last executing test programs: 2.282802495s ago: executing program 4 (id=891): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) unshare(0x2c060000) r0 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x0, 0x400, 0x0, 0x338}, &(0x7f0000000080)=0x0, &(0x7f00000001c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18) io_uring_enter(r0, 0x47ba, 0x98f1, 0x2a, 0x0, 0x0) 2.215962156s ago: executing program 4 (id=893): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) timerfd_create(0x7, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x101040) r4 = epoll_create(0x6) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000000)={0x20002000}) ioctl$EVIOCGABS20(r3, 0x40044591, 0x0) r5 = gettid() timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0xfffffffd) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r6, 0x0, 0x5}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0bfc0000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}, 0x1, 0x0, 0x0, 0x40820}, 0x0) writev(r7, &(0x7f0000000040), 0x2) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r8, 0x0) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="12000000040000000800"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r10, @ANYRES32=r9, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r10, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r8}, 0x20) sendmmsg$inet6(r8, &(0x7f00000003c0)=[{{0x0, 0x4d, &(0x7f00000004c0)=[{&(0x7f0000000180)="50558c", 0x3}], 0x1}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000240)="fb24ba96", 0x4}, {0x0}], 0x2}}], 0x2, 0x20004810) dup2(r1, r2) 1.854414762s ago: executing program 3 (id=901): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r0}, 0x8) pipe2$9p(0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x15) r2 = dup(r0) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[], 0x7c8) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1) mount$9p_fd(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYBLOB, @ANYRESHEX=r1]) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x20000000000000d4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xfbced67b5ff6f8cd, '\x00', 0x0, @fallback=0xc}, 0x94) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r4}, 0x18) syz_mount_image$iso9660(&(0x7f0000000440), &(0x7f0000000500)='./cgroup\x00', 0x280806, &(0x7f00000000c0)=ANY=[@ANYRES16], 0xff, 0x714, &(0x7f0000000740)="$eJzs3V9vG1kZBvDn2I7tuFBVgKpV1W1OU1ZKRXDHztaVVZAYxsfOgO2xZiaQSEirQp1VVKdAWiSamzY3/JGWL8Dd3nDBh1iJC672A3APVyCtQEiIFQgNmjMzthOPnbh1m233+UW7tmfeOfPOmVm/O8nMGRARERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERGE1TCMikDb7m5ty+mshut0kg9ZTMyPWlvCzejNzVnrXArXC4jwHxSLeCua/NZXRiGXw3+t4mr06SqK4UsRhxcuX7r75VwmWX5Gws8D8zb46Mnhg3uDQf/gDLFZzN38eULmDEEt1bU9x+6YLSVtz5H1Ws24tdn0ZNNuK2/H81VHWq7K+I4r16ybslKvb0hV3nG2uq2G2VbJxDtfrxpGTX6nEO1oAGXP2rTbbbvb0jHh7DDmjvzgB1GAMjtS7u4N+htj+TxN6+MwqJKSfGY8OAyqnra5VaNarVSq1Urtdv32HcPITUwwQsIYwkREeNC+VgcCLdhiv8CJXkDGavzX+LMA2iiiiy1sQ6b+WGjAhYPOlPmxpP6/c0vNXO94/U+q/NJo9hXo+n8t+nRtWv2fkouE1AukzRFTps/3s6QzkniEJzjEA9zDAAP0cbCAtiXkygu3kDfinlxIPlN/WlDowoYHBzY6MNHCFyHjKRJ11FCDgfewiSY8SDRhow0FDzvw4EOFR1Q+zFTBhA8HLiTWYOEmJCqoo44NSCiUsQMHW+iihQZM/DsIgl3s6X7fiPN5lrLVSIIqUzaigFxy3PVRnbG10+r/D59GS8f13zit/tObKjoOCtHLx7NiiD4Dgvj8f04rLycbIiIiIiIiInoZhP7tu9B/lX8bQICm3VbGsZjCuWVHRERERERERIsgEBRwFSK6Kh9vQ0ye/xMRERERERHR603oe+wEgJK+qF+Mbpc6yy8Bsq8gRSIiIiIiIiJ6QfrO/2t5INBX+a9AzHX+T0RERERERESvgV+NjbGfy8Zj7AbJn/UzAFb+UhAf/b0Ad0kc9ba/KvbNcI65H8dMXAHgN6+Ii/FAvfolD0B/stRVEa9NAv9KfvsQ+mQ3faz/Z0FECOGeSCCfHW9gSgIiXHMtF3/CB7geLXI9Hmf+/mEGek40onCpabdV2XLadyswzYsZX23/KXi493PAHW7n7t6gX/7Rjwf3dS5H4aSj/bDRp8fSyaR3xiiXx3q8BX3PRdroxstoJqv8dbdTEnq9RrL9WZj7mfEVzdoBtWUg2spfYDXaZ6tBFFs6HI64L4AVPfhDpax3md56/2fR1rtLYpRF5eSWp+2IKVte1FnciGJurN2IXpI+CdvJiOLXskC1PNoHqVlUx7M4vS/EP070/+wsIIphX2yEWfwhbOhEFt//KFp4o7edDI9xliwmjgIiovOyO6pCehDziTH2k/KQfKmdve4gB8TfclOq+2gtQVw/kur++LdBVKGyQC7+20T6WpK6gvAbfU3odvLRgO65Kynf6Eb50yAIzItFjH+j/y8Ikg0y5qhuR0EQnPxG//3oGUhx2hNZ/CcIgrsVXUl+c6Kqfhgu8OHU9XrtahZFFPB4/yd6APzQ+/33+w+r1Y2a8a5h3K5iSf+vQvySBWsPERFNOP0ZOzoiMyNCvIvrURvX7//tnejdsYr3pfiSAu0WMMB9rCePEFhJb7WEXXzzn9FlCOvRWSuwWopeS4fy8qW74VntMHZP5PQTXtanntXpWhrF6ssbqsPY5LlDJ88AR7EbL3kvEBERvVqrU+owcKz+43j9Lx6r/+tYiyLWrqSed5ewPLykcD05Ox6e0h9eOEqtuZXTk//WgjuDiIjoc0K5n4iS/0vhunbvvUq9XjH9TSVdx/qudO1GS0m76yvX2jS7LSV7ruM7ltOWPRcFe1l50tvq9RzXl03HlT3Hs7f1k99l/Oh3T3XMrm9bXq+tTE9Jy+n6puXLhu1Zsrf17bbtbSpXL+z1lGU3bcv0bacrPWfLtVRZSk+psUC7obq+3bTDt13Zc+2O6e7I7zntrY6SDeVZrt3znajBZF12t+m4Hd1sGcHcDzokIiJ6Ez16cvjg3mDQPzj5Zjk8NY+mHGFKTP9gOW4mmZJPaZBjBBEREX3GjMr1HAsVX2JCREREREREREREREREREREREREREREREQ0Yer9f8/7ZintZkFgOOWnF+MpeIbRLYYT7Qi8aD6fun/UA/s9z+KZ2TH5uPPGNrCYTPl4RsvLwylJ94/HHM2TIS4Bz90/f/0CcEFPiW/czC3wAJi8f3Thx1jam2/sRj06LUbPTJ1VGO6L3OL/cwjfPPzd5CwR9nwQBMHsxQvH+zB/9uM5B+AgP2MXLJ9y/LzKbyEiOg//DwAA///w6jRN") chdir(&(0x7f0000000040)='./file0\x00') setxattr$incfs_id(&(0x7f0000000080)='./cgroup\x00', &(0x7f0000000140), 0x0, 0x0, 0x2) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10) r5 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10) 1.643262055s ago: executing program 2 (id=909): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa20000000000"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x2}, 0x8) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x200000c4) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000007c0), 0x4000, 0x0) sendto$inet6(r1, &(0x7f0000000b80)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c) shutdown(r1, 0x1) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x40000) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x35, &(0x7f0000000040)=0x4, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b7000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18) add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 1.555084966s ago: executing program 0 (id=912): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0) 1.554295916s ago: executing program 0 (id=913): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18) r1 = socket(0x2c, 0x80000, 0x20000000) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) sendmmsg$inet(r1, &(0x7f0000000900)=[{{&(0x7f0000000080)={0x2, 0x4, @rand_addr=0xac1414bb}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f0000000000)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x2, 0x0) 1.200250572s ago: executing program 0 (id=914): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x300, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="14efff001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}}, 0x0) 1.199617602s ago: executing program 0 (id=915): mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103) (async) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48) (async) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0x2, &(0x7f00000014c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="00004ca3000000000000b703000000000000850000001b000000b7000000000000009500000000000000834d29b36a1b305b19665cd79088d2d801399e3d1736ab0dadb989b03b8384de213df56cee7aaa620fdc32c07331f29d3db1370337866370aaf87c74cbbf0351b2"], &(0x7f0000000780)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001600)={&(0x7f0000000040)='i2c_read\x00', r0}, 0x18) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000000)={0x0, 0x2710}, 0x10) getsockopt$sock_timeval(r1, 0x1, 0x15, 0x0, &(0x7f0000000040)) (async) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15) (async) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x60110, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1001, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff"], 0x58}}, 0x0) (async, rerun: 64) sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00042cbd7000fddbdf250e000000080006000300000008000600648a0000"], 0x24}, 0x1, 0x0, 0x0, 0xc001}, 0x20000804) (rerun: 64) r5 = semget$private(0x0, 0x6, 0x40d) semtimedop(r5, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0) r6 = dup(r2) (async) r7 = socket$inet6(0xa, 0x2, 0x0) (async) r8 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) (async) prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='\xac\xed\x00\x00') r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r9}, 0x10) (async) getsockname$packet(r8, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x0) (async, rerun: 32) sendmmsg$inet(r7, &(0x7f0000000bc0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0) (rerun: 32) write$P9_RLERRORu(r6, &(0x7f0000000440)=ANY=[@ANYBLOB="75b5f7bb083cbaf9c53db86cd10d4e01ec7c1cb9553e0e9d3a683e39ab5dbfa847add01bfdc363de81c51a1dbb151110d30fa36446ea1b83"], 0x53) (async) write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) 890.486646ms ago: executing program 3 (id=917): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) unshare(0x2c060000) r0 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x0, 0x400, 0x0, 0x338}, &(0x7f0000000080)=0x0, &(0x7f00000001c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18) io_uring_enter(r0, 0x47ba, 0x98f1, 0x2a, 0x0, 0x0) 850.019287ms ago: executing program 3 (id=918): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100), 0x1, 0x58a, &(0x7f0000001b40)="$eJzs3T1sG2UfAPD/neOmH3nf9JXeV3pBHSpAKlJVJ+kHFKZ2RVSq1AGJBSLHjao4cRUn0EQZ0r1CdECAupQNBkYQAwNiYWRlATEjVTQCqekARv5K09QJTohjyP1+0tnPc3f2/3nu/H/sO93JAWTW8fpDGvFURFxOIobXLRuI1sLjzfVWV5aKD1eWiknUald+TiKJiAcrS8X2+knr+UhELEfE/yPi63zEyXTtLQ+0C9WFxanxcrk026qPzE1fH6kuLJ66Nj0+WZoszZx58aVz58+eGzs9tr65D2vra/nt9fXWD7ffufXtK3dvf/LpseXie+NJXIih1rL1/dhNzW2Sjwsb5p/tRbA+SvrdAHYk18rzeir9L4Yj18r6TmrrB4fBPWke0EO1wYgakFGJ/IeMav8OqB//tqe9/P1x72LzAKQed7U1NZcMNM9NxMHGscnhX5LHjkzqx5tH97Kh7EvLNyNidGDgyc9/0vr87dzobjSQnvrqYnNHPbn/07XxJzqMP0Ptc6d/UXv8W31i/HsUP7fJ+He5yxi/vf7jh5vGvxnxdMf4yVr8pEP8NCLe7DL+nde+OL/ZstpHESeic/y2ZOvzwyNXr5VLo83HjjG+PHHs5a36f3iT+M1ztgcbXzOdtn/aZf8//+azZ5a3iP/8s1vv/07b/1BEvNtl/P88+PjVzZbdu5ncr/8K2O7+TyIfd7uM/8KF49+3is4aAgAAAAAAAADALkob17IlaWGtnKaFQvMe3v/G4bRcqc6dvFqZn5loXvN2NPJp+0qr4WY9qdfHWtfjtuunN9TP5FoBc4ca9UKxUp7oc98BAAAAAAAAAAAAAAAAAADg7+LIhvv/f8017v/f+HfVwH61+V9+A/ud/Ifsejz/k761A9h7vv8hs2ryH7JL/kN2yX/ILvkP2SX/IbvkP2SX/AcAAAAAAAAAAAAAAAAAAAAAAAAAgJ64fOlSfao9XFkq1usTAwvzU5W3Tk2UqlOF6flioViZvV6YrFQmy6VCsTL9Z++XVCrXR2Nm/sbIXKk6N1JdWHxjujI/0/5P0VK+5z0CAAAAAAAAAAAAAAAAAACAf56hxpSkhYh8s56mhULEvyLiaBLJ1Wvl0mhE/DsivsvlB+v1sX43GgAAAAAAAAAAAAAAAAAAAPaZ6sLi1Hi5XJrtXWGgFaqHIbovDGxn5YhY3t1m1N9x26/KtzZgnzedQqYKfRyUAAAAAAAAAAAAAAAAAAAgox7d9NvtK37vbYMAAAAAAAAAAAAAAAAAAAAgk9KfkoioTyeGnxvauPRAspprPEfE23euvH9jfG5udqw+//7a/LkPWvNP96P9QLfaeZpGRD2PAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEeqC4tT4+VyaXaHhcEu1ul3HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB24o8AAAD//+mR0Yo=") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r0 = open(&(0x7f0000000340)='./file1\x00', 0x4000, 0x0) preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0) (fail_nth: 5) 771.259738ms ago: executing program 0 (id=919): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) pidfd_send_signal(r1, 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c30000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000004c0)='kfree\x00', r4, 0x0, 0x6}, 0x18) sendfile(r3, r3, 0x0, 0x3fffff) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000050a0104000000000000000001000000090003803d2175fbe782c2eb2b00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a30"], 0x122}, 0x1, 0x0, 0x0, 0x10000000}, 0x8010) open(0x0, 0x14927e, 0x20) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000540)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) modify_ldt$write2(0x11, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x8042, 0x10c) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r5, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d440fe0000000000002900", 0x2a) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r7}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x7}, 0x48) link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r8, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000004a80)={0x20, r9, 0x301, 0x70bd28, 0x25dfdbfb, {0x1c}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}}, 0x2404c816) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r2, 0x0, 0xf7}, 0x18) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x3, 0x8404, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={&(0x7f0000000080)}, 0x400, 0x0, 0x0, 0x0, 0x0, 0x1fffffff, 0x0, 0x0, 0x40, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 626.550201ms ago: executing program 2 (id=920): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000680)='ns/time\x00') bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001e40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42673d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f435f28fbeda75cf971f54a9698cf3270f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcdd4aa9cb6a128e1ad45fd4030e1e69adf4986b7860f3122d59c079f0f9a1732f691590f45512aec4ed2413f66cac7dd022301741c576dea82005b166d6c3b9ed0c297ac197a92188a618745e78dca0b3c62f1601243089d9c687563382b0b88a7d80fd7bf7fae8a690f52db1464d29b1b926414cd35705c89662c585e32c881d917b74f027674dbc017499ba15a2e2900000000000000000000000000007b593ecbdd162fee9f239a3c615b3e9a3fb0af254bdd247a5a5abdbc0123c950eec0f1800b295be71418dd65de15e11beef9630499c70fce74135a7c7c8e818b79b85ff65d59d89492d7a663d3f25651e252ab49d358eac853ffe182ee37a5db085a072647719cb8604ba2e0b80af3f1867bd8fb6afca671437e0a5a9d5a088436739262d894986882ec0fb419a377ef47f4920a5de6d8de0d3090b4cb6b773e825442d351f980eed0d997a4d98a51220c41b145e2186546c646128a3e69f52fcad83a026def90b9eb55f4a0a2251bbae428c6c017b5a47f1580831a7ce232857e6aa9e777e99da1a3ad03fdc93fa7ed96228deac5e3bce983971041297a6ba18783a2edc7e3901cc891035872c61e7ea375b0902be0c5cc7fdef968ba1ca17ce5e11f2f384cd28c1194f56d3cf074e8ba4e60e84dc2f352c3cd170581aee0c93ca8ceff84cda40325d340759e79e5c4bcec227e37f7ec2193c78877fb319ec1f2d4dcf1d46a15cde1d6cecce6ecdb0c0a3413394d51341a7b3606ad8c29b6dbf6be3265b528c3208de35161bfe19678df43a45b314e5a0f8754cfaf4f9d3fdf9c8f7b7c296bf2e632d25ba8ee6369b362a8e4c9dff176d482d32249c93680a04f6464f184acfd0376662fee9e1031e569248db9bc724cdd97976a4d7c5c5172d1383fa1e442f68a14b747a9f2597bf115dd0111fe8ba3584a43176f33bd39a408f8648b19839bba9cc47624ea19e46dbbdf0faf591bcdc8613828a0c5a40c04ae34bbf4a0e27828b0c7cb9d7a7455db030425a4bd69cf6dcb4b1d066f8ef4ea1c710e05819df82d5cc94ace6b41c2de37a2eaf24f24b3d9a7dd4d197d51407be3e90000000000000000dbc0b0d6e11ccb71437ebea7ad01d5b93a7a0561e4a1b3fa1aa9c75f3aaec4ace1b6201a3e007b657be62df59133b4d8f0f145d9fc954cc7792077268bf0977e2a699722ce3dbb97248b8a8a771dd0f7d9c97e6587524a44fd6d49330ccbc39ca277b84f7f0a39759ef0b42388bd69fe341a925e8cdc5d7b2d6ddb7331a081bd0672bf4d02255de095a179e51bf5492d4e89c3cbad59db725c0dd7e35cbd9887175286a37d7621a361eb830cc5b842b11b5d040ccceb254d6a0c9c43718d0816bb2465928e236101b8cd46b5ef9cb930378a9249cbb41bcde9bb78d71c512153d2f1d765b56d2e5ef3e3d34975787646630051074c9706747fda873ccfdb394fc269c8cfadc0a52c3402f392a38052f859ab5600000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x6, 0x14, &(0x7f0000000280)=ANY=[@ANYRES8=r2, @ANYRES32=r2, @ANYRES8=r2], &(0x7f0000000240)='GPL\x00', 0xd, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94) (async) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x6, 0x14, &(0x7f0000000280)=ANY=[@ANYRES8=r2, @ANYRES32=r2, @ANYRES8=r2], &(0x7f0000000240)='GPL\x00', 0xd, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) syz_read_part_table(0x408b, &(0x7f0000000000)="$eJzszztKLEEYBeAz3X1vNyKCpgZiZiRtZmJi5AZmA5OZGZiPj90MLsAtCa7ApKRnGh84Zooi35fUoerUD3/4cQ/rLq+T/O8+/XM/u9tOM6Tbvk+GYnOxtXwqK/O9JP1R/m10VTaTXH6cMl183RYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCvVl7S4+tlN76VUpL6Xb9OJslVktluaZMcV8lw5qZ+Oh9L+4dJznaS5s3Pdpy5PCaZLr5rJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgb6pycjrGSQ7SrmK3plnmz+zOrQ2AQBgD0H6CH8UIGPZgFJZhG6Yk505ecvY9VdGk3bJUS1fe+6zak+foG+vY5Dd5GQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADByQAAAAAgv6/bkegAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsFcAAAD//9akIJE=") ioctl$TUNSETFILTEREBPF(r0, 