last executing test programs: 1m44.557096207s ago: executing program 2 (id=737): perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x8, &(0x7f00000009c0)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffcd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20) prctl$PR_SET_NAME(0xf, &(0x7f0000000440)='\x00') syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@quota}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710448000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2a) getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000280)={@private, @local, 0x0}, &(0x7f0000000300)=0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', r3, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xba}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x4040000) r5 = socket(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001c0001fc28bd7000fcdbdf2507000000", @ANYRES32=r7, @ANYBLOB="8000260b0a0002000180c200000c00000c000e800500010003"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20040010) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x26000411}, 0x800) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x12b8cbfb}, 0x18) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1m44.34589738s ago: executing program 2 (id=738): r0 = bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800229b43899051b6f40000010000", @ANYRESOCT, @ANYRESDEC=r0], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0xc, &(0x7f0000000000)=0x201, 0x4) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000180)={@private2, 0x800, 0x0, 0x2, 0x1}, 0x20) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000a80)={[{@barrier_val}, {@resuid}, {@noblock_validity}, {@errors_remount}]}, 0x1, 0x79b, &(0x7f0000000180)="$eJzs3c1rXFUbAPDnTpImTfu+zQsv2LppVloonbQ1tgqCERciWCjo2jZMpiFmkimZSWlCFhYRBBG0uBB049qPunMruvZvcCMiLVXTYsWFjNz5SKb5mHw0k2mb3w9ucs6dc+ecZ+7cc8/MPcwNYM8aTP9kIo5ExIdJxKH6+iQieqqp7oiRWrl7iwu5dEmiUnn996Ra5u7iQi6atkkdqGcOR8T370Ycz6yutzQ3PzlaKORn6vmh8tTlodLc/ImJqdHx/Hh++syp4eHTZ589e2bnYv3zx/mDtz565emvR/5+54kbH/yQxEgcrD/WHMdOGYzB+mvSk76E93l5pyvrsKTTDWBb0kOzq3aUx5E4FF3VFADwOEvP/xUAYI9JnP8BYI9pfA9wd3Eh11g6+43E7rr9UkT01eJvXN+sPdJdv2bXV70O2n83ie76FdHYwetdgxHx2bdvfpku0abrkABreftaRFwcGFzd/yer5ixs1clNlBlckdf/we75Lh3/PLfW+C+zNP6JpfHPst41jt3tGIzY15xfffxnbq654Ys7UHl9/PdCbW5bGmjT+G9p0tpAVz33nzRzNCImCvm0b/tvRByLnt5LE4X8qRZ1HLvzz531Hmse//1x/a0v0vrT/8slMje7e+/fZmy0PPogMTe7fS3iye7luX33VvX/fdWx7sr9n6473+qJjy4nX33+vU/XK5bGn8bbWFbH316VzyOeirXjb0hazk8cSnf/ydrftev45udP+terv3n/p0taf+OzwG5I939/6/gHkub5mqWdrX/j+Nd+/+9L3qimG53H1dFyeeZUxL7ktdXrTy9v28g3yqfx1yJdGX+m5fs//SR4cZMxdt/67avtx7+kLVMs0/jHtrT/t564cW+ya/vxp/t/uJo6Vl+zmf5vsw18kNcOAAAAAAAAAAAAAAAAAAAAAAAAADYrExEHI8lkl9KZTDZbu4f3/6M/UyiWyscvFWenx6J6r+yB6Mk0furyUC2fNH7/dKApf3pF/pmI+F9EfNy7v5rP5oqFsU4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9a5/3/q195Otw4AaJu+DUvcyd+XrVQqlTa2BwBov43P/wDA46bF+X//brYDANg9Pv8DwN7j/A8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG12/ty5dKn8tbiQS/NjV+ZmJ4tXTozlS5PZqdlcNlecuZwdLxbHC/lsrji10fMVisXLwzE9e3WonC+Vh0pz8xemirPT5QsTU6Pj+Qv5nl2JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2pjQ3PzlaKORnHovE+xHxEDSjHYkkHopmdCTxy4mfDrcqc32Dt/HIQxHFI5bodM8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Gj4NwAA//8PbSWm") ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0) 1m43.989289787s ago: executing program 2 (id=743): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="38000000540001002bbd7000fddbdf250786dd00", @ANYRES32, @ANYBLOB="20000100", @ANYRES32], 0x38}, 0x1, 0x0, 0x0, 0x24044005}, 0x800) 1m43.874415839s ago: executing program 2 (id=748): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) memfd_secret(0x0) r2 = memfd_secret(0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r3, r2, 0x2e, 0x4608, @void}, 0x10) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r4, 0x40187014, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) r5 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff) keyctl$chown(0x4, r5, 0xee01, 0xee00) keyctl$chown(0x4, r5, 0x0, 0x0) add_key$keyring(&(0x7f0000000200), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r5) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x503, 0x900, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}]}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x4c}}, 0x0) openat$selinux_create(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r8}, 0x10) r9 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 1m43.81550299s ago: executing program 2 (id=750): r0 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@errors_remount}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@mblk_io_submit}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2e}, 0x84, 0x450, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLYgv2xF/MEPtYrGxh8tLagcvGg04WJiogc81lIIslBDayKESDUGj4a/QD2a+Bd40otRTxqvejcmxHARPZgxszsDS7tbd7tbtrCfTzLtezNv973vzLzdN/N2AhhYY/mfJGJ7RPwaESP17M0Fxur/rl29MPv31QuzSWTZG38mtXJ/Xb0wWxYtX7etyIynEenHSextUu/CufOnZqrVubNFfnLx9LuTC+fOP3vy9MyJuRNzZ6YPHz50cOqF56ef60mcO/K27vlgft/uI29dfm326OW3f/gqb+/2YntjHHWjXdc5FmM378sGT3T97hvLjoZ0MtTHhtCRSkTkh2u41v9HohI3Dt5IvPpRXxsHrKssy7LNK9ZWysRSBtzBkuh3C4D+KL/o8+vfcrmFw4++u/JS/QIoj/tasdS3DEValBledn3bS2MRcXTpn8/yJZrehwAA6K1v8vHPM83Gf2nc31Du7mJuaDQi7omInRFxb0Tsioj7ImplH4iIBzusf2xZfuX45+ctawqsTfn478Vibuvm8V85+ovRSpHbUYt/ODl+sjp3oNgn4zG8Oc9PrVLHt6/88mmrbY3jv3zJ6y/HgkU7/hhadoPu2MziTDcxN7ryYcSeoWbxJ9fnrvL/uyNizxreP99nJ5/6cl+r7f8f/yp6MM+UfRHxZP34L8Wy+EvJ6vOTk3dFde7AZHlWrPTjT5deb1V/V/H3QH78tzY9/6/HP5o0ztcudF7Hpd8+aXlNs9bzf1PyZi29qVj3/szi4tmpiE3J0sr10zdeW+bL8nn84/ub9/+dEf9+Xrxub0TkJ/FDEfFwRDxStP3RiHgsIvavEv/3Lz/+ztrjX195/Mc6Ov6dJyqnvvu6Vf3tHf9DtdR4saadz792G9jNvgMAAIDbRVr7DXySTlxPp+nERP03/Ltia1qdX1h8+vj8e2eO1X8rPxrDaXmna6ThfuhUcW+4zE8vyx+s3TfOsizbUstPzM5X12tOHWjPthb9P/d7pd+tA9ZdR/NorZ5oA25LnteEwaX/w+DS/2Fw6f8wuJr1/4sR1/rQFOAW8/0Pg0v/h8Gl/8Pg0v9hIHXzXP9qiZ1H1uud77REZWM0o+NEpBuiGWtLpBujGfXE5ohot/DFuFUN6/cnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG/8FwAA//8Hl+jb") r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0004000000000000", @ANYRES32, @ANYRESOCT=r1, @ANYRES32=0x0, @ANYRESDEC=r1, @ANYRESHEX=r0], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$can_bcm(0x1d, 0x2, 0x2) syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000940)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r9}, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r6) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, 0x0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000900)={r10}, 0x4) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000a40)={'syztnl2\x00', &(0x7f00000009c0)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x1, 0x7, 0x5c, @dev={0xfe, 0x80, '\x00', 0x35}, @remote, 0x10, 0x10, 0x0, 0xfffffffc}}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001240)={r10, 0xe0, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000001c0)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000fc0)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x7f, &(0x7f0000000200)=[{}, {}], 0x10, 0x10, &(0x7f0000001080), &(0x7f0000000300), 0x8, 0x21, 0x8, 0x8, &(0x7f0000001100)}}, 0x10) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000001280)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9}}, './file0\x00'}) bpf$PROG_LOAD(0x5, &(0x7f0000000d40)={0x16, 0x25, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000a8a5eb8ff5f0186555065efc15bbf44885ce85a64c8c1b015368a908980e8ab926d53f3a8c5e90acd5cc2e9f170bdca193e1131e94bf0cc87972dcc5be5a55e6813c9981a90b9ea253e134c12e5a56f7353847837208127cf0ca40f8539bf19da97cf6bb8fa6060d99a80cd5926164ab8ac2a92068a7bc764350eee62e806d29676001810bec51847c9222998819b8a4e16b5729223222d178a6a0394fa70ce7d7d7e411f0272b", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7080000000000007b8af8ff00000000b7080000050000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES64, @ANYBLOB="0000000000000000b70500000800000085000000a50000000721f100480100001800000002000000000000000900000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000000000000850000008600000018440000faffffff0000000000000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000", @ANYRES8=r11], &(0x7f0000000940)='GPL\x00', 0x3ff, 0x0, 0x0, 0x40f00, 0x20, '\x00', r12, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000a80)={0x0, 0x4}, 0x8, 0x10, &(0x7f0000000f40)={0x0, 0x2, 0x9, 0x81}, 0x10, r13, 0xffffffffffffffff, 0x0, &(0x7f00000012c0)=[0xffffffffffffffff, r14], 0x0, 0x10, 0x5}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0xc, 0x10, &(0x7f00000007c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xab, 0x0, 0x0, 0x0, 0x6}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}]}, &(0x7f0000000280)='syzkaller\x00', 0x2, 0x9d, &(0x7f0000000dc0)=""/157, 0x41100, 0x48, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000f80)={0x2, 0x3}, 0x8, 0x10, 0x0, 0x0, r13, r8, 0x1, 0x0, &(0x7f0000000fc0)=[{0x5, 0x2, 0x2, 0x6}], 0x10, 0x40}, 0x94) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_setup(0x18ee, &(0x7f0000000540)={0x0, 0xc778, 0x2000, 0x3, 0x221, 0x0, r15}, &(0x7f00000002c0), &(0x7f00000004c0)) io_submit(0x0, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r15, &(0x7f00000001c0)='m', 0x1}]) connect$can_bcm(r5, &(0x7f0000000000), 0x10) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000160a03020000000000000000020000000900020073797a30000000000900010073797a300000000014000380080002400000000008000140000000001400000011000102904651dba1ff0c442131e0af430400000000000000"], 0x68}}, 0xc040000) sendmsg$NFT_BATCH(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x48, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0xd, 0x1, 'batadv_slave_1\x00'}]}]}]}], {0xfffffffffffffc4a}}, 0x70}}, 0x24040880) 1m43.582713634s ago: executing program 2 (id=755): unshare(0x22020600) r0 = memfd_secret(0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000280), &(0x7f0000000f80)='%pS \x00'}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10) execveat(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000700)={[&(0x7f0000000300)='}\xed\x00', &(0x7f0000000340)='}\x00', &(0x7f0000000540)='syzkaller0\x00', &(0x7f0000000580)='syzkaller0\x00', &(0x7f00000005c0)='/dev/net/tun\x00', &(0x7f00000006c0)='-\x00']}, &(0x7f0000000880)={[&(0x7f0000000780)='%@#\x00']}, 0x100) 1m28.472050801s ago: executing program 32 (id=755): unshare(0x22020600) r0 = memfd_secret(0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000280), &(0x7f0000000f80)='%pS \x00'}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10) execveat(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000700)={[&(0x7f0000000300)='}\xed\x00', &(0x7f0000000340)='}\x00', &(0x7f0000000540)='syzkaller0\x00', &(0x7f0000000580)='syzkaller0\x00', &(0x7f00000005c0)='/dev/net/tun\x00', &(0x7f00000006c0)='-\x00']}, &(0x7f0000000880)={[&(0x7f0000000780)='%@#\x00']}, 0x100) 3.771956915s ago: executing program 4 (id=2578): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000040000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r1, 0x0, 0x8000000000004}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={0x1c, 0x1, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x9}, [@CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4) 3.718112026s ago: executing program 4 (id=2581): r0 = open(&(0x7f00009e1000)='./file1\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYRESOCT=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$MPTCP_PM_CMD_ANNOUNCE(0xffffffffffffffff, 0x0, 0x40000) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="40000000100039042cbd7000eaffffff000003e4", @ANYRES32=0x0, @ANYBLOB="8300040000000000200012800800011a736974001400028005000900b8e183b29da4489800000600080034000000"], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4040) sendmsg$IPSET_CMD_FLUSH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x800) quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, &(0x7f00000003c0)='./file0\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r7 = socket$unix(0x1, 0x1, 0x0) bind$unix(r7, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10) sendmsg$IPSET_CMD_DESTROY(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='kmem_cache_free\x00') 3.284494174s ago: executing program 4 (id=2588): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$invalidate(0x15, r1) add_key(&(0x7f00000002c0)='id_resolver\x00', 0x0, 0x0, 0x0, r1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2}, 0x94) io_uring_setup(0xe6f, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NETID(r3, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)={0x24, r4, 0x2, 0x70bd27, 0x25dfdbfe, {{}, {}, {0x8, 0x2, 0x4}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x47, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) pipe2$9p(&(0x7f00000000c0), 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r7, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) fcntl$lock(r7, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9}) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]}) close_range(r8, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) socket$unix(0x1, 0x5, 0x0) 3.154870766s ago: executing program 4 (id=2592): socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89fb, &(0x7f0000000080)) 3.073474058s ago: executing program 4 (id=2595): socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x5) ioctl$SIOCPNADDRESOURCE(r1, 0x89e0, &(0x7f0000000040)=0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sk_skb=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xff, 0x4, 0x7ffc0002}]}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) write$sndseq(r2, &(0x7f0000000200), 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r3, 0x0, &(0x7f0000001700)=""/53}, 0x20) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x9, 0x200000000000029a, &(0x7f0000000200)=ANY=[@ANYRES8, @ANYRES8=r0, @ANYRESDEC=0x0], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r4}, 0x10) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') pread64(r5, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000300) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r6 = getpid() sched_setscheduler(r6, 0x1, &(0x7f0000000140)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r7, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) syz_clone(0x44209400, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000740)={[{@dioread_lock}, {@noauto_da_alloc}, {@barrier_val={'barrier', 0x3d, 0x1}}, {@nodiscard}]}, 0x2, 0x5be, &(0x7f000001a240)="$eJzs3c1vVFUbAPDnzkwLpe/7ti8xKi5MoyGQKC0tYPBjAXtC8GPnxkoLQYaP0BotmlgS3JgYNy5IXLkQ/wslunVl4sKFG1eGBI1hozEy5s7cGYZ2pp2WTm/t/f2S2znnnjs950KfOWfuPWcmgMIaS3+UIvZExOUkYqStrBJZ4VjjuLu/v3863ZKo1V79LYkk29c8Pskeh7Mn/z0S8f03SewuL693buHq+elqdfZKlp+Yv3B5Ym7h6oFzF6bPzp6dvTj13NTRI4ePHJ08+FDnV2pLn7j+1jsjH518/YvP/komv/zpZBLH4tczjbL289goYzEWf9RqHyzdn/67Ht3oynJSbv2d3Jcs3cGWVcliZDAiHouRKLf9b47Ehy/n2jigr2pJRA0oqET8Q0E1xwHN9/a9vQ8u9XlUAmyGO8fTnwMd4r/SuDYYozEQEXuXPK/DJb11Sev47tuT19Mt+nQdDuhs8dqOLLU0/pN6bI7Gznpu193SA9d50xHAqewx3f/KOusfW5IX/7B5Fq9FxOOdxv+rx/8bbfH/5jrrF/8AAAAAAACwcW4dj4hnO93/K2X35nbGU/X7f0nj/t8P91cIHtuA+le//1e6vQHVAB3cOR7xUsf5v605vqPlLPffxmzA5My56uzBiPhfROyPgR1pfnKFOg58vPtGt7L2+X/pltbfnAuYteN2ZceDz5mZnp9+mHMGGu5ci3ii0n3+T9r/J+39fyZ9PbjcYx2799481a1s9fgH+qX2ecS+jv1/0jomWfnzOSbq44GJ5qhguSff++SrbvWLf8hP2v/vWjn+R5P2z+uZW9vvH4yIQwuVWrfy9Y7/B5PXys3fn3p3en7+ymTEYHJi+f6ptbUZtqtmPDTjJY3//U+vfP2vNf5vi8OhiFjssc5H7w3/3K1M/w/5SeN/Zk39/9oTUzdHv+5Wf2/9/+F6n74/2+P6H6ys1wDNu50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8G9Uioj/RFIab6VLpfHxiOGIeCR2laqX5uafOXPp7YszaVn9+/9LzW/6HWnkk+b3/4+25aeW5A9FxP8j4tPyUD0/fvpSdSbvkwcAAAAAAAAAAAAAAAAAAIAtYrjL+v/UL+W8Wwf0XSV7FO9QPJWVi+/VGjarOcAmWiX+gW1M/ENxiX8oLvEPxbXO+He7ALYB/T8U1UBvh+3sdzuAPOj/AQAAAABgW7n14vM3kohYfGGovqUGs7LWjcGhvFoH9FMp7wYAuTGHF4rL1B8orh4n/wLbWNJK/dnxc766z/5P+tMgAAAAAAAAAAAAAGCZfXtu/bjq+n9gW7L+H4rL+n8oLuv/obi8xwdWW8Vv/T8AAAAAAAAAAAAA5G9u4er56Wp19orE/URzUfRWaU9REwMRsQWakUNiMP/wzPFFCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeMA/AQAA//9dTymB") sendmsg(0xffffffffffffffff, 0x0, 0x8001) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0xf7}, 0x18) semctl$SEM_INFO(0x0, 0x4, 0x13, &(0x7f0000000280)=""/4) 1.932678107s ago: executing program 5 (id=2600): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0xa59745d475f27e94, 0x4, 0x7, 0x1, 0x5, 0x20005, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x8, &(0x7f00000009c0)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffcd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20) prctl$PR_SET_NAME(0xf, &(0x7f0000000440)='\x00') syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@quota}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710448000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2a) getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000280)={@private, @local, 0x0}, &(0x7f0000000300)=0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', r3, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xba}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000005c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x4040000) r5 = socket(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001c0001fc28bd7000fcdbdf2507000000", @ANYRES32=r7, @ANYBLOB="8000260b0a0002000180c20000"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20040010) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x26000411}, 0x800) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x12b8cbfb}, 0x18) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.186705789s ago: executing program 1 (id=2603): memfd_create(0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x4, 0x48}, 0x104c58, 0x10000, 0x0, 0x6, 0x8, 0x20002, 0x400, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_open_procfs(0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4004015) socket$inet(0x2, 0x2, 0x1) ioctl$TUNSETVNETHDRSZ(0xffffffffffffffff, 0x400454d8, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000004740)={&(0x7f00000000c0)=ANY=[@ANYBLOB="18000000010901040000a0c1012900000800000a04000200"], 0x18}, 0x1, 0x0, 0x0, 0x16}, 0xc898) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) mkdir(0x0, 0x81) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000180)={{{@in=@loopback, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e22, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x1}, {0xfffffffffffffffd, 0x0, 0x6, 0x0, 0x5, 0x3}, {0x6, 0x0, 0x0, 0x20000000000002}, 0x0, 0x40000, 0x1, 0x0, 0x2}, {{@in6=@rand_addr=' \x01\x00', 0x4d4, 0x6c}, 0x2, @in6=@loopback, 0x3504, 0x4, 0x0, 0x0, 0x0, 0x0, 0x200000}}, 0xe8) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, 0x0, 0x10) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, 0x0, 0x20000000) sched_setscheduler(0x0, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100), 0x1, 