last executing test programs: 5.080867429s ago: executing program 1 (id=884): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) pwrite64(0xffffffffffffffff, &(0x7f0000000180)="f7", 0x1, 0x200980) connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2d, 0x3, 0xfffffffe}, 0xc) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000280)={0x28, 0x0, 0x2711}, 0x10) r1 = eventfd(0x7) ioctl$INCFS_IOC_FILL_BLOCKS(r1, 0x80106720, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x8, 0xd8, &(0x7f00000002c0)="0eb22e6766a6950e8c1ea31910aa6fe495fd3fb99e2e9e6551e85816ce39bd12781aa1715a3bac14cce1acf0a88751bfba5855dee5bb2d280cacb95fd3af7e4e3ca5c710f8a35b54059f66bf97d462f5c40f1874ac42f988e1b68b73d78614329a749695f591d26cfec623c430ca9f7c2ecad5eb0b78120b9e874d28644641d2097eb67fc655a9aa5c37a11ce1cca6dd83e7c123e433c8b3f702668c51c447ace1e45d621027462338c9681f1be6fc9a7cbeebf4fb519ed8587d401123ad1f8679ebbe0a59a47ae13c5dca017ae240b2463385b8bec0e03f", 0x0, 0x1}]}) 5.065604089s ago: executing program 1 (id=885): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x48) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) socket$kcm(0x2d, 0x2, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x5a3, &(0x7f00000005c0)="$eJzs3U9oHPUeAPDvzGZf/+U1ffAevPfooahQoXST9I9WT+1VLBR6KHipYbMNIZtsyG60CTmk9yL2ICq91JsePCoePIgXwYtXL4pnodig0PSgK/svbZPduKlJN81+PjDZ+c1vdr+/38x+J78ZZtgA+tax2p804n8RcSmJGHqkbiCalcca662uLOUfrCzlk6hWL/+SRBIR91eW8q31k+broYhYjoj/RsTX2YgT6ca45YXFqbFisTDXLA9XpmeHywuLJyenxyYKE4WZ0y+/cvbcmbOjp0Y7Nz67tb7e/PHWOze/e+3OrU8+Pbqcf28sifMx2Kx7tB/bqbFNsnF+3fIzOxGsh5JeN4AnkmnmeS2V/hNDkWlmfTvVoafaNGCHVfdFVLciWd7S6sBulmwt/4E9ozUOqJ3/tqbHBgiZDgOHfdsz/rh7oXECUou72pwaNQONaxOxv35ucvDX5LEzk9r55pHtaQJ9bPlGRIwMDGz8/ifN79+TG9mOBrKjvrrQ2FEb93+6dvyJNsefwda107+pdfxb3XD8exg/0+H4d6nLGL+/8dOHHePfiPh/2/jJWvykTfw0It7sMv7tK1+c61RX/SjieLSP35Jsfn14+NpksTDS+Ns2xpfHj766Wf8PdojfuGa7v/5vpt32n+2y/59/89lzy5vEf/H5zfd/u+1/ICLe7TL+v+5//Hqnurs3knu1UcBW939t2Z0u4790/tgPHaoOdPkRAAAAAAAAAABAG2n9XrYkza3Np2ku13iG999xMC2WypUT10rzM+ONe96ORDZt3Wk11CgntfJo837cVvnUuvLp1n3EmQP1ci5fKo73uO8AAAAAAAAAAAAAAAAAAACwWxxa9/z/b5n68//rf64a2Ks6/+Q3sNfJf+hfj+d/sm0/7gvsfo/k/4NetgN46qrG/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74tLFi7Wp+mBlKV8rjw8szE+V3jo5XihP5abn87l8aW42N1EqTRQLuXxp+q8+r1gqzY7EzPz14UqhXBkuLyxenS7Nz1SuTk6PTRSuFrJPpVcAAAAAAAAAAAAAAAAAAADwbBmsT0mai4i0Pp+muVzEPyPiSGSTa5PFwkhEHI6I7zPZfbXyaK8bDQAAAAAAAAAAAAAAAAAAAHtMeWFxaqxYLMz1yczAhiXfdl45Ipa3txm1T9zyu7LNfbVbtuGzNnN483Uy0fMW7saZHh+YAAAAAAAAAAAAAAAAAACgDz186Lfbd/yxsw0CAAAAAAAAAAAAAAAAAACAvpT+nEREbTo+9MLg+tp/JKuZ+mtEvH378vvXxyqVudHa8ntryysfNJef6i7ilW3vA9CNVp628hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qLywODVWLBbmdnCm130EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBJ/BgAA//9UNdg0") r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r2, &(0x7f0000000180)="f7", 0x1, 0x200980) ioctl$FIBMAP(r2, 0x1, &(0x7f0000000080)=0x6) 4.979020001s ago: executing program 1 (id=886): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fccbdf2509000000050007001f0000000800010001000000050008"], 0x2c}, 0x1, 0x0, 0x0, 0x24084001}, 0x0) 4.959343872s ago: executing program 1 (id=887): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x100}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xf, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7cc4a040000080000008500000095000000950000000000cff14a44ecf018a437a8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r2, 0x29, 0x4e, &(0x7f0000000600)=0x9, 0x4) setsockopt$inet6_mreq(r2, 0x29, 0x1d, &(0x7f0000000200)={@empty}, 0x14) bind$inet6(r2, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c) syz_emit_ethernet(0x6e, &(0x7f0000000280)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00318e", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x1, 0x0, 0x4, '\x00', {0x0, 0x6, "000006", 0xda34, 0x3a, 0xff, @mcast1, @empty, [], "29c640353063be4e"}}}}}}}, 0x0) syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000)) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r4}, 0x18) r5 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) r6 = fsmount(r5, 0x0, 0x4) openat$cgroup_ro(r6, &(0x7f0000001100)='cpu.stat\x00', 0x5000000, 0x0) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xfd, 0x7fff0000}]}) close_range(r7, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0xd) socket$nl_generic(0x10, 0x3, 0x10) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000004000001d8500000007000000440000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4d, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='mm_page_free\x00', r8, 0x0, 0x8080000001}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100}, 0x94) r9 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840) ioctl$SG_IO(r9, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffffffffffb, 0x6, 0x1, @buffer={0x300, 0x56, &(0x7f0000000440)=""/86}, &(0x7f0000000380)="259374c94982", 0x0, 0x0, 0x14, 0x0, 0x0}) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x100, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) 4.839933864s ago: executing program 1 (id=888): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) fdatasync(r1) 4.839136344s ago: executing program 1 (id=889): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000001c0)='jbd2_shrink_checkpoint_list\x00'}, 0x18) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x3, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) r1 = getpid() r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) r4 = socket$xdp(0x2c, 0x3, 0x0) syz_open_dev$usbfs(&(0x7f0000000380), 0x240, 0x80000) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x20702, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x10, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}]}, @NFTA_RULE_COMPAT={0x4}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x5c}}, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x8914, &(0x7f0000000080)) mmap$xdp(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000000, 0x4010, r4, 0xb111b061b7025857) sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0) r8 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001100)={&(0x7f00000004c0)=ANY=[@ANYBLOB="5401000010000100ffffff8000000000fe880000000000000008000000000101ac1414bb0000000000000000000000000000000000f264ee81637470cd0000000dc87310be55c3149d5764541375830386d5902b4734fb9d661dba42e0dcf06a093d7a6fe835b77dd0908cc392d984386d92d60e3c69dc50a278975b3568bc60665781b33b3daeda5ec423d4b3c212bc27e1ddec0b426fdd40d2538b99", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032000000ac14143500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fdffffffffffffff00000000000000000000000800000000000200000000000000000000000000000200000000000000000000000a000000cd000000000000004800020063626328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c0017000000000000000000000000002abd700028bd700000000000"], 0x154}}, 0x0) 2.203101706s ago: executing program 2 (id=929): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3}, 0x94) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffc5d, 0x0, 0x0, 0x10, 0x1}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) recvmmsg(r0, &(0x7f0000006a80)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)=""/121, 0x79}, {&(0x7f00000006c0)=""/183, 0xb7}], 0x2, 0x0, 0x0, 0x7900}, 0x2983}], 0x1, 0x0, 0x0) 1.362310553s ago: executing program 4 (id=941): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) fdatasync(r0) 1.335952133s ago: executing program 4 (id=942): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x300000c, &(0x7f0000000280), 0x1, 0x53b, &(0x7f0000001380)="$eJzs3d9rZFcdAPDvvclss7upmarIWrQttrJbdGc2G9tGkbaC6FNBXd/XNJkNYSeZJTNZN6HYVP8AQUQF/wARBMFXQfoniFjUd1FRRLf6qL1y79xxN5uZSbqZZNrJ5wMnc86cued7ziVz5/443BvAqfVURLwcEVMR8WxEzJXvp2WK3W7KP/f23deW85REll37RxJJ+V6vrbw8HRHny8VmIuJrX454Ndkft729c3Op2WxsluV6Z/1Wvb29c3ltfWm1sdrYWFiYf37xhcXnFq9kpSONsxoRL37xLz/47k++9OKvPv3NP17/26Vv5d36/Ee6/Y6I5SMFGKDbdqVYFz35Oto8jmBjko+nMvUuFkiPsTMAAAyV74p9MCI+Uez/z8VUsTcHAAAATJLspdn4TxKRAQAAABMrjYjZSNJaORdgNtK0VuvO4f1wnEubrXbnUzdaWxsreV1ENSrpjbVm40o5V7galSQvz5dzbHvlqw+UFyLisYj4/tzZolxbbjVXxn3yAwAAAE6J80/uPf7/91xa5O/57dj6BgAAAIxQdWChcPsXP331JLsDAAAAHIP9h/wAAADApHH8DwAAABPtK6+8kqes9xzvldvbWzdbty+vNNo3a+tby7Xl1uat2mqrtVrcs2/9oPaardatz8TG1p16p9Hu1NvbO9fXW1sbnetrex6BDQAAAJygx5588w9JROx+7myRorwPIMAefx53B4BRmuplnJ2HU2d63B0AxqYypO53xV9bCJh0yQH1ew4Psix7vZf/9bF1CQAAGLGLH91//f9MWTfs3ADw/meuDwCcPq7uwelVuTcD8N25MOqeAOPyge7LI4PqB04PPsT1/+45hix7qI4BAAAjM1ukJK2V++mzkaa1WsSjxWMBKsmNtWbjSnl88Pu5yiN5eb5YMjlwzjAAAAAAAAAAAAAAAAAAAAAAAAAA0JVlSWQAAADARItI/5oUd/OPuDj3zOzeswMPPPXrx9d+eGep09mcjziT/HMuf+tMRHR+dC2J/P2rmUcCAAAAwHtAcfx+tXydH3dvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJg0b999bbmXTjLu378QEdV+8adjpnidiUpEnPtXEtP3LZdExNQI4u++EREX+sVP4p0sy6plL/rFP3vM8avFqukfP42I8yOID6fZm/n25+V+3780nipe+3//pst0VIO3f+n/t39TA7Y/jz5QHuTxt35eHxj/jYjHp/tvf3rxk278PSHywtOHHOM3vr6z07fivib7xb8/Vr2zfqve3t65vLa+tNpYbWwsLMw/v/jC4nOLV+o31pqN8m/fMN/7+C/fGTb+cwPiV/eOf9/6f+ZQo8/iv2/dufuhbqHSL/6lp/v//l4YED8tf/s+Webz+ou9/G43f78nfvabJ4aNf2XA+GcOGP+lQ40/PvvsV7/zp741+9YGAHAS2ts7N5eazcbmkMzMIT5zwpmX3hvdGGEmTiDWx74dMeKWKyNqJ3u9+/94tHaOuPi+THaUxadjBN04s+97OhUP22ASsZu3dch/SAAAYMLc2+kfdgUJAAAAAAAAAAAAAAAAAAAAOE4PeVuymYg49IcfjLk7nqECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz1vwAAAP//TuvWNA==") bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0x1}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0), 0x4) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000300), 0x402, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r2}, 0x10) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) r4 = dup(r3) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c) connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x38}}, 0x10) 1.335476923s ago: executing program 2 (id=943): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x300000c, &(0x7f0000000280), 0x1, 0x53b, &(0x7f0000001380)="$eJzs3d9rZFcdAPDvvclss7upmarIWrQttrJbdGc2G9tGkbaC6FNBXd/XNJkNYSeZJTNZN6HYVP8AQUQF/wARBMFXQfoniFjUd1FRRLf6qL1y79xxN5uZSbqZZNrJ5wMnc86cued7ziVz5/443BvAqfVURLwcEVMR8WxEzJXvp2WK3W7KP/f23deW85REll37RxJJ+V6vrbw8HRHny8VmIuJrX454Ndkft729c3Op2WxsluV6Z/1Wvb29c3ltfWm1sdrYWFiYf37xhcXnFq9kpSONsxoRL37xLz/47k++9OKvPv3NP17/26Vv5d36/Ee6/Y6I5SMFGKDbdqVYFz35Oto8jmBjko+nMvUuFkiPsTMAAAyV74p9MCI+Uez/z8VUsTcHAAAATJLspdn4TxKRAQAAABMrjYjZSNJaORdgNtK0VuvO4f1wnEubrXbnUzdaWxsreV1ENSrpjbVm40o5V7galSQvz5dzbHvlqw+UFyLisYj4/tzZolxbbjVXxn3yAwAAAE6J80/uPf7/91xa5O/57dj6BgAAAIxQdWChcPsXP331JLsDAAAAHIP9h/wAAADApHH8DwAAABPtK6+8kqes9xzvldvbWzdbty+vNNo3a+tby7Xl1uat2mqrtVrcs2/9oPaardatz8TG1p16p9Hu1NvbO9fXW1sbnetrex6BDQAAAJygx5588w9JROx+7myRorwPIMAefx53B4BRmuplnJ2HU2d63B0AxqYypO53xV9bCJh0yQH1ew4Psix7vZf/9bF1CQAAGLGLH91//f9MWTfs3ADw/meuDwCcPq7uwelVuTcD8N25MOqeAOPyge7LI4PqB04PPsT1/+45hix7qI4BAAAjM1ukJK2V++mzkaa1WsSjxWMBKsmNtWbjSnl88Pu5yiN5eb5YMjlwzjAAAAAAAAAAAAAAAAAAAAAAAAAA0JVlSWQAAADARItI/5oUd/OPuDj3zOzeswMPPPXrx9d+eGep09mcjziT/HMuf+tMRHR+dC2J/P2rmUcCAAAAwHtAcfx+tXydH3dvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJg0b999bbmXTjLu378QEdV+8adjpnidiUpEnPtXEtP3LZdExNQI4u++EREX+sVP4p0sy6plL/rFP3vM8avFqukfP42I8yOID6fZm/n25+V+3780nipe+3//pst0VIO3f+n/t39TA7Y/jz5QHuTxt35eHxj/jYjHp/tvf3rxk278PSHywtOHHOM3vr6z07fivib7xb8/Vr2zfqve3t65vLa+tNpYbWwsLMw/v/jC4nOLV+o31pqN8m/fMN/7+C/fGTb+cwPiV/eOf9/6f+ZQo8/iv2/dufuhbqHSL/6lp/v//l4YED8tf/s+Webz+ou9/G43f78nfvabJ4aNf2XA+GcOGP+lQ40/PvvsV7/zp741+9YGAHAS2ts7N5eazcbmkMzMIT5zwpmX3hvdGGEmTiDWx74dMeKWKyNqJ3u9+/94tHaOuPi+THaUxadjBN04s+97OhUP22ASsZu3dch/SAAAYMLc2+kfdgUJAAAAAAAAAAAAAAAAAAAAOE4PeVuymYg49IcfjLk7nqECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz1vwAAAP//TuvWNA==") bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0x1}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000002c0), 0x4) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000300), 0x402, 0x0) open(&(0x7f0000000380)='./file1\x00', 0xc4000, 0x108) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = dup(r2) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c) connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x38}}, 0x10) 1.199138236s ago: executing program 4 (id=944): r0 = socket$kcm(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$AUTOFS_IOC_FAIL(r1, 0x9361, 0x5) r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x40810) recvmsg$kcm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000002440)=""/4096, 0x1000}, {&(0x7f00000018c0)=""/116, 0x74}, {&(0x7f0000001940)=""/253, 0xfd}, {&(0x7f0000001a40)=""/79, 0x4f}], 0x4}, 0x10100) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90324fc60100c02400a000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x5, &(0x7f0000000080)=[{0x45, 0x0, 0x2}, {}, {}, {0x20, 0x0, 0x0, 0x20}, {0x6}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x18, 0x1f, &(0x7f0000000200)=ANY=[@ANYRES32=r2, @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018200000", @ANYRES32=0x1, @ANYBLOB="0000000062820000184a0000080000000000000000000000185800000d00000000000000000000009500000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000c000000850000000600000041745000ffffffffbf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x1, 0x86, &(0x7f0000001500)=""/134, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x0, 0x4, 0x400}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000001640)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001680)=[{0x1, 0x1, 0xc, 0x2}, {0x5, 0x4, 0x10, 0x1}, {0x5, 0x5, 0xd, 0x7}, {0x1, 0x1, 0x1, 0x8}, {0x4, 0x4, 0x4, 0x7}], 0x10, 0x1}, 0x94) syz_genetlink_get_family_id$nl80211(&(0x7f0000001600), 0xffffffffffffffff) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1880000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x1}, 0x18) r5 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r5, 0x400, 0x0) lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r6, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8f0, &(0x7f0000002400)=0x0) setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000103001010000df1768ac959c00"/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000041000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70400000800000085000100000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18) io_submit(r7, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r6, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) 1.158035397s ago: executing program 2 (id=945): r0 = socket$kcm(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$AUTOFS_IOC_FAIL(r1, 0x9361, 0x5) r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x40810) recvmsg$kcm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000002440)=""/4096, 0x1000}, {&(0x7f00000018c0)=""/116, 0x74}, {&(0x7f0000001940)=""/253, 0xfd}, {&(0x7f0000001a40)=""/79, 0x4f}], 0x4}, 0x10100) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90324fc60100c02400a000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x5, &(0x7f0000000080)=[{0x45, 0x0, 0x2}, {}, {}, {0x20, 0x0, 0x0, 0x20}, {0x6}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x18, 0x1f, &(0x7f0000000200)=ANY=[@ANYRES32=r2, @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018200000", @ANYRES32=0x1, @ANYBLOB="0000000062820000184a0000080000000000000000000000185800000d00000000000000000000009500000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000c000000850000000600000041745000ffffffffbf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x1, 0x86, &(0x7f0000001500)=""/134, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x0, 0x4, 0x400}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000001640)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001680)=[{0x1, 0x1, 0xc, 0x2}, {0x5, 0x4, 0x10, 0x1}, {0x5, 0x5, 0xd, 0x7}, {0x1, 0x1, 0x1, 0x8}, {0x4, 0x4, 0x4, 0x7}], 0x10, 0x1}, 0x94) syz_genetlink_get_family_id$nl80211(&(0x7f0000001600), 0xffffffffffffffff) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1880000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x1}, 0x18) r5 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r5, 0x400, 0x0) lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r6, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8f0, &(0x7f0000002400)=0x0) setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000103001010000df1768ac959c00"/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000041000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70400000800000085000100000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18) io_submit(r7, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r6, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) 676.844026ms ago: executing program 0 (id=950): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/pm_wakeup_irq', 0x0, 0xb) preadv(r2, &(0x7f0000000900)=[{&(0x7f00000005c0)=""/206, 0xce}], 0x1, 0x6, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd8, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000001280)={0x0, 0x0, 0x1, "e0"}, 0x9) 513.139419ms ago: executing program 0 (id=961): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0xac, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x7c, 0x2, [@TCA_TAPRIO_ATTR_TXTIME_DELAY={0x8, 0xb, 0xe}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x7}]}}]}, 0xac}}, 0x0) 416.952781ms ago: executing program 0 (id=963): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r2}, 0x18) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendto$inet6(r3, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56) flistxattr(r1, &(0x7f00000004c0)=""/200, 0xc8) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x604ab000) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000700)={&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001580)=""/4089, 0xff9, 0x0, 0x0}, &(0x7f0000000000)=0x40) r4 = accept(0xffffffffffffffff, &(0x7f00000002c0)=@nfc_llcp, &(0x7f0000000180)=0x80) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000400000000000000000000009500000010000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) r6 = socket$can_j1939(0x1d, 0x2, 0x7) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f0000000400)={0x0, 0xd01f}, &(0x7f0000000600)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000640)={r7, @in={{0x2, 0x4e24, @multicast2}}, 0x3, 0x7}, 0x90) ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bind$can_j1939(r6, &(0x7f0000000100)={0x1d, r8, 0x0, {}, 0xfd}, 0x18) sendmsg$sock(r6, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000140)=[{0x0, 0xf5}, {&(0x7f00000004c0)="4c812e5d6d3139fd360ab58b5910fd71dba03f3f88990b4d5b0c0c84288322ec3e7cdd2dc83a3bb9ab410b0b1a1dbe2f8b7a3065dd5f9946c2066437b0bfdc6a23fc593e397678dab4f24e7565cb168e14b0aa6ee26ef563c45a4d75f4c7bc88dfebdf018c96e4feee7fd0669ba71aa17efc00b8e9e16b448817f287ca49c9b534b0f17b3a1b9ad4eec7eb3de0f7ab8b5007ac29119b47bcb081dd0b3876b96a20497bf7e15a86cffbf80df6278dd1a2a5bacbc8808722e3ea245f0221b302f870163dc8d36e8f3b762710bee3234a20fdbb2ed12d4b15ca9de07ad286622eb568abca24d62bd3df1e6884d63f7fd52e5b582809ae33d113a0fe0320e6d0ed9a00", 0x101}], 0x2}, 0x814) 397.172602ms ago: executing program 0 (id=953): socket$nl_xfrm(0x10, 0x3, 0x6) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1, @perf_bp={0x0, 0x224ef61b12363fa4}, 0x0, 0x4, 0x5, 0xffffffffffffffff, 0x8, 0x2, 0x1, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0x1, 0xffffffffffffffff, 0x2) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x17, &(0x7f0000000000)=0xd5, 0x4) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0) 293.945414ms ago: executing program 0 (id=956): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) pwrite64(0xffffffffffffffff, &(0x7f0000000180)="f7", 0x1, 0x200980) connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2d, 0x3, 0xfffffffe}, 0xc) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000280)={0x28, 0x0, 0x2711}, 0x10) r1 = eventfd(0x7) ioctl$INCFS_IOC_FILL_BLOCKS(r1, 0x80106720, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x8, 0xd8, &(0x7f00000002c0)="0eb22e6766a6950e8c1ea31910aa6fe495fd3fb99e2e9e6551e85816ce39bd12781aa1715a3bac14cce1acf0a88751bfba5855dee5bb2d280cacb95fd3af7e4e3ca5c710f8a35b54059f66bf97d462f5c40f1874ac42f988e1b68b73d78614329a749695f591d26cfec623c430ca9f7c2ecad5eb0b78120b9e874d28644641d2097eb67fc655a9aa5c37a11ce1cca6dd83e7c123e433c8b3f702668c51c447ace1e45d621027462338c9681f1be6fc9a7cbeebf4fb519ed8587d401123ad1f8679ebbe0a59a47ae13c5dca017ae240b2463385b8bec0e03f", 0x0, 0x1}]}) 246.656825ms ago: executing program 0 (id=957): r0 = socket$kcm(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x5d) ioctl$AUTOFS_IOC_FAIL(r1, 0x9361, 0x5) r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{}], 0x1}, 0x40810) recvmsg$kcm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000002440)=""/4096, 0x1000}, {&(0x7f00000018c0)=""/116, 0x74}, {&(0x7f0000001940)=""/253, 0xfd}, {&(0x7f0000001a40)=""/79, 0x4f}], 0x4}, 0x10100) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002e000b12d25a80648c2594f90324fc60100c02400a000000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x5, &(0x7f0000000080)=[{0x45, 0x0, 0x2}, {}, {}, {0x20, 0x0, 0x0, 0x20}, {0x6}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x18, 0x1f, &(0x7f0000000200)=ANY=[@ANYRES32=r2, @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018200000", @ANYRES32=0x1, @ANYBLOB="0000000062820000184a0000080000000000000000000000185800000d00000000000000000000009500000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000c000000850000000600000041745000ffffffffbf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000300)='syzkaller\x00', 0x1, 0x86, &(0x7f0000001500)=""/134, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000015c0)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x0, 0x4, 0x400}, 0x10, 0x0, 0x0, 0x5, &(0x7f0000001640)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000001680)=[{0x1, 0x1, 0xc, 0x2}, {0x5, 0x4, 0x10, 0x1}, {0x5, 0x5, 0xd, 0x7}, {0x1, 0x1, 0x1, 0x8}, {0x4, 0x4, 0x4, 0x7}], 0x10, 0x1}, 0x94) syz_genetlink_get_family_id$nl80211(&(0x7f0000001600), 0xffffffffffffffff) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1880000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x1}, 0x18) r5 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setlease(r5, 0x400, 0x0) lsetxattr$security_selinux(&(0x7f0000000400)='./file0\x00', &(0x7f0000000000), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r6, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x8f0, &(0x7f0000002400)=0x0) setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000103001010000df1768ac959c00"/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000041000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70400000800000085000100000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18) io_submit(r7, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r6, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r10}, 0x10) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) 245.689695ms ago: executing program 4 (id=958): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pwrite64(0xffffffffffffffff, &(0x7f0000000180)="f7", 0x1, 0x200980) connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2d, 0x3, 0xfffffffe}, 0xc) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000280)={0x28, 0x0, 0x2711}, 0x10) r0 = eventfd(0x7) ioctl$INCFS_IOC_FILL_BLOCKS(r0, 0x80106720, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x8, 0xd8, &(0x7f00000002c0)="0eb22e6766a6950e8c1ea31910aa6fe495fd3fb99e2e9e6551e85816ce39bd12781aa1715a3bac14cce1acf0a88751bfba5855dee5bb2d280cacb95fd3af7e4e3ca5c710f8a35b54059f66bf97d462f5c40f1874ac42f988e1b68b73d78614329a749695f591d26cfec623c430ca9f7c2ecad5eb0b78120b9e874d28644641d2097eb67fc655a9aa5c37a11ce1cca6dd83e7c123e433c8b3f702668c51c447ace1e45d621027462338c9681f1be6fc9a7cbeebf4fb519ed8587d401123ad1f8679ebbe0a59a47ae13c5dca017ae240b2463385b8bec0e03f", 0x0, 0x1}]}) 227.016315ms ago: executing program 4 (id=959): socket$can_j1939(0x1d, 0x2, 0x7) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) setregid(0x0, 0xee01) 218.498975ms ago: executing program 3 (id=960): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x4e, 0xa, 0xa, 0x0, 0x0, 0x71, 0x10, 0x15}}, &(0x7f0000000480)='syzkaller\x00'}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000731139000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0xa, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffffffffffedd}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000731139000000000020000000000000009500200000000000"], &(0x7f0000003ff6)='GPL\x00', 0xa, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffffffffffedd}, 0x48) 215.481955ms ago: executing program 2 (id=962): bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) fdatasync(r0) 206.379215ms ago: executing program 4 (id=964): r0 = creat(&(0x7f0000000140)='./bus\x00', 0xc0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000600)='./bus\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="206db07737abbf3f6300000000000000f8ffffffffffffff030000000000000000"], &(0x7f00000010c0), 0x200) syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[], 0x4, 0x127d, &(0x7f00000011c0)="$eJzs3U1rJMUfB/DfJJPH/SeTv66ruyAWelGEcZODJy9BdkEMKNEsqKdeM9EhkwcyQyAi7njyJPgyRD16E8Q3kIsXz4IgkovHPYgtyUw085BsYjIJyOdz6aK6vlXV6U5DD1303itfrK2u1MsrWSOGCoUobo5E8WGKFEMxHC3NeOHeTz8//dY7774+v7BwZzGlu/Nvz76cUpp+5vv3Pv7m2R8a1+59O/3dWOzODO39PvfL7o3dm3t/fh3VeqrW0/pGI2Xp/sZGI7tfq6Tlan21nNKbtUpWr6Tqer2y1bF/pbaxubmTsvXlqcnNrUq9nrL1nbRa2UmNQmps7aTsg6y6nsrlcpqaDM5j6auHeZ5H5PlIjEae5/lETMa1+F9MxXSUYib+H4/F43E9nogb8WQ8FTcPWl31vAEAAAAAAAAAAAAAAAAAAOC/5RHr/wvW/wMAAAAAAAAAAAAAAAAAAMDgda//L0b4/j8AAAAAAAAAAAAAAAAAAABcskd8/79r/f+L1v8DAAAAAAAAAAAAAAAAAADAIIy3NospjUesfba9tL3U2rbq51eiGrWoxO0oxR9xsPq/pVW++9rCndvpwEy8tPagnX+wvTTcmZ8dKcVMoW9+diIiUkqd+bGYPJqfi1Jc7z/+XGv8rvx4PP/cfv7TVr4cpfjx/diIWixHFNpHf5D/ZDalV99YmOjM39pvd6zhAZ8WAAAAuEjl9Lfe5/dmu1Hf/a1d7efz1G5ZOOH3ga7n82LcKl7VUXOovvPRalarVbb+ZWH0+H5Gz9dzT6EQEVkcrZme/HVxf/BT9nN4uV3QfI4Uhi+6wxMLIye3Occ5jeKp/5gDKkSzuyYvRZy1n9++PFIzfub4+QpD7cssqzVPfbFFM88HOrG+/4xjJ6WOv2cUBnxP4vL8c9KveiYAAAAAAAAAAACcRd+3/yYioud9wA97ag5fD++M9/Z8/OifX8IRAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sQPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK8CAAD//w+Ty90=") r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r1}, 0x10) r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x94) ftruncate(r2, 0x2007ffc) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r4 = socket(0x400000000010, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10) r7 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x7fff}}]}, 0x38}}, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000002a80)={r0, 0x20, &(0x7f0000002a40)={&(0x7f0000002900)=""/177, 0xb1, 0x0, &(0x7f00000029c0)=""/70, 0x46}}, 0x10) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000002b00)=@bpf_lsm={0x1d, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000480300008abcb94b00000900000018610000020000000000000000000000950000000000"], &(0x7f00000027c0)='GPL\x00', 0x7, 0x5f, &(0x7f0000002800)=""/95, 0x40f00, 0x0, '\x00', r8, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000002880)={0x1, 0x1}, 0x8, 0x10, &(0x7f00000028c0)={0x5, 0xf, 0x5fe8, 0x1}, 0x10, r10, 0x0, 0x0, &(0x7f0000002ac0)=[r5], 0x0, 0x10, 0xc}, 0x94) sendmsg$nl_route_sched(r9, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x1, 0x3}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) sendfile(r2, r2, 0x0, 0x100000000) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r11 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSARP(r11, 0x8955, &(0x7f0000000000)={{0x2, 0x4e22, @remote}, {0x6, @local}, 0x48, {0x2, 0x4e22, @empty}, 'tunl0\x00'}) recvmmsg$unix(r0, &(0x7f0000002680)=[{{&(0x7f0000000200)=@abs, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000001100)=""/4096, 0x1000}, {&(0x7f0000000280)=""/195, 0xc3}, {&(0x7f0000000380)=""/177, 0xb1}, {&(0x7f0000000440)=""/98, 0x62}, {&(0x7f00000004c0)=""/212, 0xd4}, {&(0x7f00000000c0)=""/47, 0x2f}, {&(0x7f0000000640)=""/148, 0x94}, {&(0x7f0000000700)=""/173, 0xad}], 0x8, &(0x7f0000000840)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb8}}, {{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000005c0)=""/59, 0x3b}, {&(0x7f0000000900)=""/255, 0xff}, {&(0x7f0000000a00)=""/122, 0x7a}, {&(0x7f0000000a80)=""/119, 0x77}], 0x4}}, {{&(0x7f0000000b40)=@abs, 0x6e, &(0x7f0000001040)=[{&(0x7f0000000bc0)=""/124, 0x7c}, {&(0x7f0000000c40)=""/96, 0x60}, {&(0x7f0000000cc0)=""/179, 0xb3}, {&(0x7f0000000d80)=""/105, 0x69}, {&(0x7f0000000e00)=""/96, 0x60}, {&(0x7f0000000e80)=""/145, 0x91}, {&(0x7f0000000f40)=""/209, 0xd1}, {&(0x7f0000002100)=""/168, 0xa8}], 0x8, &(0x7f00000021c0)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x60}}, {{&(0x7f0000002240)=@abs, 0x6e, &(0x7f0000002540)=[{&(0x7f00000022c0)=""/4, 0x4}, {&(0x7f0000002300)=""/30, 0x1e}, {&(0x7f0000002340)=""/173, 0xad}, {&(0x7f0000002400)=""/228, 0xe4}, {&(0x7f0000002500)=""/29, 0x1d}], 0x5, &(0x7f00000025c0)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}}], 0x4, 0x2060, &(0x7f0000002780)) ioctl$sock_inet_SIOCSARP(r11, 0x8955, &(0x7f0000000100)={{0x2, 0x4e21, @remote}, {0x306, @multicast}, 0x18, {0x2, 0x4e20, @local}, 'veth1_to_bridge\x00'}) syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) 189.769596ms ago: executing program 3 (id=965): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000000)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x9, 0x0, 0x9, 0x2, 0x0, 0x0, 0x25dfdbff}, 0x10}, 0x1, 0x34000}, 0x0) 189.376106ms ago: executing program 2 (id=966): bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_create_resource$binfmt(0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), 0x0}, 0x20) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x18) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0xf, 0x25, 0x4, 0x0, 0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 120.745117ms ago: executing program 2 (id=967): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000007b00), 0x40040, 0x0) ioctl$RTC_PIE_ON(r0, 0x7005) r1 = syz_io_uring_setup(0x110, &(0x7f0000000200)={0x0, 0xfec9, 0x8, 0x400005, 0x3d4}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0) getsockname$packet(r7, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x60, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28}, @TCA_TBF_BURST={0x8, 0x6, 0x58}]}}]}, 0x60}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x1, 0x70bd29, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}}}, 0x24}}, 0x0) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@getnetconf={0x14, 0x52, 0x800, 0x70bd2c, 0x25dfdbfc, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 120.374147ms ago: executing program 3 (id=968): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0x10, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfff}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x2, 0x5, 0x7ffc0204}]}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{0x0}], 0x1}, 0x41) recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x61) 119.829977ms ago: executing program 3 (id=969): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7fe, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x2}, r1, 0xb}}, 0x48) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r2}, 0x8) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x0, 0x10, &(0x7f00000000c0)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r6}, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEAUTHENTICATE(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r8, 0xfc5, 0x0, 0x20, {{0x11}, {@val={0x8}, @val={0xc, 0x99, {0x1, 0x45}}}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x34}}, 0x0) sendmsg$NL80211_CMD_SET_REG(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d40)=ANY=[@ANYRES8=r2, @ANYRES16, @ANYBLOB="01002cbd700000dcdf251a000000380022800c00008008000400fe3c000004000080140000800800060003000000080006006006000004000080040180800400008004000080060021006100896d16536d98f429ffd715d8ee33892e59d17fed641662fefc3c610f599f9fbd0ac3a7959c4ba333142a03a31be98d9cbf1a24a85f09647536f0144883e97c5276a298a056475e107c392ffbe44c3a81f11e02189490f85306e62383f712acf62c3aee772d2e720de3936500ed506fcfb4ec60bf3b788c820945ab909e415bac66"], 0x54}, 0x1, 0x0, 0x0, 0x4040001}, 0x8000) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000840}, 0xc, &(0x7f0000000240)={&(0x7f0000000980)=ANY=[@ANYBLOB="e0020000", @ANYRES16, @ANYBLOB="0004ff000000000000002800005408000300", @ANYRES32=r9, @ANYBLOB="0a00060021734c83158700000a00060050505050505000000a00060008021100000100000a000600505050505050000091022a002d1a000402ffffffff000000000000fb000200000003000200000000bd06080211000000720603030303030376060909010000fe0602ff7f37b50c05a836b83a91d8b961e7c95d8806b4336643186ea99985b4c311d217bedb8ac2c4632a7d1a39438c1675455d364b672bcd071fc620480f7b77e57816b7a211feb0afc450839783bb44e41880125b19d1050402266b040d172def91ac657e77bca32e1890011c3f74a235a8aacad3f995af5bfa87ceb01743c75eb4e10fc8ba38c7df0412b83734e6af4e584d74d33c26337a9cddb9f6041c80d0599abef208814e1c339bbf98b7f4a10d96c70e5929b684acc01937b81003c54429e5f89c0721135fc47304d9031f3be88c908631c672fb82b2790e23a5759dfd3853d104e14277b8fd44fe18c7f91e86b01a9ff7cde76e3ae186eb4986dfd48260971b037c6fded8317f3f7391a2022855492f91aed4a264db0afa99cb1c4c718231e50065cd8f4c1e541430207d17ddda28138373b66b9f0428bde7605224e0ca036cf5cb207c1d4707cf99448039c45726e9b0c5880273fa2ca2db273357f5e3220410df4e16b09e8b812d70258fa59fbacd0d05e2cf7d6402966ff62207c6fd460463f191e2bbd3834eebac3d29983f22f3eb2fd04a8321989a19b78e3ef1c74092e0d0a823e5ff3c1e2d7c301ca0f0faabfcb08bfb6a4e79df348b7cd6ec2fb6675e85bd1be24e4975266bba03849b0262f34f795e9ea828acfb2893003f82f93256169855f3251dd68f72be6a7a56184a71e85d057b277be14fc8b5472f671d20cd8e6a6dc488bc4f8b016923878d034ba56883a07f4fb3ec5ef32818d37629d2d2172602383bf3679ced76adf1d1a5e205514d91cc14866330512892c06872eb001212e76cb09992d4e919ce49f4458a47eeaaa4f5000000"], 0x2e0}, 0x1, 0x0, 0x0, 0x10}, 0xc800) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x10, &(0x7f0000000140)=ANY=[@ANYRES16=r4, @ANYRESHEX=r0, @ANYRESHEX=r6], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4d, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='cachefiles_lookup\x00', r10}, 0x18) getpid() sched_setscheduler(0x0, 0x2, 0x0) socket(0x2, 0x80805, 0x0) r11 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$IP_VS_SO_SET_ADD(r11, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x640100ff, 0x4e20, 0x3, 'rr\x00', 0x1, 0xa7e, 0x70}, 0x2c) r12 = socket$kcm(0xa, 0x2, 0x0) sendmsg$sock(r12, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0) 71.402258ms ago: executing program 3 (id=970): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={0xffffffffffffffff}, 0x2, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r1, 0x7}}, 0x48) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400)={0xffffffffffffffff}, 0x2, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000580)={0xe, 0x1, 0xfa00, @id_resuseaddr={&(0x7f00000005c0)=0x1, r3, 0x0, 0x1, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r2, 0x0, 0x0) 0s ago: executing program 3 (id=971): socket$nl_xfrm(0x10, 0x3, 0x6) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1, @perf_bp={0x0, 0x224ef61b12363fa4}, 0x0, 0x4, 0x5, 0xffffffffffffffff, 0x8, 0x2, 0x1, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0x1, 0xffffffffffffffff, 0x2) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000012000000000000000000"], &(0x7f0000000c00)='GPL\x00'}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0) kernel console output (not intermixed with test programs): 0 arch=c000003e syscall=202 compat=0 