0x8004b709, 0x0) (async) ioctl$TUNSETFILTEREBPF(r0, 0x8004b709, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000040c0), 0x48000) ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r5, 0x40045402, &(0x7f0000004100)=0x1) (async) ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r5, 0x40045402, &(0x7f0000004100)=0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c0000003e000701fcfffffffedbdf25017c00000600048036"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) 430.865224ms ago: executing program 3 (id=921): r0 = socket$nl_route(0x10, 0x3, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x36, 0x1, 0x9, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x7f, 0x2}, 0xfc2bfbaad827c7f0, 0x10000, 0x0, 0x9, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20002}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_mount_image$ext4(&(0x7f0000000300)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1818e58, &(0x7f00000003c0), 0x22, 0x63f, &(0x7f0000000d80)="$eJzs3c9rXFsdAPDvvZPkJWl86RMRX1AMuHgP5KVJfVh1Y1sXdlGwYBciLhqapIZOf5CkYGvBBFwoKIi4LdKN/4B76d6dCOrOtVBFKha0dB73zp1mMplfaTIzSe7nA5M599wzOeebOyf33HvnzA2gtOazH2nE+xGvbyQRs03rZqK+cr4o9+Lfj29mjyRqte/+K4mkyGuUT4rnM8XCZET86XLEpyv76918+Oj2crVW95OIc1t37p/bfPjoo/U7y7dWb63eXTr/tY8vLH596eOlpoa+vTPF85Wr3/n8L3/6w6+u/bn6URIX4/r4j1eiJY6jMh/z8boIsTl/LCIuZIk2f5eT5hSEUGqV4v04HhGfjdmo5Et1s7H+i5E2DhioWiWi1l3SqwBwUuneUFaNcUDj2L6/4+DrAx6VDM/zS/UDoP3xjxWnHCbzY6PpF0nTkVH93MbZI6g/q+PV48knrx7PPYk95yFevtk6Y0dQTyfbOxHxuXbxJ3nbzuaRZvGne47104hYjIiJon3fOkQbkqb0IM7DdHOQ+Ju3Qxb/xeI5y7/8lvW3ntYadvwAlNOzS8WOfDtb2t3/ZWOPxvgn2ox/Zg5/SSY36v1f5/FfY38/mY970pZxWDZmudb+V463Zvz951d+3an++vhv7knjkdXfGAsOw/OdiLmW+H+WBVuMf7L4kzbbPyty42J/dXz7L/+80mndqOOvPY34oO3xz+6oNEt1uT55bm29urpY/9m2jj/88Qe/61R/+/jfGUCk7WXbf7pD/E3bP219XfY3ud/+V+60Zvz+2tM7neqf6bn9039MJPXjzYki50c7W1sbSxETydWiSJG/vLW1cb57vPUyL2v581I9/g+/1L7/73n/t0Q11fiX2Yf737v9otO6t3n/N11Mfl3rsw2dZPGv9N7++/p/lverPuv47/cffKHTum7xTx0mMAAAAAAAACihNL8Gm6QLb9JpurBQny/7mZhOq/c2t768du/B3ZWID/PPQ46nkSb5R0Zm68vJ2np1dan4PGxj+XzL8lci4r2I+E1lKl9euHmvujLq4AEAAAAAAAAAAAAAAAAAAOCYOFPM/2/cp/o/lfr8f6Aket9gbt/9H4BTYpA3mASOt7z/d9vFvzu8tgDDZf8P5aX/Q3np/1Be+j+Ul/4P5aX/Q3np/1Be+j8AAAAAnErvffHZ35KI2P7GVP7ITBTrTPqF0238QKUrA2sHMHx6NJTXm0v/BvtQOn2N//9XfDng4JsDjEDSLjMfHNS6d/5nbV+5a+fwbQMAAAAAAAAAAAAA6j54v/P8/4PNDQZOGtP+oLwOMf/fVwfACeer/6G8HOMDPWbxx2SnFb3m/wMAAAAAAAAAAAAAR2YmfyTpQjEXeCbSdGEh4lMRcTbGk7X16upiRLwbEX+tjL+TLS+NutEAAAAAAAAAAAAAAAAAAABwymw+fHR7uVpd3WhO/H9fzulONO6C2rtwrY8yXRPfjAO+KpLh/1mmImLkG2VgibGmnCRiO9vyx6JhG5txPJqRJ0b8jwkAAAAAAAAAAAAAAAAAAEqoae5xe3O/HXKLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD4du//3yOxMl1/QV+F9yZGHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcDJ9EgAA//+YYDw3") fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'dummy0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x1, 0xb}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000400)={r2, &(0x7f0000000380)="c8f0f8185560b1e0160c376715993acce4910c409033c3ac51cbb11bfde928c2241a7e7576f0c4c3b591faa24e31f3f90169876e06235fd897cab7a199bd16a220112fe3b5a3e01bfb5d3f01edbdf05e64186c0f219cb712cef827cc28d443cb578364ab", &(0x7f0000000240)=@udp6=r2, 0x2}, 0x20) write$binfmt_script(r2, &(0x7f0000000840)={'#! ', './file0', [{0x20, '\x80r\b\xdb\xc5\xb2fL\xc9\x18\xd1\xb1:_\f\x12\x83\xf7\x0fE\x1fD\x91[\xec\xdd\xf0\xdd\xf3w\xce\xd0\vv\xa2\x1a#\xd1$H\\\x15\x9aty\xe2n\xc5\xd4\xa6\xca\xa9\x10G\xff\x86\xc5\xbf8\x14\xea\xc3tj\x8c\a\xa5\xde\x11\xaf\x05\xe1\x8f\xa9\x1a\xb5\xfb\xc6d\xc9\xfe\xe6\xe5\x83\x17\xfb\xcdFLt\xfe\x1drP);\xe1\x03\x9f1\xfcr5, {0x5}}, './file0\x00'}) getsockopt$IP_SET_OP_GET_BYNAME(r6, 0x1, 0x53, &(0x7f0000000200)={0x6, 0x7, 'syz0\x00'}, &(0x7f00000003c0)=0x28) sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e03002a000b05d25a806c8c6f94f91124fc601100077a0a000312050282c137153e370e0c1180fc0b0c000300", 0x33fe0}], 0x1}, 0x0) getpeername$l2tp6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @initdev}}, &(0x7f0000000180)=0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004840)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="310700000000000000003800000008000100"], 0x38}, 0x1, 0x2, 0x0, 0x1bb5818a0d1752a}, 0x4890) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7, 0x0, 0x7}, 0x18) r10 = socket$inet6_mptcp(0xa, 0x1, 0x106) r11 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r11, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r11, 0x1, 0x8, &(0x7f0000000300), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r11, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r11) connect$inet6(r10, &(0x7f0000000040)={0xa, 0x4001, 0x0, @loopback}, 0x1c) 362.795795ms ago: executing program 4 (id=924): r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x18) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/diskstats\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8) 358.314885ms ago: executing program 1 (id=925): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f00000001c0)=0x400000001, 0x4) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x2, 0x1802, 0x0, 0x0) 332.036335ms ago: executing program 4 (id=926): setxattr$incfs_id(0x0, &(0x7f0000000140), 0x0, 0x0, 0x2) 279.189296ms ago: executing program 1 (id=927): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000004c0)='kfree\x00', r0, 0x0, 0x9}, 0x18) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r1, 0x3) syz_emit_ethernet(0x36, &(0x7f0000000280)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0x1}}}}}}, 0x0) 278.627946ms ago: executing program 4 (id=928): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x6}, 0x18) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000004500000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000c0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r4}, 0x10) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000800000008"], 0x50) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0xa, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='kmem_cache_free\x00', r6, 0x0, 0x2}, 0x18) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) creat(&(0x7f00000002c0)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e00800000000800", @ANYRES64=r7], 0x5c}, 0x1, 0x0, 0x0, 0x20008005}, 0x0) 268.814126ms ago: executing program 1 (id=929): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4dd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2}, 0x10) sendto$inet6(r0, &(0x7f0000000500)="a4", 0xffe0, 0x4c, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 192.065267ms ago: executing program 4 (id=930): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa20000000000"], &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r1 = socket$inet6_sctp(0xa, 0x801, 0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x2}, 0x8) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x200000c4) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000007c0), 0x4000, 0x0) sendto$inet6(r1, &(0x7f0000000b80)="be", 0x1, 0x4008014, &(0x7f0000000000)={0xa, 0x4e22, 0x1, @dev={0xfe, 0x80, '\x00', 0x23}, 0x7}, 0x1c) shutdown(r1, 0x1) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x40000) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x35, &(0x7f0000000040)=0x4, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000030000850000001b000000b700000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18) add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0xfffffe00, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 189.431237ms ago: executing program 1 (id=931): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000004c0)='kfree\x00', r0, 0x0, 0x9}, 0x18) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r1, 0x3) syz_emit_ethernet(0x36, &(0x7f0000000280)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0x1}}}}}}, 0x0) 188.500827ms ago: executing program 3 (id=932): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="020000000400008000"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0, 0xffffffffffffffff}, 0x4) r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r1}, 0x8) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f00000002c0)=ANY=[@ANYRES16=r1], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0xfffffda2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000a00)='mce_record\x00', r3, 0x0, 0xffffffbfffffffff}, 0x18) request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10rust\xe3c*sgrVex:Di', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xd, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES16, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095", @ANYRES8=r2], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESHEX=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4c001}, 0x4004110) sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x480d5}, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7, 0x0, 0x7fff}, 0x18) r8 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0) write$selinux_access(r8, &(0x7f0000000640)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7567616e646f6d5f6465766963655fb9787330202f7573722f7362696e2f6e74706420303030303030303030303030303030303032343600"], 0x4a) 158.543908ms ago: executing program 1 (id=933): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x10, &(0x7f0000000100)=0xffff37e7, 0x4) r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r1}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000480)=ANY=[@ANYRES8=r0, @ANYRES32=r1, @ANYBLOB="1000000000006536009eb86a60c709d6b6cac4c2a01a50b07800b705000008000022f0cdddfcc01d16bb487550749a9ed6d31bb0ee310b47c89df970f511a3f4de21ae6f2cdc5b1cc7dc8b7b512942c56fc9ab47414ca3affd994818e3accfd2c67fca94156fa673f7cda52c5ba70c6f50f975cf77dd86300c2ee338d3600cc6853e1dbd5a5ddc1ef9444d36639fe470079f0870a729a339b13d2086ad568083cef9fcf05c90fd9b20920b732eb5289186f3f7f04b3bdde86957033c606af9c9fba73e3a40fddfac4f4cc382dc94d87844df2b2998e6e5a6d821e35b80de801df43d79559871acbb4fb343f988be969c56bd6224cc5f4e7cb2333e2b9ccebee21c8601dd891eb07c341038aca093b15ba234021f9cfe7a148fe95059"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_netfilter(0x10, 0x3, 0xc) symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00') acct(&(0x7f00000001c0)='./file0\x00') r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x67, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r2}, 0x18) open(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x80) openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = creat(0x0, 0x0) fsetxattr$system_posix_acl(r3, &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0xfe44, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) open(0x0, 0x44842, 0x0) io_pgetevents(0x0, 0x6, 0x1, &(0x7f0000000340)=[{}], &(0x7f0000000380), &(0x7f0000000600)={&(0x7f00000005c0)={[0x9]}, 0x8}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r4, 0x5607, 0x2c) r5 = syz_open_dev$tty1(0xc, 0x4, 0x1) r6 = dup(r5) ioctl$TIOCL_SETVESABLANK(r6, 0x560e, &(0x7f0000000140)) r7 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$VT_ACTIVATE(r7, 0x5606, 0x4) ioctl$TIOCL_BLANKSCREEN(r7, 0x541c, &(0x7f0000000000)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x54}}, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r8, @ANYBLOB="0000000000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 63.489799ms ago: executing program 2 (id=934): prlimit64(0x0, 0x7, &(0x7f0000002640)={0x0, 0xa5b1}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f0000000400000004000000120000000000dd00", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00 \x00'/28], 0x50) socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r0}, &(0x7f00000004c0), &(0x7f0000000500)='%pK \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r2}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0xc6cf, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', r4}, 0x18) r5 = socket$rxrpc(0x21, 0x2, 0xa) recvmmsg(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000}}], 0x1, 0x140, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000ac0), r7) sendmsg$NLBL_CALIPSO_C_ADD(r7, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="01007c98711fffdbdf25010000000800010003000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc840}, 0x20020000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18) r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000003c0)=0x2) r10 = socket(0x28, 0x5, 0x0) r11 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r11, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r11, 0x0) connect$vsock_stream(r10, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) sendmmsg(r10, &(0x7f0000000100)=[{{0x0, 0x2d, &(0x7f00000000c0)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x0) 62.572779ms ago: executing program 3 (id=935): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) timerfd_create(0x7, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x101040) r4 = epoll_create(0x6) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000000)={0x20002000}) ioctl$EVIOCGABS20(r3, 0x40044591, 0x0) r5 = gettid() timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0xfffffffd) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r6, 0x0, 0x5}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0bfc0000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}, 0x1, 0x0, 0x0, 0x40820}, 0x0) writev(r7, &(0x7f0000000040), 0x2) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r8, 0x0) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="12000000040000000800"], 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r10, @ANYRES32=r9, @ANYBLOB='\a'], 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r10, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r8}, 0x20) sendmmsg$inet6(r8, &(0x7f00000003c0)=[{{0x0, 0x4d, &(0x7f00000004c0)=[{&(0x7f0000000180)="50558c", 0x3}], 0x1}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000240)="fb24ba96", 0x4}, {0x0}], 0x2}}], 0x2, 0x20004810) dup2(r1, r2) 29.8244ms ago: executing program 2 (id=936): socket$inet_tcp(0x2, 0x1, 0x0) r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8000001f) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="00000000000057b6b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000300)='kmem_cache_free\x00', r1}, 0x18) close_range(r0, 0xffffffffffffffff, 0x0) 29.12611ms ago: executing program 2 (id=937): r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x18) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/diskstats\x00', 0x0, 0x0) sendfile(r0, r3, 0x0, 0x8) 0s ago: executing program 2 (id=938): r0 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x1ff}}, './file0\x00'}) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000040)=[r0, r0, r0, r0, r0, r0], 0x6) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_DEL(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000ef98378d2615e407828de0002090001f8000000001f6bd3bb000001"], 0x14}, 0x1, 0x0, 0x0, 0x4000054}, 0x20000004) setgroups(0x0, 0x0) getgroups(0x1, &(0x7f0000000080)=[0xee00]) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000380)='./file0\x00', &(0x7f0000000340)=[0x7], 0x0, 0x0, 0x1}}, 0x40) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)=ANY=[], 0x48) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000640)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095", @ANYRESHEX=r4], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vcan0\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000c00)={'sit0\x00', &(0x7f0000000180)={'syztnl0\x00', r6, 