0x55a, &(0x7f0000000b80)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLKMJh1rHbhduBtvZAgiDsR7vfdy+A/4Vwx0MGQUvfAmctKTLluTNuuypprPB05533NO8p435zxvn5M3IQEMrYnsTyHixYj4Kok4HBFJvm008o0Ta/utPrw+my1JNBof/5E098vqredqPe5gXnkhIn75IuJkYWO7teWVhVK5nC7m9cl65cpkbXnl1KVKaT6dTy9Pz8yceXNm+p233+pbX187/9e3H919/8yXx1e/+en+kdtJnI1D+bb2fjyDG+2ViZjIX5OxOPvEjlN9aGw3SQZ9AGzLSB7nY5GNAYdjJI964L/v84hoAEMqEf8wpFp5QOvefvP74P/vUFaycx68t3YDtLH/o2vvjcS+5r3RgdXksTuj7H53vA/tZ238/Pud29kS/XsfAmBLN25GxOnR0Y3jX5KPf9t3uvPqfe2VJ9sw/sHOuZvlP693yn8K6/lPdMh/DnaI3e3YOv4L9/vQTFdZ/vdux/x3fdJqfCSv/a+Z840lFy+V09N5NnwixvZm9c3mc86s3mt029ae/2VL1n4rF8yP4/7o3scfM1eql56lz+0e3Ix4qWP+m6yf/6TD+c9ej/M9tnEsvfNKt21b9//5avwQ8WrH8/9oRivZfH5ysnk9TLauio3+vHXs127tD7r/2fk/sHn/x5P2+dra07fx/b6/027bHut/9H7970k+aZb35Ouuler1xamIPcmHG9dPP3psq97aP+v/ieObj3+drv/9EfFpj/2/dfTHl3vq/4DO/9xTnf+nL9z74LPvurXf2/j3RrN0Il/Ty/jX6wE+y2sHAAAAAAAAu00hIg5FUiiulwuFYnHt8x1H40ChXK3VT16sLl2ei+Z3ZcdjrNCa6T7c9nmIqfzzsK369BP1mYg4EhFfj+xv1ouz1fLcoDsPAAAAAAAAAAAAAAAAAAAAu8TBLt//z/w2MuijA547P/kNw2vL+O/HLz0Bu5L//zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPw0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dP3cuWxqrD6/PZvW5q8tLC9Wrp+bS2kKxsjRbnK0uXinOV6vz5bQ4W61s9XzlavXK1HQsXZusp7X6ZG155UKlunS5fuFSpTSfXkjHdqRXAAAAAAAAAAAAAAAAAAAA8O9SW15ZKJXL6aKCwrYKo7vjMBT6XBj0yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj/wTAAD//wQrN8c=") r3 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x105042, 0x1db) writev(r3, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f00000001c0)=ANY=[@ANYBLOB="02000000000000000000000000c3"]) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x200}, 0x1c) listen(r2, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r5 = accept(r2, 0x0, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x2400c840}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) 939.740064ms ago: executing program 3 (id=2606): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0xa59745d475f27e94, 0x4, 0x7, 0x1, 0x5, 0x20005, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x8, &(0x7f00000009c0)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffcd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20) prctl$PR_SET_NAME(0xf, &(0x7f0000000440)='\x00') syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@quota}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710448000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2a) getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000280)={@private, @local, 0x0}, &(0x7f0000000300)=0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', r3, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xba}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000005c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x4040000) r5 = socket(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001c0001fc28bd7000fcdbdf2507000000", @ANYRES32=r7, @ANYBLOB="8000260b0a0002000180c200000c00000c000e"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20040010) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x26000411}, 0x800) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x12b8cbfb}, 0x18) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 908.659484ms ago: executing program 5 (id=2607): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0xa59745d475f27e94, 0x4, 0x7, 0x1, 0x5, 0x20005, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x8, &(0x7f00000009c0)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffcd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20) prctl$PR_SET_NAME(0xf, &(0x7f0000000440)='\x00') syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@quota}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710448000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2a) getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000280)={@private, @local, 0x0}, &(0x7f0000000300)=0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', r3, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xba}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000005c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x4040000) r5 = socket(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001c0001fc28bd7000fcdbdf2507000000", @ANYRES32=r7, @ANYBLOB="8000260b0a0002000180c200000c00000c000e800500"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20040010) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x26000411}, 0x800) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x12b8cbfb}, 0x18) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 896.379724ms ago: executing program 0 (id=2608): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) memfd_secret(0x0) r3 = memfd_secret(0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r4, r3, 0x2e, 0x4608, @void}, 0x10) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r5, 0x40187014, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) r6 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff) keyctl$chown(0x4, r6, 0xee01, 0xee00) keyctl$chown(0x4, r6, 0x0, 0x0) add_key$keyring(&(0x7f0000000200), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r6) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x503, 0x900, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x4c}}, 0x0) openat$selinux_create(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r9}, 0x10) r10 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 833.429425ms ago: executing program 0 (id=2609): r0 = epoll_create(0x3ff) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000240)={0xa0000000}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000280)={0x82000010}) 802.022776ms ago: executing program 0 (id=2611): r0 = socket$key(0xf, 0x3, 0x2) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r2, 0x0, 0x2000}, 0x18) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="0213f803030000002cbd7000fddbdf25010018"], 0x18}}, 0x2000) 745.516867ms ago: executing program 0 (id=2612): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$invalidate(0x15, r1) add_key(&(0x7f00000002c0)='id_resolver\x00', 0x0, 0x0, 0x0, r1) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeb6, 0x0, 0x0, 0x0}, 0x94) io_uring_setup(0xe6f, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NETID(r3, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)={0x24, r4, 0x2, 0x70bd27, 0x25dfdbfe, {{}, {}, {0x8, 0x2, 0x4}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x47, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) pipe2$9p(&(0x7f00000000c0), 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00'}, 0x10) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r7, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) fcntl$lock(r7, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9}) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]}) close_range(r8, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) socket$unix(0x1, 0x5, 0x0) 612.350559ms ago: executing program 3 (id=2613): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="380000000206050000000009000000000000000005000400000000000900020073797a010006000100000000000000000000000000000000af3689004915702690ff8c7620669ccd5d3f0f54f08c347cdcf0b08697f6eb2d6a80ff2ea2b12a343e4bbfe934287fa434c1d9aff06838f34b7beb10706616714f4b2d66374f0d5e0386f16ab1bed0ab73bf610d35713de4e6ec8609de48af9c1e4a286036dc8776086cf3692f19be"], 0x38}}, 0x0) r3 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r3, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000300)='sched_switch\x00', r5, 0x0, 0x100000000000}, 0x18) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r7 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10) r8 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000000c0)={'bridge0\x00'}) sendmsg$nl_route(r8, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$tipc(r7, &(0x7f0000000540)={&(0x7f00000001c0)=@name={0x1e, 0x2, 0x0, {{0x42}, 0x2}}, 0x10, 0x0}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r7, 0x10f, 0x88) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0) 578.70657ms ago: executing program 4 (id=2614): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10, &(0x7f0000000040)={[{@usrjquota}]}, 0x1, 0x3e7, &(0x7f0000000480)="$eJzs3E1vG0UfAPD/bl7apn1qV3oOvFwsQCISImnSFqgEEhEXDu2JHjhixWmJ6jSoMRKtIl4E4gYSiA8AB+AjcIQD3wHOwAEqRSgHUm5Ga+86Jn5pQx0skt9PGnlmZ+OZ9WTWu+PZCeDIqkTEixExERFnI6KUb0/zEO+2Q7bfzvbm8p/bm8tJNJuv/J5Ekm8r3ivJX0/mbzCbRqQfJPFon3I3bt2+Xq3XV27m6fnG2hvzG7duP726Vr22cm3lxuIz585fuPDcxcVnR3asW2vJR098demXTz6sffrDb9+Ws/qeyvO6j2NUKlHpfCZ7XRx1YWN2vCueTI6xIgAADJXm1/6Trev/UkzE7sVbKT7+fqyVAwAAAEai2SxeAQAAgMMrce8PAAAAh1wxD2Bne3O5CGOcjsC/bGspIsrt9r+bh3bOZOeZ3qk9z/eOUiUiXj5+eTELcUDPYQMAAAAcZd8ttRf+6x3/S+Ohrv1ORMRMsbbfCFX2pHvHf9I7Iy6SLltLEc9HxN2e8b+02KU8kaf+1xoqnEqurtZXzkbE6YiYjaljWXphSBlvP3b960F53eN/n//86kJWfva6u0d6Z/LY3/+mVm1UH+SY2bX1XsQjk/3aP+mM+Xavk/lPvLa688KgvKz9s/YuQm/7c5CaX0Q82bf/765cmgxfn3W+dT6YL84KvX469eX7g8rv7v9ZyMovfgvg4GX9f2Z4+7fWye2s17ux/zK++ePyj4Py7t3+/c//08mVVgWn821vVRuNmwsR08ml3u3+mzqKz6P4vLL2n328//d/cf2X5N/9p7vWh+4x5AfCl945c2VQnv4/Xln71/bV//cfeX3m4dlB5d9f/z/fqkzxJq7/7u1+G2jc9QQAAAAAAABgNNLW3L4knevE03Rurj3P9/8xk9bXNxpPXV1/80atPQewHFNpMdOr1DUfdKH9GHknvbgnfS4izkTEZ6UTrfTc8nq9Nu6DBwAAgCPi5ID7/8yvAx/2AAAAAP5zyuOuAAAAAHDg3P8DAADAofYg6/qLiIgc1si4z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9tfAQAA///8h8MD") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0) write(r2, &(0x7f00000001c0)="f14a18f691", 0x5) sendfile(r2, r0, 0x0, 0x40001) sendfile(r2, r1, 0x0, 0x7ffff000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) sendfile(r4, r3, 0x0, 0x3ffff) 575.57376ms ago: executing program 0 (id=2615): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0xa59745d475f27e94, 0x4, 0x7, 0x1, 0x5, 0x20005, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0x8, &(0x7f00000009c0)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffcd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20) prctl$PR_SET_NAME(0xf, &(0x7f0000000440)='\x00') syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@quota}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ") bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710448000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x2a) getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000280)={@private, @local, 0x0}, &(0x7f0000000300)=0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', r3, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xba}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000005c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x4040000) r5 = socket(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001c0001fc28bd7000fcdbdf2507000000", @ANYRES32=r7, @ANYBLOB="8000260b0a0002000180c200000c00000c000e"], 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x20040010) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x26000411}, 0x800) ioctl$EXT4_IOC_MIGRATE(r2, 0x6609) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x0, 0x12b8cbfb}, 0x18) r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 504.995391ms ago: executing program 5 (id=2616): r0 = syz_io_uring_setup(0x3b52, &(0x7f0000000140)={0x0, 0x5883, 0x1000, 0x1, 0x1c2}, &(0x7f0000000040)=0x0, &(0x7f0000000680)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RENAMEAT={0x23, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x1}) io_uring_enter(r0, 0x10007b0f, 0x45ac, 0x20, 0x0, 0x0) 449.556612ms ago: executing program 3 (id=2617): socketpair(0x1, 0x1, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89fb, &(0x7f0000000080)) 321.326954ms ago: executing program 1 (id=2618): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYRES16=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), r1) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="1a00180084b5b244f670c43f79bfc30cde4c960df2580d44c7814b0c709b9ea9250501f1ed47d5584082db0252f510578004c44e9008f77ccddf93b96049c2f5f2c626cd8b19462b5a", @ANYRES16=r2, @ANYBLOB="040000000000ffdbdf251200000008000700010000001800018014000200626f6e645f736c6176655f31000000000400080000000000"], 0x3c}}, 0x0) r3 = epoll_create1(0x0) r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000000)={0xc000201e}) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r7}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xa, 0x101, 0x7ffc, 0xcc}, 0x50) 321.014324ms ago: executing program 3 (id=2619): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$invalidate(0x15, r1) add_key(&(0x7f00000002c0)='id_resolver\x00', 0x0, 0x0, 0x0, r1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2}, 0x94) io_uring_setup(0xe6f, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NETID(r3, &(0x7f0000000580)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)={0x24, r4, 0x2, 0x70bd27, 0x25dfdbfe, {{}, {}, {0x8, 0x2, 0x4}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x800) r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x47, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) pipe2$9p(&(0x7f00000000c0), 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan0\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0) fcntl$lock(r7, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8}) fcntl$lock(r7, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9}) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]}) close_range(r8, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) socket$unix(0x1, 0x5, 0x0) 259.131835ms ago: executing program 5 (id=2620): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) memfd_secret(0x0) r3 = memfd_secret(0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r4, r3, 0x2e, 0x4608, @void}, 0x10) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r5, 0x40187014, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) r6 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff) keyctl$chown(0x4, r6, 0xee01, 0xee00) keyctl$chown(0x4, r6, 0x0, 0x0) add_key$keyring(&(0x7f0000000200), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r6) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x503, 0x900, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x4c}}, 0x0) openat$selinux_create(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r9}, 0x10) r10 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 221.243286ms ago: executing program 1 (id=2621): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) symlink(0x0, &(0x7f00000017c0)='./file0\x00') creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r3 = socket$inet_smc(0x2b, 0x1, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', 0x200000, 0xa0) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000980)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000940)={&(0x7f00000008c0)={0x14, 0x0, 0x1, 0x801, 0x0, 0x0, {0x7, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x44) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}, {0x0, 0x98}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) r7 = gettid() sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r5, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x500, 0x0, 0x2000040}, 0xc, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r7], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000) 174.346357ms ago: executing program 5 (id=2622): r0 = socket$key(0xf, 0x3, 0x2) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="0213f803030000002cbd7000fddbdf25010018"], 0x18}}, 0x2000) 158.837627ms ago: executing program 5 (id=2623): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000000)=0x9, 0x6, 0x0) get_mempolicy(0x0, 0x0, 0x73e, &(0x7f0000433000/0x2000)=nil, 0x3) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000900), r0) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002fbd7000fedbdf250900000008000100010bb400000008000100030075253e"], 0x24}}, 0x64000) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) syz_io_uring_setup(0xe46, &(0x7f0000000380)={0x0, 0x5f39, 0x0, 0x4001, 0x2b7}, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0) r4 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) r5 = getpid() syz_pidfd_open(r5, 0x0) ioctl$BINDER_FREEZE(r3, 0x400c620e, &(0x7f00000001c0)={r5, 0x1, 0x84}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r6, 0x0, 0x4}, 0x18) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) close(r4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18) setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f0000000300)={0x2f, 0xa, 0x2, 0x1, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @remote, @private1, @mcast1, @ipv4={'\x00', '\xff\xff', @multicast2}]}, 0x58) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000220000000000000000000000850000006d00000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='mm_page_free\x00', r9}, 0x18) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r7}, 0x10) ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0x80, &(0x7f0000000240)={0x3, 0x0, 0xfffa, 0x4360}, 0x8, 0x6, 0x7d, 0x0, 0x1, 0x101, 0x0}) 135.983747ms ago: executing program 0 (id=2624): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32=0x0, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r4}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) arch_prctl$ARCH_GET_UNTAG_MASK(0x4001, &(0x7f0000000180)) r5 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x4, 0x1af}, &(0x7f0000000040)=0x0, &(0x7f00000000c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x1, 0xffffffffffffffff, 0x0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000200)=[{0x0}, {&(0x7f0000001800)=""/4096, 0x1000}], 0x2, &(0x7f0000000440)=""/205, 0xcd}, 0x0, 0x3, 0x0, {0x2}}) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(r5, 0x47f8, 0x0, 0x0, 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000900)=@mangle={'mangle\x00', 0x44, 0x6, 0x510, 0x3a8, 0x210, 0x210, 0x0, 0x138, 0x478, 0x478, 0x478, 0x478, 0x478, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:dbusd_etc_t:s0\x00'}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x570) 119.845318ms ago: executing program 3 (id=2625): r0 = open(&(0x7f00009e1000)='./file1\x00', 0x60840, 0x0) fcntl$setlease(r0, 0x400, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYRESOCT=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000000140001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) sendmsg$MPTCP_PM_CMD_ANNOUNCE(0xffffffffffffffff, 0x0, 0x40000) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="40000000100039042cbd7000eaffffff000003e4", @ANYRES32=0x0, @ANYBLOB="8300040000000000200012800800011a736974001400028005000900b8e183b29da4489800000600080034000000"], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4040) sendmsg$IPSET_CMD_FLUSH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x800) quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, &(0x7f00000003c0)='./file0\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r7 = socket$unix(0x1, 0x1, 0x0) bind$unix(r7, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r9}, 0x10) sendmsg$IPSET_CMD_DESTROY(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='kmem_cache_free\x00') 92.721488ms ago: executing program 1 (id=2626): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) memfd_secret(0x0) r3 = memfd_secret(0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r4, r3, 0x2e, 0x4608, @void}, 0x10) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r5, 0x40187014, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) r6 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff) keyctl$chown(0x4, r6, 0xee01, 0xee00) keyctl$chown(0x4, r6, 0x0, 0x0) add_key$keyring(&(0x7f0000000200), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r6) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x503, 0x900, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x4c}}, 0x0) openat$selinux_create(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r9}, 0x10) r10 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 32.591779ms ago: executing program 1 (id=2627): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) memfd_secret(0x0) r3 = memfd_secret(0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r4, r3, 0x2e, 0x4608, @void}, 0x10) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r5, 0x40187014, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) r6 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff) keyctl$chown(0x4, r6, 0xee01, 0xee00) keyctl$chown(0x4, r6, 0x0, 0x0) add_key$keyring(&(0x7f0000000200), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r6) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'macvlan0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x503, 0x900, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}]}}}, @IFLA_LINK={0x8, 0x5, r8}]}, 0x4c}}, 0x0) openat$selinux_create(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb8500000043000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000840)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r9}, 0x10) r10 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) ioctl$USBDEVFS_IOCTL(r10, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) 8.612669ms ago: executing program 3 (id=2628): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x10, &(0x7f0000000040)={[{@usrjquota}]}, 0x1, 0x3e7, &(0x7f0000000480)="$eJzs3E1vG0UfAPD/bl7apn1qV3oOvFwsQCISImnSFqgEEhEXDu2JHjhixWmJ6jSoMRKtIl4E4gYSiA8AB+AjcIQD3wHOwAEqRSgHUm5Ga+86Jn5pQx0skt9PGnlmZ+OZ9WTWu+PZCeDIqkTEixExERFnI6KUb0/zEO+2Q7bfzvbm8p/bm8tJNJuv/J5Ekm8r3ivJX0/mbzCbRqQfJPFon3I3bt2+Xq3XV27m6fnG2hvzG7duP726Vr22cm3lxuIz585fuPDcxcVnR3asW2vJR098demXTz6sffrDb9+Ws/qeyvO6j2NUKlHpfCZ7XRx1YWN2vCueTI6xIgAADJXm1/6Trev/UkzE7sVbKT7+fqyVAwAAAEai2SxeAQAAgMMrce8PAAAAh1wxD2Bne3O5CGOcjsC/bGspIsrt9r+bh3bOZOeZ3qk9z/eOUiUiXj5+eTELcUDPYQMAAAAcZd8ttRf+6x3/S+Ohrv1ORMRMsbbfCFX2pHvHf9I7Iy6SLltLEc9HxN2e8b+02KU8kaf+1xoqnEqurtZXzkbE6YiYjaljWXphSBlvP3b960F53eN/n//86kJWfva6u0d6Z/LY3/+mVm1UH+SY2bX1XsQjk/3aP+mM+Xavk/lPvLa688KgvKz9s/YuQm/7c5CaX0Q82bf/765cmgxfn3W+dT6YL84KvX469eX7g8rv7v9ZyMovfgvg4GX9f2Z4+7fWye2s17ux/zK++ePyj4Py7t3+/c//08mVVgWn821vVRuNmwsR08ml3u3+mzqKz6P4vLL2n328//d/cf2X5N/9p7vWh+4x5AfCl945c2VQnv4/Xln71/bV//cfeX3m4dlB5d9f/z/fqkzxJq7/7u1+G2jc9QQAAAAAAABgNNLW3L4knevE03Rurj3P9/8xk9bXNxpPXV1/80atPQewHFNpMdOr1DUfdKH9GHknvbgnfS4izkTEZ6UTrfTc8nq9Nu6DBwAAgCPi5ID7/8yvAx/2AAAAAP5zyuOuAAAAAHDg3P8DAADAofYg6/qLiIgc1si4z0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAR9tfAQAA///8h8MD") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0) write(r2, &(0x7f00000001c0)="f14a18", 0x3) sendfile(r2, r0, 0x0, 0x40001) sendfile(r2, r1, 0x0, 0x7ffff000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12) sendfile(r4, r3, 0x0, 0x3ffff) 0s ago: executing program 1 (id=2629): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001500)=ANY=[@ANYBLOB="d8000000000203000000000000000000020000053c0002802c00018014000300fc00000000000000000000000000000114000400000000000000000000000000000000010c000280050001002100000004000380040001"], 0xd8}}, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0) io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='nodots,allow_utime=000000000034,usefree,check=strict,dots,\x00'/70], 0x1, 0x1e9, &(0x7f00000002c0)="$eJzs2k1rVFcYB/Bz05SkCXkppS3Jpoe2i3ZzabIsXSSUBEoHFM0IKkhuyESHGWfC3FnMiItZu/IjuBaX7gTJF8h3cOEuCNFVVl7R0bwRFyrJCPn9NvOHPwPn4cDhWdydf+7frm3k6UbWDkNJEoYWQi/sJWE6DIUPeuHP3/9+ee/y1Wv/L5ZKS5diXF5cmZuPMU7+8vT63Ue/brXHrzyefDIStqdv7OzOP9/+aXtm5/XKrWoeq3lsNNsxi2vNZjtbq1fiejWvpTFerFeyvBKrjbzSOtJv1Jubm92YNdYnxjZblTyPWaMba5VubDdju9WN2c2s2ohpmsaJscCXKD/cK4qwW3y7Goqi+O5BGN8KE8/CVEi+j8kPC8mPq8nPvWRmtyimBn1UToX7P98OPeqjIbzodcqdcv+33y//V1r6K74zffCvV51O+Zv9fq7fx6P9SBh738+f2I+GP37r92+7fy+UjvWzYf30xwcAOHfSuO/E/S5NP9b306H98Nj+Nhxmh89sDD5T3r1Ty+r1SksQBGE/DPpl4iwcXPqgTwIAAAAAAAAAAMCnOIvPCQc9IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HV7EwAA///n0Xgk") mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2) r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000001440), 0x2, 0x0) gettid() timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) timerfd_create(0x7, 0x80000) timerfd_gettime(0xffffffffffffffff, &(0x7f0000000100)) readv(r1, &(0x7f0000000300)=[{&(0x7f0000000380)=""/4096, 0x1000}], 0x1) kernel console output (not intermixed with test programs): d header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 148.614659][ T9466] EXT4-fs (loop0): Remounting filesystem read-only [ 148.621843][ T9466] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1967'. [ 148.760025][ T9480] hub 6-0:1.0: USB hub found [ 148.772202][ T9480] hub 6-0:1.0: 8 ports detected [ 148.851658][ T9490] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1977'. [ 148.967111][ T9498] loop5: detected capacity change from 0 to 2048 [ 149.217826][ T9508] sg_write: data in/out 63969/14 bytes for SCSI command 0x0-- guessing data in; [ 149.217826][ T9508] program syz.3.1984 not setting count and/or reply_len properly [ 149.348782][ T9516] loop5: detected capacity change from 0 to 512 [ 149.656769][ T9534] FAULT_INJECTION: forcing a failure. [ 149.656769][ T9534] name failslab, interval 1, probability 0, space 0, times 0 [ 149.669444][ T9534] CPU: 0 UID: 0 PID: 9534 Comm: syz.4.1993 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 149.669471][ T9534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 149.669547][ T9534] Call Trace: [ 149.669599][ T9534] [ 149.669607][ T9534] __dump_stack+0x1d/0x30 [ 149.669627][ T9534] dump_stack_lvl+0xe8/0x140 [ 149.669671][ T9534] dump_stack+0x15/0x1b [ 149.669685][ T9534] should_fail_ex+0x265/0x280 [ 149.669752][ T9534] should_failslab+0x8c/0xb0 [ 149.669828][ T9534] kmem_cache_alloc_noprof+0x50/0x310 [ 149.669871][ T9534] ? getname_flags+0x80/0x3b0 [ 149.669887][ T9534] ? fput+0x8f/0xc0 [ 149.669909][ T9534] getname_flags+0x80/0x3b0 [ 149.669998][ T9534] __x64_sys_execve+0x42/0x70 [ 149.670044][ T9534] x64_sys_call+0x13ab/0x2fb0 [ 149.670071][ T9534] do_syscall_64+0xd2/0x200 [ 149.670087][ T9534] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 149.670140][ T9534] ? clear_bhb_loop+0x40/0x90 [ 149.670160][ T9534] ? clear_bhb_loop+0x40/0x90 [ 149.670181][ T9534] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.670202][ T9534] RIP: 0033:0x7fb0f9bee9a9 [ 149.670245][ T9534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.670259][ T9534] RSP: 002b:00007fb0f8257038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 149.670275][ T9534] RAX: ffffffffffffffda RBX: 00007fb0f9e15fa0 RCX: 00007fb0f9bee9a9 [ 149.670288][ T9534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000400 [ 149.670301][ T9534] RBP: 00007fb0f8257090 R08: 0000000000000000 R09: 0000000000000000 [ 149.670313][ T9534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 149.670326][ T9534] R13: 0000000000000000 R14: 00007fb0f9e15fa0 R15: 00007ffe51999d08 [ 149.670358][ T9534] [ 149.883083][ T9536] loop1: detected capacity change from 0 to 512 [ 149.902614][ T9538] sg_write: data in/out 63969/14 bytes for SCSI command 0x0-- guessing data in; [ 149.902614][ T9538] program syz.4.1995 not setting count and/or reply_len properly [ 149.934548][ T9536] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102] [ 149.950872][ T9536] System zones: 1-12 [ 149.957287][ T9536] EXT4-fs error (device loop1): ext4_xattr_inode_iget:442: comm syz.1.1994: error while reading EA inode 32 err=-116 [ 149.971348][ T9536] EXT4-fs (loop1): Remounting filesystem read-only [ 149.977951][ T9536] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 149.993862][ T9536] EXT4-fs (loop1): 1 orphan inode deleted [ 150.023809][ T9543] batadv1: left allmulticast mode [ 150.029120][ T9543] batadv1: left promiscuous mode [ 150.034156][ T9543] bridge0: port 3(batadv1) entered disabled state [ 150.043622][ T9543] bridge_slave_1: left allmulticast mode [ 150.049493][ T9543] bridge_slave_1: left promiscuous mode [ 150.055329][ T9543] bridge0: port 2(bridge_slave_1) entered disabled state [ 150.069288][ T9543] bridge_slave_0: left promiscuous mode [ 150.075032][ T9543] bridge0: port 1(bridge_slave_0) entered disabled state [ 150.246300][ T9548] __nla_validate_parse: 2 callbacks suppressed [ 150.246317][ T9548] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1994'. [ 150.405082][ T9536] bond0: (slave sit0): Error: Device type is different from other slaves [ 150.464908][ T9557] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2001'. [ 150.479072][ T9557] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2001'. [ 150.527514][ T9563] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2004'. [ 150.562152][ T9563] loop3: detected capacity change from 0 to 1024 [ 150.584725][ T9563] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 150.593761][ T9569] sg_write: data in/out 63969/14 bytes for SCSI command 0x0-- guessing data in; [ 150.593761][ T9569] program syz.1.2006 not setting count and/or reply_len properly [ 150.635489][ T9563] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 150.659730][ T9563] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000] [ 150.670649][ T9563] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 2: comm syz.3.2004: lblock 2 mapped to illegal pblock 2 (length 1) [ 150.684950][ T9563] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 48: comm syz.3.2004: lblock 0 mapped to illegal pblock 48 (length 1) [ 150.703951][ T9580] loop4: detected capacity change from 0 to 512 [ 150.711089][ T9563] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2004: Failed to acquire dquot type 0 [ 150.724039][ T9578] loop5: detected capacity change from 0 to 2048 [ 150.734698][ T9582] netlink: 'syz.1.2012': attribute type 1 has an invalid length. [ 150.742638][ T9582] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2012'. [ 150.768631][ T9563] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 150.781660][ T9586] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2014'. [ 150.794796][ T9586] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2014'. [ 150.846290][ T9563] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.2004: mark_inode_dirty error [ 150.859571][ T9563] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 150.886189][ T9563] EXT4-fs (loop3): 1 orphan inode deleted [ 150.893298][ T3565] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:53: lblock 1 mapped to illegal pblock 1 (length 1) [ 150.929571][ T3565] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:53: Failed to release dquot type 0 [ 150.942563][ T9563] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.2004: Invalid inode table block 1 in block_group 0 [ 150.962482][ T9597] loop1: detected capacity change from 0 to 512 [ 150.969644][ T9563] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 151.001520][ T9563] EXT4-fs error (device loop3): ext4_quota_off:7217: inode #3: comm syz.3.2004: mark_inode_dirty error [ 151.015048][ T9597] ext4 filesystem being mounted at /433/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 151.037293][ T9597] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.2016: corrupted inode contents [ 151.089692][ T9603] loop0: detected capacity change from 0 to 2048 [ 151.107558][ T9597] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.2016: mark_inode_dirty error [ 151.121640][ T9597] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.2016: corrupted inode contents [ 151.136137][ T9603] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2018'. [ 151.149192][ T9597] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.2016: mark_inode_dirty error [ 151.178310][ T9597] pim6reg1: entered promiscuous mode [ 151.183750][ T9597] pim6reg1: entered allmulticast mode [ 151.193911][ T9597] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.2016: corrupted inode contents [ 151.217049][ T9597] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #2: comm syz.1.2016: mark_inode_dirty error [ 151.237240][ T9597] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #2: comm syz.1.2016: corrupted inode contents [ 151.299597][ T9618] sg_write: data in/out 63969/14 bytes for SCSI command 0x0-- guessing data in; [ 151.299597][ T9618] program syz.5.2022 not setting count and/or reply_len properly [ 151.367353][ T9621] FAULT_INJECTION: forcing a failure. [ 151.367353][ T9621] name failslab, interval 1, probability 0, space 0, times 0 [ 151.380207][ T9621] CPU: 1 UID: 0 PID: 9621 Comm: syz.0.2024 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 151.380233][ T9621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 151.380244][ T9621] Call Trace: [ 151.380252][ T9621] [ 151.380260][ T9621] __dump_stack+0x1d/0x30 [ 151.380361][ T9621] dump_stack_lvl+0xe8/0x140 [ 151.380382][ T9621] dump_stack+0x15/0x1b [ 151.380398][ T9621] should_fail_ex+0x265/0x280 [ 151.380440][ T9621] ? genl_start+0x117/0x390 [ 151.380463][ T9621] should_failslab+0x8c/0xb0 [ 151.380509][ T9621] __kmalloc_cache_noprof+0x4c/0x320 [ 151.380536][ T9621] genl_start+0x117/0x390 [ 151.380631][ T9621] __netlink_dump_start+0x331/0x520 [ 151.380659][ T9621] genl_family_rcv_msg_dumpit+0x115/0x180 [ 151.380681][ T9621] ? __pfx_genl_start+0x10/0x10 [ 151.380702][ T9621] ? __pfx_genl_dumpit+0x10/0x10 [ 151.380791][ T9621] ? __pfx_genl_done+0x10/0x10 [ 151.380889][ T9621] genl_rcv_msg+0x3f0/0x460 [ 151.380962][ T9621] ? __pfx_ieee802154_dump_phy+0x10/0x10 [ 151.380991][ T9621] netlink_rcv_skb+0x123/0x220 [ 151.381051][ T9621] ? __pfx_genl_rcv_msg+0x10/0x10 [ 151.381082][ T9621] genl_rcv+0x28/0x40 [ 151.381104][ T9621] netlink_unicast+0x5a8/0x680 [ 151.381193][ T9621] netlink_sendmsg+0x58b/0x6b0 [ 151.381257][ T9621] ? __pfx_netlink_sendmsg+0x10/0x10 [ 151.381276][ T9621] __sock_sendmsg+0x145/0x180 [ 151.381300][ T9621] ____sys_sendmsg+0x31e/0x4e0 [ 151.381325][ T9621] ___sys_sendmsg+0x17b/0x1d0 [ 151.381410][ T9621] __x64_sys_sendmsg+0xd4/0x160 [ 151.381438][ T9621] x64_sys_call+0x2999/0x2fb0 [ 151.381463][ T9621] do_syscall_64+0xd2/0x200 [ 151.381479][ T9621] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 151.381500][ T9621] ? clear_bhb_loop+0x40/0x90 [ 151.381518][ T9621] ? clear_bhb_loop+0x40/0x90 [ 151.381541][ T9621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.381561][ T9621] RIP: 0033:0x7f8eb85be9a9 [ 151.381577][ T9621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.381592][ T9621] RSP: 002b:00007f8eb6c27038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 151.381677][ T9621] RAX: ffffffffffffffda RBX: 00007f8eb87e5fa0 RCX: 00007f8eb85be9a9 [ 151.381687][ T9621] RDX: 0000000020000004 RSI: 00002000000004c0 RDI: 0000000000000006 [ 151.381697][ T9621] RBP: 00007f8eb6c27090 R08: 0000000000000000 R09: 0000000000000000 [ 151.381707][ T9621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 151.381781][ T9621] R13: 0000000000000000 R14: 00007f8eb87e5fa0 R15: 00007ffee7285b98 [ 151.381800][ T9621] [ 151.693062][ T9626] loop5: detected capacity change from 0 to 512 [ 151.713242][ T9626] ext4 filesystem being mounted at /215/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 151.725832][ T9629] loop0: detected capacity change from 0 to 1024 [ 151.743761][ T9629] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 151.767617][ T9622] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm syz.5.2023: corrupted inode contents [ 151.779673][ T9629] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 151.790860][ T9622] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #18: comm syz.5.2023: mark_inode_dirty error [ 151.806713][ T9629] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000] [ 151.812948][ T9622] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm syz.5.2023: corrupted inode contents [ 151.829001][ T9622] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #18: comm syz.5.2023: mark_inode_dirty error [ 151.832629][ T9629] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 2: comm syz.0.2026: lblock 2 mapped to illegal pblock 2 (length 1) [ 151.858660][ T9638] hub 6-0:1.0: USB hub found [ 151.863366][ T9622] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #18: comm syz.5.2023: mark inode dirty (error -117) [ 151.864564][ T9640] loop3: detected capacity change from 0 to 2048 [ 151.877016][ T9638] hub 6-0:1.0: 8 ports detected [ 151.887702][ T9629] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 48: comm syz.0.2026: lblock 0 mapped to illegal pblock 48 (length 1) [ 151.894837][ T9636] hub 6-0:1.0: USB hub found [ 151.902112][ T9629] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.2026: Failed to acquire dquot type 0 [ 151.907495][ T9622] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117) [ 151.918070][ T9636] hub 6-0:1.0: 8 ports detected [ 151.931962][ T9629] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 151.942200][ T9640] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2030'. [ 151.951549][ T9629] EXT4-fs error (device loop0): ext4_evict_inode:254: inode #11: comm syz.0.2026: mark_inode_dirty error [ 151.966249][ T9629] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 151.978177][ T9629] EXT4-fs (loop0): 1 orphan inode deleted [ 151.986054][ T3565] EXT4-fs error (device loop0): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:53: lblock 1 mapped to illegal pblock 1 (length 1) [ 152.001430][ T3565] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:53: Failed to release dquot type 0 [ 152.030396][ T9629] EXT4-fs error (device loop0): __ext4_get_inode_loc:4792: comm syz.0.2026: Invalid inode table block 1 in block_group 0 [ 152.044972][ T9629] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 152.056574][ T9629] EXT4-fs error (device loop0): ext4_quota_off:7217: inode #3: comm syz.0.2026: mark_inode_dirty error [ 152.100991][ T9655] loop1: detected capacity change from 0 to 2048 [ 152.136460][ T9661] sg_write: data in/out 63969/14 bytes for SCSI command 0x0-- guessing data in; [ 152.136460][ T9661] program syz.3.2037 not setting count and/or reply_len properly [ 152.214331][ T9670] loop1: detected capacity change from 0 to 2048 [ 152.232756][ T9672] hub 6-0:1.0: USB hub found [ 152.253171][ T9672] hub 6-0:1.0: 8 ports detected [ 152.420564][ T9679] loop4: detected capacity change from 0 to 512 [ 152.445637][ T9679] EXT4-fs: Ignoring removed orlov option [ 152.474985][ T9679] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c119, mo2=0002] [ 152.485308][ T9679] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.2042: corrupted in-inode xattr: e_value size too large [ 152.538398][ T9679] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2042: couldn't read orphan inode 15 (err -117) [ 152.579286][ T9689] loop1: detected capacity change from 0 to 2048 [ 152.595294][ T9691] loop3: detected capacity change from 0 to 1024 [ 152.602405][ T9691] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 152.613484][ T9691] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 152.663596][ T9689] netlink: 100 bytes leftover after parsing attributes in process `syz.1.2046'. [ 152.687509][ T9691] JBD2: no valid journal superblock found [ 152.693299][ T9691] EXT4-fs (loop3): Could not load journal inode [ 152.771652][ T9696] @ÿ: renamed from bond_slave_0 [ 152.814301][ T29] kauditd_printk_skb: 91 callbacks suppressed [ 152.814315][ T29] audit: type=1400 audit(1753911693.261:5886): avc: denied { write } for pid=9698 comm="syz.1.2049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 152.881243][ T9703] loop3: detected capacity change from 0 to 2048 [ 152.914003][ T29] audit: type=1400 audit(1753911693.361:5887): avc: denied { connect } for pid=9704 comm="syz.1.2051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 152.936391][ T29] audit: type=1400 audit(1753911693.391:5888): avc: denied { write } for pid=9704 comm="syz.1.2051" path="socket:[24929]" dev="sockfs" ino=24929 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 153.002844][ T29] audit: type=1400 audit(1753911693.431:5889): avc: denied { create } for pid=9704 comm="syz.1.2051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 153.022923][ T29] audit: type=1400 audit(1753911693.441:5890): avc: denied { setopt } for pid=9704 comm="syz.1.2051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 153.043149][ T29] audit: type=1400 audit(1753911693.451:5891): avc: denied { read } for pid=9704 comm="syz.1.2051" path="socket:[25902]" dev="sockfs" ino=25902 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 153.073881][ T9710] hub 6-0:1.0: USB hub found [ 153.081309][ T9710] hub 6-0:1.0: 8 ports detected [ 153.109415][ T9714] syzkaller1: entered promiscuous mode [ 153.115019][ T9714] syzkaller1: entered allmulticast mode [ 153.127586][ T9716] loop0: detected capacity change from 0 to 512 [ 153.133901][ T29] audit: type=1326 audit(1753911693.581:5892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.0.