ip=0x7fd7f475eec9 code=0x7ffc0000 [ 54.608776][ T29] audit: type=1326 audit(1758862657.144:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4529 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fd7f475eec9 code=0x7ffc0000 [ 54.626216][ T4535] validate_nla: 2 callbacks suppressed [ 54.626270][ T4535] netlink: '+}[@': attribute type 30 has an invalid length. [ 54.632236][ T29] audit: type=1326 audit(1758862657.144:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4529 comm="syz.2.396" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7f475eec9 code=0x7ffc0000 [ 54.639217][ T4536] random: crng reseeded on system resumption [ 54.643755][ T4536] Restarting kernel threads ... [ 54.689995][ T29] audit: type=1326 audit(1758862657.324:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4533 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91188feec9 code=0x7ffc0000 [ 54.713395][ T29] audit: type=1326 audit(1758862657.324:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4533 comm="syz.3.398" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91188feec9 code=0x7ffc0000 [ 54.737313][ T4536] Done restarting kernel threads. [ 54.743980][ T4537] loop2: detected capacity change from 0 to 2048 [ 54.794415][ T4537] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.831218][ T4543] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 54.840030][ T4543] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 54.978305][ T4551] __nla_validate_parse: 14 callbacks suppressed [ 54.978360][ T4551] netlink: 8 bytes leftover after parsing attributes in process `syz.4.404'. [ 54.996015][ T4551] netlink: 256 bytes leftover after parsing attributes in process `syz.4.404'. [ 55.021999][ T3503] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 345: padding at end of block bitmap is not set [ 55.037574][ T3503] EXT4-fs (loop2): Remounting filesystem read-only [ 55.044460][ T52] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 55.124247][ T4554] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.405'. [ 55.421564][ T4569] binfmt_misc: register: failed to install interpreter file ./file2 [ 56.066338][ T4576] loop2: detected capacity change from 0 to 1024 [ 56.082674][ T4576] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.095838][ T4576] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.414: bg 0: block 393: padding at end of block bitmap is not set [ 56.110637][ T4576] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 56.123681][ T4576] EXT4-fs (loop2): This should not happen!! Data will be lost [ 56.123681][ T4576] [ 56.179158][ T4582] netlink: '+}[@': attribute type 30 has an invalid length. [ 56.235489][ T4583] loop2: detected capacity change from 0 to 2048 [ 56.251975][ T4583] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.292047][ T4589] netlink: 8 bytes leftover after parsing attributes in process `syz.4.418'. [ 56.301966][ T4589] netlink: 256 bytes leftover after parsing attributes in process `syz.4.418'. [ 56.313341][ T12] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:0: bg 0: block 345: padding at end of block bitmap is not set [ 56.329469][ T12] EXT4-fs (loop2): Remounting filesystem read-only [ 56.336520][ T2935] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 56.512008][ T4602] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.424'. [ 56.532802][ T4604] random: crng reseeded on system resumption [ 56.542789][ T4604] Restarting kernel threads ... [ 56.547792][ T4604] Done restarting kernel threads. [ 56.592009][ T4608] team0 (unregistering): Port device team_slave_0 removed [ 56.600928][ T4608] team0 (unregistering): Port device team_slave_1 removed [ 56.685904][ T4609] binfmt_misc: register: failed to install interpreter file ./file2 [ 57.467734][ T4616] netlink: '+}[@': attribute type 30 has an invalid length. [ 57.468014][ T4614] loop2: detected capacity change from 0 to 1024 [ 57.487508][ T4618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.431'. [ 57.500668][ T4618] netlink: 256 bytes leftover after parsing attributes in process `syz.0.431'. [ 57.515411][ T4614] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.534632][ T4614] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.429: bg 0: block 393: padding at end of block bitmap is not set [ 57.550926][ T4614] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 57.563590][ T4614] EXT4-fs (loop2): This should not happen!! Data will be lost [ 57.563590][ T4614] [ 57.563930][ T4621] loop4: detected capacity change from 0 to 2048 [ 57.596646][ T4621] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.800703][ T4458] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 57.846321][ T4458] EXT4-fs (loop4): Remounting filesystem read-only [ 57.869053][ T4638] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.438'. [ 57.891923][ T4640] random: crng reseeded on system resumption [ 57.902829][ T4640] Restarting kernel threads ... [ 57.907950][ T4640] Done restarting kernel threads. [ 57.978271][ T4648] loop3: detected capacity change from 0 to 1024 [ 57.993586][ T4648] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 57.995442][ T4654] netlink: 8 bytes leftover after parsing attributes in process `syz.0.445'. [ 58.007586][ T4648] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.444: bg 0: block 393: padding at end of block bitmap is not set [ 58.027794][ T4648] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 58.040626][ T4648] EXT4-fs (loop3): This should not happen!! Data will be lost [ 58.040626][ T4648] [ 58.083742][ T4656] binfmt_misc: register: failed to install interpreter file ./file2 [ 58.128399][ T4668] netlink: '+}[@': attribute type 30 has an invalid length. [ 58.190731][ T4674] random: crng reseeded on system resumption [ 58.201212][ T4674] Restarting kernel threads ... [ 58.206487][ T4674] Done restarting kernel threads. [ 58.225234][ T4672] loop1: detected capacity change from 0 to 2048 [ 58.237633][ T4676] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 58.247590][ T4676] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 58.256833][ T4672] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.371187][ T4687] loop3: detected capacity change from 0 to 1024 [ 58.381822][ T4687] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.396009][ T4687] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.457: bg 0: block 393: padding at end of block bitmap is not set [ 58.411773][ T4687] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 58.424391][ T4687] EXT4-fs (loop3): This should not happen!! Data will be lost [ 58.424391][ T4687] [ 58.492329][ T4691] pim6reg1: entered promiscuous mode [ 58.503593][ T4691] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.562084][ T4691] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.622503][ T4691] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.692984][ T4691] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.751785][ T52] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.769719][ T52] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.783196][ T52] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.807046][ T52] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.826458][ T52] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 345: padding at end of block bitmap is not set [ 58.843953][ T52] EXT4-fs (loop1): Remounting filesystem read-only [ 58.851669][ T3503] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 58.946206][ T4710] random: crng reseeded on system resumption [ 58.957306][ T4710] Restarting kernel threads ... [ 58.962509][ T4710] Done restarting kernel threads. [ 59.010413][ T4717] loop2: detected capacity change from 0 to 1024 [ 59.024746][ T4717] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.037675][ T4717] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.469: bg 0: block 393: padding at end of block bitmap is not set [ 59.052336][ T4717] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 59.065121][ T4717] EXT4-fs (loop2): This should not happen!! Data will be lost [ 59.065121][ T4717] [ 59.078507][ T4723] team0 (unregistering): Port device team_slave_0 removed [ 59.088928][ T4723] team0 (unregistering): Port device team_slave_1 removed [ 59.122298][ T4726] binfmt_misc: register: failed to install interpreter file ./file2 [ 59.139841][ T4728] netlink: '+}[@': attribute type 30 has an invalid length. [ 59.196581][ T4729] loop2: detected capacity change from 0 to 2048 [ 59.211559][ T4729] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 59.901500][ T29] kauditd_printk_skb: 481 callbacks suppressed [ 59.901518][ T29] audit: type=1326 audit(1758862662.594:2228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.1.474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 59.931738][ T29] audit: type=1326 audit(1758862662.594:2229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.1.474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 59.964255][ T29] audit: type=1326 audit(1758862662.594:2230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.1.474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 59.980669][ T4736] __nla_validate_parse: 6 callbacks suppressed [ 59.980756][ T4736] netlink: 256 bytes leftover after parsing attributes in process `syz.1.475'. [ 59.988429][ T29] audit: type=1326 audit(1758862662.594:2231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.1.474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 60.026654][ T29] audit: type=1326 audit(1758862662.594:2232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.1.474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 60.027111][ T12] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:0: bg 0: block 345: padding at end of block bitmap is not set [ 60.050236][ T29] audit: type=1326 audit(1758862662.594:2233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.1.474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 60.087943][ T29] audit: type=1326 audit(1758862662.594:2234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.1.474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 60.089430][ T12] EXT4-fs (loop2): Remounting filesystem read-only [ 60.111293][ T29] audit: type=1326 audit(1758862662.594:2235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.1.474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 60.119100][ T52] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 60.141034][ T29] audit: type=1326 audit(1758862662.594:2236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.1.474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 60.243287][ T29] audit: type=1326 audit(1758862662.934:2237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4750 comm="syz.2.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7f475eec9 code=0x7ffc0000 [ 60.269367][ T4751] random: crng reseeded on system resumption [ 60.280138][ T4751] Restarting kernel threads ... [ 60.285425][ T4751] Done restarting kernel threads. [ 60.309107][ T4755] loop1: detected capacity change from 0 to 1024 [ 60.332773][ T4755] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.344554][ T4763] loop4: detected capacity change from 0 to 1024 [ 60.346426][ T4755] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.484: bg 0: block 393: padding at end of block bitmap is not set [ 60.365625][ T4755] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 60.378404][ T4755] EXT4-fs (loop1): This should not happen!! Data will be lost [ 60.378404][ T4755] [ 60.395205][ T4763] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.408311][ T4764] binfmt_misc: register: failed to install interpreter file ./file2 [ 60.431783][ T4770] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.488'. [ 60.464850][ T4772] netlink: '+}[@': attribute type 30 has an invalid length. [ 60.521203][ T4773] loop4: detected capacity change from 0 to 2048 [ 60.541977][ T4773] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 60.753350][ T3503] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 345: padding at end of block bitmap is not set [ 60.768164][ T3503] EXT4-fs (loop4): Remounting filesystem read-only [ 60.775132][ T2935] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 60.886086][ T4783] netlink: 8 bytes leftover after parsing attributes in process `syz.4.493'. [ 60.896886][ T4783] netlink: 256 bytes leftover after parsing attributes in process `syz.4.493'. [ 61.078349][ T4796] random: crng reseeded on system resumption [ 61.088962][ T4796] Restarting kernel threads ... [ 61.094037][ T4796] Done restarting kernel threads. [ 61.124477][ T4798] loop4: detected capacity change from 0 to 1024 [ 61.152195][ T4798] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.166262][ T4798] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.500: bg 0: block 393: padding at end of block bitmap is not set [ 61.180951][ T4798] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 61.193570][ T4798] EXT4-fs (loop4): This should not happen!! Data will be lost [ 61.193570][ T4798] [ 61.246257][ T4802] netlink: '+}[@': attribute type 30 has an invalid length. [ 61.298724][ T4810] netlink: 8 bytes leftover after parsing attributes in process `syz.4.505'. [ 61.309226][ T4810] netlink: 256 bytes leftover after parsing attributes in process `syz.4.505'. [ 61.329551][ T4811] loop2: detected capacity change from 0 to 2048 [ 61.361664][ T4811] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.491580][ T4818] loop0: detected capacity change from 0 to 1024 [ 61.534763][ T4826] random: crng reseeded on system resumption [ 61.544112][ T4818] ext4 filesystem being mounted at /87/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.560167][ T4826] Restarting kernel threads ... [ 61.565558][ T4826] Done restarting kernel threads. [ 61.629385][ T4832] loop1: detected capacity change from 0 to 1024 [ 61.663615][ T4834] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.516'. [ 61.667563][ T52] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 345: padding at end of block bitmap is not set [ 61.676093][ T4832] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 61.689024][ T52] EXT4-fs (loop2): Remounting filesystem read-only [ 61.705310][ T3503] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 61.705559][ T4832] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.514: bg 0: block 393: padding at end of block bitmap is not set [ 61.734895][ T4832] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 61.747537][ T4832] EXT4-fs (loop1): This should not happen!! Data will be lost [ 61.747537][ T4832] [ 61.762906][ T4839] binfmt_misc: register: failed to install interpreter file ./file2 [ 61.794804][ T4843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 61.803665][ T4843] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 61.854876][ T4847] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.518'. [ 62.548895][ T4854] netlink: 8 bytes leftover after parsing attributes in process `syz.0.520'. [ 62.560584][ T4854] netlink: 256 bytes leftover after parsing attributes in process `syz.0.520'. [ 62.641001][ T4864] random: crng reseeded on system resumption [ 62.653380][ T4864] Restarting kernel threads ... [ 62.658625][ T4864] Done restarting kernel threads. [ 62.677218][ T4866] netlink: '+}[@': attribute type 30 has an invalid length. [ 62.748121][ T4871] loop4: detected capacity change from 0 to 2048 [ 62.763927][ T4871] ext4 filesystem being mounted at /101/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.873041][ T4878] binfmt_misc: register: failed to install interpreter file ./file2 [ 63.027049][ T2935] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 345: padding at end of block bitmap is not set [ 63.041847][ T2935] EXT4-fs (loop4): Remounting filesystem read-only [ 63.048430][ T52] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 63.132354][ T4889] loop4: detected capacity change from 0 to 1024 [ 63.151534][ T4889] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.165527][ T4889] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.534: bg 0: block 393: padding at end of block bitmap is not set [ 63.180942][ T4889] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 63.193554][ T4889] EXT4-fs (loop4): This should not happen!! Data will be lost [ 63.193554][ T4889] [ 63.295962][ T4903] random: crng reseeded on system resumption [ 63.307928][ T4903] Restarting kernel threads ... [ 63.313467][ T4903] Done restarting kernel threads. [ 63.377828][ T4911] netlink: '+}[@': attribute type 30 has an invalid length. [ 63.435922][ T4914] loop4: detected capacity change from 0 to 2048 [ 63.449185][ T4916] loop3: detected capacity change from 0 to 1024 [ 63.451972][ T4914] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.473001][ T4916] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.486620][ T4916] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.546: bg 0: block 393: padding at end of block bitmap is not set [ 63.506394][ T4916] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 63.519224][ T4916] EXT4-fs (loop3): This should not happen!! Data will be lost [ 63.519224][ T4916] [ 63.589975][ T4923] pim6reg1: entered promiscuous mode [ 63.600981][ T4923] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.667084][ T4923] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.733116][ T4923] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.760548][ T3503] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 345: padding at end of block bitmap is not set [ 63.775677][ T3503] EXT4-fs (loop4): Remounting filesystem read-only [ 63.782928][ T2935] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 63.799252][ T4923] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.853841][ T4941] random: crng reseeded on system resumption [ 63.879988][ T4943] loop0: detected capacity change from 0 to 1024 [ 63.895572][ T4943] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 63.912596][ T297] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.917649][ T4943] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.557: bg 0: block 393: padding at end of block bitmap is not set [ 63.938061][ T297] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.950797][ T297] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.951006][ T4943] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 63.971827][ T4943] EXT4-fs (loop0): This should not happen!! Data will be lost [ 63.971827][ T4943] [ 63.993706][ T297] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.005247][ T4950] binfmt_misc: register: failed to install interpreter file ./file2 [ 64.015448][ T4954] netlink: 'syz.4.559': attribute type 10 has an invalid length. [ 64.160819][ T4970] netlink: '+}[@': attribute type 30 has an invalid length. [ 64.217881][ T4971] loop4: detected capacity change from 0 to 2048 [ 64.241622][ T4971] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 64.449557][ T3503] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 345: padding at end of block bitmap is not set [ 64.465521][ T3503] EXT4-fs (loop4): Remounting filesystem read-only [ 64.472375][ T2935] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 64.549546][ T4977] random: crng reseeded on system resumption [ 64.600168][ T4981] loop4: detected capacity change from 0 to 1024 [ 64.612792][ T4981] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 64.626065][ T4981] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.571: bg 0: block 393: padding at end of block bitmap is not set [ 64.640903][ T4981] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 64.653917][ T4981] EXT4-fs (loop4): This should not happen!! Data will be lost [ 64.653917][ T4981] [ 64.684777][ T4985] netlink: 'syz.4.572': attribute type 10 has an invalid length. [ 64.827177][ T5000] 9pnet: Could not find request transport: fd0x0000000000000003 [ 64.877733][ T5003] pim6reg1: entered promiscuous mode [ 64.887989][ T5003] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.942500][ T5003] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.007199][ T29] kauditd_printk_skb: 655 callbacks suppressed [ 65.007276][ T29] audit: type=1326 audit(1758862667.694:2893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5017 comm="syz.0.