0x80, 0x7, 0x0, 0x101, {{0x5, 0x4, 0x3, 0x16, 0x14, 0x64, 0x0, 0x3, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x3e}}}}}) capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000280)) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000ff000003bfa30000000000000703000020feffff620af0fff8ffffff71a4f0ff0000000015040200000000001d400200000000004704000001ed000062030000000000001d440000000000007a0a00fe00ffffffdb03000051000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa5b4e377184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7592566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6cb5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH") r7 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc)=0x0) timer_settime(r8, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r9, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r9, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9) r10 = socket$igmp(0x2, 0x3, 0x2) getsockopt$IP_VS_SO_GET_VERSION(r10, 0x0, 0x480, &(0x7f0000000000), &(0x7f0000000040)=0x40) process_mrelease(0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): 70] EXT4-fs (loop1): Free/Dirty block details [ 63.876225][ T4970] EXT4-fs (loop1): free_blocks=20480 [ 63.881773][ T4970] EXT4-fs (loop1): dirty_blocks=96 [ 63.886910][ T4970] EXT4-fs (loop1): Block reservation details [ 63.886924][ T4970] EXT4-fs (loop1): i_reserved_data_blocks=6 [ 63.945686][ T4992] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 63.967910][ T51] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 63.980190][ T51] EXT4-fs (loop1): This should not happen!! Data will be lost [ 63.980190][ T51] [ 63.996403][ T4994] loop3: detected capacity change from 0 to 1024 [ 64.004851][ T4988] loop2: detected capacity change from 0 to 4096 [ 64.013031][ T4994] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 64.047065][ T4988] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 64.070206][ T4994] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.523: Invalid block bitmap block 0 in block_group 0 [ 64.091958][ T4994] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.523: Failed to acquire dquot type 0 [ 64.103924][ T4988] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #3: comm syz.2.520: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 64.122641][ T4988] EXT4-fs error (device loop2): ext4_quota_enable:7127: comm syz.2.520: Bad quota inode: 3, type: 0 [ 64.123503][ T4994] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.523: Freeing blocks not in datazone - block = 0, count = 4096 [ 64.151611][ T4988] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 64.180902][ T4988] EXT4-fs (loop2): mount failed [ 64.202079][ T4994] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.523: Invalid inode bitmap blk 0 in block_group 0 [ 64.221397][ T31] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:1: Failed to release dquot type 0 [ 64.248593][ T4994] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem [ 64.269258][ T4994] EXT4-fs (loop3): 1 orphan inode deleted [ 64.321460][ T51] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0 [ 64.485189][ T5022] FAULT_INJECTION: forcing a failure. [ 64.485189][ T5022] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 64.498494][ T5022] CPU: 1 UID: 0 PID: 5022 Comm: syz.3.532 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 64.498521][ T5022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 64.498582][ T5022] Call Trace: [ 64.498589][ T5022] [ 64.498597][ T5022] __dump_stack+0x1d/0x30 [ 64.498616][ T5022] dump_stack_lvl+0xe8/0x140 [ 64.498632][ T5022] dump_stack+0x15/0x1b [ 64.498721][ T5022] should_fail_ex+0x265/0x280 [ 64.498820][ T5022] should_fail+0xb/0x20 [ 64.498842][ T5022] should_fail_usercopy+0x1a/0x20 [ 64.498867][ T5022] copy_fpstate_to_sigframe+0x628/0x7d0 [ 64.498894][ T5022] ? copy_fpstate_to_sigframe+0xe6/0x7d0 [ 64.498996][ T5022] ? x86_task_fpu+0x36/0x60 [ 64.499058][ T5022] get_sigframe+0x34d/0x490 [ 64.499089][ T5022] ? get_signal+0xdc8/0xf70 [ 64.499122][ T5022] x64_setup_rt_frame+0xa8/0x580 [ 64.499143][ T5022] arch_do_signal_or_restart+0x27c/0x480 [ 64.499201][ T5022] exit_to_user_mode_loop+0x7a/0x100 [ 64.499226][ T5022] do_syscall_64+0x1d6/0x200 [ 64.499248][ T5022] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 64.499290][ T5022] ? clear_bhb_loop+0x40/0x90 [ 64.499307][ T5022] ? clear_bhb_loop+0x40/0x90 [ 64.499324][ T5022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.499341][ T5022] RIP: 0033:0x7fa898bee9a7 [ 64.499417][ T5022] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 64.499479][ T5022] RSP: 002b:00007fa89724f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 64.499495][ T5022] RAX: 0000000000000113 RBX: 00007fa898e15fa0 RCX: 00007fa898bee9a9 [ 64.499506][ T5022] RDX: 000000000000000a RSI: 0000000000000000 RDI: 0000000000000007 [ 64.499527][ T5022] RBP: 00007fa89724f090 R08: 0000000000000007 R09: 0000000000000000 [ 64.499540][ T5022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 64.499552][ T5022] R13: 0000000000000000 R14: 00007fa898e15fa0 R15: 00007ffc3d4c4218 [ 64.499569][ T5022] [ 64.796353][ T5009] loop0: detected capacity change from 0 to 32768 [ 64.809542][ T5025] futex_wake_op: syz.0.529 tries to shift op by -1; fix this program [ 64.882097][ T4942] loop0: p1 p3 < > [ 64.907316][ T5027] loop3: detected capacity change from 0 to 512 [ 64.979493][ T5027] ext4: Bad value for 'init_itable' [ 65.017386][ T2988] udevd[2988]: worker [4266] terminated by signal 33 (Unknown signal 33) [ 65.105781][ T2988] udevd[2988]: worker [4266] failed while handling '/devices/virtual/block/loop3' [ 65.117847][ T5009] loop0: p1 p3 < > [ 65.120803][ T5027] loop3: detected capacity change from 0 to 2048 [ 65.167933][ T5027] netlink: 44 bytes leftover after parsing attributes in process `syz.3.534'. [ 65.180484][ T5027] netlink: 40 bytes leftover after parsing attributes in process `syz.3.534'. [ 65.182010][ T5035] loop2: detected capacity change from 0 to 512 [ 65.215344][ T5035] ext4: Bad value for 'init_itable' [ 65.229459][ T5035] loop2: detected capacity change from 0 to 2048 [ 65.258831][ T5040] loop3: detected capacity change from 0 to 1024 [ 65.296331][ T5043] loop1: detected capacity change from 0 to 1024 [ 65.313695][ T5040] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 65.333276][ T5035] netlink: 44 bytes leftover after parsing attributes in process `syz.2.537'. [ 65.351090][ T5045] SELinux: Context system_u:object_r:systemd_logger_exec_t:s0 is not valid (left unmapped). [ 65.361854][ T29] kauditd_printk_skb: 331 callbacks suppressed [ 65.361867][ T29] audit: type=1400 audit(1753804900.736:3050): avc: denied { relabelto } for pid=5044 comm="syz.4.543" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_logger_exec_t:s0" [ 65.396308][ T29] audit: type=1400 audit(1753804900.736:3051): avc: denied { associate } for pid=5044 comm="syz.4.543" name="/" dev="tmpfs" ino=1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:systemd_logger_exec_t:s0" [ 65.444102][ T5035] netlink: 40 bytes leftover after parsing attributes in process `syz.2.537'. [ 65.455829][ T5043] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 65.490122][ T5035] FAULT_INJECTION: forcing a failure. [ 65.490122][ T5035] name failslab, interval 1, probability 0, space 0, times 0 [ 65.503129][ T5035] CPU: 0 UID: 0 PID: 5035 Comm: syz.2.537 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 65.503224][ T5035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 65.503236][ T5035] Call Trace: [ 65.503242][ T5035] [ 65.503249][ T5035] __dump_stack+0x1d/0x30 [ 65.503270][ T5035] dump_stack_lvl+0xe8/0x140 [ 65.503361][ T5035] dump_stack+0x15/0x1b [ 65.503374][ T5035] should_fail_ex+0x265/0x280 [ 65.503396][ T5035] should_failslab+0x8c/0xb0 [ 65.503414][ T5035] __kmalloc_noprof+0xa5/0x3e0 [ 65.503433][ T5035] ? ip_options_get+0x52/0x350 [ 65.503478][ T5035] ip_options_get+0x52/0x350 [ 65.503579][ T5035] do_ip_setsockopt+0x19d4/0x2240 [ 65.503610][ T5035] ip_setsockopt+0x58/0x110 [ 65.503626][ T5035] udp_setsockopt+0x99/0xb0 [ 65.503651][ T5035] sock_common_setsockopt+0x66/0x80 [ 65.503746][ T5035] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 65.503774][ T5035] __sys_setsockopt+0x181/0x200 [ 65.503835][ T5035] __x64_sys_setsockopt+0x64/0x80 [ 65.503856][ T5035] x64_sys_call+0x20ec/0x2ff0 [ 65.503906][ T5035] do_syscall_64+0xd2/0x200 [ 65.503928][ T5035] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 65.503972][ T5035] ? clear_bhb_loop+0x40/0x90 [ 65.503992][ T5035] ? clear_bhb_loop+0x40/0x90 [ 65.504012][ T5035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.504033][ T5035] RIP: 0033:0x7f897c83e9a9 [ 65.504048][ T5035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.504107][ T5035] RSP: 002b:00007f897ae9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 65.504126][ T5035] RAX: ffffffffffffffda RBX: 00007f897ca65fa0 RCX: 00007f897c83e9a9 [ 65.504138][ T5035] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 000000000000000c [ 65.504150][ T5035] RBP: 00007f897ae9f090 R08: 0000000000000028 R09: 0000000000000000 [ 65.504162][ T5035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.504205][ T5035] R13: 0000000000000000 R14: 00007f897ca65fa0 R15: 00007ffe79b44ec8 [ 65.504224][ T5035] [ 65.531567][ T5043] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.542: Invalid block bitmap block 0 in block_group 0 [ 65.567024][ T29] audit: type=1326 audit(1753804900.826:3052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 65.615802][ T5043] Quota error (device loop1): write_blk: dquota write failed [ 65.619893][ T29] audit: type=1326 audit(1753804900.826:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 65.625095][ T5043] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 65.630105][ T29] audit: type=1326 audit(1753804900.826:3054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 65.657748][ T5059] loop0: detected capacity change from 0 to 4096 [ 65.659143][ T29] audit: type=1326 audit(1753804900.826:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 65.695558][ T5043] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.542: Failed to acquire dquot type 0 [ 65.698063][ T29] audit: type=1326 audit(1753804900.826:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 65.737840][ T5059] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 65.749364][ T29] audit: type=1326 audit(1753804900.826:3057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5044 comm="syz.4.543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 65.781086][ T5043] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.542: Freeing blocks not in datazone - block = 0, count = 4096 [ 65.799892][ T5059] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #3: comm syz.0.545: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 65.811111][ T5043] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.542: Invalid inode bitmap blk 0 in block_group 0 [ 65.819719][ T5059] EXT4-fs error (device loop0): ext4_quota_enable:7127: comm syz.0.545: Bad quota inode: 3, type: 0 [ 65.845706][ T5043] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem [ 65.852798][ T3444] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 0 [ 65.880842][ T5059] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 65.893573][ T3298] EXT4-fs unmount: 52 callbacks suppressed [ 65.893590][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 65.919593][ T5059] EXT4-fs (loop0): mount failed [ 65.954521][ T5043] EXT4-fs (loop1): 1 orphan inode deleted [ 66.081002][ T5043] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.132638][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.142809][ T178] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0 [ 66.315638][ T5075] atomic_op ffff888119675928 conn xmit_atomic 0000000000000000 [ 66.440446][ T5083] netlink: 'syz.0.552': attribute type 3 has an invalid length. [ 66.515518][ T5090] netlink: 'syz.2.554': attribute type 10 has an invalid length. [ 66.525156][ T5090] geneve1: entered promiscuous mode [ 66.531964][ T5090] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.540319][ T5090] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.548618][ T5090] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.557094][ T5090] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.567911][ T5090] bond0: (slave geneve1): Enslaving as an active interface with an up link [ 66.745867][ T5100] netlink: 8 bytes leftover after parsing attributes in process `syz.2.557'. [ 66.794868][ T5104] netlink: 48 bytes leftover after parsing attributes in process `syz.2.559'. [ 66.920169][ T5110] loop3: detected capacity change from 0 to 512 [ 66.927146][ T5110] msdos: Bad value for 'check' [ 67.126685][ T5123] loop4: detected capacity change from 0 to 164 [ 67.389961][ T5125] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12) [ 67.396658][ T5125] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 67.404344][ T5125] vhci_hcd vhci_hcd.0: Device attached [ 67.532918][ T5141] loop3: detected capacity change from 0 to 512 [ 67.548533][ T5141] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 67.579326][ T5141] EXT4-fs (loop3): 1 truncate cleaned up [ 67.586998][ T5141] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.641254][ T1051] usb 3-1: new high-speed USB device number 2 using vhci_hcd [ 67.984401][ T5132] vhci_hcd: connection reset by peer [ 68.061161][ T31] vhci_hcd: stop threads [ 68.065692][ T31] vhci_hcd: release socket [ 68.070121][ T31] vhci_hcd: disconnect device [ 68.179815][ T5141] syz.3.571 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 68.194113][ T5141] CPU: 1 UID: 0 PID: 5141 Comm: syz.3.571 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 68.194194][ T5141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 68.194207][ T5141] Call Trace: [ 68.194265][ T5141] [ 68.194273][ T5141] __dump_stack+0x1d/0x30 [ 68.194296][ T5141] dump_stack_lvl+0xe8/0x140 [ 68.194321][ T5141] dump_stack+0x15/0x1b [ 68.194338][ T5141] dump_header+0x81/0x220 [ 68.194366][ T5141] oom_kill_process+0x334/0x3f0 [ 68.194403][ T5141] out_of_memory+0x979/0xb80 [ 68.194431][ T5141] try_charge_memcg+0x5e6/0x9e0 [ 68.194536][ T5141] obj_cgroup_charge_pages+0xa6/0x150 [ 68.194566][ T5141] __memcg_kmem_charge_page+0x9f/0x170 [ 68.194590][ T5141] __alloc_frozen_pages_noprof+0x188/0x360 [ 68.194659][ T5141] alloc_pages_mpol+0xb3/0x250 [ 68.194684][ T5141] alloc_pages_noprof+0x90/0x130 [ 68.194714][ T5141] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 68.194828][ T5141] __kvmalloc_node_noprof+0x30f/0x4e0 [ 68.194851][ T5141] ? ip_set_alloc+0x1f/0x30 [ 68.194867][ T5141] ? ip_set_alloc+0x1f/0x30 [ 68.194901][ T5141] ? __kmalloc_cache_noprof+0x189/0x320 [ 68.195050][ T5141] ip_set_alloc+0x1f/0x30 [ 68.195111][ T5141] hash_netiface_create+0x282/0x740 [ 68.195135][ T5141] ? __pfx_hash_netiface_create+0x10/0x10 [ 68.195158][ T5141] ip_set_create+0x3cc/0x960 [ 68.195196][ T5141] ? __nla_parse+0x40/0x60 [ 68.195281][ T5141] nfnetlink_rcv_msg+0x4c3/0x590 [ 68.195321][ T5141] netlink_rcv_skb+0x120/0x220 [ 68.195387][ T5141] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 68.195416][ T5141] nfnetlink_rcv+0x16b/0x1690 [ 68.195447][ T5141] ? __kfree_skb+0x109/0x150 [ 68.195534][ T5141] ? nlmon_xmit+0x4f/0x60 [ 68.195556][ T5141] ? consume_skb+0x49/0x150 [ 68.195576][ T5141] ? nlmon_xmit+0x4f/0x60 [ 68.195682][ T5141] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 68.195710][ T5141] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 68.195772][ T5141] ? __dev_queue_xmit+0x182/0x1fb0 [ 68.195794][ T5141] ? ref_tracker_free+0x37d/0x3e0 [ 68.195825][ T5141] ? __netlink_deliver_tap+0x4dc/0x500 [ 68.195902][ T5141] netlink_unicast+0x5a5/0x680 [ 68.195922][ T5141] netlink_sendmsg+0x58b/0x6b0 [ 68.195943][ T5141] ? __pfx_netlink_sendmsg+0x10/0x10 [ 68.196039][ T5141] __sock_sendmsg+0x142/0x180 [ 68.196077][ T5141] ____sys_sendmsg+0x31e/0x4e0 [ 68.196215][ T5141] ___sys_sendmsg+0x17b/0x1d0 [ 68.196308][ T5141] __x64_sys_sendmsg+0xd4/0x160 [ 68.196338][ T5141] x64_sys_call+0x191e/0x2ff0 [ 68.196363][ T5141] do_syscall_64+0xd2/0x200 [ 68.196384][ T5141] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 68.196407][ T5141] ? clear_bhb_loop+0x40/0x90 [ 68.196477][ T5141] ? clear_bhb_loop+0x40/0x90 [ 68.196502][ T5141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.196525][ T5141] RIP: 0033:0x7fa898bee9a9 [ 68.196545][ T5141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.196561][ T5141] RSP: 002b:00007fa89724f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.196579][ T5141] RAX: ffffffffffffffda RBX: 00007fa898e15fa0 RCX: 00007fa898bee9a9 [ 68.196591][ T5141] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000004 [ 68.196603][ T5141] RBP: 00007fa898c70d69 R08: 0000000000000000 R09: 0000000000000000 [ 68.196674][ T5141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 68.196720][ T5141] R13: 0000000000000000 R14: 00007fa898e15fa0 R15: 00007ffc3d4c4218 [ 68.196739][ T5141] [ 68.196745][ T5141] memory: usage 307200kB, limit 307200kB, failcnt 1380 [ 68.252234][ T5156] netlink: 20 bytes leftover after parsing attributes in process `syz.2.576'. [ 68.252330][ T5141] memory+swap: usage 307636kB, limit 9007199254740988kB, failcnt 0 [ 68.252343][ T5141] kmem: usage 307184kB, limit 9007199254740988kB, failcnt 0 [ 68.252354][ T5141] Memory cgroup stats for /syz3: [ 68.583202][ T5141] cache 8192 [ 68.592320][ T5141] rss 4096 [ 68.595437][ T5141] shmem 0 [ 68.598669][ T5141] mapped_file 0 [ 68.602477][ T5141] dirty 0 [ 68.605484][ T5141] writeback 4096 [ 68.609049][ T5141] workingset_refault_anon 622 [ 68.613902][ T5141] workingset_refault_file 481 [ 68.618719][ T5141] swap 446464 [ 68.622211][ T5141] swapcached 8192 [ 68.625897][ T5141] pgpgin 54554 [ 68.629294][ T5141] pgpgout 54550 [ 68.632840][ T5141] pgfault 36974 [ 68.636492][ T5141] pgmajfault 192 [ 68.640442][ T5141] inactive_anon 8192 [ 68.645648][ T5141] active_anon 0 [ 68.650022][ T5141] inactive_file 8192 [ 68.654031][ T5141] active_file 0 [ 68.657569][ T5141] unevictable 0 [ 68.661123][ T5141] hierarchical_memory_limit 314572800 [ 68.666598][ T5141] hierarchical_memsw_limit 9223372036854771712 [ 68.673062][ T5141] total_cache 8192 [ 68.676784][ T5141] total_rss 4096 [ 68.680431][ T5141] total_shmem 0 [ 68.683955][ T5141] total_mapped_file 0 [ 68.687971][ T5141] total_dirty 0 [ 68.691638][ T5141] total_writeback 4096 [ 68.695763][ T5141] total_workingset_refault_anon 622 [ 68.700970][ T5141] total_workingset_refault_file 481 [ 68.706413][ T5141] total_swap 446464 [ 68.710410][ T5141] total_swapcached 8192 [ 68.714797][ T5141] total_pgpgin 54554 [ 68.718794][ T5141] total_pgpgout 54550 [ 68.723387][ T5141] total_pgfault 36974 [ 68.727377][ T5141] total_pgmajfault 192 [ 68.731603][ T5141] total_inactive_anon 8192 [ 68.736204][ T5141] total_active_anon 0 [ 68.740278][ T5141] total_inactive_file 8192 [ 68.744760][ T5141] total_active_file 0 [ 68.748739][ T5141] total_unevictable 0 [ 68.752769][ T5141] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.571,pid=5140,uid=0 [ 68.767518][ T5141] Memory cgroup out of memory: Killed process 5140 (syz.3.571) total-vm:93628kB, anon-rss:1072kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 69.005663][ T5170] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 69.034846][ T5170] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 69.050060][ T5172] xt_CT: You must specify a L4 protocol and not use inversions on it [ 69.079696][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.107016][ T5175] FAULT_INJECTION: forcing a failure. [ 69.107016][ T5175] name failslab, interval 1, probability 0, space 0, times 0 [ 69.120371][ T5175] CPU: 1 UID: 0 PID: 5175 Comm: syz.3.584 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 69.120396][ T5175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 69.120408][ T5175] Call Trace: [ 69.120414][ T5175] [ 69.120420][ T5175] __dump_stack+0x1d/0x30 [ 69.120494][ T5175] dump_stack_lvl+0xe8/0x140 [ 69.120510][ T5175] dump_stack+0x15/0x1b [ 69.120523][ T5175] should_fail_ex+0x265/0x280 [ 69.120572][ T5175] should_failslab+0x8c/0xb0 [ 69.120594][ T5175] __kmalloc_node_track_caller_noprof+0xa4/0x410 [ 69.120623][ T5175] ? v9fs_session_init+0x78/0xde0 [ 69.120668][ T5175] kstrdup+0x3e/0xd0 [ 69.120685][ T5175] v9fs_session_init+0x78/0xde0 [ 69.120779][ T5175] ? __rcu_read_unlock+0x4f/0x70 [ 69.120877][ T5175] ? avc_has_perm_noaudit+0x1b1/0x200 [ 69.120904][ T5175] ? should_fail_ex+0xdb/0x280 [ 69.120922][ T5175] ? v9fs_mount+0x51/0x5c0 [ 69.120950][ T5175] ? should_failslab+0x8c/0xb0 [ 69.121004][ T5175] ? __kmalloc_cache_noprof+0x189/0x320 [ 69.121085][ T5175] v9fs_mount+0x67/0x5c0 [ 69.121144][ T5175] ? selinux_capable+0x31/0x40 [ 69.121242][ T5175] ? __pfx_v9fs_mount+0x10/0x10 [ 69.121270][ T5175] legacy_get_tree+0x78/0xd0 [ 69.121310][ T5175] vfs_get_tree+0x54/0x1d0 [ 69.121340][ T5175] do_new_mount+0x207/0x5e0 [ 69.121376][ T5175] ? security_capable+0x83/0x90 [ 69.121456][ T5175] path_mount+0x4a4/0xb20 [ 69.121484][ T5175] ? user_path_at+0x109/0x130 [ 69.121509][ T5175] __se_sys_mount+0x28f/0x2e0 [ 69.121539][ T5175] ? fput+0x8f/0xc0 [ 69.121610][ T5175] __x64_sys_mount+0x67/0x80 [ 69.121640][ T5175] x64_sys_call+0x2b4d/0x2ff0 [ 69.121739][ T5175] do_syscall_64+0xd2/0x200 [ 69.121761][ T5175] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 69.121853][ T5175] ? clear_bhb_loop+0x40/0x90 [ 69.121928][ T5175] ? clear_bhb_loop+0x40/0x90 [ 69.121946][ T5175] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.122010][ T5175] RIP: 0033:0x7fa898bee9a9 [ 69.122045][ T5175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.122062][ T5175] RSP: 002b:00007fa89724f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 69.122083][ T5175] RAX: ffffffffffffffda RBX: 00007fa898e15fa0 RCX: 00007fa898bee9a9 [ 69.122096][ T5175] RDX: 00002000000002c0 RSI: 0000200000000280 RDI: 0000000000000000 [ 69.122108][ T5175] RBP: 00007fa89724f090 R08: 0000200000000300 R09: 0000000000000000 [ 69.122121][ T5175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 69.122133][ T5175] R13: 0000000000000000 R14: 00007fa898e15fa0 R15: 00007ffc3d4c4218 [ 69.122193][ T5175] [ 69.162874][ T5180] loop4: detected capacity change from 0 to 1024 [ 69.215561][ T5182] netlink: 'syz.0.581': attribute type 1 has an invalid length. [ 69.250024][ T5185] netlink: 20 bytes leftover after parsing attributes in process `syz.3.587'. [ 69.252204][ T5182] netlink: 224 bytes leftover after parsing attributes in process `syz.0.581'. [ 69.463982][ T5180] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 69.480649][ T5193] netlink: 8 bytes leftover after parsing attributes in process `syz.3.589'. [ 69.482196][ T5180] ext4 filesystem being mounted at /142/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 69.494466][ T5193] loop3: detected capacity change from 0 to 1024 [ 69.510843][ T5193] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 69.521982][ T5193] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 69.538004][ T5193] JBD2: no valid journal superblock found [ 69.544054][ T5193] EXT4-fs (loop3): Could not load journal inode [ 69.589188][ T5197] loop1: detected capacity change from 0 to 4096 [ 69.602619][ T5197] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.643247][ T5202] FAULT_INJECTION: forcing a failure. [ 69.643247][ T5202] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 69.656649][ T5202] CPU: 0 UID: 0 PID: 5202 Comm: syz.3.591 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 69.656751][ T5202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 69.656764][ T5202] Call Trace: [ 69.656771][ T5202] [ 69.656779][ T5202] __dump_stack+0x1d/0x30 [ 69.656800][ T5202] dump_stack_lvl+0xe8/0x140 [ 69.656848][ T5202] dump_stack+0x15/0x1b [ 69.656863][ T5202] should_fail_ex+0x265/0x280 [ 69.656923][ T5202] should_fail_alloc_page+0xf2/0x100 [ 69.656944][ T5202] __alloc_frozen_pages_noprof+0xff/0x360 [ 69.657032][ T5202] alloc_pages_mpol+0xb3/0x250 [ 69.657075][ T5202] alloc_pages_noprof+0x90/0x130 [ 69.657101][ T5202] kimage_alloc_control_pages+0x2ec/0x7d0 [ 69.657188][ T5202] do_kexec_load+0x2c6/0x510 [ 69.657219][ T5202] __se_sys_kexec_load+0x134/0x160 [ 69.657280][ T5202] __x64_sys_kexec_load+0x55/0x70 [ 69.657320][ T5202] x64_sys_call+0x2898/0x2ff0 [ 69.657340][ T5202] do_syscall_64+0xd2/0x200 [ 69.657361][ T5202] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 69.657475][ T5202] ? clear_bhb_loop+0x40/0x90 [ 69.657496][ T5202] ? clear_bhb_loop+0x40/0x90 [ 69.657516][ T5202] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.657535][ T5202] RIP: 0033:0x7fa898bee9a9 [ 69.657549][ T5202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.657579][ T5202] RSP: 002b:00007fa89724f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 69.657668][ T5202] RAX: ffffffffffffffda RBX: 00007fa898e15fa0 RCX: 00007fa898bee9a9 [ 69.657681][ T5202] RDX: 0000200000000140 RSI: 0000000000000001 RDI: 0000000000000000 [ 69.657693][ T5202] RBP: 00007fa89724f090 R08: 0000000000000000 R09: 0000000000000000 [ 69.657705][ T5202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 69.657717][ T5202] R13: 0000000000000000 R14: 00007fa898e15fa0 R15: 00007ffc3d4c4218 [ 69.657734][ T5202] [ 69.657811][ T5202] kexec: Could not allocate control_code_buffer [ 69.867402][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 69.928226][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.958419][ T5211] loop3: detected capacity change from 0 to 512 [ 70.004558][ T5211] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 70.034254][ T5211] EXT4-fs (loop3): 1 truncate cleaned up [ 70.040464][ T5211] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.186317][ T5226] loop0: detected capacity change from 0 to 512 [ 70.193488][ T5226] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 70.216904][ T5226] EXT4-fs (loop0): 1 truncate cleaned up [ 70.224376][ T5226] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.386876][ T5237] loop4: detected capacity change from 0 to 2048 [ 70.400707][ T5239] netlink: 'syz.2.604': attribute type 10 has an invalid length. [ 70.423914][ T5237] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.425274][ T5239] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 70.500514][ T29] kauditd_printk_skb: 443 callbacks suppressed [ 70.500529][ T29] audit: type=1400 audit(1753804905.866:3499): avc: denied { read } for pid=5236 comm="syz.4.605" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 70.548707][ T5245] FAULT_INJECTION: forcing a failure. [ 70.548707][ T5245] name failslab, interval 1, probability 0, space 0, times 0 [ 70.561392][ T5245] CPU: 1 UID: 0 PID: 5245 Comm: syz.2.607 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 70.561417][ T5245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 70.561429][ T5245] Call Trace: [ 70.561435][ T5245] [ 70.561442][ T5245] __dump_stack+0x1d/0x30 [ 70.561462][ T5245] dump_stack_lvl+0xe8/0x140 [ 70.561480][ T5245] dump_stack+0x15/0x1b [ 70.561495][ T5245] should_fail_ex+0x265/0x280 [ 70.561516][ T5245] should_failslab+0x8c/0xb0 [ 70.561537][ T5245] kmem_cache_alloc_noprof+0x50/0x310 [ 70.561560][ T5245] ? mas_alloc_nodes+0x265/0x520 [ 70.561581][ T5245] mas_alloc_nodes+0x265/0x520 [ 70.561601][ T5245] mas_preallocate+0x33e/0x520 [ 70.561625][ T5245] mmap_region+0xb7e/0x1580 [ 70.561665][ T5245] do_mmap+0x9b3/0xbe0 [ 70.561691][ T5245] vm_mmap_pgoff+0x17a/0x2e0 [ 70.561713][ T5245] ksys_mmap_pgoff+0x2d0/0x310 [ 70.561739][ T5245] x64_sys_call+0x14a3/0x2ff0 [ 70.561755][ T5245] do_syscall_64+0xd2/0x200 [ 70.561776][ T5245] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 70.561800][ T5245] ? clear_bhb_loop+0x40/0x90 [ 70.561819][ T5245] ? clear_bhb_loop+0x40/0x90 [ 70.561839][ T5245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.561856][ T5245] RIP: 0033:0x7f897c83e9a9 [ 70.561869][ T5245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.561884][ T5245] RSP: 002b:00007f897ae9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 70.561903][ T5245] RAX: ffffffffffffffda RBX: 00007f897ca65fa0 RCX: 00007f897c83e9a9 [ 70.561915][ T5245] RDX: 0000000000000000 RSI: 0000000001400000 RDI: 0000200000000000 [ 70.561928][ T5245] RBP: 00007f897ae9f090 R08: ffffffffffffffff R09: 0000000000000000 [ 70.561940][ T5245] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000002 [ 70.561953][ T5245] R13: 0000000000000001 R14: 00007f897ca65fa0 R15: 00007ffe79b44ec8 [ 70.561969][ T5245] [ 70.569484][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.827440][ T5247] loop2: detected capacity change from 0 to 4096 [ 70.903561][ T5247] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 70.951537][ T5247] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #3: comm syz.2.609: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 71.014496][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.026693][ T5247] EXT4-fs error (device loop2): ext4_quota_enable:7127: comm syz.2.609: Bad quota inode: 3, type: 0 [ 71.070833][ T5247] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 71.115551][ T5263] loop3: detected capacity change from 0 to 2048 [ 71.122157][ T5247] EXT4-fs (loop2): mount failed [ 71.149030][ T5263] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 71.215402][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.277015][ T29] audit: type=1326 audit(1753804906.636:3500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5271 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 71.300536][ T29] audit: type=1326 audit(1753804906.636:3501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5271 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 71.324629][ T29] audit: type=1326 audit(1753804906.636:3502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5271 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 71.348348][ T29] audit: type=1326 audit(1753804906.636:3503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5271 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 71.372116][ T29] audit: type=1326 audit(1753804906.636:3504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5271 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 71.395713][ T29] audit: type=1326 audit(1753804906.636:3505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5271 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 71.419777][ T29] audit: type=1326 audit(1753804906.636:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5271 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 71.443601][ T29] audit: type=1326 audit(1753804906.636:3507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5271 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 71.453518][ T5268] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, [ 71.466958][ T29] audit: type=1326 audit(1753804906.636:3508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5271 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 