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 153.157576][ T29] audit: type=1326 audit(1753911693.581:5893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.0.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 153.181096][ T29] audit: type=1326 audit(1753911693.581:5894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.0.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 153.204601][ T29] audit: type=1326 audit(1753911693.581:5895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9715 comm="syz.0.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 153.241680][ T9716] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102] [ 153.249798][ T9716] System zones: 1-12 [ 153.254619][ T9716] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.2055: error while reading EA inode 32 err=-116 [ 153.269323][ T9716] EXT4-fs (loop0): Remounting filesystem read-only [ 153.275934][ T9716] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 153.296339][ T9716] EXT4-fs (loop0): 1 orphan inode deleted [ 153.375925][ T9727] loop0: detected capacity change from 0 to 2048 [ 153.549823][ T9744] tipc: Started in network mode [ 153.554771][ T9744] tipc: Node identity 6ac473e8d793, cluster identity 4711 [ 153.562080][ T9744] tipc: Enabled bearer , priority 0 [ 153.578015][ T9744] tipc: Disabling bearer [ 153.638497][ T9752] hub 6-0:1.0: USB hub found [ 153.643239][ T9752] hub 6-0:1.0: 8 ports detected [ 153.668046][ T9756] loop1: detected capacity change from 0 to 1024 [ 153.675072][ T9756] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 153.683981][ T9756] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 153.696719][ T9756] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000] [ 153.705766][ T9756] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.2069: lblock 2 mapped to illegal pblock 2 (length 1) [ 153.721056][ T9756] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 48: comm syz.1.2069: lblock 0 mapped to illegal pblock 48 (length 1) [ 153.735333][ T9756] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2069: Failed to acquire dquot type 0 [ 153.748952][ T9756] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 153.758652][ T9756] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.2069: mark_inode_dirty error [ 153.771167][ T9756] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 153.781472][ T9756] EXT4-fs (loop1): 1 orphan inode deleted [ 153.788537][ T3561] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:50: lblock 1 mapped to illegal pblock 1 (length 1) [ 153.803090][ T3561] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:50: Failed to release dquot type 0 [ 153.817144][ T9756] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.2069: Invalid inode table block 1 in block_group 0 [ 153.831645][ T9756] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 153.841493][ T9762] loop0: detected capacity change from 0 to 2048 [ 153.841669][ T9756] EXT4-fs error (device loop1): ext4_quota_off:7217: inode #3: comm syz.1.2069: mark_inode_dirty error [ 153.872196][ T9762] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.2070: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 153.890736][ T9762] EXT4-fs (loop0): Remounting filesystem read-only [ 153.898750][ T9763] hub 6-0:1.0: USB hub found [ 153.903105][ T9770] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 153.904478][ T9763] hub 6-0:1.0: 8 ports detected [ 154.004098][ T9775] loop4: detected capacity change from 0 to 512 [ 154.018981][ T9775] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.2075: bad orphan inode 15 [ 154.029442][ T9775] ext4_test_bit(bit=14, block=5) = 0 [ 154.197156][ T9787] loop4: detected capacity change from 0 to 512 [ 154.209555][ T9787] ext4 filesystem being mounted at /408/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 154.209971][ T9789] FAULT_INJECTION: forcing a failure. [ 154.209971][ T9789] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 154.233258][ T9789] CPU: 1 UID: 0 PID: 9789 Comm: syz.1.2081 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 154.233283][ T9789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 154.233294][ T9789] Call Trace: [ 154.233300][ T9789] [ 154.233308][ T9789] __dump_stack+0x1d/0x30 [ 154.233325][ T9789] dump_stack_lvl+0xe8/0x140 [ 154.233355][ T9789] dump_stack+0x15/0x1b [ 154.233372][ T9789] should_fail_ex+0x265/0x280 [ 154.233401][ T9789] should_fail+0xb/0x20 [ 154.233422][ T9789] should_fail_usercopy+0x1a/0x20 [ 154.233451][ T9789] _copy_from_user+0x1c/0xb0 [ 154.233468][ T9789] autofs_dev_ioctl+0xdd/0x6a0 [ 154.233498][ T9789] ? __pfx_autofs_dev_ioctl+0x10/0x10 [ 154.233519][ T9789] __se_sys_ioctl+0xcb/0x140 [ 154.233545][ T9789] __x64_sys_ioctl+0x43/0x50 [ 154.233619][ T9789] x64_sys_call+0x19a8/0x2fb0 [ 154.233641][ T9789] do_syscall_64+0xd2/0x200 [ 154.233726][ T9789] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 154.233746][ T9789] ? clear_bhb_loop+0x40/0x90 [ 154.233763][ T9789] ? clear_bhb_loop+0x40/0x90 [ 154.233784][ T9789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.233803][ T9789] RIP: 0033:0x7f5db11be9a9 [ 154.233867][ T9789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.233882][ T9789] RSP: 002b:00007f5daf81f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 154.233898][ T9789] RAX: ffffffffffffffda RBX: 00007f5db13e5fa0 RCX: 00007f5db11be9a9 [ 154.233916][ T9789] RDX: 0000200000000200 RSI: 00000000c018937e RDI: 0000000000000008 [ 154.233929][ T9789] RBP: 00007f5daf81f090 R08: 0000000000000000 R09: 0000000000000000 [ 154.234004][ T9789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.234014][ T9789] R13: 0000000000000000 R14: 00007f5db13e5fa0 R15: 00007fffdfaf39d8 [ 154.234035][ T9789] [ 154.236198][ T9787] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 154.433945][ T9787] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 154.467298][ T9787] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 154.468077][ T9800] loop5: detected capacity change from 0 to 512 [ 154.490372][ T9787] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 154.503246][ T9787] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 154.515715][ T9787] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 154.607827][ T9811] loop5: detected capacity change from 0 to 1024 [ 154.614845][ T9811] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 154.624036][ T9811] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 154.656735][ T9811] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000] [ 154.690930][ T9811] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 2: comm syz.5.2088: lblock 2 mapped to illegal pblock 2 (length 1) [ 154.707270][ T9811] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 48: comm syz.5.2088: lblock 0 mapped to illegal pblock 48 (length 1) [ 154.724985][ T9811] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.2088: Failed to acquire dquot type 0 [ 154.742939][ T9811] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 154.759631][ T9823] FAULT_INJECTION: forcing a failure. [ 154.759631][ T9823] name failslab, interval 1, probability 0, space 0, times 0 [ 154.759719][ T9811] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.2088: mark_inode_dirty error [ 154.772338][ T9823] CPU: 0 UID: 0 PID: 9823 Comm: syz.4.2093 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 154.772365][ T9823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 154.772386][ T9823] Call Trace: [ 154.772393][ T9823] [ 154.772401][ T9823] __dump_stack+0x1d/0x30 [ 154.772421][ T9823] dump_stack_lvl+0xe8/0x140 [ 154.772438][ T9823] dump_stack+0x15/0x1b [ 154.772453][ T9823] should_fail_ex+0x265/0x280 [ 154.772482][ T9823] ? tipc_nametbl_insert_publ+0x44/0x930 [ 154.772521][ T9823] should_failslab+0x8c/0xb0 [ 154.772541][ T9823] __kmalloc_cache_noprof+0x4c/0x320 [ 154.772568][ T9823] tipc_nametbl_insert_publ+0x44/0x930 [ 154.772643][ T9823] ? tipc_group_create_member+0x24e/0x270 [ 154.772670][ T9823] ? kfree+0xd9/0x320 [ 154.772692][ T9823] tipc_nametbl_publish+0x112/0x1c0 [ 154.772772][ T9823] tipc_sk_publish+0x121/0x200 [ 154.772856][ T9823] tipc_sk_join+0x24b/0x2e0 [ 154.772879][ T9823] tipc_setsockopt+0x598/0x620 [ 154.772901][ T9823] ? __pfx_tipc_setsockopt+0x10/0x10 [ 154.772922][ T9823] __sys_setsockopt+0x181/0x200 [ 154.773006][ T9823] __x64_sys_setsockopt+0x64/0x80 [ 154.773061][ T9823] x64_sys_call+0x2bd5/0x2fb0 [ 154.773081][ T9823] do_syscall_64+0xd2/0x200 [ 154.773100][ T9823] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 154.773156][ T9823] ? clear_bhb_loop+0x40/0x90 [ 154.773200][ T9823] ? clear_bhb_loop+0x40/0x90 [ 154.773220][ T9823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.773286][ T9823] RIP: 0033:0x7fb0f9bee9a9 [ 154.773301][ T9823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.773317][ T9823] RSP: 002b:00007fb0f8257038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 154.773335][ T9823] RAX: ffffffffffffffda RBX: 00007fb0f9e15fa0 RCX: 00007fb0f9bee9a9 [ 154.773347][ T9823] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 154.773359][ T9823] RBP: 00007fb0f8257090 R08: 0000000000000010 R09: 0000000000000000 [ 154.773371][ T9823] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001 [ 154.773383][ T9823] R13: 0000000000000000 R14: 00007fb0f9e15fa0 R15: 00007ffe51999d08 [ 154.773405][ T9823] [ 154.848966][ T9825] hub 6-0:1.0: USB hub found [ 154.857968][ T9811] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 154.872500][ T9825] hub 6-0:1.0: 8 ports detected [ 154.876655][ T9811] EXT4-fs (loop5): 1 orphan inode deleted [ 154.896920][ T3586] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:62: lblock 1 mapped to illegal pblock 1 (length 1) [ 155.042788][ T3586] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:62: Failed to release dquot type 0 [ 155.055744][ T6499] EXT4-fs error (device loop5): __ext4_get_inode_loc:4792: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 155.070279][ T6499] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 155.079995][ T6499] EXT4-fs error (device loop5): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 155.105405][ T9837] loop4: detected capacity change from 0 to 512 [ 155.112233][ T9843] FAULT_INJECTION: forcing a failure. [ 155.112233][ T9843] name failslab, interval 1, probability 0, space 0, times 0 [ 155.125022][ T9843] CPU: 1 UID: 0 PID: 9843 Comm: syz.5.2097 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 155.125066][ T9843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 155.125078][ T9843] Call Trace: [ 155.125085][ T9843] [ 155.125093][ T9843] __dump_stack+0x1d/0x30 [ 155.125115][ T9843] dump_stack_lvl+0xe8/0x140 [ 155.125148][ T9843] dump_stack+0x15/0x1b [ 155.125192][ T9843] should_fail_ex+0x265/0x280 [ 155.125221][ T9843] should_failslab+0x8c/0xb0 [ 155.125300][ T9843] kmem_cache_alloc_lru_noprof+0x55/0x310 [ 155.125325][ T9843] ? shmem_alloc_inode+0x34/0x50 [ 155.125356][ T9843] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 155.125421][ T9843] shmem_alloc_inode+0x34/0x50 [ 155.125483][ T9843] alloc_inode+0x3d/0x170 [ 155.125535][ T9843] new_inode+0x1d/0xe0 [ 155.125553][ T9843] shmem_get_inode+0x244/0x750 [ 155.125585][ T9843] __shmem_file_setup+0x113/0x210 [ 155.125628][ T9843] shmem_file_setup+0x3b/0x50 [ 155.125653][ T9843] __se_sys_memfd_create+0x2c3/0x590 [ 155.125760][ T9843] __x64_sys_memfd_create+0x31/0x40 [ 155.125829][ T9843] x64_sys_call+0x122f/0x2fb0 [ 155.125846][ T9843] do_syscall_64+0xd2/0x200 [ 155.125982][ T9843] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 155.126004][ T9843] ? clear_bhb_loop+0x40/0x90 [ 155.126024][ T9843] ? clear_bhb_loop+0x40/0x90 [ 155.126045][ T9843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.126090][ T9843] RIP: 0033:0x7fe3bf47e9a9 [ 155.126105][ T9843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.126122][ T9843] RSP: 002b:00007fe3bdadee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 155.126140][ T9843] RAX: ffffffffffffffda RBX: 0000000000000a2f RCX: 00007fe3bf47e9a9 [ 155.126157][ T9843] RDX: 00007fe3bdadeef0 RSI: 0000000000000000 RDI: 00007fe3bf5016fc [ 155.126168][ T9843] RBP: 0000200000001580 R08: 00007fe3bdadebb7 R09: 00007fe3bdadee40 [ 155.126178][ T9843] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040 [ 155.126191][ T9843] R13: 00007fe3bdadeef0 R14: 00007fe3bdadeeb0 R15: 0000200000000140 [ 155.126247][ T9843] [ 155.178215][ T9837] EXT4-fs warning (device loop4): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 155.253042][ T9847] loop5: detected capacity change from 0 to 512 [ 155.257294][ T9837] EXT4-fs warning (device loop4): dx_probe:849: Enable large directory feature to access it [ 155.257315][ T9837] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.2098: Corrupt directory, running e2fsck is recommended [ 155.257568][ T9837] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 155.419847][ T9837] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.2098: corrupted in-inode xattr: invalid ea_ino [ 155.446876][ T9837] EXT4-fs (loop4): Remounting filesystem read-only [ 156.906509][ T9863] hub 6-0:1.0: USB hub found [ 156.911301][ T9863] hub 6-0:1.0: 8 ports detected [ 156.959147][ T6499] EXT4-fs unmount: 117 callbacks suppressed [ 156.959162][ T6499] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 156.973961][ T9869] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=9869 comm=syz.4.2109 [ 157.015608][ T9869] netlink: 'syz.4.2109': attribute type 6 has an invalid length. [ 157.057008][ T9879] loop3: detected capacity change from 0 to 2048 [ 157.088823][ T9879] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 157.106628][ T9887] loop1: detected capacity change from 0 to 512 [ 157.114981][ T9879] __nla_validate_parse: 8 callbacks suppressed [ 157.114998][ T9879] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2111'. [ 157.131398][ T9887] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.2113: casefold flag without casefold feature [ 157.194996][ T9887] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.2113: couldn't read orphan inode 15 (err -117) [ 157.237482][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.259347][ T9887] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.349130][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.383522][ T9907] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2121'. [ 157.404858][ T9907] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2121'. [ 157.419600][ T9909] loop5: detected capacity change from 0 to 512 [ 157.461541][ T9909] EXT4-fs (loop5): too many log groups per flexible block group [ 157.469376][ T9909] EXT4-fs (loop5): failed to initialize mballoc (-12) [ 157.496664][ T9909] EXT4-fs (loop5): mount failed [ 157.510819][ T9921] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2128'. [ 157.527360][ T9921] loop1: detected capacity change from 0 to 1024 [ 157.534428][ T9921] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 157.544388][ T9921] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 157.555885][ T9921] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000] [ 157.566203][ T9921] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 2: comm syz.1.2128: lblock 2 mapped to illegal pblock 2 (length 1) [ 157.599991][ T9921] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 48: comm syz.1.2128: lblock 0 mapped to illegal pblock 48 (length 1) [ 157.614816][ T9921] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2128: Failed to acquire dquot type 0 [ 157.621790][ T9860] kexec: Could not allocate control_code_buffer [ 157.632582][ T9921] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 157.649648][ T9921] EXT4-fs error (device loop1): ext4_evict_inode:254: inode #11: comm syz.1.2128: mark_inode_dirty error [ 157.661129][ T9921] EXT4-fs warning (device loop1): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 157.671492][ T9921] EXT4-fs (loop1): 1 orphan inode deleted [ 157.677681][ T9921] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 157.694439][ T143] EXT4-fs error (device loop1): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1) [ 157.695817][ T9930] ALSA: seq fatal error: cannot create timer (-22) [ 157.717776][ T143] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0 [ 157.802650][ T9921] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.812315][ T9921] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.2128: Invalid inode table block 1 in block_group 0 [ 157.826753][ T9921] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6255: Corrupt filesystem [ 157.836426][ T9921] EXT4-fs error (device loop1): ext4_quota_off:7217: inode #3: comm syz.1.2128: mark_inode_dirty error [ 157.881630][ T29] kauditd_printk_skb: 214 callbacks suppressed [ 157.881711][ T29] audit: type=1400 audit(1753911698.331:6099): avc: denied { read write } for pid=9942 comm="syz.5.2137" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 157.911600][ T29] audit: type=1400 audit(1753911698.331:6100): avc: denied { open } for pid=9942 comm="syz.5.2137" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 157.948610][ T29] audit: type=1400 audit(1753911698.391:6101): avc: denied { ioctl } for pid=9942 comm="syz.5.2137" path="socket:[25259]" dev="sockfs" ino=25259 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 158.051869][ T29] audit: type=1326 audit(1753911698.491:6102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9953 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db11be9a9 code=0x7ffc0000 [ 158.074907][ T29] audit: type=1326 audit(1753911698.491:6103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9953 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f5db11be9a9 code=0x7ffc0000 [ 158.098042][ T29] audit: type=1326 audit(1753911698.491:6104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9953 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db11be9a9 code=0x7ffc0000 [ 158.121124][ T29] audit: type=1326 audit(1753911698.491:6105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9953 