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 65.037386][ T5019] loop0: detected capacity change from 0 to 1024 [ 65.039599][ T29] audit: type=1326 audit(1758862667.694:2894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5017 comm="syz.0.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 65.053196][ T5024] __nla_validate_parse: 12 callbacks suppressed [ 65.053217][ T5024] netlink: 8 bytes leftover after parsing attributes in process `syz.2.590'. [ 65.067476][ T29] audit: type=1326 audit(1758862667.704:2895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5017 comm="syz.0.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 65.106433][ T29] audit: type=1326 audit(1758862667.704:2896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5017 comm="syz.0.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 65.114213][ T5024] netlink: 256 bytes leftover after parsing attributes in process `syz.2.590'. [ 65.130466][ T29] audit: type=1326 audit(1758862667.704:2897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5017 comm="syz.0.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 65.151746][ T5019] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.162447][ T29] audit: type=1326 audit(1758862667.704:2898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5017 comm="syz.0.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 65.162481][ T29] audit: type=1326 audit(1758862667.704:2899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5017 comm="syz.0.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 65.180264][ T5019] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.587: bg 0: block 393: padding at end of block bitmap is not set [ 65.196353][ T29] audit: type=1326 audit(1758862667.704:2900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5017 comm="syz.0.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 65.220856][ T5019] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 65.234065][ T29] audit: type=1326 audit(1758862667.704:2901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5017 comm="syz.0.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 65.257653][ T5019] EXT4-fs (loop0): This should not happen!! Data will be lost [ 65.257653][ T5019] [ 65.270222][ T29] audit: type=1326 audit(1758862667.704:2902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5017 comm="syz.0.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 65.328424][ T5003] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.344738][ T5027] binfmt_misc: register: failed to install interpreter file ./file2 [ 65.374330][ T5003] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.410887][ T5039] loop0: detected capacity change from 0 to 512 [ 65.422502][ T5039] EXT4-fs (loop0): 1 orphan inode deleted [ 65.428998][ T5039] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.441923][ T2935] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 1 [ 65.458933][ T5045] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.597'. [ 65.471727][ T3503] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.481527][ T5039] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.595: iget: bad i_size value: 360287970189639690 [ 65.483384][ T3503] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.505498][ T3503] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.520665][ T3503] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.605642][ T5049] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 65.614274][ T5049] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 65.917555][ T5052] netlink: '+}[@': attribute type 30 has an invalid length. [ 65.975395][ T5053] loop1: detected capacity change from 0 to 2048 [ 65.991985][ T5053] ext4 filesystem being mounted at /133/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 66.200371][ T12] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:0: bg 0: block 345: padding at end of block bitmap is not set [ 66.215097][ T12] EXT4-fs (loop1): Remounting filesystem read-only [ 66.221701][ T2935] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 66.300349][ T5060] netlink: 8 bytes leftover after parsing attributes in process `syz.1.602'. [ 66.310275][ T5060] netlink: 256 bytes leftover after parsing attributes in process `syz.1.602'. [ 66.347913][ T5062] netlink: 'syz.1.603': attribute type 10 has an invalid length. [ 66.355760][ T5062] netlink: 40 bytes leftover after parsing attributes in process `syz.1.603'. [ 66.540366][ T5077] binfmt_misc: register: failed to install interpreter file ./file2 [ 67.293873][ T5081] pim6reg1: entered promiscuous mode [ 67.309192][ T5081] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.359721][ T5085] netlink: 100 bytes leftover after parsing attributes in process `syz.1.611'. [ 67.375924][ T5081] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.391126][ T5088] netlink: 8 bytes leftover after parsing attributes in process `syz.2.614'. [ 67.402439][ T5088] netlink: 256 bytes leftover after parsing attributes in process `syz.2.614'. [ 67.462108][ T5081] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.474585][ T5090] netlink: 'syz.2.615': attribute type 10 has an invalid length. [ 67.482433][ T5090] netlink: 40 bytes leftover after parsing attributes in process `syz.2.615'. [ 67.541899][ T5081] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.598089][ T2935] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.609646][ T2935] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.621339][ T2935] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.633515][ T2935] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.091173][ T5098] FAULT_INJECTION: forcing a failure. [ 68.091173][ T5098] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 68.104487][ T5098] CPU: 0 UID: 0 PID: 5098 Comm: syz.3.619 Not tainted syzkaller #0 PREEMPT(voluntary) [ 68.104515][ T5098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 68.104528][ T5098] Call Trace: [ 68.104534][ T5098] [ 68.104553][ T5098] __dump_stack+0x1d/0x30 [ 68.104620][ T5098] dump_stack_lvl+0xe8/0x140 [ 68.104643][ T5098] dump_stack+0x15/0x1b [ 68.104663][ T5098] should_fail_ex+0x265/0x280 [ 68.104690][ T5098] should_fail+0xb/0x20 [ 68.104709][ T5098] should_fail_usercopy+0x1a/0x20 [ 68.104734][ T5098] _copy_from_user+0x1c/0xb0 [ 68.104787][ T5098] __se_sys_mount+0x10d/0x2e0 [ 68.104817][ T5098] ? fput+0x8f/0xc0 [ 68.104856][ T5098] ? ksys_write+0x192/0x1a0 [ 68.104903][ T5098] __x64_sys_mount+0x67/0x80 [ 68.104933][ T5098] x64_sys_call+0x2b4d/0x2ff0 [ 68.104962][ T5098] do_syscall_64+0xd2/0x200 [ 68.105001][ T5098] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 68.105030][ T5098] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 68.105057][ T5098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.105149][ T5098] RIP: 0033:0x7f91188feec9 [ 68.105216][ T5098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.105235][ T5098] RSP: 002b:00007f911735f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 68.105254][ T5098] RAX: ffffffffffffffda RBX: 00007f9118b55fa0 RCX: 00007f91188feec9 [ 68.105266][ T5098] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000 [ 68.105278][ T5098] RBP: 00007f911735f090 R08: 0000200000000240 R09: 0000000000000000 [ 68.105291][ T5098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.105306][ T5098] R13: 00007f9118b56038 R14: 00007f9118b55fa0 R15: 00007fff7440cbc8 [ 68.105408][ T5098] [ 68.291335][ T5098] 9pnet: Could not find request transport: fd0x0000000000000003 [ 68.507166][ T5107] binfmt_misc: register: failed to install interpreter file ./file2 [ 68.725244][ T5111] loop0: detected capacity change from 0 to 1024 [ 68.742131][ T5111] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.757414][ T5111] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.623: bg 0: block 393: padding at end of block bitmap is not set [ 68.772299][ T5111] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 68.784935][ T5111] EXT4-fs (loop0): This should not happen!! Data will be lost [ 68.784935][ T5111] [ 69.194183][ T5121] 9pnet_fd: Insufficient options for proto=fd [ 69.233578][ T5123] loop3: detected capacity change from 0 to 1024 [ 69.240552][ T5123] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 69.256049][ T5123] loop3: detected capacity change from 0 to 1024 [ 69.262662][ T5123] EXT4-fs: Ignoring removed orlov option [ 69.271171][ T5123] EXT4-fs mount: 96 callbacks suppressed [ 69.271184][ T5123] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.344699][ T5127] pim6reg1: entered promiscuous mode [ 69.357919][ T5127] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.402485][ T5127] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.452832][ T5127] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.512028][ T5127] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.599360][ T297] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.618958][ T297] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.628529][ T297] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.637507][ T297] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.660087][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.780833][ T5146] netlink: 'syz.3.636': attribute type 10 has an invalid length. [ 69.939410][ T5150] 9pnet_fd: Insufficient options for proto=fd [ 69.997632][ T5154] loop3: detected capacity change from 0 to 1024 [ 70.023146][ T5154] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.035746][ T5154] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 70.048209][ T29] kauditd_printk_skb: 215 callbacks suppressed [ 70.048229][ T29] audit: type=1326 audit(1758862672.734:3117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5153 comm="syz.3.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f91188fd710 code=0x7ffc0000 [ 70.092989][ T29] audit: type=1326 audit(1758862672.764:3118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5153 comm="syz.3.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f91188fdc17 code=0x7ffc0000 [ 70.116617][ T29] audit: type=1326 audit(1758862672.764:3119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5153 comm="syz.3.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f91188fd710 code=0x7ffc0000 [ 70.140004][ T29] audit: type=1326 audit(1758862672.764:3120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5153 comm="syz.3.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91188feec9 code=0x7ffc0000 [ 70.163859][ T29] audit: type=1326 audit(1758862672.764:3121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5153 comm="syz.3.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91188feec9 code=0x7ffc0000 [ 70.187844][ T29] audit: type=1326 audit(1758862672.774:3122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5153 comm="syz.3.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f91188feec9 code=0x7ffc0000 [ 70.211276][ T29] audit: type=1326 audit(1758862672.774:3123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5153 comm="syz.3.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91188feec9 code=0x7ffc0000 [ 70.234811][ T29] audit: type=1326 audit(1758862672.774:3124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5153 comm="syz.3.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91188feec9 code=0x7ffc0000 [ 70.258198][ T29] audit: type=1326 audit(1758862672.774:3125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5153 comm="syz.3.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f91188feec9 code=0x7ffc0000 [ 70.282012][ T29] audit: type=1326 audit(1758862672.774:3126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5153 comm="syz.3.640" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91188feec9 code=0x7ffc0000 [ 70.306872][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.524675][ T5160] __nla_validate_parse: 3 callbacks suppressed [ 70.524691][ T5160] netlink: 16 bytes leftover after parsing attributes in process `syz.3.642'. [ 70.543621][ T5165] netlink: 16 bytes leftover after parsing attributes in process `syz.4.643'. [ 70.552881][ T5165] FAULT_INJECTION: forcing a failure. [ 70.552881][ T5165] name failslab, interval 1, probability 0, space 0, times 1 [ 70.566572][ T5165] CPU: 1 UID: 0 PID: 5165 Comm: syz.4.643 Not tainted syzkaller #0 PREEMPT(voluntary) [ 70.566630][ T5165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 70.566644][ T5165] Call Trace: [ 70.566651][ T5165] [ 70.566681][ T5165] __dump_stack+0x1d/0x30 [ 70.566719][ T5165] dump_stack_lvl+0xe8/0x140 [ 70.566743][ T5165] dump_stack+0x15/0x1b [ 70.566763][ T5165] should_fail_ex+0x265/0x280 [ 70.566796][ T5165] should_failslab+0x8c/0xb0 [ 70.566822][ T5165] kmem_cache_alloc_node_noprof+0x57/0x320 [ 70.566890][ T5165] ? __alloc_skb+0x101/0x320 [ 70.566918][ T5165] __alloc_skb+0x101/0x320 [ 70.566943][ T5165] netlink_ack+0xfd/0x500 [ 70.566976][ T5165] netlink_rcv_skb+0x192/0x220 [ 70.567003][ T5165] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 70.567119][ T5165] rtnetlink_rcv+0x1c/0x30 [ 70.567154][ T5165] netlink_unicast+0x5bd/0x690 [ 70.567243][ T5165] netlink_sendmsg+0x58b/0x6b0 [ 70.567272][ T5165] ? __pfx_netlink_sendmsg+0x10/0x10 [ 70.567296][ T5165] __sock_sendmsg+0x145/0x180 [ 70.567336][ T5165] ____sys_sendmsg+0x31e/0x4e0 [ 70.567362][ T5165] ___sys_sendmsg+0x17b/0x1d0 [ 70.567400][ T5165] __x64_sys_sendmsg+0xd4/0x160 [ 70.567486][ T5165] x64_sys_call+0x191e/0x2ff0 [ 70.567512][ T5165] do_syscall_64+0xd2/0x200 [ 70.567559][ T5165] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 70.567591][ T5165] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 70.567634][ T5165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.567664][ T5165] RIP: 0033:0x7fdec184eec9 [ 70.567683][ T5165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.567703][ T5165] RSP: 002b:00007fdec02b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 70.567728][ T5165] RAX: ffffffffffffffda RBX: 00007fdec1aa5fa0 RCX: 00007fdec184eec9 [ 70.567745][ T5165] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 70.567761][ T5165] RBP: 00007fdec02b7090 R08: 0000000000000000 R09: 0000000000000000 [ 70.567822][ T5165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.567838][ T5165] R13: 00007fdec1aa6038 R14: 00007fdec1aa5fa0 R15: 00007ffdf2098d68 [ 70.567928][ T5165] [ 70.820616][ T5169] loop4: detected capacity change from 0 to 1024 [ 70.832634][ T5169] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.846001][ T5169] FAULT_INJECTION: forcing a failure. [ 70.846001][ T5169] name failslab, interval 1, probability 0, space 0, times 0 [ 70.858792][ T5169] CPU: 0 UID: 0 PID: 5169 Comm: syz.4.646 Not tainted syzkaller #0 PREEMPT(voluntary) [ 70.858821][ T5169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 70.858837][ T5169] Call Trace: [ 70.858845][ T5169] [ 70.858854][ T5169] __dump_stack+0x1d/0x30 [ 70.858948][ T5169] dump_stack_lvl+0xe8/0x140 [ 70.858971][ T5169] dump_stack+0x15/0x1b [ 70.858998][ T5169] should_fail_ex+0x265/0x280 [ 70.859027][ T5169] should_failslab+0x8c/0xb0 [ 70.859057][ T5169] __kmalloc_noprof+0xa5/0x3e0 [ 70.859144][ T5169] ? ext4_find_extent+0x16b/0x7a0 [ 70.859175][ T5169] ext4_find_extent+0x16b/0x7a0 [ 70.859253][ T5169] ? probe_sched_wakeup+0x85/0xa0 [ 70.859278][ T5169] ? folio_mark_accessed+0x240/0x3d0 [ 70.859315][ T5169] ext4_ext_map_blocks+0x11f/0x38a0 [ 70.859382][ T5169] ? bdev_getblk+0x66/0x3b0 [ 70.859410][ T5169] ? __rcu_read_unlock+0x4f/0x70 [ 70.859465][ T5169] ? ext4_get_group_desc+0x16b/0x190 [ 70.859500][ T5169] ? css_rstat_updated+0xb7/0x240 [ 70.859537][ T5169] ? __account_obj_stock+0x211/0x350 [ 70.859569][ T5169] ext4_map_query_blocks+0xa8/0x480 [ 70.859685][ T5169] ext4_map_blocks+0x330/0xd00 [ 70.859719][ T5169] ? kmem_cache_alloc_noprof+0x220/0x310 [ 70.859755][ T5169] ? alloc_buffer_head+0x1c3/0x1f0 [ 70.859785][ T5169] _ext4_get_block+0x10a/0x350 [ 70.859876][ T5169] ext4_get_block_unwritten+0x2a/0xb0 [ 70.859913][ T5169] ext4_block_write_begin+0x5e8/0xc00 [ 70.859959][ T5169] ? __pfx_ext4_get_block_unwritten+0x10/0x10 [ 70.860072][ T5169] ext4_convert_inline_data_to_extent+0x3df/0x7d0 [ 70.860113][ T5169] ext4_try_to_write_inline_data+0x54/0x90 [ 70.860147][ T5169] ext4_write_begin+0x1b3/0xeb0 [ 70.860185][ T5169] ext4_da_write_begin+0x1fb/0x6e0 [ 70.860255][ T5169] ? balance_dirty_pages_ratelimited_flags+0x40b/0x5e0 [ 70.860295][ T5169] generic_perform_write+0x181/0x490 [ 70.860331][ T5169] ext4_buffered_write_iter+0x1ee/0x3c0 [ 70.860427][ T5169] ext4_file_write_iter+0x383/0xf00 [ 70.860459][ T5169] ? path_openat+0x1bf8/0x2170 [ 70.860484][ T5169] ? _parse_integer_limit+0x170/0x190 [ 70.860521][ T5169] do_iter_readv_writev+0x49c/0x540 [ 70.860562][ T5169] vfs_writev+0x2df/0x8b0 [ 70.860611][ T5169] __se_sys_pwritev2+0xfc/0x1c0 [ 70.860669][ T5169] __x64_sys_pwritev2+0x67/0x80 [ 70.860703][ T5169] x64_sys_call+0x2c55/0x2ff0 [ 70.860724][ T5169] do_syscall_64+0xd2/0x200 [ 70.860835][ T5169] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 70.860919][ T5169] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 70.860952][ T5169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.861055][ T5169] RIP: 0033:0x7fdec184eec9 [ 70.861073][ T5169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.861095][ T5169] RSP: 002b:00007fdec02b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148 [ 70.861114][ T5169] RAX: ffffffffffffffda RBX: 00007fdec1aa5fa0 RCX: 00007fdec184eec9 [ 70.861126][ T5169] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000005 [ 70.861139][ T5169] RBP: 00007fdec02b7090 R08: 0000000000000000 R09: 0000000000000000 [ 70.861228][ T5169] R10: 0000000000005405 R11: 0000000000000246 R12: 0000000000000001 [ 70.861243][ T5169] R13: 00007fdec1aa6038 R14: 00007fdec1aa5fa0 R15: 00007ffdf2098d68 [ 70.861267][ T5169] [ 71.189232][ T5181] netlink: 28 bytes leftover after parsing attributes in process `syz.0.650'. [ 71.210158][ T5181] vxcan1: tx address claim with dlc 0 [ 71.219329][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.236446][ T5186] netlink: 8 bytes leftover after parsing attributes in process `syz.0.652'. [ 71.247012][ T5186] netlink: 256 bytes leftover after parsing attributes in process `syz.0.652'. [ 71.314595][ T5193] pim6reg1: entered promiscuous mode [ 71.326093][ T5193] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.371799][ T5193] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.383138][ T5197] netlink: 100 bytes leftover after parsing attributes in process `syz.4.654'. [ 71.414031][ T5198] binfmt_misc: register: failed to install interpreter file ./file2 [ 71.424093][ T5193] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.481727][ T5193] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.538224][ T3503] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.550365][ T3503] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.562385][ T297] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.574163][ T297] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.207826][ T5206] netlink: 76 bytes leftover after parsing attributes in process `syz.0.658'. [ 72.223800][ T5208] loop1: detected capacity change from 0 to 512 [ 72.258373][ T5208] EXT4-fs (loop1): 1 orphan inode deleted [ 72.264701][ T5208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.278069][ T2935] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 1 [ 72.278642][ T5208] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.304284][ T5208] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.659: iget: bad i_size value: 360287970189639690 [ 72.433546][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.512749][ T5219] loop1: detected capacity change from 0 to 1024 [ 72.583465][ T5224] netlink: 272 bytes leftover after parsing attributes in process `syz.1.665'. [ 73.150885][ T5229] netlink: 'syz.0.666': attribute type 10 has an invalid length. [ 73.158765][ T5229] netlink: 40 bytes leftover after parsing attributes in process `syz.0.666'. [ 73.265070][ T5235] tmpfs: Bad value for 'mpol' [ 73.290724][ T3375] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 73.298729][ T3375] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 73.433643][ T5241] netlink: 12 bytes leftover after parsing attributes in process `syz.1.670'. [ 73.458535][ T5244] FAULT_INJECTION: forcing a failure. [ 73.458535][ T5244] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 73.471991][ T5244] CPU: 1 UID: 0 PID: 5244 Comm: syz.1.671 Not tainted syzkaller #0 PREEMPT(voluntary) [ 73.472023][ T5244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 73.472087][ T5244] Call Trace: [ 73.472095][ T5244] [ 73.472104][ T5244] __dump_stack+0x1d/0x30 [ 73.472128][ T5244] dump_stack_lvl+0xe8/0x140 [ 73.472151][ T5244] dump_stack+0x15/0x1b [ 73.472172][ T5244] should_fail_ex+0x265/0x280 [ 73.472224][ T5244] should_fail_alloc_page+0xf2/0x100 [ 73.472251][ T5244] __alloc_frozen_pages_noprof+0xff/0x360 [ 73.472308][ T5244] alloc_pages_mpol+0xb3/0x250 [ 73.472424][ T5244] alloc_frozen_pages_noprof+0x90/0x110 [ 73.472506][ T5244] ___kmalloc_large_node+0x52/0x100 [ 73.472603][ T5244] __kmalloc_large_node_noprof+0x16/0xa0 [ 73.472635][ T5244] __kmalloc_noprof+0x2ab/0x3e0 [ 73.472664][ T5244] ? iovec_from_user+0x84/0x210 [ 73.472755][ T5244] iovec_from_user+0x84/0x210 [ 73.472796][ T5244] __import_iovec+0xf3/0x540 [ 73.472856][ T5244] import_iovec+0x61/0x80 [ 73.472889][ T5244] blk_rq_map_user_io+0xb9/0x260 [ 73.472978][ T5244] ? sg_link_reserve+0x117/0x140 [ 73.472999][ T5244] sg_common_write+0xb06/0xc30 [ 73.473067][ T5244] sg_new_write+0x7b6/0x890 [ 73.473098][ T5244] ? do_vfs_ioctl+0x866/0xe10 [ 73.473117][ T5244] sg_ioctl+0xb81/0x1360 [ 73.473137][ T5244] ? __pfx_sg_ioctl+0x10/0x10 [ 73.473154][ T5244] __se_sys_ioctl+0xcb/0x140 [ 73.473217][ T5244] __x64_sys_ioctl+0x43/0x50 [ 73.473238][ T5244] x64_sys_call+0x1816/0x2ff0 [ 73.473261][ T5244] do_syscall_64+0xd2/0x200 [ 73.473290][ T5244] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 73.473312][ T5244] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 73.473378][ T5244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.473399][ T5244] RIP: 0033:0x7f36989deec9 [ 73.473413][ T5244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.473496][ T5244] RSP: 002b:00007f3697447038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 73.473513][ T5244] RAX: ffffffffffffffda RBX: 00007f3698c35fa0 RCX: 00007f36989deec9 [ 73.473583][ T5244] RDX: 0000200000000040 RSI: 0000000000002285 RDI: 0000000000000006 [ 73.473594][ T5244] RBP: 00007f3697447090 R08: 0000000000000000 R09: 0000000000000000 [ 73.473604][ T5244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 73.473615][ T5244] R13: 00007f3698c36038 R14: 00007f3698c35fa0 R15: 00007ffcd4e9b6c8 [ 73.473647][ T5244] [ 73.736005][ T5248] binfmt_misc: register: failed to install interpreter file ./file2 [ 73.772293][ T5252] loop1: detected capacity change from 0 to 512 [ 73.792900][ T5252] EXT4-fs (loop1): 1 orphan inode deleted [ 73.799057][ T5252] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.813217][ T52] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:4: Failed to release dquot type 1 [ 73.813269][ T5252] ext4 filesystem being mounted at /149/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.837091][ T5252] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.673: iget: bad i_size value: 360287970189639690 [ 73.860436][ T5257] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 73.869111][ T5257] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 73.970133][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.031407][ T5264] loop1: detected capacity change from 0 to 512 [ 74.038682][ T5264] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 74.052551][ T5264] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.677: Failed to acquire dquot type 1 [ 74.064706][ T5264] EXT4-fs (loop1): 1 truncate cleaned up [ 74.071784][ T5264] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.097956][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.117285][ T5268] netlink: 'syz.1.678': attribute type 10 has an invalid length. [ 74.266253][ T5274] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 74.296080][ T5276] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 74.347770][ T5277] FAULT_INJECTION: forcing a failure. [ 74.347770][ T5277] name failslab, interval 1, probability 0, space 0, times 0 [ 74.412324][ T5277] CPU: 1 UID: 0 PID: 5277 Comm: syz.0.681 Not tainted syzkaller #0 PREEMPT(voluntary) [ 74.412413][ T5277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 74.412424][ T5277] Call Trace: [ 74.412430][ T5277] [ 74.412436][ T5277] __dump_stack+0x1d/0x30 [ 74.412456][ T5277] dump_stack_lvl+0xe8/0x140 [ 74.412478][ T5277] dump_stack+0x15/0x1b [ 74.412492][ T5277] should_fail_ex+0x265/0x280 [ 74.412513][ T5277] should_failslab+0x8c/0xb0 [ 74.412596][ T5277] kmem_cache_alloc_node_noprof+0x57/0x320 [ 74.412622][ T5277] ? __alloc_skb+0x101/0x320 [ 74.412637][ T5277] ? __rtnl_unlock+0x95/0xb0 [ 74.412709][ T5277] __alloc_skb+0x101/0x320 [ 74.412726][ T5277] netlink_ack+0xfd/0x500 [ 74.412746][ T5277] netlink_rcv_skb+0x192/0x220 [ 74.412809][ T5277] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 74.412882][ T5277] rtnetlink_rcv+0x1c/0x30 [ 74.412903][ T5277] netlink_unicast+0x5bd/0x690 [ 74.412921][ T5277] netlink_sendmsg+0x58b/0x6b0 [ 74.412973][ T5277] ? __pfx_netlink_sendmsg+0x10/0x10 [ 74.412992][ T5277] __sock_sendmsg+0x145/0x180 [ 74.413017][ T5277] ____sys_sendmsg+0x31e/0x4e0 [ 74.413084][ T5277] ___sys_sendmsg+0x17b/0x1d0 [ 74.413133][ T5277] __x64_sys_sendmsg+0xd4/0x160 [ 74.413157][ T5277] x64_sys_call+0x191e/0x2ff0 [ 74.413251][ T5277] do_syscall_64+0xd2/0x200 [ 74.413278][ T5277] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 74.413300][ T5277] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 74.413391][ T5277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.413412][ T5277] RIP: 0033:0x7f686f9feec9 [ 74.413426][ T5277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.413512][ T5277] RSP: 002b:00007f686e446038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.413528][ T5277] RAX: ffffffffffffffda RBX: 00007f686fc56090 RCX: 00007f686f9feec9 [ 74.413539][ T5277] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 74.413550][ T5277] RBP: 00007f686e446090 R08: 0000000000000000 R09: 0000000000000000 [ 74.413560][ T5277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 74.413600][ T5277] R13: 00007f686fc56128 R14: 00007f686fc56090 R15: 00007ffcf6741f88 [ 74.413616][ T5277] [ 74.665452][ T5280] vxcan1: tx address claim with different name [ 74.690593][ T5282] mmap: syz.0.683 (5282) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 74.780547][ T5289] loop0: detected capacity change from 0 to 1024 [ 74.792111][ T5289] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.804357][ T5289] ext4 filesystem being mounted at /131/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.827855][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.867298][ T5295] loop0: detected capacity change from 0 to 512 [ 74.882660][ T5295] EXT4-fs (loop0): 1 orphan inode deleted [ 74.888835][ T5295] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.901768][ T5295] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.912480][ T2935] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 1 [ 74.924443][ T5295] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.686: iget: bad i_size value: 360287970189639690 [ 75.020843][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.038446][ T5304] FAULT_INJECTION: forcing a failure. [ 75.038446][ T5304] name failslab, interval 1, probability 0, space 0, times 0 [ 75.051932][ T5304] CPU: 0 UID: 0 PID: 5304 Comm: syz.0.688 Not tainted syzkaller #0 PREEMPT(voluntary) [ 75.052070][ T5304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 75.052087][ T5304] Call Trace: [ 75.052095][ T5304] [ 75.052104][ T5304] __dump_stack+0x1d/0x30 [ 75.052131][ T5304] dump_stack_lvl+0xe8/0x140 [ 75.052150][ T5304] dump_stack+0x15/0x1b [ 75.052166][ T5304] should_fail_ex+0x265/0x280 [ 75.052235][ T5304] should_failslab+0x8c/0xb0 [ 75.052268][ T5304] kmem_cache_alloc_lru_noprof+0x55/0x310 [ 75.052301][ T5304] ? shmem_alloc_inode+0x34/0x50 [ 75.052408][ T5304] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 75.052429][ T5304] shmem_alloc_inode+0x34/0x50 [ 75.052450][ T5304] alloc_inode+0x3d/0x170 [ 75.052479][ T5304] new_inode+0x1d/0xe0 [ 75.052510][ T5304] shmem_get_inode+0x244/0x750 [ 75.052607][ T5304] __shmem_file_setup+0x113/0x210 [ 75.052773][ T5304] shmem_file_setup+0x3b/0x50 [ 75.052810][ T5304] __se_sys_memfd_create+0x2c3/0x590 [ 75.052836][ T5304] __x64_sys_memfd_create+0x31/0x40 [ 75.052856][ T5304] x64_sys_call+0x2abe/0x2ff0 [ 75.052905][ T5304] do_syscall_64+0xd2/0x200 [ 75.053023][ T5304] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 75.053056][ T5304] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 75.053082][ T5304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.053102][ T5304] RIP: 0033:0x7f686f9feec9 [ 75.053225][ T5304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.053312][ T5304] RSP: 002b:00007f686e466e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 75.053329][ T5304] RAX: ffffffffffffffda RBX: 0000000000000550 RCX: 00007f686f9feec9 [ 75.053340][ T5304] RDX: 00007f686e466ef0 RSI: 0000000000000000 RDI: 00007f686fa82960 [ 75.053352][ T5304] RBP: 0000200000001780 R08: 00007f686e466bb7 R09: 00007f686e466e40 [ 75.053362][ T5304] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000000 [ 75.053373][ T5304] R13: 00007f686e466ef0 R14: 00007f686e466eb0 R15: 00002000000003c0 [ 75.053418][ T5304] [ 75.281815][ T29] kauditd_printk_skb: 270 callbacks suppressed [ 75.281831][ T29] audit: type=1326 audit(1758862677.974:3392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5306 comm="syz.0.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 75.317722][ T5307] loop0: detected capacity change from 0 to 128 [ 75.330363][ T29] audit: type=1326 audit(1758862678.004:3393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5306 comm="syz.0.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 75.342685][ T5307] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 75.353963][ T29] audit: type=1326 audit(1758862678.004:3394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5306 comm="syz.0.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 75.367758][ T5307] ext4 filesystem being mounted at /135/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 75.389653][ T29] audit: type=1326 audit(1758862678.004:3395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5306 comm="syz.0.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 75.445191][ T29] audit: type=1326 audit(1758862678.004:3396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5306 comm="syz.0.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 75.468805][ T29] audit: type=1326 audit(1758862678.004:3397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5306 comm="syz.0.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 75.492178][ T29] audit: type=1326 audit(1758862678.004:3398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5306 comm="syz.0.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 75.515692][ T29] audit: type=1326 audit(1758862678.004:3399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5306 comm="syz.0.