71.498702][ T5268] block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 71.512824][ T5268] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 888 with error 28 [ 71.525609][ T5268] EXT4-fs (loop3): This should not happen!! Data will be lost [ 71.525609][ T5268] [ 71.535354][ T5268] EXT4-fs (loop3): Total free blocks count 0 [ 71.541426][ T5268] EXT4-fs (loop3): Free/Dirty block details [ 71.547533][ T5268] EXT4-fs (loop3): free_blocks=2415919104 [ 71.553410][ T5268] EXT4-fs (loop3): dirty_blocks=896 [ 71.558612][ T5268] EXT4-fs (loop3): Block reservation details [ 71.564674][ T5268] EXT4-fs (loop3): i_reserved_data_blocks=56 [ 71.568777][ T5287] loop4: detected capacity change from 0 to 512 [ 71.581394][ T5261] loop1: detected capacity change from 0 to 164 [ 71.611450][ T5261] ISOFS: unable to read i-node block [ 71.620042][ T5261] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 71.633575][ T5287] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 71.663606][ T5287] EXT4-fs (loop4): 1 truncate cleaned up [ 71.677992][ T5287] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.714073][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.726598][ T51] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28 [ 71.789603][ T5298] netlink: 'syz.3.625': attribute type 1 has an invalid length. [ 71.844862][ T5277] netlink: 'syz.0.617': attribute type 1 has an invalid length. [ 71.942460][ T5306] loop3: detected capacity change from 0 to 512 [ 71.969452][ T5308] netlink: 'syz.0.629': attribute type 3 has an invalid length. [ 71.982981][ T5306] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 72.015762][ T5306] EXT4-fs (loop3): 1 truncate cleaned up [ 72.022593][ T5306] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.088139][ T5316] loop1: detected capacity change from 0 to 4096 [ 72.106584][ T5316] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 72.179818][ T5318] loop0: detected capacity change from 0 to 1024 [ 72.206041][ T5316] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #3: comm syz.1.633: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 72.233985][ T5318] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 72.330096][ T5316] EXT4-fs error (device loop1): ext4_quota_enable:7127: comm syz.1.633: Bad quota inode: 3, type: 0 [ 72.349108][ T5318] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.634: Invalid block bitmap block 0 in block_group 0 [ 72.365274][ T5316] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 72.391632][ T5318] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.634: Failed to acquire dquot type 0 [ 72.411516][ T5316] EXT4-fs (loop1): mount failed [ 72.417141][ T5318] EXT4-fs error (device loop0): ext4_free_blocks:6587: comm syz.0.634: Freeing blocks not in datazone - block = 0, count = 4096 [ 72.446222][ T5318] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.634: Invalid inode bitmap blk 0 in block_group 0 [ 72.472072][ T3444] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 0 [ 72.503688][ T5318] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 72.542551][ T5318] EXT4-fs (loop0): 1 orphan inode deleted [ 72.546548][ T5324] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.549256][ T5318] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.555788][ T5324] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.602639][ T5324] bridge0: entered allmulticast mode [ 72.630287][ T5327] bridge_slave_1: left allmulticast mode [ 72.636227][ T5327] bridge_slave_1: left promiscuous mode [ 72.641960][ T5327] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.652829][ T5328] loop2: detected capacity change from 0 to 164 [ 72.660119][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.678820][ T178] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:4: Failed to release dquot type 0 [ 72.721792][ T5330] netlink: 'syz.0.637': attribute type 1 has an invalid length. [ 72.739872][ T5327] bridge_slave_0: left allmulticast mode [ 72.745846][ T5327] bridge_slave_0: left promiscuous mode [ 72.751772][ T5327] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.763124][ T1051] vhci_hcd: vhci_device speed not set [ 72.816588][ T5306] syz.3.630 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 72.831477][ T5306] CPU: 0 UID: 0 PID: 5306 Comm: syz.3.630 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 72.831504][ T5306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 72.831517][ T5306] Call Trace: [ 72.831524][ T5306] [ 72.831533][ T5306] __dump_stack+0x1d/0x30 [ 72.831627][ T5306] dump_stack_lvl+0xe8/0x140 [ 72.831710][ T5306] dump_stack+0x15/0x1b [ 72.831728][ T5306] dump_header+0x81/0x220 [ 72.831762][ T5306] oom_kill_process+0x334/0x3f0 [ 72.831793][ T5306] out_of_memory+0x979/0xb80 [ 72.831855][ T5306] try_charge_memcg+0x5e6/0x9e0 [ 72.831898][ T5306] obj_cgroup_charge_pages+0xa6/0x150 [ 72.831928][ T5306] __memcg_kmem_charge_page+0x9f/0x170 [ 72.831954][ T5306] __alloc_frozen_pages_noprof+0x188/0x360 [ 72.832001][ T5306] alloc_pages_mpol+0xb3/0x250 [ 72.832033][ T5306] alloc_pages_noprof+0x90/0x130 [ 72.832057][ T5306] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 72.832160][ T5306] __kvmalloc_node_noprof+0x30f/0x4e0 [ 72.832185][ T5306] ? ip_set_alloc+0x1f/0x30 [ 72.832202][ T5306] ? ip_set_alloc+0x1f/0x30 [ 72.832275][ T5306] ? __kmalloc_cache_noprof+0x189/0x320 [ 72.832304][ T5306] ip_set_alloc+0x1f/0x30 [ 72.832324][ T5306] hash_netiface_create+0x282/0x740 [ 72.832347][ T5306] ? __pfx_hash_netiface_create+0x10/0x10 [ 72.832369][ T5306] ip_set_create+0x3cc/0x960 [ 72.832476][ T5306] ? __nla_parse+0x40/0x60 [ 72.832500][ T5306] nfnetlink_rcv_msg+0x4c3/0x590 [ 72.832547][ T5306] netlink_rcv_skb+0x120/0x220 [ 72.832580][ T5306] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 72.832611][ T5306] nfnetlink_rcv+0x16b/0x1690 [ 72.832668][ T5306] ? __kfree_skb+0x109/0x150 [ 72.832688][ T5306] ? nlmon_xmit+0x4f/0x60 [ 72.832709][ T5306] ? consume_skb+0x49/0x150 [ 72.832728][ T5306] ? nlmon_xmit+0x4f/0x60 [ 72.832758][ T5306] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 72.832858][ T5306] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 72.832882][ T5306] ? __dev_queue_xmit+0x182/0x1fb0 [ 72.832925][ T5306] ? ref_tracker_free+0x37d/0x3e0 [ 72.832957][ T5306] ? __netlink_deliver_tap+0x4dc/0x500 [ 72.832985][ T5306] netlink_unicast+0x5a5/0x680 [ 72.833005][ T5306] netlink_sendmsg+0x58b/0x6b0 [ 72.833028][ T5306] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.833056][ T5306] __sock_sendmsg+0x142/0x180 [ 72.833134][ T5306] ____sys_sendmsg+0x31e/0x4e0 [ 72.833157][ T5306] ___sys_sendmsg+0x17b/0x1d0 [ 72.833195][ T5306] __x64_sys_sendmsg+0xd4/0x160 [ 72.833224][ T5306] x64_sys_call+0x191e/0x2ff0 [ 72.833279][ T5306] do_syscall_64+0xd2/0x200 [ 72.833304][ T5306] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 72.833372][ T5306] ? clear_bhb_loop+0x40/0x90 [ 72.833391][ T5306] ? clear_bhb_loop+0x40/0x90 [ 72.833410][ T5306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.833428][ T5306] RIP: 0033:0x7fa898bee9a9 [ 72.833526][ T5306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.833597][ T5306] RSP: 002b:00007fa89724f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.833615][ T5306] RAX: ffffffffffffffda RBX: 00007fa898e15fa0 RCX: 00007fa898bee9a9 [ 72.833626][ T5306] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000004 [ 72.833638][ T5306] RBP: 00007fa898c70d69 R08: 0000000000000000 R09: 0000000000000000 [ 72.833649][ T5306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 72.833662][ T5306] R13: 0000000000000000 R14: 00007fa898e15fa0 R15: 00007ffc3d4c4218 [ 72.833683][ T5306] [ 72.833690][ T5306] memory: usage 307200kB, limit 307200kB, failcnt 1682 [ 72.896123][ T5322] loop4: detected capacity change from 0 to 32768 [ 72.902316][ T5306] memory+swap: usage 307640kB, limit 9007199254740988kB, failcnt 0 [ 72.902333][ T5306] kmem: usage 307192kB, limit 9007199254740988kB, failcnt 0 [ 72.902344][ T5306] Memory cgroup stats for /syz3: [ 72.977440][ T5334] futex_wake_op: syz.4.635 tries to shift op by -1; fix this program [ 72.990017][ T5306] cache 4096 [ 73.231302][ T5306] rss 0 [ 73.231335][ T5306] shmem 0 [ 73.231340][ T5306] mapped_file 0 [ 73.231346][ T5306] dirty 0 [ 73.231352][ T5306] writeback 0 [ 73.231358][ T5306] workingset_refault_anon 889 [ 73.231365][ T5306] workingset_refault_file 683 [ 73.231371][ T5306] swap 450560 [ 73.231378][ T5306] swapcached 4096 [ 73.231384][ T5306] pgpgin 56729 [ 73.231427][ T5306] pgpgout 56727 [ 73.231433][ T5306] pgfault 39423 [ 73.231440][ T5306] pgmajfault 247 [ 73.231446][ T5306] inactive_anon 4096 [ 73.283483][ T5306] active_anon 0 [ 73.287046][ T5306] inactive_file 4096 [ 73.291255][ T5306] active_file 0 [ 73.295766][ T5306] unevictable 0 [ 73.299247][ T5306] hierarchical_memory_limit 314572800 [ 73.304872][ T5306] hierarchical_memsw_limit 9223372036854771712 [ 73.311457][ T5306] total_cache 4096 [ 73.315326][ T5306] total_rss 0 [ 73.318709][ T5306] total_shmem 0 [ 73.322388][ T5306] total_mapped_file 0 [ 73.326416][ T5306] total_dirty 0 [ 73.329982][ T5306] total_writeback 0 [ 73.333936][ T5306] total_workingset_refault_anon 889 [ 73.339324][ T5306] total_workingset_refault_file 683 [ 73.344621][ T5306] total_swap 450560 [ 73.348485][ T5306] total_swapcached 4096 [ 73.352893][ T5306] total_pgpgin 56729 [ 73.357015][ T5306] total_pgpgout 56727 [ 73.361248][ T5306] total_pgfault 39423 [ 73.365411][ T5306] total_pgmajfault 247 [ 73.369468][ T5306] total_inactive_anon 4096 [ 73.374217][ T5306] total_active_anon 0 [ 73.378241][ T5306] total_inactive_file 4096 [ 73.383210][ T5306] total_active_file 0 [ 73.387300][ T5306] total_unevictable 0 [ 73.391332][ T5306] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.630,pid=5305,uid=0 [ 73.406454][ T5306] Memory cgroup out of memory: Killed process 5305 (syz.3.630) total-vm:93628kB, anon-rss:944kB, file-rss:22440kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 73.474220][ T5055] loop4: p1 p3 < > [ 73.499856][ T5322] loop4: p1 p3 < > [ 73.531230][ T5343] netlink: 'syz.0.642': attribute type 3 has an invalid length. [ 73.583372][ T5351] loop2: detected capacity change from 0 to 164 [ 73.645795][ T5054] udevd[5054]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 73.657998][ T5055] udevd[5055]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 73.690070][ T5055] udevd[5055]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 73.701688][ T5054] udevd[5054]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 73.719646][ T5358] loop4: detected capacity change from 0 to 1024 [ 73.754757][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.766952][ T5358] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 73.793960][ T5362] __nla_validate_parse: 1 callbacks suppressed [ 73.793976][ T5362] netlink: 20 bytes leftover after parsing attributes in process `syz.1.650'. [ 73.810394][ T5358] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.647: Invalid block bitmap block 0 in block_group 0 [ 73.824401][ T5358] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.647: Failed to acquire dquot type 0 [ 73.836617][ T5358] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.647: Freeing blocks not in datazone - block = 0, count = 4096 [ 73.889292][ T5358] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.647: Invalid inode bitmap blk 0 in block_group 0 [ 73.903393][ T51] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0 [ 73.943249][ T5364] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 73.953195][ T5358] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem [ 73.977301][ T5364] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 73.998763][ T5358] EXT4-fs (loop4): 1 orphan inode deleted [ 74.023510][ T5358] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.049320][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.062347][ T293] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0 [ 74.069097][ T5369] netlink: 'syz.3.649': attribute type 1 has an invalid length. [ 74.082019][ T5369] netlink: 224 bytes leftover after parsing attributes in process `syz.3.649'. [ 74.501618][ T5373] loop2: detected capacity change from 0 to 164 [ 74.576276][ T5379] loop0: detected capacity change from 0 to 512 [ 74.590172][ T5379] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 74.604102][ T5379] EXT4-fs (loop0): 1 truncate cleaned up [ 74.612028][ T5379] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.642707][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.829807][ T5389] FAULT_INJECTION: forcing a failure. [ 74.829807][ T5389] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 74.843670][ T5389] CPU: 1 UID: 0 PID: 5389 Comm: syz.1.658 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 74.843707][ T5389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 74.843717][ T5389] Call Trace: [ 74.843724][ T5389] [ 74.843730][ T5389] __dump_stack+0x1d/0x30 [ 74.843817][ T5389] dump_stack_lvl+0xe8/0x140 [ 74.843834][ T5389] dump_stack+0x15/0x1b [ 74.843847][ T5389] should_fail_ex+0x265/0x280 [ 74.843871][ T5389] should_fail+0xb/0x20 [ 74.843893][ T5389] should_fail_usercopy+0x1a/0x20 [ 74.843926][ T5389] _copy_from_user+0x1c/0xb0 [ 74.843955][ T5389] ___sys_sendmsg+0xc1/0x1d0 [ 74.843991][ T5389] __x64_sys_sendmsg+0xd4/0x160 [ 74.844014][ T5389] x64_sys_call+0x191e/0x2ff0 [ 74.844094][ T5389] do_syscall_64+0xd2/0x200 [ 74.844117][ T5389] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 74.844140][ T5389] ? clear_bhb_loop+0x40/0x90 [ 74.844160][ T5389] ? clear_bhb_loop+0x40/0x90 [ 74.844177][ T5389] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.844203][ T5389] RIP: 0033:0x7f54a5cbe9a9 [ 74.844220][ T5389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.844317][ T5389] RSP: 002b:00007f54a4327038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.844335][ T5389] RAX: ffffffffffffffda RBX: 00007f54a5ee5fa0 RCX: 00007f54a5cbe9a9 [ 74.844349][ T5389] RDX: 0000000000048090 RSI: 0000200000000100 RDI: 0000000000000005 [ 74.844413][ T5389] RBP: 00007f54a4327090 R08: 0000000000000000 R09: 0000000000000000 [ 74.844424][ T5389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 74.844436][ T5389] R13: 0000000000000000 R14: 00007f54a5ee5fa0 R15: 00007ffd500f5cc8 [ 74.844456][ T5389] [ 75.061610][ T5390] loop3: detected capacity change from 0 to 512 [ 75.110352][ T5390] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 75.165038][ T5390] EXT4-fs (loop3): 1 truncate cleaned up [ 75.179604][ T5390] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.221672][ T5394] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 75.230967][ T5394] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 75.276208][ T5399] netlink: 360 bytes leftover after parsing attributes in process `syz.1.661'. [ 75.306208][ T5401] netlink: 'syz.2.662': attribute type 3 has an invalid length. [ 75.321579][ T5397] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 75.561766][ T5411] netlink: 'syz.4.666': attribute type 2 has an invalid length. [ 75.622805][ T29] kauditd_printk_skb: 807 callbacks suppressed [ 75.622817][ T29] audit: type=1326 audit(1753804910.996:4308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b9f3e9a9 code=0x7ffc0000 [ 75.654740][ T29] audit: type=1326 audit(1753804910.996:4309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b9f3e9a9 code=0x7ffc0000 [ 75.680192][ T29] audit: type=1326 audit(1753804911.026:4310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fe5b9f3e9a9 code=0x7ffc0000 [ 75.706291][ T29] audit: type=1326 audit(1753804911.026:4311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b9f3e9a9 code=0x7ffc0000 [ 75.730537][ T29] audit: type=1326 audit(1753804911.026:4312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b9f3e9a9 code=0x7ffc0000 [ 75.787020][ T29] audit: type=1326 audit(1753804911.076:4313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe5b9f3e9a9 code=0x7ffc0000 [ 75.811504][ T29] audit: type=1326 audit(1753804911.076:4314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b9f3e9a9 code=0x7ffc0000 [ 75.836851][ T29] audit: type=1326 audit(1753804911.076:4315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b9f3e9a9 code=0x7ffc0000 [ 75.861602][ T29] audit: type=1326 audit(1753804911.126:4316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe5b9f3e9a9 code=0x7ffc0000 [ 75.887387][ T29] audit: type=1326 audit(1753804911.126:4317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5412 comm="syz.0.