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5db11be9a9 code=0x7ffc0000 [ 158.143997][ T29] audit: type=1326 audit(1753911698.491:6106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9953 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db11be9a9 code=0x7ffc0000 [ 158.156205][ T9957] loop4: detected capacity change from 0 to 128 [ 158.167144][ T29] audit: type=1326 audit(1753911698.491:6107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9953 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f5db11be9a9 code=0x7ffc0000 [ 158.183305][ T7583] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 158.203657][ T7583] hid-generic 0000:0000:0000.0001: item fetching failed at offset 4/35 [ 158.204154][ T29] audit: type=1326 audit(1753911698.601:6108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9956 comm="syz.4.2144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0f9bee9a9 code=0x7ffc0000 [ 158.218326][ T7583] hid-generic 0000:0000:0000.0001: probe with driver hid-generic failed with error -22 [ 158.271045][ T9963] loop5: detected capacity change from 0 to 2048 [ 158.272347][ T9965] loop4: detected capacity change from 0 to 2048 [ 158.298118][ T9963] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.307124][ T9965] loop4: p1 < > p4 [ 158.314941][ T9965] loop4: p4 size 8388608 extends beyond EOD, truncated [ 158.331060][ T6499] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.347721][ T9965] netlink: 160 bytes leftover after parsing attributes in process `syz.4.2146'. [ 158.444329][ T9977] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2151'. [ 158.473197][ T9977] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2151'. [ 158.566192][ T9985] loop1: detected capacity change from 0 to 512 [ 158.592592][ T9990] loop3: detected capacity change from 0 to 512 [ 158.600619][ T9985] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 158.613282][ T9985] ext4 filesystem being mounted at /469/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 158.633778][ T9990] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.651664][ T9995] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2156'. [ 158.686001][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.722091][ T9998] loop1: detected capacity change from 0 to 2048 [ 158.745629][ T9998] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.846224][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.032562][T10022] loop1: detected capacity change from 0 to 1024 [ 159.052488][T10022] EXT4-fs: quotafile must be on filesystem root [ 159.112383][T10028] infiniband syz2: set down [ 159.117118][T10028] infiniband syz2: added veth0_to_bond [ 159.120983][T10031] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2168'. [ 159.135000][T10028] RDS/IB: syz2: added [ 159.140523][T10028] smc: adding ib device syz2 with port count 1 [ 159.148489][T10031] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2168'. [ 159.156769][T10028] smc: ib device syz2 port 1 has pnetid [ 159.348523][T10036] loop0: detected capacity change from 0 to 2048 [ 159.377653][T10036] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.440127][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.529131][T10044] loop5: detected capacity change from 0 to 2048 [ 159.549196][T10044] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.604682][ T6499] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.638714][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.717552][T10062] netlink: 'syz.5.2178': attribute type 1 has an invalid length. [ 159.737806][T10064] loop3: detected capacity change from 0 to 136 [ 159.751981][T10064] Attempt to read inode for relocated directory [ 159.790162][T10066] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=10066 comm=syz.5.2180 [ 159.809477][T10066] netlink: 'syz.5.2180': attribute type 6 has an invalid length. [ 159.814324][T10076] loop3: detected capacity change from 0 to 512 [ 159.828038][T10077] loop0: detected capacity change from 0 to 1024 [ 159.850545][T10076] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.863374][T10076] ext4 filesystem being mounted at /431/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.876028][T10077] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.896398][T10077] ext4 filesystem being mounted at /455/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.926221][T10090] FAULT_INJECTION: forcing a failure. [ 159.926221][T10090] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.939367][T10090] CPU: 0 UID: 0 PID: 10090 Comm: syz.3.2182 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 159.939401][T10090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 159.939414][T10090] Call Trace: [ 159.939421][T10090] [ 159.939470][T10090] __dump_stack+0x1d/0x30 [ 159.939490][T10090] dump_stack_lvl+0xe8/0x140 [ 159.939509][T10090] dump_stack+0x15/0x1b [ 159.939526][T10090] should_fail_ex+0x265/0x280 [ 159.939644][T10090] should_fail+0xb/0x20 [ 159.939671][T10090] should_fail_usercopy+0x1a/0x20 [ 159.939713][T10090] _copy_from_user+0x1c/0xb0 [ 159.939813][T10090] memdup_user+0x5e/0xd0 [ 159.939849][T10090] strndup_user+0x68/0xb0 [ 159.939874][T10090] perf_uprobe_init+0x48/0x150 [ 159.939979][T10090] perf_uprobe_event_init+0xc4/0x140 [ 159.940010][T10090] perf_try_init_event+0xd6/0x540 [ 159.940032][T10090] ? perf_event_alloc+0xb1c/0x1680 [ 159.940281][T10090] perf_event_alloc+0xb27/0x1680 [ 159.940320][T10090] __se_sys_perf_event_open+0x615/0x11c0 [ 159.940362][T10090] ? __rcu_read_unlock+0x4f/0x70 [ 159.940390][T10090] __x64_sys_perf_event_open+0x67/0x80 [ 159.940474][T10090] x64_sys_call+0x27ec/0x2fb0 [ 159.940506][T10090] do_syscall_64+0xd2/0x200 [ 159.940522][T10090] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 159.940544][T10090] ? clear_bhb_loop+0x40/0x90 [ 159.940584][T10090] ? clear_bhb_loop+0x40/0x90 [ 159.940605][T10090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.940626][T10090] RIP: 0033:0x7f7bdd26e9a9 [ 159.940652][T10090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.940668][T10090] RSP: 002b:00007f7bdb8b6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 159.940687][T10090] RAX: ffffffffffffffda RBX: 00007f7bdd496080 RCX: 00007f7bdd26e9a9 [ 159.940697][T10090] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 159.940780][T10090] RBP: 00007f7bdb8b6090 R08: 0000000000000000 R09: 0000000000000000 [ 159.940791][T10090] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 159.940805][T10090] R13: 0000000000000001 R14: 00007f7bdd496080 R15: 00007ffe1b1ef1b8 [ 159.940823][T10090] [ 160.304260][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.404080][T10111] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=10111 comm=syz.4.2193 [ 160.417261][T10120] sg_write: data in/out 63969/14 bytes for SCSI command 0x0-- guessing data in; [ 160.417261][T10120] program syz.5.2195 not setting count and/or reply_len properly [ 160.446737][T10111] netlink: 'syz.4.2193': attribute type 6 has an invalid length. [ 160.529466][T10131] loop5: detected capacity change from 0 to 128 [ 160.636622][T10142] FAULT_INJECTION: forcing a failure. [ 160.636622][T10142] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 160.649730][T10142] CPU: 1 UID: 0 PID: 10142 Comm: syz.4.2202 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 160.649837][T10142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 160.649848][T10142] Call Trace: [ 160.649867][T10142] [ 160.649874][T10142] __dump_stack+0x1d/0x30 [ 160.649893][T10142] dump_stack_lvl+0xe8/0x140 [ 160.649909][T10142] dump_stack+0x15/0x1b [ 160.649922][T10142] should_fail_ex+0x265/0x280 [ 160.649949][T10142] should_fail+0xb/0x20 [ 160.649996][T10142] should_fail_usercopy+0x1a/0x20 [ 160.650098][T10142] strncpy_from_user+0x25/0x230 [ 160.650170][T10142] ? kmem_cache_alloc_noprof+0x186/0x310 [ 160.650190][T10142] ? getname_flags+0x80/0x3b0 [ 160.650208][T10142] getname_flags+0xae/0x3b0 [ 160.650224][T10142] __x64_sys_execve+0x42/0x70 [ 160.650246][T10142] x64_sys_call+0x13ab/0x2fb0 [ 160.650268][T10142] do_syscall_64+0xd2/0x200 [ 160.650284][T10142] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 160.650528][T10142] ? clear_bhb_loop+0x40/0x90 [ 160.650605][T10142] ? clear_bhb_loop+0x40/0x90 [ 160.650680][T10142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.650695][T10142] RIP: 0033:0x7fb0f9bee9a9 [ 160.650708][T10142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.650722][T10142] RSP: 002b:00007fb0f8257038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 160.650737][T10142] RAX: ffffffffffffffda RBX: 00007fb0f9e15fa0 RCX: 00007fb0f9bee9a9 [ 160.650804][T10142] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000400 [ 160.650813][T10142] RBP: 00007fb0f8257090 R08: 0000000000000000 R09: 0000000000000000 [ 160.650830][T10142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.650840][T10142] R13: 0000000000000000 R14: 00007fb0f9e15fa0 R15: 00007ffe51999d08 [ 160.650855][T10142] [ 160.654873][T10139] hub 6-0:1.0: USB hub found [ 160.848232][T10139] hub 6-0:1.0: 8 ports detected [ 160.848648][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.880364][T10149] loop1: detected capacity change from 0 to 2048 [ 160.902603][T10156] FAULT_INJECTION: forcing a failure. [ 160.902603][T10156] name failslab, interval 1, probability 0, space 0, times 0 [ 160.910793][T10149] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 160.915297][T10156] CPU: 1 UID: 0 PID: 10156 Comm: ¬í Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 160.915345][T10156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 160.915358][T10156] Call Trace: [ 160.915365][T10156] [ 160.915372][T10156] __dump_stack+0x1d/0x30 [ 160.915394][T10156] dump_stack_lvl+0xe8/0x140 [ 160.915410][T10156] dump_stack+0x15/0x1b [ 160.915426][T10156] should_fail_ex+0x265/0x280 [ 160.915511][T10156] should_failslab+0x8c/0xb0 [ 160.915579][T10156] kmem_cache_alloc_node_noprof+0x57/0x320 [ 160.915604][T10156] ? __alloc_skb+0x101/0x320 [ 160.915631][T10156] __alloc_skb+0x101/0x320 [ 160.915656][T10156] ? audit_log_start+0x365/0x6c0 [ 160.915780][T10156] audit_log_start+0x380/0x6c0 [ 160.915810][T10156] audit_seccomp+0x48/0x100 [ 160.915898][T10156] ? __seccomp_filter+0x68c/0x10d0 [ 160.915920][T10156] __seccomp_filter+0x69d/0x10d0 [ 160.915941][T10156] ? update_load_avg+0x1da/0x820 [ 160.915964][T10156] ? __list_add_valid_or_report+0x38/0xe0 [ 160.916025][T10156] ? __set_next_task_fair+0x5b/0x150 [ 160.916051][T10156] ? tracing_record_taskinfo_sched_switch+0x71/0x260 [ 160.916109][T10156] ? _raw_spin_unlock+0x26/0x50 [ 160.916135][T10156] __secure_computing+0x82/0x150 [ 160.916155][T10156] syscall_trace_enter+0xcf/0x1e0 [ 160.916178][T10156] do_syscall_64+0xac/0x200 [ 160.916269][T10156] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 160.916339][T10156] ? clear_bhb_loop+0x40/0x90 [ 160.916359][T10156] ? clear_bhb_loop+0x40/0x90 [ 160.916433][T10156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.916453][T10156] RIP: 0033:0x7f8eb85bd3bc [ 160.916468][T10156] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 160.916495][T10156] RSP: 002b:00007f8eb6c27030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 160.916514][T10156] RAX: ffffffffffffffda RBX: 00007f8eb87e5fa0 RCX: 00007f8eb85bd3bc [ 160.916559][T10156] RDX: 000000000000000f RSI: 00007f8eb6c270a0 RDI: 0000000000000003 [ 160.916571][T10156] RBP: 00007f8eb6c27090 R08: 0000000000000000 R09: 0000000000000000 [ 160.916583][T10156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.916595][T10156] R13: 0000000000000000 R14: 00007f8eb87e5fa0 R15: 00007ffee7285b98 [ 160.916613][T10156] [ 160.952745][T10161] sg_write: data in/out 63969/14 bytes for SCSI command 0x0-- guessing data in; [ 160.952745][T10161] program syz.0.2207 not setting count and/or reply_len properly [ 161.186853][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.207492][T10167] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=10167 comm=syz.3.2208 [ 161.241107][T10160] netlink: 'syz.3.2208': attribute type 6 has an invalid length. [ 161.293862][T10182] netlink: 'syz.0.2214': attribute type 1 has an invalid length. [ 161.313416][T10178] loop3: detected capacity change from 0 to 512 [ 161.325597][T10178] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.391398][T10194] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 161.454706][T10202] sg_write: data in/out 63969/14 bytes for SCSI command 0x0-- guessing data in; [ 161.454706][T10202] program syz.1.2220 not setting count and/or reply_len properly [ 161.510177][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.524303][T10205] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=10205 comm=syz.5.2223 [ 161.541299][T10205] netlink: 'syz.5.2223': attribute type 6 has an invalid length. [ 161.556674][T10219] vhci_hcd: default hub control req: 0000 v0000 i0000 l31125 [ 161.808178][T10249] xt_hashlimit: size too large, truncated to 1048576 [ 161.827451][T10250] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 161.867641][T10250] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 161.967773][T10252] loop0: detected capacity change from 0 to 512 [ 161.989191][T10252] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.005221][T10252] ext4 filesystem being mounted at /463/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 162.044341][T10252] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 162.088339][T10252] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 162.129516][T10252] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 162.157575][T10252] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 162.208293][T10252] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 162.233160][T10282] loop1: detected capacity change from 0 to 256 [ 162.238274][T10252] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 162.315752][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.392221][T10291] loop0: detected capacity change from 0 to 512 [ 162.427013][T10291] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 162.439357][T10293] loop4: detected capacity change from 0 to 512 [ 162.446689][T10293] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 162.461734][T10291] EXT4-fs (loop0): 1 truncate cleaned up [ 162.473188][T10291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.490591][T10293] EXT4-fs (loop4): 1 truncate cleaned up [ 162.496605][T10293] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.516337][T10301] __nla_validate_parse: 8 callbacks suppressed [ 162.516425][T10301] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2259'. [ 162.536163][T10301] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2259'. [ 162.586611][T10306] loop5: detected capacity change from 0 to 1024 [ 162.602596][T10306] EXT4-fs: quotafile must be on filesystem root [ 162.619560][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.657123][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.963629][ T29] kauditd_printk_skb: 179 callbacks suppressed [ 162.963662][ T29] audit: type=1326 audit(1753911703.411:6286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10331 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 162.971467][T10334] sctp: [Deprecated]: syz.0.2271 (pid 10334) Use of int in maxseg socket option. [ 162.971467][T10334] Use struct sctp_assoc_value instead [ 163.018601][T10333] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2270'. [ 163.019153][ T29] audit: type=1326 audit(1753911703.411:6287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10331 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 163.051203][ T29] audit: type=1326 audit(1753911703.411:6288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10331 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 163.060450][T10333] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2270'. [ 163.074740][ T29] audit: type=1326 audit(1753911703.411:6289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10331 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 163.107567][ T29] audit: type=1326 audit(1753911703.411:6290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10331 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 163.131115][ T29] audit: type=1326 audit(1753911703.411:6291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10331 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 163.154512][ T29] audit: type=1326 audit(1753911703.411:6292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10331 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 163.178526][ T29] audit: type=1326 audit(1753911703.411:6293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10331 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 163.202261][ T29] audit: type=1326 audit(1753911703.411:6294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10331 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 163.225812][ T29] audit: type=1326 audit(1753911703.411:6295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10331 comm="syz.0.2271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 163.316343][T10342] loop4: detected capacity change from 0 to 512 [ 163.360676][T10342] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.407048][T10342] ext4 filesystem being mounted at /459/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 163.450842][T10359] netlink: 'syz.3.2279': attribute type 1 has an invalid length. [ 163.458782][T10359] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2279'. [ 163.479996][T10342] FAULT_INJECTION: forcing a failure. [ 163.479996][T10342] name failslab, interval 1, probability 0, space 0, times 0 [ 163.492837][T10342] CPU: 0 UID: 0 PID: 10342 Comm: syz.4.2273 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 163.492898][T10342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 163.492910][T10342] Call Trace: [ 163.492915][T10342] [ 163.492922][T10342] __dump_stack+0x1d/0x30 [ 163.492950][T10342] dump_stack_lvl+0xe8/0x140 [ 163.492976][T10342] dump_stack+0x15/0x1b [ 163.492993][T10342] should_fail_ex+0x265/0x280 [ 163.493033][T10342] should_failslab+0x8c/0xb0 [ 163.493050][T10342] kmem_cache_alloc_noprof+0x50/0x310 [ 163.493071][T10342] ? getname_kernel+0x3c/0x1f0 [ 163.493090][T10342] getname_kernel+0x3c/0x1f0 [ 163.493142][T10342] kern_path+0x23/0x130 [ 163.493164][T10342] lookup_bdev+0x66/0x150 [ 163.493190][T10342] __se_sys_quotactl+0x1b7/0x670 [ 163.493227][T10342] __x64_sys_quotactl+0x55/0x70 [ 163.493249][T10342] x64_sys_call+0x2886/0x2fb0 [ 163.493378][T10342] do_syscall_64+0xd2/0x200 [ 163.493402][T10342] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 163.493425][T10342] ? clear_bhb_loop+0x40/0x90 [ 163.493523][T10342] ? clear_bhb_loop+0x40/0x90 [ 163.493613][T10342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.493661][T10342] RIP: 0033:0x7fb0f9bee9a9 [ 163.493677][T10342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.493694][T10342] RSP: 002b:00007fb0f8257038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 163.493849][T10342] RAX: ffffffffffffffda RBX: 00007fb0f9e15fa0 RCX: 00007fb0f9bee9a9 [ 163.493863][T10342] RDX: 0000000000000000 RSI: 0000200000000200 RDI: ffffffff80000800 [ 163.493876][T10342] RBP: 00007fb0f8257090 R08: 0000000000000000 R09: 0000000000000000 [ 163.493888][T10342] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001 [ 163.493901][T10342] R13: 0000000000000000 R14: 00007fb0f9e15fa0 R15: 00007ffe51999d08 [ 163.493922][T10342] [ 163.729103][T10369] netlink: 'syz.3.2282': attribute type 21 has an invalid length. [ 163.736981][T10369] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2282'. [ 163.750905][T10373] loop1: detected capacity change from 0 to 1024 [ 163.758237][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.775797][T10369] netlink: 'syz.3.2282': attribute type 5 has an invalid length. [ 163.783738][T10369] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2282'. [ 163.820892][T10373] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 163.831921][T10373] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 163.846123][T10377] loop3: detected capacity change from 0 to 512 [ 163.863998][T10373] JBD2: no valid journal superblock found [ 163.869915][T10373] EXT4-fs (loop1): Could not load journal inode [ 163.885345][T10377] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 163.920700][T10385] netlink: 'syz.4.2283': attribute type 1 has an invalid length. [ 163.927973][T10377] ext4 filesystem being mounted at /454/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 163.928530][T10385] netlink: 199820 bytes leftover after parsing attributes in process `syz.4.2283'. [ 163.978981][T10377] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 164.005355][T10391] loop1: detected capacity change from 0 to 512 [ 164.044261][T10377] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 164.064831][T10391] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.103667][T10377] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 164.180020][T10397] loop5: detected capacity change from 0 to 1024 [ 164.188853][T10377] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 164.213689][T10377] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 164.244180][T10397] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 164.258907][T10377] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 164.327874][T10397] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.354786][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.456481][T10404] netlink: 'syz.3.2293': attribute type 1 has an invalid length. [ 164.464313][T10404] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2293'. [ 164.475442][ T6499] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.576162][T10409] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2295'. [ 164.775265][T10428] loop3: detected capacity change from 0 to 512 [ 164.796670][T10434] netlink: 'syz.4.2305': attribute type 1 has an invalid length. [ 164.810852][T10428] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.831702][T10428] ext4 filesystem being mounted at /459/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.850426][T10438] loop4: detected capacity change from 0 to 2048 [ 164.850932][T10428] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 164.868836][T10428] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 164.885423][T10428] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 164.885893][T10438] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 164.909017][T10428] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 164.934706][T10428] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 164.956658][T10428] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 165.026226][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.046946][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.066900][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.126819][T10451] FAULT_INJECTION: forcing a failure. [ 165.126819][T10451] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 165.140087][T10451] CPU: 0 UID: 0 PID: 10451 Comm: syz.3.2311 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 165.140114][T10451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 165.140125][T10451] Call Trace: [ 165.140132][T10451] [ 165.140139][T10451] __dump_stack+0x1d/0x30 [ 165.140236][T10451] dump_stack_lvl+0xe8/0x140 [ 165.140255][T10451] dump_stack+0x15/0x1b [ 165.140269][T10451] should_fail_ex+0x265/0x280 [ 165.140293][T10451] should_fail+0xb/0x20 [ 165.140316][T10451] should_fail_usercopy+0x1a/0x20 [ 165.140368][T10451] _copy_from_user+0x1c/0xb0 [ 165.140386][T10451] __sys_bpf+0x178/0x790 [ 165.140414][T10451] __x64_sys_bpf+0x41/0x50 [ 165.140436][T10451] x64_sys_call+0x2478/0x2fb0 [ 165.140467][T10451] do_syscall_64+0xd2/0x200 [ 165.140545][T10451] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 165.140566][T10451] ? clear_bhb_loop+0x40/0x90 [ 165.140583][T10451] ? clear_bhb_loop+0x40/0x90 [ 165.140615][T10451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.140688][T10451] RIP: 0033:0x7f7bdd26e9a9 [ 165.140704][T10451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.140718][T10451] RSP: 002b:00007f7bdb8d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 165.140734][T10451] RAX: ffffffffffffffda RBX: 00007f7bdd495fa0 RCX: 00007f7bdd26e9a9 [ 165.140745][T10451] RDX: 0000000000000020 RSI: 0000200000000740 RDI: 0000000000000002 [ 165.140757][T10451] RBP: 00007f7bdb8d7090 R08: 0000000000000000 R09: 0000000000000000 [ 165.140811][T10451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.140830][T10451] R13: 0000000000000000 R14: 00007f7bdd495fa0 R15: 00007ffe1b1ef1b8 [ 165.140951][T10451] [ 165.436471][T10461] loop5: detected capacity change from 0 to 128 [ 165.450820][T10463] netlink: 'syz.3.2316': attribute type 1 has an invalid length. [ 165.480138][T10466] loop4: detected capacity change from 0 to 1024 [ 165.494542][T10466] EXT4-fs: quotafile must be on filesystem root [ 165.543469][T10469] loop1: detected capacity change from 0 to 512 [ 165.581899][T10469] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 165.587853][T10472] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 165.595751][T10469] ext4 filesystem being mounted at /502/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 165.655129][T10469] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 165.691065][T10469] EXT4-fs error (device loop1): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 165.703939][T10469] EXT4-fs error (device loop1): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 165.731278][T10469] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 165.765489][T10469] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 165.779063][T10469] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117) [ 165.826060][T10482] loop0: detected capacity change from 0 to 512 [ 165.841447][T10482] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.855453][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.985941][T10493] FAULT_INJECTION: forcing a failure. [ 165.985941][T10493] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 165.999172][T10493] CPU: 0 UID: 0 PID: 10493 Comm: syz.3.2326 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 165.999199][T10493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 165.999210][T10493] Call Trace: [ 165.999216][T10493] [ 165.999223][T10493] __dump_stack+0x1d/0x30 [ 165.999237][T10493] dump_stack_lvl+0xe8/0x140 [ 165.999269][T10493] dump_stack+0x15/0x1b [ 165.999277][T10493] should_fail_ex+0x265/0x280 [ 165.999294][T10493] should_fail+0xb/0x20 [ 165.999351][T10493] should_fail_usercopy+0x1a/0x20 [ 165.999367][T10493] strncpy_from_user+0x25/0x230 [ 165.999380][T10493] ? kmem_cache_alloc_noprof+0x186/0x310 [ 165.999393][T10493] ? getname_flags+0x80/0x3b0 [ 165.999474][T10493] getname_flags+0xae/0x3b0 [ 165.999490][T10493] path_setxattrat+0x223/0x310 [ 165.999522][T10493] __x64_sys_lsetxattr+0x71/0x90 [ 165.999542][T10493] x64_sys_call+0x1e36/0x2fb0 [ 165.999578][T10493] do_syscall_64+0xd2/0x200 [ 165.999590][T10493] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 165.999685][T10493] ? clear_bhb_loop+0x40/0x90 [ 165.999696][T10493] ? clear_bhb_loop+0x40/0x90 [ 165.999707][T10493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.999719][T10493] RIP: 0033:0x7f7bdd26e9a9 [ 165.999728][T10493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.999772][T10493] RSP: 002b:00007f7bdb8d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 165.999784][T10493] RAX: ffffffffffffffda RBX: 00007f7bdd495fa0 RCX: 00007f7bdd26e9a9 [ 165.999826][T10493] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000200000000080 [ 165.999838][T10493] RBP: 00007f7bdb8d7090 R08: 0000000000000000 R09: 0000000000000000 [ 165.999846][T10493] R10: 000000000000002b R11: 0000000000000246 R12: 0000000000000001 [ 165.999853][T10493] R13: 0000000000000000 R14: 00007f7bdd495fa0 R15: 00007ffe1b1ef1b8 [ 165.999864][T10493] [ 166.383180][T10519] FAULT_INJECTION: forcing a failure. [ 166.383180][T10519] name failslab, interval 1, probability 0, space 0, times 0 [ 166.396049][T10519] CPU: 1 UID: 0 PID: 10519 Comm: syz.5.2338 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 166.396094][T10519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 166.396163][T10519] Call Trace: [ 166.396170][T10519] [ 166.396179][T10519] __dump_stack+0x1d/0x30 [ 166.396197][T10519] dump_stack_lvl+0xe8/0x140 [ 166.396212][T10519] dump_stack+0x15/0x1b [ 166.396297][T10519] should_fail_ex+0x265/0x280 [ 166.396383][T10519] should_failslab+0x8c/0xb0 [ 166.396401][T10519] kmem_cache_alloc_noprof+0x50/0x310 [ 166.396427][T10519] ? audit_log_start+0x365/0x6c0 [ 166.396452][T10519] audit_log_start+0x365/0x6c0 [ 166.396512][T10519] audit_seccomp+0x48/0x100 [ 166.396534][T10519] ? __seccomp_filter+0x68c/0x10d0 [ 166.396628][T10519] __seccomp_filter+0x69d/0x10d0 [ 166.396650][T10519] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 166.396689][T10519] ? vfs_write+0x75e/0x8e0 [ 166.396712][T10519] ? __rcu_read_unlock+0x4f/0x70 [ 166.396783][T10519] ? __fget_files+0x184/0x1c0 [ 166.396806][T10519] __secure_computing+0x82/0x150 [ 166.396827][T10519] syscall_trace_enter+0xcf/0x1e0 [ 166.396851][T10519] do_syscall_64+0xac/0x200 [ 166.396974][T10519] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 166.396993][T10519] ? clear_bhb_loop+0x40/0x90 [ 166.397017][T10519] ? clear_bhb_loop+0x40/0x90 [ 166.397037][T10519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.397173][T10519] RIP: 0033:0x7fe3bf47e9a9 [ 166.397187][T10519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.397203][T10519] RSP: 002b:00007fe3bdadf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000121 [ 166.397220][T10519] RAX: ffffffffffffffda RBX: 00007fe3bf6a5fa0 RCX: 00007fe3bf47e9a9 [ 166.397231][T10519] RDX: 0000000000000008 RSI: 0000200000000000 RDI: ffffffffffffffff [ 166.397242][T10519] RBP: 00007fe3bdadf090 R08: 0000000000000000 R09: 0000000000000000 [ 166.397255][T10519] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001 [ 166.397268][T10519] R13: 0000000000000000 R14: 00007fe3bf6a5fa0 R15: 00007ffcce68b308 [ 166.397287][T10519] [ 166.710171][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.759977][T10533] hub 6-0:1.0: USB hub found [ 166.771302][T10533] hub 6-0:1.0: 8 ports detected [ 166.837394][T10546] netlink: 'syz.5.2351': attribute type 13 has an invalid length. [ 166.894870][T10551] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 166.902874][T10551] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 166.936160][T10549] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 166.958571][T10565] loop3: detected capacity change from 0 to 2048 [ 166.979907][T10565] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.026719][ T3315] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.210545][T10592] loop1: detected capacity change from 0 to 128 [ 167.220066][T10592] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 167.224756][T10594] pimreg: entered allmulticast mode [ 167.232744][T10592] ext4 filesystem being mounted at /514/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 167.239568][T10594] pimreg: left allmulticast mode [ 167.295110][ T3304] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 167.321747][T10598] loop1: detected capacity change from 0 to 2048 [ 167.341674][T10598] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.405809][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.650672][T10621] loop1: detected capacity change from 0 to 512 [ 167.659439][T10621] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 167.699443][ T3304] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.055533][T10645] __nla_validate_parse: 22 callbacks suppressed [ 168.055547][T10645] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2390'. [ 168.071133][ T29] kauditd_printk_skb: 225 callbacks suppressed [ 168.071146][ T29] audit: type=1400 audit(1753911708.500:6517): avc: denied { getopt } for pid=10631 comm="syz.1.2383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 168.098175][T10645] loop0: detected capacity change from 0 to 128 [ 168.125770][T10650] loop5: detected capacity change from 0 to 512 [ 168.126995][T10651] loop3: detected capacity change from 0 to 1024 [ 168.139685][T10651] ext4: Unknown parameter 'func' [ 168.141439][T10650] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.148874][ T29] audit: type=1326 audit(1753911708.590:6518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10649 comm="syz.3.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bdd26e9a9 code=0x7ffc0000 [ 168.180488][ T29] audit: type=1326 audit(1753911708.590:6519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10649 comm="syz.3.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bdd26e9a9 code=0x7ffc0000 [ 168.204108][ T29] audit: type=1326 audit(1753911708.610:6520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10649 comm="syz.3.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7bdd26e9a9 code=0x7ffc0000 [ 168.227529][ T29] audit: type=1326 audit(1753911708.610:6521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10649 comm="syz.3.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bdd26e9a9 code=0x7ffc0000 [ 168.251355][ T29] audit: type=1326 audit(1753911708.610:6522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10649 comm="syz.3.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bdd26e9a9 code=0x7ffc0000 [ 168.274952][ T29] audit: type=1326 audit(1753911708.610:6523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10649 comm="syz.3.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f7bdd26e9a9 code=0x7ffc0000 [ 168.299189][ T29] audit: type=1326 audit(1753911708.610:6524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10649 comm="syz.3.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bdd26e9a9 code=0x7ffc0000 [ 168.322744][ T29] audit: type=1326 audit(1753911708.610:6525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10649 comm="syz.3.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7bdd26e9a9 code=0x7ffc0000 [ 168.346235][ T29] audit: type=1326 audit(1753911708.610:6526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10649 comm="syz.3.2392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7bdd26e9a9 code=0x7ffc0000 [ 168.382496][ T6499] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.585469][T10668] FAULT_INJECTION: forcing a failure. [ 168.585469][T10668] name failslab, interval 1, probability 0, space 0, times 0 [ 168.598228][T10668] CPU: 0 UID: 0 PID: 10668 Comm: syz.4.2397 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 168.598257][T10668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 168.598286][T10668] Call Trace: [ 168.598293][T10668] [ 168.598301][T10668] __dump_stack+0x1d/0x30 [ 168.598321][T10668] dump_stack_lvl+0xe8/0x140 [ 168.598340][T10668] dump_stack+0x15/0x1b [ 168.598356][T10668] should_fail_ex+0x265/0x280 [ 168.598431][T10668] ? audit_log_d_path+0x8d/0x150 [ 168.598594][T10668] should_failslab+0x8c/0xb0 [ 168.598612][T10668] __kmalloc_cache_noprof+0x4c/0x320 [ 168.598635][T10668] audit_log_d_path+0x8d/0x150 [ 168.598662][T10668] audit_log_d_path_exe+0x42/0x70 [ 168.598744][T10668] audit_log_task+0x1e9/0x250 [ 168.598773][T10668] audit_seccomp+0x61/0x100 [ 168.598796][T10668] ? __seccomp_filter+0x68c/0x10d0 [ 168.598839][T10668] __seccomp_filter+0x69d/0x10d0 [ 168.598858][T10668] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 168.598921][T10668] ? vfs_write+0x75e/0x8e0 [ 168.599032][T10668] ? __rcu_read_unlock+0x4f/0x70 [ 168.599132][T10668] ? __fget_files+0x184/0x1c0 [ 168.599166][T10668] __secure_computing+0x82/0x150 [ 168.599227][T10668] syscall_trace_enter+0xcf/0x1e0 [ 168.599256][T10668] do_syscall_64+0xac/0x200 [ 168.599272][T10668] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 168.599295][T10668] ? clear_bhb_loop+0x40/0x90 [ 168.599322][T10668] ? clear_bhb_loop+0x40/0x90 [ 168.599395][T10668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.599413][T10668] RIP: 0033:0x7fb0f9bee9a9 [ 168.599461][T10668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.599478][T10668] RSP: 002b:00007fb0f8257038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 168.599498][T10668] RAX: ffffffffffffffda RBX: 00007fb0f9e15fa0 RCX: 00007fb0f9bee9a9 [ 168.599510][T10668] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 168.599523][T10668] RBP: 00007fb0f8257090 R08: 0000000000000000 R09: 0000000000000000 [ 168.599558][T10668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 168.599568][T10668] R13: 0000000000000000 R14: 00007fb0f9e15fa0 R15: 00007ffe51999d08 [ 168.599663][T10668] [ 168.735903][T10673] bridge_slave_1: left allmulticast mode [ 168.899068][T10673] bridge_slave_1: left promiscuous mode [ 168.904768][T10673] bridge0: port 2(bridge_slave_1) entered disabled state [ 168.922758][T10673] bridge_slave_0: left allmulticast mode [ 168.928584][T10673] bridge_slave_0: left promiscuous mode [ 168.934421][T10673] bridge0: port 1(bridge_slave_0) entered disabled state [ 168.950912][T10684] loop0: detected capacity change from 0 to 512 [ 168.961273][T10684] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.990692][T10687] loop4: detected capacity change from 0 to 128 [ 169.047628][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.140531][T10706] vxcan1: entered allmulticast mode [ 169.147400][T10703] hub 6-0:1.0: USB hub found [ 169.154666][T10703] hub 6-0:1.0: 8 ports detected [ 169.167453][T10708] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2412'. [ 169.176487][T10709] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2412'. [ 169.190660][T10711] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2413'. [ 169.210031][T10708] loop0: detected capacity change from 0 to 128 [ 169.219975][T10711] loop1: detected capacity change from 0 to 128 [ 169.250806][T10715] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2414'. [ 169.544390][T10737] loop4: detected capacity change from 0 to 512 [ 169.565241][T10737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 169.578760][T10737] ext4 filesystem being mounted at /488/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 169.608455][T10737] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 169.619812][T10737] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 169.631275][T10737] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 169.649288][T10737] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 