364.121416][T27188] R13: 0000000000000000 R14: 00007fba758f5f80 R15: 00007ffc7e693608 [ 364.129424][T27188] [ 364.179136][T27192] loop4: detected capacity change from 0 to 2048 [ 364.186722][T27192] EXT4-fs: dax option not supported [ 364.210283][T12339] team0 (unregistering): Port device team_slave_0 removed [ 364.224423][T27192] 9pnet: Could not find request transport: fd• [ 364.303365][T27202] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5371'. [ 364.313628][T27190] ================================================================== [ 364.321883][T27190] BUG: KCSAN: data-race in __tty_hangup / do_dentry_open [ 364.328960][T27190] [ 364.331292][T27190] write to 0xffff888103e0fcd0 of 8 bytes by task 27189 on cpu 1: [ 364.339026][T27190] __tty_hangup+0x1d6/0x530 [ 364.343570][T27190] tty_ioctl+0x607/0xbe0 [ 364.347850][T27190] __se_sys_ioctl+0xcd/0x140 [ 364.352477][T27190] __x64_sys_ioctl+0x43/0x50 [ 364.357100][T27190] x64_sys_call+0x15cc/0x2d60 [ 364.361817][T27190] do_syscall_64+0xc9/0x1c0 [ 364.366357][T27190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.366808][T27203] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 364.372283][T27190] [ 364.372292][T27190] read to 0xffff888103e0fcd0 of 8 bytes by task 27190 on cpu 0: [ 364.372312][T27190] do_dentry_open+0x692/0xa20 [ 364.395364][T27190] vfs_open+0x38/0x1f0 [ 364.399476][T27190] path_openat+0x1ac2/0x1fa0 [ 364.404108][T27190] do_filp_open+0xf7/0x200 [ 364.408561][T27190] do_sys_openat2+0xab/0x120 [ 364.413191][T27190] __x64_sys_openat+0xf3/0x120 [ 364.418076][T27190] x64_sys_call+0x1025/0x2d60 [ 364.422794][T27190] do_syscall_64+0xc9/0x1c0 [ 364.427334][T27190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 364.433277][T27190] [ 364.435625][T27190] value changed: 0xffffffff8569c898 -> 0xffffffff8569c730 [ 364.442756][T27190] [ 364.445099][T27190] Reported by Kernel Concurrency Sanitizer on: [ 364.451379][T27190] CPU: 0 UID: 0 PID: 27190 Comm: syz.0.5367 Not tainted 6.11.0-syzkaller-08481-g88264981f208 #0 [ 364.461957][T27190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 364.472036][T27190] ================================================================== [ 364.518536][T27050] chnl_net:caif_netlink_parms(): no params data found [ 364.580470][T27050] bridge0: port 1(bridge_slave_0) entered blocking state [ 364.587821][T27050] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.600355][T27050] bridge_slave_0: entered allmulticast mode [ 364.607154][T27050] bridge_slave_0: entered promiscuous mode [ 364.614664][T27050] bridge0: port 2(bridge_slave_1) entered blocking state [ 364.621839][T27050] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.630657][T27050] bridge_slave_1: entered allmulticast mode [ 364.637309][T27050] bridge_slave_1: entered promiscuous mode [ 364.659387][T27050] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 364.670252][T27050] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 364.695738][T27050] team0: Port device team_slave_0 added [ 364.705638][T27050] team0: Port device team_slave_1 added [ 364.728676][T27050] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 364.735650][T27050] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.761812][T27050] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 364.789527][T27050] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 364.796599][T27050] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.822740][T27050] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 364.852300][T12339] IPVS: stop unused estimator thread 0... [ 364.861013][T27050] hsr_slave_0: entered promiscuous mode [ 364.867599][T27050] hsr_slave_1: entered promiscuous mode [ 364.873654][T27050] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 364.881256][T27050] Cannot create hsr debugfs directory [ 365.263756][T27050] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 365.272404][T27050] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 365.281420][T27050] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 365.290899][T27050] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 365.308489][T27050] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.315625][T27050] bridge0: port 2(bridge_slave_1) entered forwarding state [ 365.322941][T27050] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.330086][T27050] bridge0: port 1(bridge_slave_0) entered forwarding state [ 365.370415][T27050] 8021q: adding VLAN 0 to HW filter on device bond0 [ 365.384964][T10337] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.394139][T10337] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.408806][T27050] 8021q: adding VLAN 0 to HW filter on device team0 [ 365.421695][T10337] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.428832][T10337] bridge0: port 1(bridge_slave_0) entered forwarding state [ 365.441317][T10337] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.448395][T10337] bridge0: port 2(bridge_slave_1) entered forwarding state [ 365.533068][T27050] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 365.617406][T27050] veth0_vlan: entered promiscuous mode [ 365.626462][T27050] veth1_vlan: entered promiscuous mode [ 365.645405][T27050] veth0_macvtap: entered promiscuous mode [ 365.653925][T27050] veth1_macvtap: entered promiscuous mode [ 365.668310][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.678876][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.688777][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.699316][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.709203][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.719765][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.729624][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.740065][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.749881][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.760359][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.770243][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.780695][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.790647][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.801422][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.813556][T27050] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 365.826144][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.836643][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.846507][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.856957][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.866854][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.877297][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.887149][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.897642][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.907614][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.918099][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.927949][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.938399][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.948233][T27050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.958820][T27050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.971277][T27050] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 365.982461][T27050] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.991338][T27050] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 366.000173][T27050] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 366.008931][T27050] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0