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5b9f3e9a9 code=0x7ffc0000 [ 75.936496][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.947681][ T5421] loop0: detected capacity change from 0 to 512 [ 75.960339][ T5421] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 75.979770][ T5421] EXT4-fs (loop0): 1 truncate cleaned up [ 75.986297][ T5421] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.013360][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.038421][ T5426] loop3: detected capacity change from 0 to 512 [ 76.045453][ T5426] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 76.064899][ T5426] EXT4-fs (loop3): 1 truncate cleaned up [ 76.075803][ T5426] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.077091][ T5429] netlink: 'syz.0.673': attribute type 3 has an invalid length. [ 76.216322][ T5434] netlink: 20 bytes leftover after parsing attributes in process `syz.1.675'. [ 76.445127][ T5460] capability: warning: `syz.2.686' uses deprecated v2 capabilities in a way that may be insecure [ 76.587596][ T5469] SELinux: Context system_u:object_r:tetex_data_t:s0 is not valid (left unmapped). [ 76.598967][ T5470] netlink: 'syz.2.689': attribute type 1 has an invalid length. [ 76.606697][ T5470] netlink: 8 bytes leftover after parsing attributes in process `syz.2.689'. [ 76.674349][ T5476] netlink: 20 bytes leftover after parsing attributes in process `syz.2.691'. [ 76.721601][ T5480] netlink: '+}[@': attribute type 4 has an invalid length. [ 76.764302][ T5467] loop0: detected capacity change from 0 to 164 [ 76.771733][ T5467] ISOFS: unable to read i-node block [ 76.777124][ T5467] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 76.799335][ T5484] netlink: 'syz.4.695': attribute type 3 has an invalid length. [ 76.914050][ T5489] loop1: detected capacity change from 0 to 4096 [ 76.946189][ T5489] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 77.008048][ T5489] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #3: comm syz.1.696: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 77.030347][ T5426] syz.3.671 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 77.044690][ T5426] CPU: 1 UID: 0 PID: 5426 Comm: syz.3.671 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 77.044789][ T5426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 77.044800][ T5426] Call Trace: [ 77.044806][ T5426] [ 77.044814][ T5426] __dump_stack+0x1d/0x30 [ 77.044836][ T5426] dump_stack_lvl+0xe8/0x140 [ 77.044857][ T5426] dump_stack+0x15/0x1b [ 77.044892][ T5426] dump_header+0x81/0x220 [ 77.044919][ T5426] oom_kill_process+0x334/0x3f0 [ 77.044984][ T5426] out_of_memory+0x979/0xb80 [ 77.045047][ T5426] try_charge_memcg+0x5e6/0x9e0 [ 77.045251][ T5426] obj_cgroup_charge_pages+0xa6/0x150 [ 77.045278][ T5426] __memcg_kmem_charge_page+0x9f/0x170 [ 77.045311][ T5426] __alloc_frozen_pages_noprof+0x188/0x360 [ 77.045353][ T5426] alloc_pages_mpol+0xb3/0x250 [ 77.045385][ T5426] alloc_pages_noprof+0x90/0x130 [ 77.045410][ T5426] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 77.045539][ T5426] __kvmalloc_node_noprof+0x30f/0x4e0 [ 77.045570][ T5426] ? ip_set_alloc+0x1f/0x30 [ 77.045589][ T5426] ? ip_set_alloc+0x1f/0x30 [ 77.045639][ T5426] ? __kmalloc_cache_noprof+0x189/0x320 [ 77.045669][ T5426] ip_set_alloc+0x1f/0x30 [ 77.045717][ T5426] hash_netiface_create+0x282/0x740 [ 77.045741][ T5426] ? __pfx_hash_netiface_create+0x10/0x10 [ 77.045764][ T5426] ip_set_create+0x3cc/0x960 [ 77.045873][ T5426] ? __nla_parse+0x40/0x60 [ 77.045903][ T5426] nfnetlink_rcv_msg+0x4c3/0x590 [ 77.045989][ T5426] netlink_rcv_skb+0x120/0x220 [ 77.046009][ T5426] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 77.046095][ T5426] nfnetlink_rcv+0x16b/0x1690 [ 77.046197][ T5426] ? __kfree_skb+0x109/0x150 [ 77.046270][ T5426] ? nlmon_xmit+0x4f/0x60 [ 77.046291][ T5426] ? consume_skb+0x49/0x150 [ 77.046307][ T5426] ? nlmon_xmit+0x4f/0x60 [ 77.046333][ T5426] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 77.046360][ T5426] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 77.046430][ T5426] ? __dev_queue_xmit+0x182/0x1fb0 [ 77.046451][ T5426] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.046475][ T5426] ? ref_tracker_free+0x37d/0x3e0 [ 77.046526][ T5426] ? __netlink_deliver_tap+0x4dc/0x500 [ 77.046641][ T5426] netlink_unicast+0x5a5/0x680 [ 77.046665][ T5426] netlink_sendmsg+0x58b/0x6b0 [ 77.046687][ T5426] ? __pfx_netlink_sendmsg+0x10/0x10 [ 77.046707][ T5426] __sock_sendmsg+0x142/0x180 [ 77.046749][ T5426] ____sys_sendmsg+0x31e/0x4e0 [ 77.046770][ T5426] ___sys_sendmsg+0x17b/0x1d0 [ 77.046801][ T5426] __x64_sys_sendmsg+0xd4/0x160 [ 77.046829][ T5426] x64_sys_call+0x191e/0x2ff0 [ 77.046864][ T5426] do_syscall_64+0xd2/0x200 [ 77.046883][ T5426] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 77.046906][ T5426] ? clear_bhb_loop+0x40/0x90 [ 77.046939][ T5426] ? clear_bhb_loop+0x40/0x90 [ 77.046962][ T5426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.046984][ T5426] RIP: 0033:0x7fa898bee9a9 [ 77.046998][ T5426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.047056][ T5426] RSP: 002b:00007fa89724f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 77.047072][ T5426] RAX: ffffffffffffffda RBX: 00007fa898e15fa0 RCX: 00007fa898bee9a9 [ 77.047083][ T5426] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000007 [ 77.047096][ T5426] RBP: 00007fa898c70d69 R08: 0000000000000000 R09: 0000000000000000 [ 77.047107][ T5426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 77.047118][ T5426] R13: 0000000000000000 R14: 00007fa898e15fa0 R15: 00007ffc3d4c4218 [ 77.047133][ T5426] [ 77.047193][ T5426] memory: usage 307200kB, limit 307200kB, failcnt 2147 [ 77.053677][ T5489] EXT4-fs error (device loop1): ext4_quota_enable:7127: comm syz.1.696: Bad quota inode: 3, type: 0 [ 77.059558][ T5426] memory+swap: usage 307672kB, limit 9007199254740988kB, failcnt 0 [ 77.098458][ T5489] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 77.098609][ T5426] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 77.106881][ T5489] EXT4-fs (loop1): mount failed [ 77.108361][ T5426] Memory cgroup stats for /syz3: [ 77.201883][ T5487] loop2: detected capacity change from 0 to 32768 [ 77.206702][ T5426] cache 4096 [ 77.332381][ T5501] netlink: 'syz.4.701': attribute type 1 has an invalid length. [ 77.334297][ T5426] rss 0 [ 77.431440][ T5500] futex_wake_op: syz.2.697 tries to shift op by -1; fix this program [ 77.433244][ T5426] shmem 0 [ 77.494537][ T5506] netlink: 20 bytes leftover after parsing attributes in process `syz.4.703'. [ 77.508009][ T5426] mapped_file 0 [ 77.511506][ T5426] dirty 0 [ 77.514713][ T5426] writeback 0 [ 77.518105][ T5426] workingset_refault_anon 1148 [ 77.523222][ T5426] workingset_refault_file 786 [ 77.528332][ T5426] swap 483328 [ 77.531675][ T5426] swapcached 0 [ 77.535155][ T5426] pgpgin 57465 [ 77.539145][ T5426] pgpgout 57464 [ 77.542674][ T5426] pgfault 40087 [ 77.546139][ T5426] pgmajfault 295 [ 77.549868][ T5426] inactive_anon 0 [ 77.553533][ T5426] active_anon 0 [ 77.557327][ T5426] inactive_file 0 [ 77.560951][ T5426] active_file 4096 [ 77.564778][ T5426] unevictable 0 [ 77.568299][ T5426] hierarchical_memory_limit 314572800 [ 77.574024][ T5426] hierarchical_memsw_limit 9223372036854771712 [ 77.580264][ T5426] total_cache 4096 [ 77.584015][ T5426] total_rss 0 [ 77.587293][ T5426] total_shmem 0 [ 77.590823][ T5426] total_mapped_file 0 [ 77.595077][ T5426] total_dirty 0 [ 77.598611][ T5426] total_writeback 0 [ 77.602441][ T5426] total_workingset_refault_anon 1148 [ 77.608083][ T5426] total_workingset_refault_file 786 [ 77.613455][ T5426] total_swap 483328 [ 77.617850][ T5426] total_swapcached 0 [ 77.622130][ T5426] total_pgpgin 57465 [ 77.626020][ T5426] total_pgpgout 57464 [ 77.630148][ T5426] total_pgfault 40087 [ 77.634157][ T5426] total_pgmajfault 295 [ 77.638560][ T5426] total_inactive_anon 0 [ 77.642751][ T5426] total_active_anon 0 [ 77.646807][ T5426] total_inactive_file 0 [ 77.651122][ T5426] total_active_file 4096 [ 77.655575][ T5426] total_unevictable 0 [ 77.659647][ T5426] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.671,pid=5424,uid=0 [ 77.674920][ T5426] Memory cgroup out of memory: Killed process 5424 (syz.3.671) total-vm:95940kB, anon-rss:944kB, file-rss:22464kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 77.751096][ T5487] loop2: p1 p3 < > [ 77.924953][ T5054] udevd[5054]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 77.946846][ T5055] udevd[5055]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 77.978978][ T5535] loop2: detected capacity change from 0 to 512 [ 78.072310][ T5535] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.712: bg 0: block 5: invalid block bitmap [ 78.094324][ T5535] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 78.143419][ T5535] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.712: invalid indirect mapped block 3 (level 2) [ 78.179661][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.202327][ T5535] EXT4-fs (loop2): 2 truncates cleaned up [ 78.208813][ T5535] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.360462][ T5546] netlink: 132 bytes leftover after parsing attributes in process `syz.2.712'. [ 78.802015][ T5547] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 78.894389][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.944040][ T5572] loop2: detected capacity change from 0 to 512 [ 78.950929][ T5572] EXT4-fs: Ignoring removed bh option [ 78.956804][ T5572] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 78.966669][ T5572] EXT4-fs error (device loop2): __ext4_iget:5374: inode #15: block 1803188595: comm syz.2.727: invalid block [ 78.978605][ T5568] netlink: 4 bytes leftover after parsing attributes in process `syz.0.725'. [ 78.980512][ T5572] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.727: couldn't read orphan inode 15 (err -117) [ 79.001793][ T5572] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.026137][ T5572] EXT4-fs error (device loop2): ext4_lookup:1787: inode #14: comm syz.2.727: invalid fast symlink length 39 [ 79.038312][ T5566] loop4: detected capacity change from 0 to 512 [ 79.041930][ T5572] EXT4-fs error (device loop2): ext4_lookup:1787: inode #14: comm syz.2.727: invalid fast symlink length 39 [ 79.046664][ T5566] EXT4-fs: Ignoring removed nomblk_io_submit option [ 79.084461][ T5576] netlink: 'syz.0.728': attribute type 3 has an invalid length. [ 79.107080][ T5566] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 79.110667][ T5566] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 79.117072][ T5566] EXT4-fs (loop4): 1 truncate cleaned up [ 79.143516][ T5566] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.195746][ T5581] loop0: detected capacity change from 0 to 164 [ 79.205331][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.241393][ T5584] netlink: 'syz.4.730': attribute type 3 has an invalid length. [ 79.300676][ T5587] loop3: detected capacity change from 0 to 512 [ 79.329633][ T5587] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 79.357763][ T5587] EXT4-fs (loop3): 1 truncate cleaned up [ 79.372963][ T5587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.387939][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.493864][ T5588] loop4: detected capacity change from 0 to 32768 [ 79.581656][ T5055] loop4: p1 p3 < > [ 79.601339][ T5588] loop4: p1 p3 < > [ 79.620848][ T5596] futex_wake_op: syz.4.732 tries to shift op by -1; fix this program [ 79.630806][ T2988] udevd[2988]: worker [5055] terminated by signal 33 (Unknown signal 33) [ 79.662675][ T2988] udevd[2988]: worker [5055] failed while handling '/devices/virtual/block/loop4' [ 79.759282][ T4942] udevd[4942]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 79.770838][ T5054] udevd[5054]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 80.004419][ T5608] netlink: 'syz.0.738': attribute type 1 has an invalid length. [ 80.074258][ T5614] loop4: detected capacity change from 0 to 1024 [ 80.085046][ T5614] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 80.102221][ T5614] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.741: Invalid block bitmap block 0 in block_group 0 [ 80.117404][ T5614] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.741: Failed to acquire dquot type 0 [ 80.131436][ T5614] EXT4-fs error (device loop4): ext4_free_blocks:6587: comm syz.4.741: Freeing blocks not in datazone - block = 0, count = 4096 [ 80.147015][ T5614] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.741: Invalid inode bitmap blk 0 in block_group 0 [ 80.160015][ T51] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0 [ 80.181879][ T5614] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem [ 80.196378][ T5614] EXT4-fs (loop4): 1 orphan inode deleted [ 80.204382][ T5614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.235189][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.245104][ T293] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0 [ 80.347527][ T5621] validate_nla: 1 callbacks suppressed [ 80.347541][ T5621] netlink: 'syz.2.743': attribute type 1 has an invalid length. [ 80.372932][ T5587] syz.3.731 (5587) used greatest stack depth: 5904 bytes left [ 80.404638][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.479450][ T5628] veth3: entered promiscuous mode [ 80.493910][ T5628] netlink: 'syz.2.746': attribute type 1 has an invalid length. [ 80.567978][ T5631] loop2: detected capacity change from 0 to 512 [ 80.604591][ T5631] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 80.639374][ T5631] EXT4-fs (loop2): 1 truncate cleaned up [ 80.646590][ T5631] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.678559][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.778441][ T5637] netlink: 8 bytes leftover after parsing attributes in process `syz.2.749'. [ 80.842179][ T5639] netlink: 45 bytes leftover after parsing attributes in process `syz.2.750'. [ 80.859271][ T29] kauditd_printk_skb: 436 callbacks suppressed [ 80.859287][ T29] audit: type=1326 audit(1753804916.226:4750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5618 comm="syz.4.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 80.953358][ T5643] loop0: detected capacity change from 0 to 512 [ 80.974121][ T29] audit: type=1326 audit(1753804916.266:4751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5618 comm="syz.4.