169.668208][T10737] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 169.693731][T10737] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 169.790940][T10752] hub 6-0:1.0: USB hub found [ 169.798672][T10752] hub 6-0:1.0: 8 ports detected [ 169.813316][ T3306] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.962643][T10768] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2433'. [ 170.023301][T10776] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2436'. [ 170.163437][T10785] FAULT_INJECTION: forcing a failure. [ 170.163437][T10785] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 170.176583][T10785] CPU: 1 UID: 0 PID: 10785 Comm: syz.4.2439 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 170.176624][T10785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 170.176634][T10785] Call Trace: [ 170.176640][T10785] [ 170.176647][T10785] __dump_stack+0x1d/0x30 [ 170.176683][T10785] dump_stack_lvl+0xe8/0x140 [ 170.176701][T10785] dump_stack+0x15/0x1b [ 170.176793][T10785] should_fail_ex+0x265/0x280 [ 170.176820][T10785] should_fail+0xb/0x20 [ 170.176840][T10785] should_fail_usercopy+0x1a/0x20 [ 170.176894][T10785] _copy_from_user+0x1c/0xb0 [ 170.176915][T10785] ___sys_sendmsg+0xc1/0x1d0 [ 170.176948][T10785] __x64_sys_sendmsg+0xd4/0x160 [ 170.176994][T10785] x64_sys_call+0x2999/0x2fb0 [ 170.177011][T10785] do_syscall_64+0xd2/0x200 [ 170.177027][T10785] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 170.177049][T10785] ? clear_bhb_loop+0x40/0x90 [ 170.177068][T10785] ? clear_bhb_loop+0x40/0x90 [ 170.177094][T10785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.177115][T10785] RIP: 0033:0x7fb0f9bee9a9 [ 170.177130][T10785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.177147][T10785] RSP: 002b:00007fb0f8257038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 170.177199][T10785] RAX: ffffffffffffffda RBX: 00007fb0f9e15fa0 RCX: 00007fb0f9bee9a9 [ 170.177210][T10785] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000005 [ 170.177220][T10785] RBP: 00007fb0f8257090 R08: 0000000000000000 R09: 0000000000000000 [ 170.177230][T10785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 170.177242][T10785] R13: 0000000000000000 R14: 00007fb0f9e15fa0 R15: 00007ffe51999d08 [ 170.177259][T10785] [ 170.432919][T10793] loop4: detected capacity change from 0 to 164 [ 170.460705][T10793] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 170.473848][T10807] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2448'. [ 170.487966][T10807] loop0: detected capacity change from 0 to 128 [ 170.643170][T10822] loop4: detected capacity change from 0 to 256 [ 170.832929][T10842] loop5: detected capacity change from 0 to 1024 [ 170.840043][T10842] EXT4-fs: Ignoring removed orlov option [ 170.850806][T10844] netlink: 'syz.3.2462': attribute type 1 has an invalid length. [ 170.858687][T10844] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2462'. [ 170.861617][T10842] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 170.902592][T10851] PID 10851 killed due to inadequate hugepage pool [ 171.022688][T10863] FAULT_INJECTION: forcing a failure. [ 171.022688][T10863] name failslab, interval 1, probability 0, space 0, times 0 [ 171.035403][T10863] CPU: 0 UID: 0 PID: 10863 Comm: syz.3.2468 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 171.035466][T10863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 171.035477][T10863] Call Trace: [ 171.035483][T10863] [ 171.035491][T10863] __dump_stack+0x1d/0x30 [ 171.035513][T10863] dump_stack_lvl+0xe8/0x140 [ 171.035531][T10863] dump_stack+0x15/0x1b [ 171.035564][T10863] should_fail_ex+0x265/0x280 [ 171.035695][T10863] should_failslab+0x8c/0xb0 [ 171.035714][T10863] __kmalloc_noprof+0xa5/0x3e0 [ 171.035736][T10863] ? perf_read+0x1da/0x4d0 [ 171.035761][T10863] perf_read+0x1da/0x4d0 [ 171.035808][T10863] ? selinux_file_permission+0x2f0/0x320 [ 171.035887][T10863] ? __pfx_perf_read+0x10/0x10 [ 171.035910][T10863] vfs_read+0x19d/0x6f0 [ 171.035932][T10863] ? __rcu_read_unlock+0x4f/0x70 [ 171.036022][T10863] ? __fget_files+0x184/0x1c0 [ 171.036041][T10863] ksys_read+0xda/0x1a0 [ 171.036084][T10863] __x64_sys_read+0x40/0x50 [ 171.036176][T10863] x64_sys_call+0x2d77/0x2fb0 [ 171.036197][T10863] do_syscall_64+0xd2/0x200 [ 171.036216][T10863] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 171.036238][T10863] ? clear_bhb_loop+0x40/0x90 [ 171.036259][T10863] ? clear_bhb_loop+0x40/0x90 [ 171.036344][T10863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.036365][T10863] RIP: 0033:0x7f7bdd26e9a9 [ 171.036378][T10863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.036392][T10863] RSP: 002b:00007f7bdb8d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 171.036411][T10863] RAX: ffffffffffffffda RBX: 00007f7bdd495fa0 RCX: 00007f7bdd26e9a9 [ 171.036454][T10863] RDX: 00000000000000be RSI: 0000200000000380 RDI: 0000000000000003 [ 171.036464][T10863] RBP: 00007f7bdb8d7090 R08: 0000000000000000 R09: 0000000000000000 [ 171.036474][T10863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 171.036485][T10863] R13: 0000000000000000 R14: 00007f7bdd495fa0 R15: 00007ffe1b1ef1b8 [ 171.036532][T10863] [ 171.370873][T10875] hub 6-0:1.0: USB hub found [ 171.380772][T10875] hub 6-0:1.0: 8 ports detected [ 171.391553][T10865] bond1: entered promiscuous mode [ 171.396658][T10865] bond1: entered allmulticast mode [ 171.403309][T10865] 8021q: adding VLAN 0 to HW filter on device bond1 [ 171.413872][T10865] bond1 (unregistering): Released all slaves [ 171.465068][T10893] loop3: detected capacity change from 0 to 512 [ 171.486745][T10894] pim6reg1: entered promiscuous mode [ 171.492456][T10894] pim6reg1: entered allmulticast mode [ 171.501966][T10893] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #3: comm syz.3.2480: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0) [ 171.535200][T10893] EXT4-fs error (device loop3): ext4_quota_enable:7127: comm syz.3.2480: Bad quota inode: 3, type: 0 [ 171.555238][T10893] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 171.581865][T10893] EXT4-fs (loop3): mount failed [ 171.666350][T10905] netlink: 'syz.3.2483': attribute type 1 has an invalid length. [ 171.674240][T10905] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2483'. [ 171.817545][T10909] loop5: detected capacity change from 0 to 512 [ 171.832932][T10909] ext4 filesystem being mounted at /302/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 171.887105][T10909] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 171.899372][T10909] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 171.910817][T10909] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 171.922825][T10909] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 171.939331][T10909] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 171.969399][T10909] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117) [ 172.093152][T10923] loop5: detected capacity change from 0 to 512 [ 172.110033][T10923] ext4 filesystem being mounted at /305/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 172.148194][T10891] syz.4.2479 (10891) used greatest stack depth: 6952 bytes left [ 172.160590][T10923] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 172.172574][T10923] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 172.185175][T10923] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 172.197557][T10923] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 172.212251][T10923] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 172.224758][T10923] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117) [ 172.235061][T10935] netlink: 'syz.3.2491': attribute type 1 has an invalid length. [ 172.271870][T10941] FAULT_INJECTION: forcing a failure. [ 172.271870][T10941] name failslab, interval 1, probability 0, space 0, times 0 [ 172.284585][T10941] CPU: 0 UID: 0 PID: 10941 Comm: syz.3.2493 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 172.284612][T10941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 172.284623][T10941] Call Trace: [ 172.284631][T10941] [ 172.284638][T10941] __dump_stack+0x1d/0x30 [ 172.284659][T10941] dump_stack_lvl+0xe8/0x140 [ 172.284679][T10941] dump_stack+0x15/0x1b [ 172.284820][T10941] should_fail_ex+0x265/0x280 [ 172.284844][T10941] should_failslab+0x8c/0xb0 [ 172.284867][T10941] __kmalloc_node_track_caller_noprof+0xa4/0x410 [ 172.284967][T10941] ? security_context_to_sid_core+0x69/0x3b0 [ 172.285031][T10941] kmemdup_nul+0x36/0xc0 [ 172.285052][T10941] security_context_to_sid_core+0x69/0x3b0 [ 172.285112][T10941] ? avc_has_perm_noaudit+0x1b1/0x200 [ 172.285164][T10941] security_context_to_sid+0x2e/0x40 [ 172.285253][T10941] sel_write_context+0xf8/0x200 [ 172.285279][T10941] selinux_transaction_write+0xc6/0x110 [ 172.285304][T10941] ? __pfx_selinux_transaction_write+0x10/0x10 [ 172.285326][T10941] vfs_write+0x269/0x8e0 [ 172.285386][T10941] ? __rcu_read_unlock+0x4f/0x70 [ 172.285435][T10941] ? __fget_files+0x184/0x1c0 [ 172.285452][T10941] ksys_write+0xda/0x1a0 [ 172.285477][T10941] __x64_sys_write+0x40/0x50 [ 172.285506][T10941] x64_sys_call+0x2cdd/0x2fb0 [ 172.285568][T10941] do_syscall_64+0xd2/0x200 [ 172.285584][T10941] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 172.285606][T10941] ? clear_bhb_loop+0x40/0x90 [ 172.285651][T10941] ? clear_bhb_loop+0x40/0x90 [ 172.285673][T10941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.285747][T10941] RIP: 0033:0x7f7bdd26e9a9 [ 172.285760][T10941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.285775][T10941] RSP: 002b:00007f7bdb8d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 172.285793][T10941] RAX: ffffffffffffffda RBX: 00007f7bdd495fa0 RCX: 00007f7bdd26e9a9 [ 172.285810][T10941] RDX: 000000000000001d RSI: 0000200000000340 RDI: 0000000000000003 [ 172.285822][T10941] RBP: 00007f7bdb8d7090 R08: 0000000000000000 R09: 0000000000000000 [ 172.285833][T10941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 172.285844][T10941] R13: 0000000000000000 R14: 00007f7bdd495fa0 R15: 00007ffe1b1ef1b8 [ 172.285868][T10941] [ 172.528918][T10944] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (18446744072098938884) [ 172.540032][T10944] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535 [ 172.674677][T10961] hub 6-0:1.0: USB hub found [ 172.680613][T10961] hub 6-0:1.0: 8 ports detected [ 172.806680][ T9] IPVS: starting estimator thread 0... [ 172.807692][T10981] FAULT_INJECTION: forcing a failure. [ 172.807692][T10981] name failslab, interval 1, probability 0, space 0, times 0 [ 172.824878][T10981] CPU: 1 UID: 0 PID: 10981 Comm: syz.4.2509 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 172.824949][T10981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 172.824962][T10981] Call Trace: [ 172.824969][T10981] [ 172.824978][T10981] __dump_stack+0x1d/0x30 [ 172.825007][T10981] dump_stack_lvl+0xe8/0x140 [ 172.825026][T10981] dump_stack+0x15/0x1b [ 172.825042][T10981] should_fail_ex+0x265/0x280 [ 172.825068][T10981] ? cgroup_init_fs_context+0x38/0x2b0 [ 172.825202][T10981] should_failslab+0x8c/0xb0 [ 172.825222][T10981] __kmalloc_cache_noprof+0x4c/0x320 [ 172.825247][T10981] cgroup_init_fs_context+0x38/0x2b0 [ 172.825271][T10981] alloc_fs_context+0x3ec/0x4e0 [ 172.825365][T10981] fs_context_for_mount+0x22/0x30 [ 172.825389][T10981] __se_sys_fsopen+0xa0/0x1e0 [ 172.825421][T10981] __x64_sys_fsopen+0x31/0x40 [ 172.825437][T10981] x64_sys_call+0x2a54/0x2fb0 [ 172.825578][T10981] do_syscall_64+0xd2/0x200 [ 172.825595][T10981] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 172.825619][T10981] ? clear_bhb_loop+0x40/0x90 [ 172.825639][T10981] ? clear_bhb_loop+0x40/0x90 [ 172.825733][T10981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.825824][T10981] RIP: 0033:0x7fb0f9bee9a9 [ 172.825837][T10981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.825852][T10981] RSP: 002b:00007fb0f8257038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 172.825868][T10981] RAX: ffffffffffffffda RBX: 00007fb0f9e15fa0 RCX: 00007fb0f9bee9a9 [ 172.825882][T10981] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000000 [ 172.825966][T10981] RBP: 00007fb0f8257090 R08: 0000000000000000 R09: 0000000000000000 [ 172.825979][T10981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 172.825990][T10981] R13: 0000000000000000 R14: 00007fb0f9e15fa0 R15: 00007ffe51999d08 [ 172.826007][T10981] [ 173.022996][T10976] loop0: detected capacity change from 0 to 128 [ 173.029806][T10976] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 173.056603][T10976] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 173.076150][T10990] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 173.085972][T10990] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 173.106648][T10992] FAULT_INJECTION: forcing a failure. [ 173.106648][T10992] name failslab, interval 1, probability 0, space 0, times 0 [ 173.119379][T10992] CPU: 0 UID: 0 PID: 10992 Comm: syz.3.2512 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 173.119424][T10992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 173.119431][T10992] Call Trace: [ 173.119436][T10992] [ 173.119441][T10992] __dump_stack+0x1d/0x30 [ 173.119455][T10992] dump_stack_lvl+0xe8/0x140 [ 173.119466][T10992] dump_stack+0x15/0x1b [ 173.119475][T10992] should_fail_ex+0x265/0x280 [ 173.119603][T10992] should_failslab+0x8c/0xb0 [ 173.119642][T10992] __kmalloc_noprof+0xa5/0x3e0 [ 173.119655][T10992] ? tcf_pedit_keys_ex_parse+0x4a/0x430 [ 173.119667][T10992] tcf_pedit_keys_ex_parse+0x4a/0x430 [ 173.119678][T10992] ? tcf_pedit_init+0x448/0x970 [ 173.119767][T10992] ? should_failslab+0x8c/0xb0 [ 173.119783][T10992] ? __kmalloc_cache_noprof+0x189/0x320 [ 173.119798][T10992] tcf_pedit_init+0x482/0x970 [ 173.119830][T10992] ? should_fail_ex+0xdb/0x280 [ 173.119847][T10992] tcf_action_init_1+0x367/0x4a0 [ 173.119869][T10992] tcf_action_init+0x267/0x6d0 [ 173.119919][T10992] tc_ctl_action+0x291/0x830 [ 173.119944][T10992] ? __pfx_tc_ctl_action+0x10/0x10 [ 173.119957][T10992] rtnetlink_rcv_msg+0x657/0x6d0 [ 173.119970][T10992] ? avc_has_perm_noaudit+0x1b1/0x200 [ 173.120021][T10992] netlink_rcv_skb+0x123/0x220 [ 173.120039][T10992] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 173.120054][T10992] rtnetlink_rcv+0x1c/0x30 [ 173.120065][T10992] netlink_unicast+0x5a8/0x680 [ 173.120137][T10992] netlink_sendmsg+0x58b/0x6b0 [ 173.120150][T10992] ? __pfx_netlink_sendmsg+0x10/0x10 [ 173.120206][T10992] __sock_sendmsg+0x145/0x180 [ 173.120225][T10992] ____sys_sendmsg+0x31e/0x4e0 [ 173.120250][T10992] ___sys_sendmsg+0x17b/0x1d0 [ 173.120270][T10992] __x64_sys_sendmsg+0xd4/0x160 [ 173.120283][T10992] x64_sys_call+0x2999/0x2fb0 [ 173.120431][T10992] do_syscall_64+0xd2/0x200 [ 173.120463][T10992] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 173.120536][T10992] ? clear_bhb_loop+0x40/0x90 [ 173.120596][T10992] ? clear_bhb_loop+0x40/0x90 [ 173.120608][T10992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.120619][T10992] RIP: 0033:0x7f7bdd26e9a9 [ 173.120629][T10992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.120639][T10992] RSP: 002b:00007f7bdb8d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 173.120650][T10992] RAX: ffffffffffffffda RBX: 00007f7bdd495fa0 RCX: 00007f7bdd26e9a9 [ 173.120712][T10992] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003 [ 173.120719][T10992] RBP: 00007f7bdb8d7090 R08: 0000000000000000 R09: 0000000000000000 [ 173.120726][T10992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.120733][T10992] R13: 0000000000000000 R14: 00007f7bdd495fa0 R15: 00007ffe1b1ef1b8 [ 173.120744][T10992] [ 173.127376][T10982] IPVS: using max 2928 ests per chain, 146400 per kthread [ 173.495103][T11004] loop3: detected capacity change from 0 to 2048 [ 173.509584][ T3578] IPVS: stop unused estimator thread 0... [ 173.564628][ T29] kauditd_printk_skb: 108 callbacks suppressed [ 173.564641][ T29] audit: type=1326 audit(173.030:6635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11011 comm="syz.0.2521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 173.610640][ T29] audit: type=1326 audit(173.060:6636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11011 comm="syz.0.2521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 173.633689][ T29] audit: type=1326 audit(173.060:6637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11011 comm="syz.0.2521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 173.656581][ T29] audit: type=1326 audit(173.060:6638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11011 comm="syz.0.2521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 173.679529][ T29] audit: type=1326 audit(173.060:6639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11011 comm="syz.0.2521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 173.702614][ T29] audit: type=1326 audit(173.060:6640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11011 comm="syz.0.2521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 173.734173][T11015] FAULT_INJECTION: forcing a failure. [ 173.734173][T11015] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 173.747367][T11015] CPU: 0 UID: 0 PID: 11015 Comm: syz.1.2522 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 173.747396][T11015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 173.747409][T11015] Call Trace: [ 173.747435][T11015] [ 173.747444][T11015] __dump_stack+0x1d/0x30 [ 173.747466][T11015] dump_stack_lvl+0xe8/0x140 [ 173.747507][T11015] dump_stack+0x15/0x1b [ 173.747524][T11015] should_fail_ex+0x265/0x280 [ 173.747549][T11015] should_fail+0xb/0x20 [ 173.747570][T11015] should_fail_usercopy+0x1a/0x20 [ 173.747640][T11015] _copy_from_user+0x1c/0xb0 [ 173.747661][T11015] ___sys_sendmsg+0xc1/0x1d0 [ 173.747695][T11015] __sys_sendmmsg+0x178/0x300 [ 173.747890][T11015] __x64_sys_sendmmsg+0x57/0x70 [ 173.747909][T11015] x64_sys_call+0x2f2f/0x2fb0 [ 173.747963][T11015] do_syscall_64+0xd2/0x200 [ 173.747980][T11015] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 173.748001][T11015] ? clear_bhb_loop+0x40/0x90 [ 173.748019][T11015] ? clear_bhb_loop+0x40/0x90 [ 173.748040][T11015] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.748142][T11015] RIP: 0033:0x7f5db11be9a9 [ 173.748158][T11015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.748244][T11015] RSP: 002b:00007f5daf81f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 173.748264][T11015] RAX: ffffffffffffffda RBX: 00007f5db13e5fa0 RCX: 00007f5db11be9a9 [ 173.748306][T11015] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000006 [ 173.748319][T11015] RBP: 00007f5daf81f090 R08: 0000000000000000 R09: 0000000000000000 [ 173.748331][T11015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.748341][T11015] R13: 0000000000000000 R14: 00007f5db13e5fa0 R15: 00007fffdfaf39d8 [ 173.748358][T11015] [ 173.938862][ T29] audit: type=1400 audit(173.290:6641): avc: denied { execute_no_trans } for pid=11003 comm="syz.3.2518" path=2F6D656D66643A5B0BDB58AE5B35A990FF631F1AA9FDFAADD16D64E7E27F9BD55210F3B6FF54BFD1C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1406 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 173.971539][ T29] audit: type=1400 audit(173.420:6642): avc: denied { append } for pid=11003 comm="syz.3.2518" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 174.276204][T11036] netlink: 'syz.0.2530': attribute type 4 