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 75.539069][ T29] audit: type=1400 audit(1758862678.004:3400): avc: denied { bind } for pid=5306 comm="syz.0.689" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 75.558621][ T29] audit: type=1400 audit(1758862678.004:3401): avc: denied { node_bind } for pid=5306 comm="syz.0.689" saddr=255.255.255.255 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 75.586616][ T5317] binfmt_misc: register: failed to install interpreter file ./file2 [ 75.598696][ T3300] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.729441][ T5324] netlink: '+}[@': attribute type 30 has an invalid length. [ 75.787552][ T5325] loop0: detected capacity change from 0 to 2048 [ 75.806633][ T5329] __nla_validate_parse: 5 callbacks suppressed [ 75.806647][ T5329] netlink: 36 bytes leftover after parsing attributes in process `syz.2.695'. [ 75.806711][ T5325] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.813062][ T5329] FAULT_INJECTION: forcing a failure. [ 75.813062][ T5329] name failslab, interval 1, probability 0, space 0, times 0 [ 75.827452][ T5325] ext4 filesystem being mounted at /138/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 75.834103][ T5329] CPU: 0 UID: 0 PID: 5329 Comm: syz.2.695 Not tainted syzkaller #0 PREEMPT(voluntary) [ 75.834133][ T5329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 75.834149][ T5329] Call Trace: [ 75.834194][ T5329] [ 75.834203][ T5329] __dump_stack+0x1d/0x30 [ 75.834228][ T5329] dump_stack_lvl+0xe8/0x140 [ 75.834255][ T5329] dump_stack+0x15/0x1b [ 75.834278][ T5329] should_fail_ex+0x265/0x280 [ 75.834315][ T5329] should_failslab+0x8c/0xb0 [ 75.834416][ T5329] kmem_cache_alloc_node_noprof+0x57/0x320 [ 75.834458][ T5329] ? __alloc_skb+0x101/0x320 [ 75.834485][ T5329] __alloc_skb+0x101/0x320 [ 75.834513][ T5329] netlink_ack+0xfd/0x500 [ 75.834547][ T5329] netlink_rcv_skb+0x192/0x220 [ 75.834653][ T5329] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 75.834701][ T5329] rtnetlink_rcv+0x1c/0x30 [ 75.834736][ T5329] netlink_unicast+0x5bd/0x690 [ 75.834765][ T5329] netlink_sendmsg+0x58b/0x6b0 [ 75.834876][ T5329] ? __pfx_netlink_sendmsg+0x10/0x10 [ 75.834952][ T5329] __sock_sendmsg+0x145/0x180 [ 75.835005][ T5329] ____sys_sendmsg+0x31e/0x4e0 [ 75.835041][ T5329] ___sys_sendmsg+0x17b/0x1d0 [ 75.835168][ T5329] __x64_sys_sendmsg+0xd4/0x160 [ 75.835208][ T5329] x64_sys_call+0x191e/0x2ff0 [ 75.835235][ T5329] do_syscall_64+0xd2/0x200 [ 75.835276][ T5329] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 75.835349][ T5329] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 75.835420][ T5329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.835450][ T5329] RIP: 0033:0x7fd7f475eec9 [ 75.835471][ T5329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.835525][ T5329] RSP: 002b:00007fd7f31bf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 75.835552][ T5329] RAX: ffffffffffffffda RBX: 00007fd7f49b5fa0 RCX: 00007fd7f475eec9 [ 75.835583][ T5329] RDX: 0000000024008818 RSI: 00002000000002c0 RDI: 0000000000000003 [ 75.835600][ T5329] RBP: 00007fd7f31bf090 R08: 0000000000000000 R09: 0000000000000000 [ 75.835617][ T5329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 75.835633][ T5329] R13: 00007fd7f49b6038 R14: 00007fd7f49b5fa0 R15: 00007fff6d34e188 [ 75.835659][ T5329] [ 75.861756][ T5331] SELinux: Context system_u:object_r:pam_console_exec_t:s0 is not valid (left unmapped). [ 76.185296][ T5336] pim6reg1: entered promiscuous mode [ 76.195786][ T5336] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.242839][ T5336] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.264073][ T5338] netlink: 100 bytes leftover after parsing attributes in process `syz.2.698'. [ 76.303367][ T5336] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.354678][ T5342] netlink: 'syz.1.700': attribute type 7 has an invalid length. [ 76.382863][ T5336] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.462455][ T5347] netlink: 'syz.1.702': attribute type 10 has an invalid length. [ 76.470332][ T5347] netlink: 40 bytes leftover after parsing attributes in process `syz.1.702'. [ 76.487342][ T297] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.499059][ T297] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.516300][ T2935] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.540011][ T2935] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.579252][ T5349] netlink: 'syz.1.703': attribute type 10 has an invalid length. [ 76.587195][ T5349] netlink: 40 bytes leftover after parsing attributes in process `syz.1.703'. [ 76.623661][ T2935] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 345: padding at end of block bitmap is not set [ 76.640080][ T2935] EXT4-fs (loop0): Remounting filesystem read-only [ 76.647179][ T52] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 76.669811][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.679255][ T5351] loop1: detected capacity change from 0 to 1024 [ 76.697325][ T5353] loop0: detected capacity change from 0 to 512 [ 76.706070][ T5351] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.718462][ T5351] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.721119][ T5353] EXT4-fs (loop0): 1 orphan inode deleted [ 76.735030][ T52] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:4: Failed to release dquot type 1 [ 76.748299][ T5351] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.705: bg 0: block 393: padding at end of block bitmap is not set [ 76.758296][ T5353] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.777018][ T5353] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.787749][ T5351] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 76.800576][ T5351] EXT4-fs (loop1): This should not happen!! Data will be lost [ 76.800576][ T5351] [ 76.812502][ T5353] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.704: iget: bad i_size value: 360287970189639690 [ 76.829331][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.843633][ T5360] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.706'. [ 76.931067][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.987438][ T5370] FAULT_INJECTION: forcing a failure. [ 76.987438][ T5370] name failslab, interval 1, probability 0, space 0, times 0 [ 77.000343][ T5370] CPU: 1 UID: 0 PID: 5370 Comm: syz.0.711 Not tainted syzkaller #0 PREEMPT(voluntary) [ 77.000371][ T5370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 77.000404][ T5370] Call Trace: [ 77.000411][ T5370] [ 77.000421][ T5370] __dump_stack+0x1d/0x30 [ 77.000448][ T5370] dump_stack_lvl+0xe8/0x140 [ 77.000471][ T5370] dump_stack+0x15/0x1b [ 77.000548][ T5370] should_fail_ex+0x265/0x280 [ 77.000572][ T5370] should_failslab+0x8c/0xb0 [ 77.000602][ T5370] kmem_cache_alloc_noprof+0x50/0x310 [ 77.000636][ T5370] ? skb_clone+0x151/0x1f0 [ 77.000668][ T5370] skb_clone+0x151/0x1f0 [ 77.000748][ T5370] nfnetlink_rcv+0x305/0x1690 [ 77.000792][ T5370] ? nlmon_xmit+0x4f/0x60 [ 77.000823][ T5370] ? consume_skb+0x49/0x150 [ 77.000846][ T5370] ? nlmon_xmit+0x4f/0x60 [ 77.000891][ T5370] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 77.000917][ T5370] ? __dev_queue_xmit+0x1200/0x2000 [ 77.000987][ T5370] ? __dev_queue_xmit+0x182/0x2000 [ 77.001011][ T5370] ? ref_tracker_free+0x37d/0x3e0 [ 77.001053][ T5370] netlink_unicast+0x5bd/0x690 [ 77.001081][ T5370] netlink_sendmsg+0x58b/0x6b0 [ 77.001149][ T5370] ? __pfx_netlink_sendmsg+0x10/0x10 [ 77.001221][ T5370] __sock_sendmsg+0x145/0x180 [ 77.001374][ T5370] ____sys_sendmsg+0x31e/0x4e0 [ 77.001479][ T5370] ___sys_sendmsg+0x17b/0x1d0 [ 77.001553][ T5370] __x64_sys_sendmsg+0xd4/0x160 [ 77.001657][ T5370] x64_sys_call+0x191e/0x2ff0 [ 77.001730][ T5370] do_syscall_64+0xd2/0x200 [ 77.001768][ T5370] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 77.001792][ T5370] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 77.001881][ T5370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.001908][ T5370] RIP: 0033:0x7f686f9feec9 [ 77.002000][ T5370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.002089][ T5370] RSP: 002b:00007f686e467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 77.002114][ T5370] RAX: ffffffffffffffda RBX: 00007f686fc55fa0 RCX: 00007f686f9feec9 [ 77.002130][ T5370] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 77.002145][ T5370] RBP: 00007f686e467090 R08: 0000000000000000 R09: 0000000000000000 [ 77.002160][ T5370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.002232][ T5370] R13: 00007f686fc56038 R14: 00007f686fc55fa0 R15: 00007ffcf6741f88 [ 77.002253][ T5370] [ 77.268220][ T5372] process 'syz.0.712' launched './file0' with NULL argv: empty string added [ 77.308911][ T5376] netlink: 'syz.3.714': attribute type 30 has an invalid length. [ 77.375076][ T5379] loop3: detected capacity change from 0 to 2048 [ 77.415821][ T5379] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.443963][ T5379] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.728829][ T12] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:0: bg 0: block 345: padding at end of block bitmap is not set [ 77.745151][ T12] EXT4-fs (loop3): Remounting filesystem read-only [ 77.751883][ T51] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 77.783041][ T5389] loop4: detected capacity change from 0 to 512 [ 77.827378][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.847391][ T5389] EXT4-fs (loop4): 1 orphan inode deleted [ 77.854110][ T5389] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.868259][ T12] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:0: Failed to release dquot type 1 [ 77.896698][ T5389] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.910973][ T5389] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.719: iget: bad i_size value: 360287970189639690 [ 77.917684][ T5401] netlink: 'syz.3.722': attribute type 30 has an invalid length. [ 77.932963][ T5403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.723'. [ 77.943964][ T5403] netlink: 256 bytes leftover after parsing attributes in process `syz.1.723'. [ 77.974242][ T5404] loop3: detected capacity change from 0 to 2048 [ 78.003698][ T5404] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.026073][ T5404] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.042232][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.063264][ T5409] netlink: 8 bytes leftover after parsing attributes in process `syz.4.724'. [ 78.074757][ T5409] netlink: 256 bytes leftover after parsing attributes in process `syz.4.724'. [ 78.091462][ T51] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set [ 78.107917][ T51] EXT4-fs (loop3): Remounting filesystem read-only [ 78.114879][ T2935] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 78.154743][ T5412] netlink: 24 bytes leftover after parsing attributes in process `syz.1.725'. [ 78.176286][ T5415] loop4: detected capacity change from 0 to 512 [ 78.202512][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.214119][ T5415] EXT4-fs (loop4): 1 orphan inode deleted [ 78.218774][ T5419] netlink: '+}[@': attribute type 30 has an invalid length. [ 78.220818][ T5415] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.229705][ T5412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5412 comm=syz.1.725 [ 78.241883][ T5415] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.263546][ T2935] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 1 [ 78.291992][ T5420] loop0: detected capacity change from 0 to 2048 [ 78.312415][ T5415] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.726: iget: bad i_size value: 360287970189639690 [ 78.312763][ T5420] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.337748][ T5420] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.388420][ T5428] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 78.416761][ T5430] loop3: detected capacity change from 0 to 1024 [ 78.423787][ T5428] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 78.444517][ T5430] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.458136][ T5430] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.473258][ T5430] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.731: bg 0: block 393: padding at end of block bitmap is not set [ 78.488798][ T5430] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 78.501660][ T5430] EXT4-fs (loop3): This should not happen!! Data will be lost [ 78.501660][ T5430] [ 78.531388][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.542588][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.578562][ T5436] IPVS: rr: FWM 3 0x00000003 - no destination available [ 78.586281][ T3495] IPVS: starting estimator thread 0... [ 78.619414][ T5439] loop4: detected capacity change from 0 to 1024 [ 78.631055][ T51] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set [ 78.647483][ T51] EXT4-fs (loop0): Remounting filesystem read-only [ 78.654173][ T12] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 78.689273][ T5439] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.706255][ T5439] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.710341][ T5437] IPVS: using max 2016 ests per chain, 100800 per kthread [ 78.743728][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.764339][ T5449] netlink: 'syz.3.739': attribute type 1 has an invalid length. [ 78.769206][ T5439] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.734: bg 0: block 393: padding at end of block bitmap is not set [ 78.789402][ T5439] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 78.802220][ T5439] EXT4-fs (loop4): This should not happen!! Data will be lost [ 78.802220][ T5439] [ 78.826069][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.834428][ T5455] loop3: detected capacity change from 0 to 1024 [ 78.852845][ T5455] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.865174][ T5455] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.886660][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.925691][ T5467] loop3: detected capacity change from 0 to 512 [ 78.942600][ T5467] EXT4-fs (loop3): 1 orphan inode deleted [ 78.948850][ T5467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.962543][ T12] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u8:0: Failed to release dquot type 1 [ 78.974210][ T5467] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.987323][ T5467] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.743: iget: bad i_size value: 360287970189639690 [ 79.109395][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.133176][ T5471] loop3: detected capacity change from 0 to 1024 [ 79.151750][ T5471] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.164172][ T5471] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.177796][ T5471] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.744: bg 0: block 393: padding at end of block bitmap is not set [ 79.192693][ T5471] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 79.205476][ T5471] EXT4-fs (loop3): This should not happen!! Data will be lost [ 79.205476][ T5471] [ 79.228070][ T5477] netlink: '+}[@': attribute type 30 has an invalid length. [ 79.237560][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.288460][ T5482] loop1: detected capacity change from 0 to 2048 [ 79.304796][ T5482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.317276][ T5482] ext4 filesystem being mounted at /174/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.359774][ T5488] team0 (unregistering): Port device team_slave_0 removed [ 79.370747][ T5488] team0 (unregistering): Port device team_slave_1 removed [ 79.462326][ T5488] binfmt_misc: register: failed to install interpreter file ./file2 [ 79.550419][ T12] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:0: bg 0: block 345: padding at end of block bitmap is not set [ 79.565578][ T12] EXT4-fs (loop1): Remounting filesystem read-only [ 79.572439][ T51] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 79.625758][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.653085][ T5492] netlink: 'syz.1.751': attribute type 1 has an invalid length. [ 79.694356][ T5496] 9pnet_fd: Insufficient options for proto=fd [ 79.719657][ T5498] netlink: 'syz.1.753': attribute type 10 has an invalid length. [ 79.735289][ T5502] 8021q: adding VLAN 0 to HW filter on device bond1 [ 79.748486][ T5502] vlan2: entered allmulticast mode [ 79.753788][ T5502] bond1: entered allmulticast mode [ 79.770888][ T5508] IPVS: rr: FWM 3 0x00000003 - no destination available [ 79.778385][ T3391] IPVS: starting estimator thread 0... [ 79.855303][ T5520] loop1: detected capacity change from 0 to 1024 [ 79.870085][ T5509] IPVS: using max 2304 ests per chain, 115200 per kthread [ 79.879791][ T5520] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.893621][ T5520] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.911126][ T5520] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.761: bg 0: block 393: padding at end of block bitmap is not set [ 79.925841][ T5520] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 79.931685][ T5530] loop0: detected capacity change from 0 to 512 [ 79.938746][ T5520] EXT4-fs (loop1): This should not happen!! Data will be lost [ 79.938746][ T5520] [ 79.952270][ T5530] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.967766][ T5530] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 79.981920][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.982684][ T5530] EXT4-fs (loop0): shut down requested (0) [ 79.999072][ T5530] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 80.009151][ T5530] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 80.013611][ T5534] loop1: detected capacity change from 0 to 512 [ 80.018402][ T5530] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 80.032223][ T5534] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.046198][ T5530] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 80.047455][ T5534] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.055240][ T5530] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 80.072635][ T5534] EXT4-fs (loop1): shut down requested (0) [ 80.082241][ T5530] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 80.093385][ T5534] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 80.104469][ T5534] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 80.113746][ T5534] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=15 [ 80.114317][ T3300] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.123618][ T5534] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 80.141336][ T5534] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=15 [ 80.150652][ T5534] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop1 ino=12 [ 80.168056][ T5540] macvlan1: entered promiscuous mode [ 80.174486][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.175032][ T5540] ipvlan0: entered promiscuous mode [ 80.189998][ T5540] ipvlan0: left promiscuous mode [ 80.195311][ T5540] macvlan1: left promiscuous mode [ 80.221995][ T5544] loop1: detected capacity change from 0 to 1024 [ 80.233126][ T5544] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.246132][ T5544] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.273639][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.297442][ T5551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 80.322723][ T29] kauditd_printk_skb: 516 callbacks suppressed [ 80.322814][ T29] audit: type=1400 audit(1758862683.014:3914): avc: denied { write } for pid=5549 comm="syz.3.771" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 80.322842][ T5551] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 80.345075][ T5558] loop1: detected capacity change from 0 to 1024 [ 80.375074][ T5558] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.392338][ T29] audit: type=1400 audit(1758862683.084:3915): avc: denied { read write } for pid=5561 comm="syz.2.774" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 80.416016][ T29] audit: type=1400 audit(1758862683.084:3916): avc: denied { open } for pid=5561 comm="syz.2.774" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 80.466153][ T29] audit: type=1400 audit(1758862683.144:3917): avc: denied { write } for pid=5557 comm="syz.1.772" path="/182/file2/bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 80.492556][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.558077][ T29] audit: type=1400 audit(1758862683.244:3918): avc: denied { mount } for pid=5573 comm="syz.2.779" name="/" dev="ramfs" ino=13272 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 80.583941][ T29] audit: type=1400 audit(1758862683.274:3919): avc: denied { ioctl } for pid=5573 comm="syz.2.779" path="socket:[13268]" dev="sockfs" ino=13268 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 80.649867][ T5578] binfmt_misc: register: failed to install interpreter file ./file2 [ 80.757010][ T5585] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=38160 sclass=netlink_route_socket pid=5585 comm=syz.2.781 [ 80.825896][ T5589] loop2: detected capacity change from 0 to 1024 [ 80.836693][ T29] audit: type=1326 audit(1758862683.524:3920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5590 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec184eec9 code=0x7ffc0000 [ 80.875255][ T5589] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.879830][ T29] audit: type=1326 audit(1758862683.524:3921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5590 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7fdec184eec9 code=0x7ffc0000 [ 80.887736][ T5589] ext4 filesystem being mounted at /167/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.910843][ T29] audit: type=1326 audit(1758862683.524:3922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5590 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec184eec9 code=0x7ffc0000 [ 80.944724][ T29] audit: type=1326 audit(1758862683.524:3923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5590 comm="syz.4.784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fdec184eec9 code=0x7ffc0000 [ 80.992591][ T5597] loop4: detected capacity change from 0 to 1024 [ 81.002423][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.021606][ T5597] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.034979][ T5597] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.073151][ T5597] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.786: bg 0: block 393: padding at end of block bitmap is not set [ 81.087830][ T5597] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 81.100692][ T5597] EXT4-fs (loop4): This should not happen!! Data will be lost [ 81.100692][ T5597] [ 81.123732][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.178147][ T3391] IPVS: starting estimator thread 0... [ 81.184038][ T5609] IPVS: rr: FWM 3 0x00000003 - no destination available [ 81.215410][ T5612] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 81.224222][ T5612] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.270212][ T5610] IPVS: using max 2400 ests per chain, 120000 per kthread [ 81.467811][ T5616] __nla_validate_parse: 12 callbacks suppressed [ 81.467827][ T5616] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.793'. [ 81.866102][ T5618] netlink: 'syz.3.794': attribute type 10 has an invalid length. [ 81.873922][ T5618] netlink: 40 bytes leftover after parsing attributes in process `syz.3.794'. [ 81.994218][ T5632] loop3: detected capacity change from 0 to 1024 [ 82.008406][ T5634] IPVS: rr: FWM 3 0x00000003 - no destination available [ 82.017989][ T5632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.050954][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.059360][ T5638] netlink: '+}[@': attribute type 30 has an invalid length. [ 82.118351][ T5638] loop4: detected capacity change from 0 to 2048 [ 82.118380][ T5640] pim6reg1: entered promiscuous mode [ 82.131993][ T5638] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.144316][ T5638] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.145725][ T5640] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.200198][ T5645] netlink: 100 bytes leftover after parsing attributes in process `syz.3.803'. [ 82.221900][ T5640] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.281808][ T5640] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.321054][ T5640] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.348477][ T5649] netlink: 8 bytes leftover after parsing attributes in process `syz.1.805'. [ 82.377523][ T5649] netlink: 256 bytes leftover after parsing attributes in process `syz.1.805'. [ 82.382854][ T3503] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.420827][ T3503] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.443036][ T51] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:3: bg 0: block 345: padding at end of block bitmap is not set [ 82.447775][ T297] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.460288][ T51] EXT4-fs (loop4): Remounting filesystem read-only [ 82.472911][ T12] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 82.485006][ T297] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.550188][ T5652] netlink: 'syz.1.806': attribute type 10 has an invalid length. [ 82.558234][ T5652] netlink: 40 bytes leftover after parsing attributes in process `syz.1.806'. [ 82.608641][ T3298] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.644592][ T5656] netlink: 12 bytes leftover after parsing attributes in process `syz.4.807'. [ 82.718846][ T5660] loop4: detected capacity change from 0 to 1024 [ 82.732454][ T5660] FAULT_INJECTION: forcing a failure. [ 82.732454][ T5660] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 82.745770][ T5660] CPU: 1 UID: 0 PID: 5660 Comm: syz.4.810 Not tainted syzkaller #0 PREEMPT(voluntary) [ 82.745804][ T5660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 82.745820][ T5660] Call Trace: [ 82.745830][ T5660] [ 82.745839][ T5660] __dump_stack+0x1d/0x30 [ 82.745866][ T5660] dump_stack_lvl+0xe8/0x140 [ 82.745934][ T5660] dump_stack+0x15/0x1b [ 82.745950][ T5660] should_fail_ex+0x265/0x280 [ 82.745989][ T5660] should_fail+0xb/0x20 [ 82.746014][ T5660] should_fail_usercopy+0x1a/0x20 [ 82.746114][ T5660] strncpy_from_user+0x25/0x230 [ 82.746151][ T5660] ? kmem_cache_alloc_noprof+0x186/0x310 [ 82.746186][ T5660] ? getname_flags+0x80/0x3b0 [ 82.746230][ T5660] getname_flags+0xae/0x3b0 [ 82.746266][ T5660] do_sys_openat2+0x60/0x110 [ 82.746329][ T5660] __x64_sys_creat+0x65/0x90 [ 82.746354][ T5660] x64_sys_call+0x2d94/0x2ff0 [ 82.746380][ T5660] do_syscall_64+0xd2/0x200 [ 82.746529][ T5660] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 82.746554][ T5660] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 82.746624][ T5660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.746681][ T5660] RIP: 0033:0x7fdec184eec9 [ 82.746701][ T5660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.746719][ T5660] RSP: 002b:00007fdec02b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 82.746743][ T5660] RAX: ffffffffffffffda RBX: 00007fdec1aa5fa0 RCX: 00007fdec184eec9 [ 82.746834][ T5660] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000240 [ 82.746847][ T5660] RBP: 00007fdec02b7090 R08: 0000000000000000 R09: 0000000000000000 [ 82.746858][ T5660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.746878][ T5660] R13: 00007fdec1aa6038 R14: 00007fdec1aa5fa0 R15: 00007ffdf2098d68 [ 82.746897][ T5660] [ 83.044955][ T5672] netlink: 28 bytes leftover after parsing attributes in process `syz.1.809'. [ 83.149231][ T5674] ip6tnl1: entered promiscuous mode [ 83.263928][ T5676] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.816'. [ 83.397060][ T5678] FAULT_INJECTION: forcing a failure. [ 83.397060][ T5678] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.410365][ T5678] CPU: 0 UID: 0 PID: 5678 Comm: syz.2.814 Not tainted syzkaller #0 PREEMPT(voluntary) [ 83.410396][ T5678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 83.410514][ T5678] Call Trace: [ 83.410522][ T5678] [ 83.410532][ T5678] __dump_stack+0x1d/0x30 [ 83.410558][ T5678] dump_stack_lvl+0xe8/0x140 [ 83.410593][ T5678] dump_stack+0x15/0x1b [ 83.410689][ T5678] should_fail_ex+0x265/0x280 [ 83.410720][ T5678] should_fail+0xb/0x20 [ 83.410745][ T5678] should_fail_usercopy+0x1a/0x20 [ 83.410880][ T5678] strncpy_from_user+0x25/0x230 [ 83.410921][ T5678] ? kmem_cache_alloc_noprof+0x186/0x310 [ 83.410953][ T5678] ? getname_flags+0x80/0x3b0 [ 83.410987][ T5678] getname_flags+0xae/0x3b0 [ 83.411132][ T5678] do_sys_openat2+0x60/0x110 [ 83.411175][ T5678] __x64_sys_openat+0xf2/0x120 [ 83.411266][ T5678] x64_sys_call+0x2e9c/0x2ff0 [ 83.411293][ T5678] do_syscall_64+0xd2/0x200 [ 83.411353][ T5678] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 83.411385][ T5678] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 83.411421][ T5678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.411492][ T5678] RIP: 0033:0x7fd7f475eec9 [ 83.411544][ T5678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.411575][ T5678] RSP: 002b:00007fd7f319e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 83.411599][ T5678] RAX: ffffffffffffffda RBX: 00007fd7f49b6090 RCX: 00007fd7f475eec9 [ 83.411616][ T5678] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 83.411716][ T5678] RBP: 00007fd7f319e090 R08: 0000000000000000 R09: 0000000000000000 [ 83.411732][ T5678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.411749][ T5678] R13: 00007fd7f49b6128 R14: 00007fd7f49b6090 R15: 00007fff6d34e188 [ 83.411772][ T5678] [ 83.676532][ T5683] loop1: detected capacity change from 0 to 1024 [ 83.705977][ T5687] syz.4.818 uses obsolete (PF_INET,SOCK_PACKET) [ 83.730870][ T5689] loop1: detected capacity change from 0 to 1024 [ 83.742816][ T5689] ext4 filesystem being mounted at /191/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.756672][ T5689] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.819: bg 0: block 393: padding at end of block bitmap is not set [ 83.771896][ T5689] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 83.784683][ T5689] EXT4-fs (loop1): This should not happen!! Data will be lost [ 83.784683][ T5689] [ 83.977093][ T5706] netlink: 8 bytes leftover after parsing attributes in process `syz.2.826'. [ 84.145618][ T5716] veth3: entered promiscuous mode [ 84.264329][ T5727] netlink: 'syz.2.835': attribute type 1 has an invalid length. [ 84.342593][ T5731] IPVS: rr: FWM 3 0x00000003 - no destination available [ 84.407176][ T5738] IPVS: rr: FWM 3 0x00000003 - no destination available [ 84.818694][ T5771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 84.821634][ T5773] FAULT_INJECTION: forcing a failure. [ 84.821634][ T5773] name failslab, interval 1, probability 0, space 0, times 0 [ 84.828717][ T5771] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 84.839713][ T5773] CPU: 0 UID: 0 PID: 5773 Comm: syz.1.854 Not tainted syzkaller #0 PREEMPT(voluntary) [ 84.839752][ T5773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 84.839779][ T5773] Call Trace: [ 84.839790][ T5773] [ 84.839802][ T5773] __dump_stack+0x1d/0x30 [ 84.839833][ T5773] dump_stack_lvl+0xe8/0x140 [ 84.839861][ T5773] dump_stack+0x15/0x1b [ 84.839882][ T5773] should_fail_ex+0x265/0x280 [ 84.839922][ T5773] ? alloc_ucounts+0x13c/0x3b0 [ 84.840014][ T5773] should_failslab+0x8c/0xb0 [ 84.840043][ T5773] __kmalloc_cache_noprof+0x4c/0x320 [ 84.840120][ T5773] ? _raw_spin_unlock_irqrestore+0x2b/0x60 [ 84.840155][ T5773] alloc_ucounts+0x13c/0x3b0 [ 84.840226][ T5773] ? set_cred_ucounts+0x9d/0xf0 [ 84.840260][ T5773] set_cred_ucounts+0xa7/0xf0 [ 84.840295][ T5773] __sys_setresuid+0x5b2/0x6d0 [ 84.840345][ T5773] __x64_sys_setresuid+0x3f/0x50 [ 84.840432][ T5773] x64_sys_call+0x248c/0x2ff0 [ 84.840460][ T5773] do_syscall_64+0xd2/0x200 [ 84.840509][ T5773] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 84.840542][ T5773] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 84.840627][ T5773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.840658][ T5773] RIP: 0033:0x7f36989deec9 [ 84.840679][ T5773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.840704][ T5773] RSP: 002b:00007f3697447038 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 84.840781][ T5773] RAX: ffffffffffffffda RBX: 00007f3698c35fa0 RCX: 00007f36989deec9 [ 84.840799][ T5773] RDX: 0000000000000000 RSI: 000000000000ee00 RDI: 000000000000ee00 [ 84.840816][ T5773] RBP: 00007f3697447090 R08: 0000000000000000 R09: 0000000000000000 [ 84.840833][ T5773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.840955][ T5773] R13: 00007f3698c36038 R14: 00007f3698c35fa0 R15: 00007ffcd4e9b6c8 [ 84.840983][ T5773] [ 85.048235][ T5769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 85.058085][ T5769] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 85.195214][ T5785] loop1: detected capacity change from 0 to 1024 [ 85.211880][ T5785] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.220422][ T5787] netlink: 'syz.2.860': attribute type 1 has an invalid length. [ 85.226417][ T5785] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.859: bg 0: block 393: padding at end of block bitmap is not set [ 85.246205][ T5785] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 85.259511][ T5785] EXT4-fs (loop1): This should not happen!! Data will be lost [ 85.259511][ T5785] [ 85.276986][ T5792] FAULT_INJECTION: forcing a failure. [ 85.276986][ T5792] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 85.290230][ T5792] CPU: 0 UID: 0 PID: 5792 Comm: syz.2.861 Not tainted syzkaller #0 PREEMPT(voluntary) [ 85.290271][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 85.290284][ T5792] Call Trace: [ 85.290289][ T5792] [ 85.290295][ T5792] __dump_stack+0x1d/0x30 [ 85.290317][ T5792] dump_stack_lvl+0xe8/0x140 [ 85.290384][ T5792] dump_stack+0x15/0x1b [ 85.290402][ T5792] should_fail_ex+0x265/0x280 [ 85.290432][ T5792] should_fail+0xb/0x20 [ 85.290458][ T5792] should_fail_usercopy+0x1a/0x20 [ 85.290489][ T5792] _copy_from_user+0x1c/0xb0 [ 85.290550][ T5792] do_sock_getsockopt+0xf1/0x240 [ 85.290574][ T5792] __x64_sys_getsockopt+0x11e/0x1a0 [ 85.290602][ T5792] x64_sys_call+0x2bc6/0x2ff0 [ 85.290629][ T5792] do_syscall_64+0xd2/0x200 [ 85.290690][ T5792] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 85.290770][ T5792] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 85.290797][ T5792] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.290823][ T5792] RIP: 0033:0x7fd7f475eec9 [ 85.290842][ T5792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.290884][ T5792] RSP: 002b:00007fd7f31bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 85.290908][ T5792] RAX: ffffffffffffffda RBX: 00007fd7f49b5fa0 RCX: 00007fd7f475eec9 [ 85.290924][ T5792] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000006 [ 85.290940][ T5792] RBP: 00007fd7f31bf090 R08: 0000200000000340 R09: 0000000000000000 [ 85.290955][ T5792] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001 [ 85.290966][ T5792] R13: 00007fd7f49b6038 R14: 00007fd7f49b5fa0 R15: 00007fff6d34e188 [ 85.290984][ T5792] [ 85.470781][ T29] kauditd_printk_skb: 599 callbacks suppressed [ 85.470797][ T29] audit: type=1326 audit(1758862688.164:4523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.1.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 85.506559][ T29] audit: type=1326 audit(1758862688.194:4524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.1.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 85.530163][ T29] audit: type=1326 audit(1758862688.194:4525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.1.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 85.553532][ T29] audit: type=1326 audit(1758862688.194:4526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.1.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 85.577119][ T29] audit: type=1326 audit(1758862688.194:4527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.1.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 85.600814][ T29] audit: type=1326 audit(1758862688.194:4528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.1.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 85.624517][ T29] audit: type=1326 audit(1758862688.194:4529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.1.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 85.648110][ T29] audit: type=1326 audit(1758862688.194:4530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.1.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 85.682480][ T5801] lo speed is unknown, defaulting to 1000 [ 85.839319][ T29] audit: type=1326 audit(1758862688.194:4531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.1.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 85.863330][ T29] audit: type=1326 audit(1758862688.194:4532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.1.