has an invalid length. [ 174.405629][T11038] __nla_validate_parse: 6 callbacks suppressed [ 174.405642][T11038] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2531'. [ 174.566198][T11038] FAULT_INJECTION: forcing a failure. [ 174.566198][T11038] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 174.579327][T11038] CPU: 0 UID: 0 PID: 11038 Comm: syz.4.2531 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 174.579353][T11038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 174.579363][T11038] Call Trace: [ 174.579371][T11038] [ 174.579380][T11038] __dump_stack+0x1d/0x30 [ 174.579478][T11038] dump_stack_lvl+0xe8/0x140 [ 174.579554][T11038] dump_stack+0x15/0x1b [ 174.579570][T11038] should_fail_ex+0x265/0x280 [ 174.579594][T11038] should_fail+0xb/0x20 [ 174.579615][T11038] should_fail_usercopy+0x1a/0x20 [ 174.579665][T11038] _copy_to_user+0x20/0xa0 [ 174.579686][T11038] simple_read_from_buffer+0xb5/0x130 [ 174.579720][T11038] proc_fail_nth_read+0x100/0x140 [ 174.579769][T11038] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 174.579799][T11038] vfs_read+0x19d/0x6f0 [ 174.579822][T11038] ? __rcu_read_unlock+0x4f/0x70 [ 174.579894][T11038] ? __fget_files+0x184/0x1c0 [ 174.579911][T11038] ksys_read+0xda/0x1a0 [ 174.579935][T11038] __x64_sys_read+0x40/0x50 [ 174.579979][T11038] x64_sys_call+0x2d77/0x2fb0 [ 174.579998][T11038] do_syscall_64+0xd2/0x200 [ 174.580017][T11038] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 174.580040][T11038] ? clear_bhb_loop+0x40/0x90 [ 174.580137][T11038] ? clear_bhb_loop+0x40/0x90 [ 174.580219][T11038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.580238][T11038] RIP: 0033:0x7fb0f9bed3bc [ 174.580254][T11038] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 174.580314][T11038] RSP: 002b:00007fb0f8257030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 174.580330][T11038] RAX: ffffffffffffffda RBX: 00007fb0f9e15fa0 RCX: 00007fb0f9bed3bc [ 174.580341][T11038] RDX: 000000000000000f RSI: 00007fb0f82570a0 RDI: 0000000000000004 [ 174.580352][T11038] RBP: 00007fb0f8257090 R08: 0000000000000000 R09: 0000000000000000 [ 174.580362][T11038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 174.580414][T11038] R13: 0000000000000000 R14: 00007fb0f9e15fa0 R15: 00007ffe51999d08 [ 174.580433][T11038] [ 174.947186][T11051] loop3: detected capacity change from 0 to 4096 [ 174.967167][T11059] FAULT_INJECTION: forcing a failure. [ 174.967167][T11059] name failslab, interval 1, probability 0, space 0, times 0 [ 174.979870][T11059] CPU: 1 UID: 0 PID: 11059 Comm: syz.5.2538 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 174.979895][T11059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 174.979905][T11059] Call Trace: [ 174.979912][T11059] [ 174.979920][T11059] __dump_stack+0x1d/0x30 [ 174.979942][T11059] dump_stack_lvl+0xe8/0x140 [ 174.979961][T11059] dump_stack+0x15/0x1b [ 174.979996][T11059] should_fail_ex+0x265/0x280 [ 174.980055][T11059] should_failslab+0x8c/0xb0 [ 174.980078][T11059] kmem_cache_alloc_node_noprof+0x57/0x320 [ 174.980204][T11059] ? __alloc_skb+0x101/0x320 [ 174.980307][T11059] __alloc_skb+0x101/0x320 [ 174.980337][T11059] netlink_alloc_large_skb+0xba/0xf0 [ 174.980398][T11059] netlink_sendmsg+0x3cf/0x6b0 [ 174.980416][T11059] ? __pfx_netlink_sendmsg+0x10/0x10 [ 174.980437][T11059] __sock_sendmsg+0x145/0x180 [ 174.980462][T11059] ____sys_sendmsg+0x31e/0x4e0 [ 174.980481][T11059] ___sys_sendmsg+0x17b/0x1d0 [ 174.980580][T11059] __x64_sys_sendmsg+0xd4/0x160 [ 174.980601][T11059] x64_sys_call+0x2999/0x2fb0 [ 174.980621][T11059] do_syscall_64+0xd2/0x200 [ 174.980638][T11059] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 174.980729][T11059] ? clear_bhb_loop+0x40/0x90 [ 174.980750][T11059] ? clear_bhb_loop+0x40/0x90 [ 174.980771][T11059] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.980788][T11059] RIP: 0033:0x7fe3bf47e9a9 [ 174.980819][T11059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.980834][T11059] RSP: 002b:00007fe3bdadf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 174.980863][T11059] RAX: ffffffffffffffda RBX: 00007fe3bf6a5fa0 RCX: 00007fe3bf47e9a9 [ 174.980876][T11059] RDX: 0000000020004804 RSI: 0000200000000000 RDI: 0000000000000004 [ 174.980969][T11059] RBP: 00007fe3bdadf090 R08: 0000000000000000 R09: 0000000000000000 [ 174.980979][T11059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 174.980990][T11059] R13: 0000000000000000 R14: 00007fe3bf6a5fa0 R15: 00007ffcce68b308 [ 174.981007][T11059] [ 175.018296][ T29] audit: type=1400 audit(174.490:6643): avc: denied { create } for pid=11050 comm="syz.3.2537" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 175.026919][T11051] EXT4-fs error (device loop3): ext4_get_first_dir_block:3545: inode #12: block 80: comm syz.3.2537: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0 [ 175.030222][ T29] audit: type=1400 audit(174.490:6644): avc: denied { rename } for pid=11050 comm="syz.3.2537" name="file0" dev="loop3" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 175.040041][T11051] EXT4-fs (loop3): Remounting filesystem read-only [ 175.133475][T11057] IPv6: NLM_F_CREATE should be specified when creating new route [ 175.153494][T11063] IPv6: NLM_F_CREATE should be specified when creating new route [ 175.191320][T11057] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.296477][T11057] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.354654][T11077] bridge_slave_1: left allmulticast mode [ 175.360581][T11077] bridge_slave_1: left promiscuous mode [ 175.366284][T11077] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.376861][T11077] bridge_slave_0: left allmulticast mode [ 175.382634][T11077] bridge_slave_0: left promiscuous mode [ 175.382976][T11075] loop5: detected capacity change from 0 to 8192 [ 175.388385][T11077] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.548975][T11080] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2545'. [ 175.680365][T11080] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 175.689586][T11080] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 175.996056][T11111] netlink: 'syz.5.2556': attribute type 1 has an invalid length. [ 176.003936][T11111] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2556'. [ 176.225458][T11127] loop0: detected capacity change from 0 to 512 [ 176.298614][T11127] netlink: 12 bytes leftover after parsing attributes in process `'. [ 176.307551][T11127] netlink: 12 bytes leftover after parsing attributes in process `'. [ 176.318528][T11127] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 176.349658][T11148] netlink: 'syz.3.2568': attribute type 1 has an invalid length. [ 176.352747][T11127] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 176.357527][T11148] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2568'. [ 176.369180][T11127] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 176.388872][T11127] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 176.401986][T11127] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 176.414126][T11127] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 176.425541][T11153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2570'. [ 176.434589][T11153] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2570'. [ 176.444805][T11153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2570'. [ 176.453817][T11153] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2570'. [ 176.720632][T11181] netlink: 'syz.4.2581': attribute type 1 has an invalid length. [ 176.731725][T11183] FAULT_INJECTION: forcing a failure. [ 176.731725][T11183] name failslab, interval 1, probability 0, space 0, times 0 [ 176.744439][T11183] CPU: 0 UID: 0 PID: 11183 Comm: syz.3.2583 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 176.744476][T11183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 176.744497][T11183] Call Trace: [ 176.744503][T11183] [ 176.744510][T11183] __dump_stack+0x1d/0x30 [ 176.744528][T11183] dump_stack_lvl+0xe8/0x140 [ 176.744543][T11183] dump_stack+0x15/0x1b [ 176.744556][T11183] should_fail_ex+0x265/0x280 [ 176.744580][T11183] should_failslab+0x8c/0xb0 [ 176.744597][T11183] __kmalloc_noprof+0xa5/0x3e0 [ 176.744616][T11183] ? genl_family_rcv_msg_attrs_parse+0x75/0x190 [ 176.744639][T11183] genl_family_rcv_msg_attrs_parse+0x75/0x190 [ 176.744682][T11183] ? selinux_capable+0x1f9/0x270 [ 176.744783][T11183] genl_family_rcv_msg_doit+0x48/0x1b0 [ 176.744803][T11183] ? security_capable+0x83/0x90 [ 176.744891][T11183] ? ns_capable+0x7d/0xb0 [ 176.744906][T11183] genl_rcv_msg+0x422/0x460 [ 176.744924][T11183] ? __pfx_nl802154_pre_doit+0x10/0x10 [ 176.744939][T11183] ? __pfx_nl802154_add_llsec_key+0x10/0x10 [ 176.744981][T11183] ? __pfx_nl802154_post_doit+0x10/0x10 [ 176.744997][T11183] netlink_rcv_skb+0x123/0x220 [ 176.745020][T11183] ? __pfx_genl_rcv_msg+0x10/0x10 [ 176.745106][T11183] genl_rcv+0x28/0x40 [ 176.745123][T11183] netlink_unicast+0x5a8/0x680 [ 176.745216][T11183] netlink_sendmsg+0x58b/0x6b0 [ 176.745233][T11183] ? __pfx_netlink_sendmsg+0x10/0x10 [ 176.745248][T11183] __sock_sendmsg+0x145/0x180 [ 176.745279][T11183] ____sys_sendmsg+0x31e/0x4e0 [ 176.745296][T11183] ___sys_sendmsg+0x17b/0x1d0 [ 176.745321][T11183] __x64_sys_sendmsg+0xd4/0x160 [ 176.745356][T11183] x64_sys_call+0x2999/0x2fb0 [ 176.745372][T11183] do_syscall_64+0xd2/0x200 [ 176.745410][T11183] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 176.745430][T11183] ? clear_bhb_loop+0x40/0x90 [ 176.745446][T11183] ? clear_bhb_loop+0x40/0x90 [ 176.745463][T11183] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.745497][T11183] RIP: 0033:0x7f7bdd26e9a9 [ 176.745510][T11183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 176.745524][T11183] RSP: 002b:00007f7bdb8d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 176.745539][T11183] RAX: ffffffffffffffda RBX: 00007f7bdd495fa0 RCX: 00007f7bdd26e9a9 [ 176.745584][T11183] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004 [ 176.745594][T11183] RBP: 00007f7bdb8d7090 R08: 0000000000000000 R09: 0000000000000000 [ 176.745605][T11183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 176.745614][T11183] R13: 0000000000000000 R14: 00007f7bdd495fa0 R15: 00007ffe1b1ef1b8 [ 176.745630][T11183] [ 177.150508][T11198] hub 6-0:1.0: USB hub found [ 177.155436][T11198] hub 6-0:1.0: 8 ports detected [ 177.169320][T11201] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 177.358197][T11212] loop3: detected capacity change from 0 to 128 [ 177.793064][T11224] loop4: detected capacity change from 0 to 1024 [ 177.836626][T11224] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 177.847614][T11224] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 177.859475][T11224] JBD2: no valid journal superblock found [ 177.865346][T11224] EXT4-fs (loop4): Could not load journal inode [ 178.024755][T11227] xt_hashlimit: size too large, truncated to 1048576 [ 178.575598][T11240] loop5: detected capacity change from 0 to 512 [ 178.583810][ T29] kauditd_printk_skb: 239 callbacks suppressed [ 178.583846][ T29] audit: type=1326 audit(178.060:6884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11237 comm="syz.0.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 178.890438][ T29] audit: type=1326 audit(178.090:6885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11237 comm="syz.0.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 178.913620][ T29] audit: type=1326 audit(178.090:6886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11237 comm="syz.0.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 178.936571][ T29] audit: type=1326 audit(178.090:6887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11237 comm="syz.0.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 178.959670][ T29] audit: type=1326 audit(178.090:6888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11237 comm="syz.0.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 178.982559][ T29] audit: type=1326 audit(178.090:6889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11237 comm="syz.0.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 179.005505][ T29] audit: type=1326 audit(178.090:6890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11237 comm="syz.0.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 179.028647][ T29] audit: type=1326 audit(178.090:6891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11237 comm="syz.0.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 179.051537][ T29] audit: type=1326 audit(178.090:6892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11237 comm="syz.0.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 179.074593][ T29] audit: type=1326 audit(178.090:6893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11237 comm="syz.0.2610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8eb85be9a9 code=0x7ffc0000 [ 179.130236][T11240] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 179.163846][T11240] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 179.205733][T11240] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 179.232595][T11240] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 179.267974][T11240] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 179.339068][T11254] loop1: detected capacity change from 0 to 1024 [ 179.345787][T11240] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117) [ 179.387199][T11254] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 179.414204][T11256] loop0: detected capacity change from 0 to 2048 [ 179.480924][T11267] loop3: detected capacity change from 0 to 512 [ 179.505820][T11269] loop5: detected capacity change from 0 to 512 [ 179.535038][T11267] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 179.555812][T11267] EXT4-fs error (device loop3): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 179.593850][T11267] EXT4-fs error (device loop3): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 179.624913][T11269] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 179.642461][T11269] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 179.658284][T11267] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 179.670319][T11269] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 179.681735][T11267] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 179.698686][T11284] hub 6-0:1.0: USB hub found [ 179.703372][T11284] hub 6-0:1.0: 8 ports detected [ 179.709540][T11269] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 179.721512][T11267] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117) [ 179.736427][T11269] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 179.759525][T11269] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117) [ 179.780132][T11287] __nla_validate_parse: 4 callbacks suppressed [ 179.780146][T11287] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2613'. [ 179.860380][T11294] loop4: detected capacity change from 0 to 512 [ 179.871261][T11295] loop0: detected capacity change from 0 to 512 [ 179.986641][T11295] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 180.017891][T11295] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #18: comm : mark_inode_dirty error [ 180.028919][T11295] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #18: comm : corrupted inode contents [ 180.073596][T11295] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2991: inode #18: comm : mark_inode_dirty error [ 180.087704][T11295] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2994: inode #18: comm : mark inode dirty (error -117) [ 180.103823][T11311] hub 6-0:1.0: USB hub found [ 180.125176][T11311] hub 6-0:1.0: 8 ports detected [ 180.147648][T11295] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117) [ 180.271673][T11322] netlink: 'syz.3.2625': attribute type 1 has an invalid length. [ 180.279512][T11322] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2625'. [ 180.392616][T11333] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2629'. [ 180.404309][T11333] loop1: detected capacity change from 0 to 128 [ 180.415140][T11331] loop3: detected capacity change from 0 to 512 [ 180.432732][T11320] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2623'. [ 180.541435][T11336] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 180.652462][T11338] ================================================================== [ 180.660568][T11338] BUG: KCSAN: data-race in __writeback_single_inode / xas_set_mark [ 180.668462][T11338] [ 180.670773][T11338] write to 0xffff888100620b3c of 4 bytes by task 11335 on cpu 0: [ 180.678474][T11338] xas_set_mark+0x12b/0x140 [ 180.682966][T11338] __folio_start_writeback+0x1dd/0x440 [ 180.688417][T11338] ext4_bio_write_folio+0x5ad/0x9f0 [ 180.693608][T11338] mpage_submit_folio+0xe4/0x170 [ 180.698725][T11338] mpage_process_page_bufs+0x39b/0x4a0 [ 180.704189][T11338] mpage_prepare_extent_to_map+0x741/0xaa0 [ 180.710090][T11338] ext4_do_writepages+0x6ea/0x21c0 [ 180.715181][T11338] ext4_writepages+0x176/0x300 [ 180.719931][T11338] do_writepages+0x1c3/0x310 [ 180.724507][T11338] file_write_and_wait_range+0x156/0x2c0 [ 180.730137][T11338] generic_buffers_fsync_noflush+0x45/0x120 [ 180.736732][T11338] ext4_sync_file+0x1ab/0x690 [ 180.741400][T11338] vfs_fsync_range+0x10d/0x130 [ 180.746157][T11338] ext4_buffered_write_iter+0x34f/0x3c0 [ 180.751685][T11338] ext4_file_write_iter+0x383/0xf00 [ 180.756864][T11338] iter_file_splice_write+0x5f2/0x970 [ 180.762270][T11338] direct_splice_actor+0x156/0x2a0 [ 180.767370][T11338] splice_direct_to_actor+0x312/0x680 [ 180.772738][T11338] do_splice_direct+0xda/0x150 [ 180.777494][T11338] do_sendfile+0x380/0x650 [ 180.781904][T11338] __x64_sys_sendfile64+0x105/0x150 [ 180.787089][T11338] x64_sys_call+0xb39/0x2fb0 [ 180.791667][T11338] do_syscall_64+0xd2/0x200 [ 180.796151][T11338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.802026][T11338] [ 180.804330][T11338] read to 0xffff888100620b3c of 4 bytes by task 11338 on cpu 1: [ 180.811960][T11338] __writeback_single_inode+0x1f9/0x7c0 [ 180.817499][T11338] writeback_single_inode+0x167/0x3e0 [ 180.822862][T11338] sync_inode_metadata+0x5b/0x90 [ 180.827784][T11338] generic_buffers_fsync_noflush+0xd9/0x120 [ 180.833684][T11338] ext4_sync_file+0x1ab/0x690 [ 180.838345][T11338] vfs_fsync_range+0x10d/0x130 [ 180.843112][T11338] ext4_buffered_write_iter+0x34f/0x3c0 [ 180.848656][T11338] ext4_file_write_iter+0xdbf/0xf00 [ 180.853853][T11338] iter_file_splice_write+0x5f2/0x970 [ 180.859821][T11338] direct_splice_actor+0x156/0x2a0 [ 180.864922][T11338] splice_direct_to_actor+0x312/0x680 [ 180.870373][T11338] do_splice_direct+0xda/0x150 [ 180.875734][T11338] do_sendfile+0x380/0x650 [ 180.880136][T11338] __x64_sys_sendfile64+0x105/0x150 [ 180.885315][T11338] x64_sys_call+0xb39/0x2fb0 [ 180.889888][T11338] do_syscall_64+0xd2/0x200 [ 180.894370][T11338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.900242][T11338] [ 180.902574][T11338] value changed: 0x0a000021 -> 0x04000021 [ 180.908271][T11338] [ 180.910580][T11338] Reported by Kernel Concurrency Sanitizer on: [ 180.916716][T11338] CPU: 1 UID: 0 PID: 11338 Comm: syz.3.2628 Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(voluntary) [ 180.929190][T11338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 180.939237][T11338] ==================================================================