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f36989deec9 code=0x7ffc0000 [ 86.003514][ T5812] 9pnet: Could not find request transport: fd0x0000000000000005 [ 86.059460][ T5821] loop2: detected capacity change from 0 to 1024 [ 86.068514][ T5817] loop1: detected capacity change from 0 to 8192 [ 86.077615][ T5821] ext4 filesystem being mounted at /193/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.091750][ T5821] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.872: bg 0: block 393: padding at end of block bitmap is not set [ 86.106500][ T5821] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 86.119171][ T5821] EXT4-fs (loop2): This should not happen!! Data will be lost [ 86.119171][ T5821] [ 86.241102][ T5832] loop1: detected capacity change from 0 to 512 [ 86.251907][ T5832] ext4 filesystem being mounted at /208/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.292329][ T5832] SELinux: failed to load policy [ 86.365929][ T5844] netlink: 'syz.1.880': attribute type 10 has an invalid length. [ 86.412067][ T5846] 9pnet: Could not find request transport: fd0x0000000000000005 [ 86.442412][ T5849] FAULT_INJECTION: forcing a failure. [ 86.442412][ T5849] name failslab, interval 1, probability 0, space 0, times 0 [ 86.455139][ T5849] CPU: 0 UID: 0 PID: 5849 Comm: syz.1.882 Not tainted syzkaller #0 PREEMPT(voluntary) [ 86.455168][ T5849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 86.455255][ T5849] Call Trace: [ 86.455263][ T5849] [ 86.455271][ T5849] __dump_stack+0x1d/0x30 [ 86.455290][ T5849] dump_stack_lvl+0xe8/0x140 [ 86.455307][ T5849] dump_stack+0x15/0x1b [ 86.455346][ T5849] should_fail_ex+0x265/0x280 [ 86.455368][ T5849] should_failslab+0x8c/0xb0 [ 86.455390][ T5849] kmem_cache_alloc_noprof+0x50/0x310 [ 86.455451][ T5849] ? skb_clone+0x151/0x1f0 [ 86.455473][ T5849] skb_clone+0x151/0x1f0 [ 86.455493][ T5849] __netlink_deliver_tap+0x2c9/0x500 [ 86.455517][ T5849] netlink_unicast+0x66b/0x690 [ 86.455538][ T5849] netlink_sendmsg+0x58b/0x6b0 [ 86.455570][ T5849] ? __pfx_netlink_sendmsg+0x10/0x10 [ 86.455601][ T5849] __sock_sendmsg+0x145/0x180 [ 86.455708][ T5849] ____sys_sendmsg+0x31e/0x4e0 [ 86.455732][ T5849] ___sys_sendmsg+0x17b/0x1d0 [ 86.455766][ T5849] __x64_sys_sendmsg+0xd4/0x160 [ 86.455791][ T5849] x64_sys_call+0x191e/0x2ff0 [ 86.455892][ T5849] do_syscall_64+0xd2/0x200 [ 86.455917][ T5849] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 86.455939][ T5849] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 86.456038][ T5849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.456056][ T5849] RIP: 0033:0x7f36989deec9 [ 86.456070][ T5849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.456123][ T5849] RSP: 002b:00007f3697447038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 86.456140][ T5849] RAX: ffffffffffffffda RBX: 00007f3698c35fa0 RCX: 00007f36989deec9 [ 86.456151][ T5849] RDX: 0000000024044040 RSI: 0000200000000200 RDI: 0000000000000006 [ 86.456163][ T5849] RBP: 00007f3697447090 R08: 0000000000000000 R09: 0000000000000000 [ 86.456184][ T5849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.456195][ T5849] R13: 00007f3698c36038 R14: 00007f3698c35fa0 R15: 00007ffcd4e9b6c8 [ 86.456213][ T5849] [ 86.729775][ T5857] loop1: detected capacity change from 0 to 1024 [ 86.742789][ T5857] ext4 filesystem being mounted at /217/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.756046][ T5857] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.885: bg 0: block 393: padding at end of block bitmap is not set [ 86.771163][ T5857] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 86.783806][ T5857] EXT4-fs (loop1): This should not happen!! Data will be lost [ 86.783806][ T5857] [ 86.947639][ T5868] pim6reg1: entered promiscuous mode [ 86.958079][ T5868] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.001743][ T5868] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.007654][ T5869] __nla_validate_parse: 7 callbacks suppressed [ 87.007679][ T5869] netlink: 100 bytes leftover after parsing attributes in process `syz.1.889'. [ 87.082149][ T5868] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.112195][ T5868] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.122628][ T5871] loop2: detected capacity change from 0 to 1024 [ 87.129664][ T5871] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 87.178671][ T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.195633][ T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.208521][ T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.220061][ T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 87.449610][ T5876] netlink: 'syz.2.892': attribute type 10 has an invalid length. [ 87.457669][ T5876] netlink: 40 bytes leftover after parsing attributes in process `syz.2.892'. [ 87.498776][ T5878] loop2: detected capacity change from 0 to 1024 [ 87.511932][ T5878] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.551761][ T5882] netlink: 'syz.2.894': attribute type 1 has an invalid length. [ 87.802013][ T5888] lo speed is unknown, defaulting to 1000 [ 87.917616][ T5890] loop3: detected capacity change from 0 to 1024 [ 88.002563][ T5890] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.021371][ T5890] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.897: bg 0: block 393: padding at end of block bitmap is not set [ 88.037781][ T5890] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 88.050470][ T5890] EXT4-fs (loop3): This should not happen!! Data will be lost [ 88.050470][ T5890] [ 88.159654][ T5898] netlink: '+}[@': attribute type 30 has an invalid length. [ 88.209123][ T5905] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.900'. [ 88.252646][ T5911] netlink: 'syz.4.904': attribute type 10 has an invalid length. [ 88.260477][ T5911] netlink: 40 bytes leftover after parsing attributes in process `syz.4.904'. [ 88.306712][ T5913] FAULT_INJECTION: forcing a failure. [ 88.306712][ T5913] name failslab, interval 1, probability 0, space 0, times 0 [ 88.319473][ T5913] CPU: 0 UID: 0 PID: 5913 Comm: syz.4.905 Not tainted syzkaller #0 PREEMPT(voluntary) [ 88.319567][ T5913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 88.319583][ T5913] Call Trace: [ 88.319591][ T5913] [ 88.319600][ T5913] __dump_stack+0x1d/0x30 [ 88.319627][ T5913] dump_stack_lvl+0xe8/0x140 [ 88.319651][ T5913] dump_stack+0x15/0x1b [ 88.319696][ T5913] should_fail_ex+0x265/0x280 [ 88.319725][ T5913] should_failslab+0x8c/0xb0 [ 88.319764][ T5913] kmem_cache_alloc_noprof+0x50/0x310 [ 88.319802][ T5913] ? skb_clone+0x151/0x1f0 [ 88.319832][ T5913] skb_clone+0x151/0x1f0 [ 88.319860][ T5913] __netlink_deliver_tap+0x2c9/0x500 [ 88.319898][ T5913] netlink_unicast+0x66b/0x690 [ 88.319936][ T5913] netlink_sendmsg+0x58b/0x6b0 [ 88.319968][ T5913] ? __pfx_netlink_sendmsg+0x10/0x10 [ 88.319999][ T5913] __sock_sendmsg+0x145/0x180 [ 88.320057][ T5913] ____sys_sendmsg+0x31e/0x4e0 [ 88.320091][ T5913] ___sys_sendmsg+0x17b/0x1d0 [ 88.320133][ T5913] __x64_sys_sendmsg+0xd4/0x160 [ 88.320230][ T5913] x64_sys_call+0x191e/0x2ff0 [ 88.320256][ T5913] do_syscall_64+0xd2/0x200 [ 88.320293][ T5913] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 88.320403][ T5913] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 88.320500][ T5913] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.320567][ T5913] RIP: 0033:0x7fdec184eec9 [ 88.320585][ T5913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.320630][ T5913] RSP: 002b:00007fdec02b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 88.320673][ T5913] RAX: ffffffffffffffda RBX: 00007fdec1aa5fa0 RCX: 00007fdec184eec9 [ 88.320687][ T5913] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003 [ 88.320737][ T5913] RBP: 00007fdec02b7090 R08: 0000000000000000 R09: 0000000000000000 [ 88.320753][ T5913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.320767][ T5913] R13: 00007fdec1aa6038 R14: 00007fdec1aa5fa0 R15: 00007ffdf2098d68 [ 88.320787][ T5913] [ 88.604635][ T5915] netlink: 'syz.2.906': attribute type 1 has an invalid length. [ 88.644981][ T5917] loop2: detected capacity change from 0 to 1024 [ 88.712869][ T5923] loop4: detected capacity change from 0 to 8192 [ 88.713533][ T5917] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ %ºu@) failed with errno=-22 [ 88.796006][ T5928] loop2: detected capacity change from 0 to 1024 [ 88.815596][ T5928] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.885580][ T5934] serio: Serial port ttyS3 [ 89.113975][ T5954] 9pnet_fd: Insufficient options for proto=fd [ 89.135207][ T5949] netlink: 8 bytes leftover after parsing attributes in process `syz.4.920'. [ 89.147483][ T5949] netlink: 312 bytes leftover after parsing attributes in process `syz.4.920'. [ 89.156565][ T5949] netlink: 8 bytes leftover after parsing attributes in process `syz.4.920'. [ 89.157902][ T5956] FAULT_INJECTION: forcing a failure. [ 89.157902][ T5956] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 89.178744][ T5956] CPU: 0 UID: 0 PID: 5956 Comm: syz.2.922 Not tainted syzkaller #0 PREEMPT(voluntary) [ 89.178850][ T5956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 89.178865][ T5956] Call Trace: [ 89.178872][ T5956] [ 89.178880][ T5956] __dump_stack+0x1d/0x30 [ 89.178980][ T5956] dump_stack_lvl+0xe8/0x140 [ 89.179007][ T5956] dump_stack+0x15/0x1b [ 89.179030][ T5956] should_fail_ex+0x265/0x280 [ 89.179060][ T5956] should_fail+0xb/0x20 [ 89.179081][ T5956] should_fail_usercopy+0x1a/0x20 [ 89.179108][ T5956] _copy_to_user+0x20/0xa0 [ 89.179139][ T5956] simple_read_from_buffer+0xb5/0x130 [ 89.179166][ T5956] proc_fail_nth_read+0x10e/0x150 [ 89.179250][ T5956] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 89.179283][ T5956] vfs_read+0x1a8/0x770 [ 89.179355][ T5956] ? __fput+0x555/0x650 [ 89.179384][ T5956] ? __rcu_read_unlock+0x4f/0x70 [ 89.179404][ T5956] ? __fget_files+0x184/0x1c0 [ 89.179435][ T5956] ksys_read+0xda/0x1a0 [ 89.179541][ T5956] __x64_sys_read+0x40/0x50 [ 89.179569][ T5956] x64_sys_call+0x27bc/0x2ff0 [ 89.179597][ T5956] do_syscall_64+0xd2/0x200 [ 89.179669][ T5956] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 89.179697][ T5956] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 89.179724][ T5956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.179869][ T5956] RIP: 0033:0x7fd7f475d8dc [ 89.179889][ T5956] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 89.179917][ T5956] RSP: 002b:00007fd7f31bf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 89.179942][ T5956] RAX: ffffffffffffffda RBX: 00007fd7f49b5fa0 RCX: 00007fd7f475d8dc [ 89.179958][ T5956] RDX: 000000000000000f RSI: 00007fd7f31bf0a0 RDI: 0000000000000004 [ 89.179974][ T5956] RBP: 00007fd7f31bf090 R08: 0000000000000000 R09: 0000000000000000 [ 89.180104][ T5956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.180117][ T5956] R13: 00007fd7f49b6038 R14: 00007fd7f49b5fa0 R15: 00007fff6d34e188 [ 89.180137][ T5956] [ 89.417263][ T5959] netlink: 96 bytes leftover after parsing attributes in process `syz.0.924'. [ 89.446697][ T5959] 8021q: adding VLAN 0 to HW filter on device bond2 [ 89.455155][ T5959] bond0: (slave bond2): Enslaving as an active interface with an up link [ 89.464653][ T5960] netlink: '+}[@': attribute type 30 has an invalid length. [ 89.466235][ T5959] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5959 comm=syz.0.924 [ 89.479484][ T5964] netlink: '+}[@': attribute type 30 has an invalid length. [ 89.536216][ T5972] loop4: detected capacity change from 0 to 2048 [ 89.552532][ T5970] loop3: detected capacity change from 0 to 2048 [ 89.582124][ T5970] ext4 filesystem being mounted at /137/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.601300][ T5972] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.084590][ T5997] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.930'. [ 90.166805][ T297] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:5: bg 0: block 345: padding at end of block bitmap is not set [ 90.179444][ T2935] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:6: bg 0: block 345: padding at end of block bitmap is not set [ 90.191605][ T297] EXT4-fs (loop4): Remounting filesystem read-only [ 90.196252][ T2935] EXT4-fs (loop3): Remounting filesystem read-only [ 90.202658][ T51] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 90.223047][ T12] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30 [ 90.306486][ T6005] 9pnet_fd: Insufficient options for proto=fd [ 90.328375][ T6007] loop4: detected capacity change from 0 to 1024 [ 90.341616][ T6007] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.379243][ T6014] netlink: 12 bytes leftover after parsing attributes in process `syz.4.937'. [ 90.452249][ T6024] loop4: detected capacity change from 0 to 512 [ 90.457920][ T6026] loop2: detected capacity change from 0 to 512 [ 90.473519][ T6024] EXT4-fs (loop4): 1 orphan inode deleted [ 90.476108][ T6026] EXT4-fs (loop2): 1 orphan inode deleted [ 90.479998][ T6024] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.496053][ T2935] __quota_error: 542 callbacks suppressed [ 90.496069][ T2935] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 90.497453][ T6026] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.501856][ T2935] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 1 [ 90.538113][ T6027] binfmt_misc: register: failed to install interpreter file ./file2 [ 90.547854][ T6026] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.943: iget: bad i_size value: 360287970189639690 [ 90.562463][ T2935] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 90.572365][ T2935] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 1 [ 90.600076][ T29] audit: type=1326 audit(1758862693.284:5075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6034 comm="syz.4.944" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdec184eec9 code=0x0 [ 90.635971][ T29] audit: type=1326 audit(1758862693.324:5076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6036 comm="syz.2.945" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7f475eec9 code=0x0 [ 90.954014][ T29] audit: type=1326 audit(1758862693.644:5077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.0.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 90.977720][ T29] audit: type=1326 audit(1758862693.644:5078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.0.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 91.001283][ T29] audit: type=1326 audit(1758862693.644:5079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.0.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 91.024874][ T29] audit: type=1326 audit(1758862693.644:5080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.0.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 91.048277][ T29] audit: type=1326 audit(1758862693.644:5081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.0.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 91.072086][ T29] audit: type=1326 audit(1758862693.644:5082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6039 comm="syz.0.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f686f9feec9 code=0x7ffc0000 [ 91.283177][ T6053] loop3: detected capacity change from 0 to 1024 [ 91.301545][ T6053] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.315687][ T6053] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.951: bg 0: block 393: padding at end of block bitmap is not set [ 91.330850][ T6053] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117 [ 91.343584][ T6053] EXT4-fs (loop3): This should not happen!! Data will be lost [ 91.343584][ T6053] [ 91.635103][ T6082] loop4: detected capacity change from 0 to 8192 [ 91.734902][ T6090] sch_tbf: burst 88 is lower than device veth5 mtu (1514) ! [ 91.770158][ T6090] ================================================================== [ 91.778295][ T6090] BUG: KCSAN: data-race in rtc_dev_poll / rtc_pie_update_irq [ 91.785714][ T6090] [ 91.788052][ T6090] read-write to 0xffff88810342b388 of 8 bytes by interrupt on cpu 0: [ 91.796307][ T6090] rtc_pie_update_irq+0x93/0xf0 [ 91.801188][ T6090] __hrtimer_run_queues+0x20f/0x5a0 [ 91.806406][ T6090] hrtimer_interrupt+0x21a/0x460 [ 91.811370][ T6090] __sysvec_apic_timer_interrupt+0x5c/0x1d0 [ 91.817304][ T6090] sysvec_apic_timer_interrupt+0x6f/0x80 [ 91.822960][ T6090] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 91.828962][ T6090] kcsan_setup_watchpoint+0x415/0x430 [ 91.834352][ T6090] batadv_nc_worker+0x7b/0xae0 [ 91.839127][ T6090] process_scheduled_works+0x4cb/0x9d0 [ 91.844607][ T6090] worker_thread+0x582/0x770 [ 91.849328][ T6090] kthread+0x489/0x510 [ 91.853421][ T6090] ret_from_fork+0x11f/0x1b0 [ 91.858167][ T6090] ret_from_fork_asm+0x1a/0x30 [ 91.862946][ T6090] [ 91.865285][ T6090] read to 0xffff88810342b388 of 8 bytes by task 6090 on cpu 1: [ 91.872839][ T6090] rtc_dev_poll+0x78/0xb0 [ 91.877204][ T6090] io_poll_task_func+0x17a/0x970 [ 91.882195][ T6090] io_handle_tw_list+0xcc/0x1c0 [ 91.887249][ T6090] tctx_task_work_run+0x6d/0x1a0 [ 91.892195][ T6090] tctx_task_work+0x3f/0x80 [ 91.896712][ T6090] task_work_run+0x12e/0x1a0 [ 91.901327][ T6090] get_signal+0xe13/0xf70 [ 91.905686][ T6090] arch_do_signal_or_restart+0x96/0x480 [ 91.911251][ T6090] exit_to_user_mode_loop+0x7a/0x100 [ 91.916638][ T6090] do_syscall_64+0x1d6/0x200 [ 91.921253][ T6090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.927245][ T6090] [ 91.929575][ T6090] value changed: 0x0000000000008dc0 -> 0x0000000000008ec0 [ 91.936686][ T6090] [ 91.939024][ T6090] Reported by Kernel Concurrency Sanitizer on: [ 91.945197][ T6090] CPU: 1 UID: 0 PID: 6090 Comm: syz.2.967 Not tainted syzkaller #0 PREEMPT(voluntary) [ 91.954934][ T6090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 91.965000][ T6090] ================================================================== [ 91.975061][ T6099] netlink: 'syz.3.971': attribute type 10 has an invalid length.