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f845c67e9a9 code=0x7ffc0000 [ 81.000697][ T5643] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 81.042667][ T5647] loop1: detected capacity change from 0 to 512 [ 81.076125][ T5647] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 81.100080][ T5643] EXT4-fs (loop0): 1 truncate cleaned up [ 81.108966][ T5643] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.136372][ T5647] EXT4-fs (loop1): 1 truncate cleaned up [ 81.136781][ T5647] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.244071][ T5651] loop2: detected capacity change from 0 to 164 [ 81.312973][ T5651] ISOFS: unable to read i-node block [ 81.319113][ T5651] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 81.373954][ T29] audit: type=1326 audit(1753804916.746:4752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5640 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897c83e9a9 code=0x7ffc0000 [ 81.398867][ T29] audit: type=1326 audit(1753804916.746:4753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5640 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f897c83e9a9 code=0x7ffc0000 [ 81.423520][ T29] audit: type=1326 audit(1753804916.746:4754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5640 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897c83e9a9 code=0x7ffc0000 [ 81.448228][ T29] audit: type=1326 audit(1753804916.746:4755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5640 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f897c83e9a9 code=0x7ffc0000 [ 81.472319][ T29] audit: type=1326 audit(1753804916.746:4756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5640 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897c83e9a9 code=0x7ffc0000 [ 81.496194][ T29] audit: type=1326 audit(1753804916.796:4757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5640 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f897c83e9a9 code=0x7ffc0000 [ 81.519597][ T29] audit: type=1326 audit(1753804916.796:4758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5640 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897c83e9a9 code=0x7ffc0000 [ 81.543321][ T29] audit: type=1326 audit(1753804916.796:4759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5640 comm="syz.2.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897c83e9a9 code=0x7ffc0000 [ 81.788257][ T5647] syz.1.754 invoked oom-killer: gfp_mask=0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=1000 [ 81.802424][ T5647] CPU: 0 UID: 0 PID: 5647 Comm: syz.1.754 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 81.802450][ T5647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 81.802461][ T5647] Call Trace: [ 81.802467][ T5647] [ 81.802474][ T5647] __dump_stack+0x1d/0x30 [ 81.802540][ T5647] dump_stack_lvl+0xe8/0x140 [ 81.802582][ T5647] dump_stack+0x15/0x1b [ 81.802598][ T5647] dump_header+0x81/0x220 [ 81.802681][ T5647] oom_kill_process+0x334/0x3f0 [ 81.802739][ T5647] out_of_memory+0x979/0xb80 [ 81.802771][ T5647] try_charge_memcg+0x5e6/0x9e0 [ 81.802845][ T5647] obj_cgroup_charge_pages+0xa6/0x150 [ 81.802873][ T5647] __memcg_kmem_charge_page+0x9f/0x170 [ 81.802904][ T5647] __alloc_frozen_pages_noprof+0x188/0x360 [ 81.802940][ T5647] alloc_pages_mpol+0xb3/0x250 [ 81.803071][ T5647] alloc_pages_noprof+0x90/0x130 [ 81.803101][ T5647] __vmalloc_node_range_noprof+0x6f2/0xe00 [ 81.803149][ T5647] __kvmalloc_node_noprof+0x30f/0x4e0 [ 81.803173][ T5647] ? ip_set_alloc+0x1f/0x30 [ 81.803188][ T5647] ? ip_set_alloc+0x1f/0x30 [ 81.803212][ T5647] ? __kmalloc_cache_noprof+0x189/0x320 [ 81.803237][ T5647] ip_set_alloc+0x1f/0x30 [ 81.803281][ T5647] hash_netiface_create+0x282/0x740 [ 81.803304][ T5647] ? __pfx_hash_netiface_create+0x10/0x10 [ 81.803326][ T5647] ip_set_create+0x3cc/0x960 [ 81.803427][ T5647] ? __nla_parse+0x40/0x60 [ 81.803557][ T5647] nfnetlink_rcv_msg+0x4c3/0x590 [ 81.803598][ T5647] netlink_rcv_skb+0x120/0x220 [ 81.803617][ T5647] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 81.803689][ T5647] nfnetlink_rcv+0x16b/0x1690 [ 81.803719][ T5647] ? __kfree_skb+0x109/0x150 [ 81.803737][ T5647] ? nlmon_xmit+0x4f/0x60 [ 81.803831][ T5647] ? consume_skb+0x49/0x150 [ 81.803930][ T5647] ? nlmon_xmit+0x4f/0x60 [ 81.803952][ T5647] ? dev_hard_start_xmit+0x3b0/0x3e0 [ 81.804031][ T5647] ? __dev_queue_xmit+0x11c0/0x1fb0 [ 81.804049][ T5647] ? __dev_queue_xmit+0x182/0x1fb0 [ 81.804085][ T5647] ? ref_tracker_free+0x37d/0x3e0 [ 81.804117][ T5647] ? __netlink_deliver_tap+0x4dc/0x500 [ 81.804140][ T5647] netlink_unicast+0x5a5/0x680 [ 81.804159][ T5647] netlink_sendmsg+0x58b/0x6b0 [ 81.804281][ T5647] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.804302][ T5647] __sock_sendmsg+0x142/0x180 [ 81.804405][ T5647] ____sys_sendmsg+0x31e/0x4e0 [ 81.804430][ T5647] ___sys_sendmsg+0x17b/0x1d0 [ 81.804466][ T5647] __x64_sys_sendmsg+0xd4/0x160 [ 81.804560][ T5647] x64_sys_call+0x191e/0x2ff0 [ 81.804582][ T5647] do_syscall_64+0xd2/0x200 [ 81.804601][ T5647] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 81.804624][ T5647] ? clear_bhb_loop+0x40/0x90 [ 81.804642][ T5647] ? clear_bhb_loop+0x40/0x90 [ 81.804736][ T5647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.804754][ T5647] RIP: 0033:0x7f54a5cbe9a9 [ 81.804767][ T5647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.804864][ T5647] RSP: 002b:00007f54a4327038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.804885][ T5647] RAX: ffffffffffffffda RBX: 00007f54a5ee5fa0 RCX: 00007f54a5cbe9a9 [ 81.804968][ T5647] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000007 [ 81.804979][ T5647] RBP: 00007f54a5d40d69 R08: 0000000000000000 R09: 0000000000000000 [ 81.805032][ T5647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 81.805045][ T5647] R13: 0000000000000000 R14: 00007f54a5ee5fa0 R15: 00007ffd500f5cc8 [ 81.805115][ T5647] [ 81.805120][ T5647] memory: usage 307200kB, limit 307200kB, failcnt 855 [ 82.172066][ T5647] memory+swap: usage 307656kB, limit 9007199254740988kB, failcnt 0 [ 82.172094][ T5647] kmem: usage 307168kB, limit 9007199254740988kB, failcnt 0 [ 82.172105][ T5647] Memory cgroup stats for /syz1: [ 82.173052][ T5647] cache 12288 [ 82.196301][ T5647] rss 4096 [ 82.199446][ T5647] shmem 0 [ 82.202415][ T5647] mapped_file 0 [ 82.205878][ T5647] dirty 0 [ 82.208915][ T5647] writeback 0 [ 82.212325][ T5647] workingset_refault_anon 756 [ 82.216997][ T5647] workingset_refault_file 605 [ 82.221700][ T5647] swap 466944 [ 82.225205][ T5647] swapcached 20480 [ 82.228917][ T5647] pgpgin 69534 [ 82.232309][ T5647] pgpgout 69526 [ 82.235838][ T5647] pgfault 52049 [ 82.239283][ T5647] pgmajfault 206 [ 82.242903][ T5647] inactive_anon 20480 [ 82.246916][ T5647] active_anon 0 [ 82.250456][ T5647] inactive_file 12288 [ 82.254550][ T5647] active_file 0 [ 82.258127][ T5647] unevictable 0 [ 82.261722][ T5647] hierarchical_memory_limit 314572800 [ 82.267162][ T5647] hierarchical_memsw_limit 9223372036854771712 [ 82.273361][ T5647] total_cache 12288 [ 82.277162][ T5647] total_rss 4096 [ 82.280706][ T5647] total_shmem 0 [ 82.284212][ T5647] total_mapped_file 0 [ 82.288288][ T5647] total_dirty 0 [ 82.291919][ T5647] total_writeback 0 [ 82.295854][ T5647] total_workingset_refault_anon 756 [ 82.301241][ T5647] total_workingset_refault_file 605 [ 82.306461][ T5647] total_swap 466944 [ 82.310595][ T5647] total_swapcached 20480 [ 82.314874][ T5647] total_pgpgin 69534 [ 82.318855][ T5647] total_pgpgout 69526 [ 82.322863][ T5647] total_pgfault 52049 [ 82.326855][ T5647] total_pgmajfault 206 [ 82.331000][ T5647] total_inactive_anon 20480 [ 82.335600][ T5647] total_active_anon 0 [ 82.339599][ T5647] total_inactive_file 12288 [ 82.342229][ T5672] netlink: 'syz.4.760': attribute type 1 has an invalid length. [ 82.344116][ T5647] total_active_file 0 [ 82.355747][ T5647] total_unevictable 0 [ 82.359769][ T5647] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.754,pid=5646,uid=0 [ 82.375745][ T5647] Memory cgroup out of memory: Killed process 5646 (syz.1.754) total-vm:95940kB, anon-rss:940kB, file-rss:22464kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000 [ 82.481997][ T5669] loop2: detected capacity change from 0 to 32768 [ 82.533746][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.544132][ T5054] loop2: p1 p3 < > [ 82.553745][ T5669] loop2: p1 p3 < > [ 82.567437][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.590563][ T5668] futex_wake_op: syz.2.759 tries to shift op by -1; fix this program [ 82.597555][ T5678] loop0: detected capacity change from 0 to 1024 [ 82.599252][ T2988] udevd[2988]: worker [5054] terminated by signal 33 (Unknown signal 33) [ 82.611797][ T5678] EXT4-fs: Ignoring removed nomblk_io_submit option [ 82.622312][ T5677] FAULT_INJECTION: forcing a failure. [ 82.622312][ T5677] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 82.635501][ T5677] CPU: 0 UID: 0 PID: 5677 Comm: syz.3.764 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 82.635579][ T5677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 82.635590][ T5677] Call Trace: [ 82.635597][ T5677] [ 82.635605][ T5677] __dump_stack+0x1d/0x30 [ 82.635622][ T5677] dump_stack_lvl+0xe8/0x140 [ 82.635703][ T5677] dump_stack+0x15/0x1b [ 82.635796][ T5677] should_fail_ex+0x265/0x280 [ 82.635816][ T5677] should_fail+0xb/0x20 [ 82.635832][ T5677] should_fail_usercopy+0x1a/0x20 [ 82.635914][ T5677] _copy_from_iter+0xcf/0xe40 [ 82.636011][ T5677] ? __build_skb_around+0x1a0/0x200 [ 82.636027][ T5677] ? __alloc_skb+0x223/0x320 [ 82.636043][ T5677] netlink_sendmsg+0x471/0x6b0 [ 82.636074][ T5677] ? __pfx_netlink_sendmsg+0x10/0x10 [ 82.636093][ T5677] __sock_sendmsg+0x142/0x180 [ 82.636115][ T5677] ____sys_sendmsg+0x31e/0x4e0 [ 82.636135][ T5677] ___sys_sendmsg+0x17b/0x1d0 [ 82.636164][ T5677] __x64_sys_sendmsg+0xd4/0x160 [ 82.636247][ T5677] x64_sys_call+0x191e/0x2ff0 [ 82.636263][ T5677] do_syscall_64+0xd2/0x200 [ 82.636281][ T5677] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 82.636322][ T5677] ? clear_bhb_loop+0x40/0x90 [ 82.636338][ T5677] ? clear_bhb_loop+0x40/0x90 [ 82.636438][ T5677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.636454][ T5677] RIP: 0033:0x7fa898bee9a9 [ 82.636466][ T5677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.636481][ T5677] RSP: 002b:00007fa89724f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.636496][ T5677] RAX: ffffffffffffffda RBX: 00007fa898e15fa0 RCX: 00007fa898bee9a9 [ 82.636506][ T5677] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006 [ 82.636516][ T5677] RBP: 00007fa89724f090 R08: 0000000000000000 R09: 0000000000000000 [ 82.636540][ T5677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.636549][ T5677] R13: 0000000000000000 R14: 00007fa898e15fa0 R15: 00007ffc3d4c4218 [ 82.636666][ T5677] [ 82.637349][ T2988] udevd[2988]: worker [5054] failed while handling '/devices/virtual/block/loop2' [ 82.725066][ T5678] EXT4-fs (loop0): can't mount with data=, fs mounted w/o journal [ 82.792026][ T2988] udevd[2988]: worker [4942] terminated by signal 33 (Unknown signal 33) [ 82.877163][ T2988] udevd[2988]: worker [4942] failed while handling '/devices/virtual/block/loop0' [ 82.888312][ T5682] netlink: 4 bytes leftover after parsing attributes in process `syz.2.765'. [ 82.912950][ T5050] udevd[5050]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 82.926799][ T4870] udevd[4870]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 82.960098][ T5695] loop4: detected capacity change from 0 to 164 [ 83.110909][ T5702] netlink: 256 bytes leftover after parsing attributes in process `syz.1.770'. [ 83.244718][ T5713] FAULT_INJECTION: forcing a failure. [ 83.244718][ T5713] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.258157][ T5713] CPU: 1 UID: 0 PID: 5713 Comm: syz.1.771 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 83.258181][ T5713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 83.258191][ T5713] Call Trace: [ 83.258197][ T5713] [ 83.258204][ T5713] __dump_stack+0x1d/0x30 [ 83.258225][ T5713] dump_stack_lvl+0xe8/0x140 [ 83.258312][ T5713] dump_stack+0x15/0x1b [ 83.258331][ T5713] should_fail_ex+0x265/0x280 [ 83.258354][ T5713] should_fail+0xb/0x20 [ 83.258493][ T5713] should_fail_usercopy+0x1a/0x20 [ 83.258577][ T5713] _copy_from_user+0x1c/0xb0 [ 83.258605][ T5713] ____sys_sendmsg+0x1c5/0x4e0 [ 83.258698][ T5713] ___sys_sendmsg+0x17b/0x1d0 [ 83.258727][ T5713] __x64_sys_sendmsg+0xd4/0x160 [ 83.258752][ T5713] x64_sys_call+0x191e/0x2ff0 [ 83.258825][ T5713] do_syscall_64+0xd2/0x200 [ 83.258844][ T5713] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 83.258866][ T5713] ? clear_bhb_loop+0x40/0x90 [ 83.258889][ T5713] ? clear_bhb_loop+0x40/0x90 [ 83.258929][ T5713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.258994][ T5713] RIP: 0033:0x7f54a5cbe9a9 [ 83.259009][ T5713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.259024][ T5713] RSP: 002b:00007f54a4306038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 83.259041][ T5713] RAX: ffffffffffffffda RBX: 00007f54a5ee6080 RCX: 00007f54a5cbe9a9 [ 83.259052][ T5713] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000005 [ 83.259062][ T5713] RBP: 00007f54a4306090 R08: 0000000000000000 R09: 0000000000000000 [ 83.259074][ T5713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.259132][ T5713] R13: 0000000000000000 R14: 00007f54a5ee6080 R15: 00007ffd500f5cc8 [ 83.259149][ T5713] [ 83.444650][ T5711] loop2: detected capacity change from 0 to 164 [ 83.453649][ T5711] ISOFS: unable to read i-node block [ 83.459309][ T5711] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 83.554069][ T5715] loop0: detected capacity change from 0 to 1024 [ 83.583339][ T5715] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 83.595581][ T5715] ext4 filesystem being mounted at /151/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 83.607375][ T5715] FAULT_INJECTION: forcing a failure. [ 83.607375][ T5715] name failslab, interval 1, probability 0, space 0, times 0 [ 83.620786][ T5715] CPU: 0 UID: 0 PID: 5715 Comm: syz.0.772 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 83.620810][ T5715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 83.620820][ T5715] Call Trace: [ 83.620827][ T5715] [ 83.620882][ T5715] __dump_stack+0x1d/0x30 [ 83.620925][ T5715] dump_stack_lvl+0xe8/0x140 [ 83.620940][ T5715] dump_stack+0x15/0x1b [ 83.620954][ T5715] should_fail_ex+0x265/0x280 [ 83.620975][ T5715] should_failslab+0x8c/0xb0 [ 83.620994][ T5715] kmem_cache_alloc_noprof+0x50/0x310 [ 83.621044][ T5715] ? __es_insert_extent+0x508/0xee0 [ 83.621069][ T5715] __es_insert_extent+0x508/0xee0 [ 83.621093][ T5715] ext4_es_insert_extent+0x435/0x1c10 [ 83.621200][ T5715] ext4_map_query_blocks+0x2fd/0x480 [ 83.621226][ T5715] ext4_map_blocks+0x3a1/0xd70 [ 83.621247][ T5715] ? filemap_write_and_wait_range+0x2f9/0x340 [ 83.621276][ T5715] ? xas_load+0x413/0x430 [ 83.621395][ T5715] ? __rcu_read_unlock+0x4f/0x70 [ 83.621418][ T5715] ext4_iomap_begin+0x171/0xe00 [ 83.621481][ T5715] ? __account_obj_stock+0x211/0x350 [ 83.621505][ T5715] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 83.621527][ T5715] iomap_iter+0x32f/0x730 [ 83.621613][ T5715] __iomap_dio_rw+0x708/0x1250 [ 83.621638][ T5715] ? selinux_file_open+0x2df/0x330 [ 83.621669][ T5715] ? __kmalloc_noprof+0x1dd/0x3e0 [ 83.621745][ T5715] iomap_dio_rw+0x40/0x90 [ 83.621771][ T5715] ext4_file_read_iter+0x20f/0x290 [ 83.621795][ T5715] do_iter_readv_writev+0x41e/0x4c0 [ 83.621874][ T5715] vfs_readv+0x1ea/0x690 [ 83.621900][ T5715] __se_sys_preadv2+0xfc/0x1c0 [ 83.621919][ T5715] __x64_sys_preadv2+0x67/0x80 [ 83.621938][ T5715] x64_sys_call+0xe0d/0x2ff0 [ 83.621955][ T5715] do_syscall_64+0xd2/0x200 [ 83.621973][ T5715] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 83.621994][ T5715] ? clear_bhb_loop+0x40/0x90 [ 83.622022][ T5715] ? clear_bhb_loop+0x40/0x90 [ 83.622043][ T5715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.622141][ T5715] RIP: 0033:0x7fe5b9f3e9a9 [ 83.622157][ T5715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.622176][ T5715] RSP: 002b:00007fe5b859f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147 [ 83.622194][ T5715] RAX: ffffffffffffffda RBX: 00007fe5ba165fa0 RCX: 00007fe5b9f3e9a9 [ 83.622275][ T5715] RDX: 100000000000000d RSI: 00002000000000c0 RDI: 0000000000000004 [ 83.622286][ T5715] RBP: 00007fe5b859f090 R08: 0000000000000000 R09: 0000000000000000 [ 83.622367][ T5715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.622374][ T5715] R13: 0000000000000000 R14: 00007fe5ba165fa0 R15: 00007ffde50a56e8 [ 83.622385][ T5715] [ 83.933987][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 84.051692][ T5734] netlink: 'syz.2.778': attribute type 3 has an invalid length. [ 84.059976][ T5722] loop3: detected capacity change from 0 to 8192 [ 84.085112][ T5736] netlink: 4 bytes leftover after parsing attributes in process `syz.4.779'. [ 84.121930][ T5739] netlink: 20 bytes leftover after parsing attributes in process `syz.2.780'. [ 84.149187][ T5722] netlink: 104 bytes leftover after parsing attributes in process `syz.3.774'. [ 84.253866][ T5724] loop0: detected capacity change from 0 to 32768 [ 84.302710][ T3290] loop0: p1 p3 < > [ 84.310006][ T5748] futex_wake_op: syz.0.775 tries to shift op by -1; fix this program [ 84.310563][ T5724] loop0: p1 p3 < > [ 84.323333][ T5753] loop4: detected capacity change from 0 to 164 [ 84.368774][ T5737] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 84.434325][ T5758] FAULT_INJECTION: forcing a failure. [ 84.434325][ T5758] name failslab, interval 1, probability 0, space 0, times 0 [ 84.448453][ T5758] CPU: 1 UID: 0 PID: 5758 Comm: syz.0.787 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 84.448477][ T5758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 84.448487][ T5758] Call Trace: [ 84.448492][ T5758] [ 84.448499][ T5758] __dump_stack+0x1d/0x30 [ 84.448517][ T5758] dump_stack_lvl+0xe8/0x140 [ 84.448560][ T5758] dump_stack+0x15/0x1b [ 84.448615][ T5758] should_fail_ex+0x265/0x280 [ 84.448642][ T5758] should_failslab+0x8c/0xb0 [ 84.448660][ T5758] kmem_cache_alloc_node_noprof+0x57/0x320 [ 84.448700][ T5758] ? __alloc_skb+0x101/0x320 [ 84.448717][ T5758] __alloc_skb+0x101/0x320 [ 84.448732][ T5758] ? pidfs_register_pid+0x87/0x150 [ 84.448755][ T5758] sock_wmalloc+0x7e/0xc0 [ 84.448779][ T5758] unix_stream_connect+0x2d6/0xa00 [ 84.448823][ T5758] ? selinux_netlbl_socket_connect+0x115/0x130 [ 84.448910][ T5758] ? __pfx_unix_stream_connect+0x10/0x10 [ 84.448938][ T5758] __sys_connect+0x1f2/0x2b0 [ 84.448962][ T5758] __x64_sys_connect+0x3f/0x50 [ 84.448980][ T5758] x64_sys_call+0x2c08/0x2ff0 [ 84.449030][ T5758] do_syscall_64+0xd2/0x200 [ 84.449052][ T5758] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 84.449085][ T5758] ? clear_bhb_loop+0x40/0x90 [ 84.449147][ T5758] ? clear_bhb_loop+0x40/0x90 [ 84.449169][ T5758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.449227][ T5758] RIP: 0033:0x7fe5b9f3e9a9 [ 84.449240][ T5758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.449256][ T5758] RSP: 002b:00007fe5b859f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 84.449275][ T5758] RAX: ffffffffffffffda RBX: 00007fe5ba165fa0 RCX: 00007fe5b9f3e9a9 [ 84.449288][ T5758] RDX: 000000000000000c RSI: 0000200000fce000 RDI: 0000000000000003 [ 84.449298][ T5758] RBP: 00007fe5b859f090 R08: 0000000000000000 R09: 0000000000000000 [ 84.449308][ T5758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.449339][ T5758] R13: 0000000000000000 R14: 00007fe5ba165fa0 R15: 00007ffde50a56e8 [ 84.449358][ T5758] [ 84.682722][ T5760] loop0: detected capacity change from 0 to 164 [ 84.695619][ T5760] netlink: 'syz.0.788': attribute type 1 has an invalid length. [ 84.782992][ T5722] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512) [ 86.155782][ T5770] netlink: 'syz.2.793': attribute type 1 has an invalid length. [ 86.175972][ T5776] loop0: detected capacity change from 0 to 512 [ 86.195030][ T5775] netlink: 4 bytes leftover after parsing attributes in process `syz.1.792'. [ 86.221397][ T5776] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 86.283656][ T5776] EXT4-fs (loop0): 1 truncate cleaned up [ 86.287681][ T29] kauditd_printk_skb: 431 callbacks suppressed [ 86.287695][ T29] audit: type=1400 audit(1753804921.656:5191): avc: denied { getopt } for pid=5787 comm="syz.1.799" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 86.300488][ T5776] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.347853][ T29] audit: type=1400 audit(1753804921.716:5192): avc: denied { ioctl } for pid=5787 comm="syz.1.799" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 86.496255][ T29] audit: type=1326 audit(1753804921.866:5193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5801 comm="syz.1.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a5cbe9a9 code=0x7ffc0000 [ 86.521774][ T29] audit: type=1326 audit(1753804921.866:5194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5801 comm="syz.1.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f54a5cbe9a9 code=0x7ffc0000 [ 86.545708][ T29] audit: type=1326 audit(1753804921.866:5195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5801 comm="syz.1.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a5cbe9a9 code=0x7ffc0000 [ 86.550357][ T5803] loop1: detected capacity change from 0 to 164 [ 86.571213][ T29] audit: type=1326 audit(1753804921.866:5196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5801 comm="syz.1.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f54a5cbe9a9 code=0x7ffc0000 [ 86.600092][ T29] audit: type=1326 audit(1753804921.866:5197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5801 comm="syz.1.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f54a5cbe9a9 code=0x7ffc0000 [ 86.623805][ T29] audit: type=1326 audit(1753804921.866:5198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5801 comm="syz.1.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f54a5cbe9a9 code=0x7ffc0000 [ 86.647590][ T29] audit: type=1326 audit(1753804921.866:5199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5801 comm="syz.1.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f54a5cb5967 code=0x7ffc0000 [ 86.671422][ T29] audit: type=1326 audit(1753804921.866:5200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5801 comm="syz.1.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f54a5c5ab89 code=0x7ffc0000 [ 86.745709][ T5806] netlink: 'syz.2.806': attribute type 1 has an invalid length. [ 86.868413][ T5814] netlink: 4 bytes leftover after parsing attributes in process `syz.2.810'. [ 86.969655][ T5824] loop2: detected capacity change from 0 to 128 [ 86.989587][ T5824] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 87.007196][ T5824] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 87.071666][ T5828] netlink: 8 bytes leftover after parsing attributes in process `syz.2.815'. [ 87.176221][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.203966][ T5830] netlink: 'syz.3.818': attribute type 1 has an invalid length. [ 87.252415][ T2988] udevd[2988]: worker [5694] terminated by signal 33 (Unknown signal 33) [ 87.265062][ T5832] loop0: detected capacity change from 0 to 4096 [ 87.291623][ T5832] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 87.306270][ T5836] loop4: detected capacity change from 0 to 1024 [ 87.324379][ T5050] printk: udevd: 14 output lines suppressed due to ratelimiting [ 87.326269][ T5836] EXT4-fs: inline encryption not supported [ 87.339434][ T5836] EXT4-fs: Ignoring removed i_version option [ 87.351717][ T5832] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #3: comm syz.0.817: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 87.385017][ T5836] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.398205][ T5832] EXT4-fs error (device loop0): ext4_quota_enable:7127: comm syz.0.817: Bad quota inode: 3, type: 0 [ 87.417212][ T5842] loop1: detected capacity change from 0 to 512 [ 87.426823][ T5832] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 87.442004][ T5832] EXT4-fs (loop0): mount failed [ 87.444565][ T5842] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.460184][ T5842] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.482081][ T5836] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt. [ 87.524009][ T3299] EXT4-fs error (device loop1): ext4_empty_dir:3075: inode #12: comm syz-executor: invalid size [ 87.536466][ T3299] EXT4-fs (loop1): Remounting filesystem read-only [ 87.549541][ T3302] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.566318][ T3299] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.576705][ T41] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 87.598184][ T41] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 87.636627][ T5861] netlink: 4 bytes leftover after parsing attributes in process `syz.1.823'. [ 87.699084][ T5867] netlink: 'syz.3.831': attribute type 1 has an invalid length. [ 87.780942][ T5877] loop3: detected capacity change from 0 to 512 [ 87.788400][ T5877] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 87.799985][ T5877] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.835: invalid block [ 87.812077][ T5877] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.835: invalid indirect mapped block 4294967295 (level 1) [ 87.826534][ T5877] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.835: invalid indirect mapped block 4294967295 (level 1) [ 87.841932][ T5877] EXT4-fs (loop3): 2 truncates cleaned up [ 87.848076][ T5877] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.882771][ T5885] loop2: detected capacity change from 0 to 256 [ 87.897964][ T5884] netlink: 8 bytes leftover after parsing attributes in process `syz.2.837'. [ 87.911657][ T3298] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.018200][ T5894] loop3: detected capacity change from 0 to 4096 [ 88.025802][ T5894] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 88.036701][ T5897] FAULT_INJECTION: forcing a failure. [ 88.036701][ T5897] name failslab, interval 1, probability 0, space 0, times 0 [ 88.037206][ T5894] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #3: comm syz.3.841: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 88.049381][ T5897] CPU: 1 UID: 0 PID: 5897 Comm: syz.2.842 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 88.049410][ T5897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 88.049426][ T5897] Call Trace: [ 88.049434][ T5897] [ 88.049441][ T5897] __dump_stack+0x1d/0x30 [ 88.049505][ T5897] dump_stack_lvl+0xe8/0x140 [ 88.049525][ T5897] dump_stack+0x15/0x1b [ 88.049539][ T5897] should_fail_ex+0x265/0x280 [ 88.049587][ T5897] ? __xdp_reg_mem_model+0x173/0x3e0 [ 88.049616][ T5897] should_failslab+0x8c/0xb0 [ 88.049637][ T5897] __kmalloc_cache_noprof+0x4c/0x320 [ 88.049705][ T5897] __xdp_reg_mem_model+0x173/0x3e0 [ 88.049732][ T5897] ? page_pool_create_percpu+0x515/0x630 [ 88.049815][ T5897] xdp_reg_mem_model+0x22/0x40 [ 88.049842][ T5897] bpf_test_run_xdp_live+0x172/0xfe0 [ 88.049863][ T5897] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 88.049908][ T5897] ? __pfx_autoremove_wake_function+0x10/0x10 [ 88.049940][ T5897] ? 0xffffffffa0205540 [ 88.049954][ T5897] ? synchronize_rcu+0x45/0x320 [ 88.049982][ T5897] ? 0xffffffffa0205540 [ 88.050058][ T5897] ? 0xffffffffa0205540 [ 88.050071][ T5897] ? bpf_dispatcher_change_prog+0x6ec/0x7f0 [ 88.050103][ T5897] ? 0xffffffffa0201a5c [ 88.050121][ T5897] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 88.050147][ T5897] bpf_prog_test_run_xdp+0x4f5/0x910 [ 88.050233][ T5897] ? __rcu_read_unlock+0x4f/0x70 [ 88.050269][ T5897] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 88.050300][ T5897] bpf_prog_test_run+0x22a/0x390 [ 88.050339][ T5897] __sys_bpf+0x3dc/0x790 [ 88.050371][ T5897] __x64_sys_bpf+0x41/0x50 [ 88.050396][ T5897] x64_sys_call+0x2aea/0x2ff0 [ 88.050415][ T5897] do_syscall_64+0xd2/0x200 [ 88.050481][ T5897] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 88.050505][ T5897] ? clear_bhb_loop+0x40/0x90 [ 88.050525][ T5897] ? clear_bhb_loop+0x40/0x90 [ 88.050614][ T5897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.050699][ T5897] RIP: 0033:0x7f897c83e9a9 [ 88.050715][ T5897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.050732][ T5897] RSP: 002b:00007f897ae9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 88.050750][ T5897] RAX: ffffffffffffffda RBX: 00007f897ca65fa0 RCX: 00007f897c83e9a9 [ 88.050763][ T5897] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a [ 88.050855][ T5897] RBP: 00007f897ae9f090 R08: 0000000000000000 R09: 0000000000000000 [ 88.050867][ T5897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.050879][ T5897] R13: 0000000000000000 R14: 00007f897ca65fa0 R15: 00007ffe79b44ec8 [ 88.050911][ T5897] [ 88.333016][ T5894] EXT4-fs error (device loop3): ext4_quota_enable:7127: comm syz.3.841: Bad quota inode: 3, type: 0 [ 88.345049][ T5894] EXT4-fs warning (device loop3): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 88.360054][ T5894] EXT4-fs (loop3): mount failed [ 88.438112][ T5910] loop0: detected capacity change from 0 to 1024 [ 88.457921][ T5910] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 88.470817][ T5910] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.495029][ T5908] netlink: 132 bytes leftover after parsing attributes in process `syz.2.847'. [ 88.520822][ T3297] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 88.538220][ T5908] random: crng reseeded on system resumption [ 88.545907][ T5918] loop4: detected capacity change from 0 to 1024 [ 88.553310][ T5920] loop1: detected capacity change from 0 to 164 [ 88.566530][ T5918] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.580217][ T5918] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 88.592188][ T5918] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.724804][ T5920] rock: directory entry would overflow storage [ 88.731034][ T5920] rock: sig=0x4f50, size=4, remaining=3 [ 88.736628][ T5920] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 88.748253][ T5920] rock: directory entry would overflow storage [ 88.754477][ T5920] rock: sig=0x4f50, size=4, remaining=3 [ 88.760052][ T5920] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 89.031987][ T5962] loop3: detected capacity change from 0 to 2048 [ 89.042422][ T5962] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.058997][ T5962] FAULT_INJECTION: forcing a failure. [ 89.058997][ T5962] name failslab, interval 1, probability 0, space 0, times 0 [ 89.071806][ T5962] CPU: 0 UID: 0 PID: 5962 Comm: syz.3.864 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 89.071834][ T5962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 89.071846][ T5962] Call Trace: [ 89.071852][ T5962] [ 89.071859][ T5962] __dump_stack+0x1d/0x30 [ 89.071880][ T5962] dump_stack_lvl+0xe8/0x140 [ 89.071899][ T5962] dump_stack+0x15/0x1b [ 89.071980][ T5962] should_fail_ex+0x265/0x280 [ 89.072003][ T5962] should_failslab+0x8c/0xb0 [ 89.072022][ T5962] kmem_cache_alloc_noprof+0x50/0x310 [ 89.072044][ T5962] ? security_inode_alloc+0x37/0x100 [ 89.072114][ T5962] security_inode_alloc+0x37/0x100 [ 89.072154][ T5962] inode_init_always_gfp+0x4b7/0x500 [ 89.072186][ T5962] ? __pfx_ext4_alloc_inode+0x10/0x10 [ 89.072214][ T5962] alloc_inode+0x58/0x170 [ 89.072276][ T5962] iget_locked+0xf4/0x5c0 [ 89.072372][ T5962] __ext4_iget+0x152/0x21c0 [ 89.072400][ T5962] ? kmem_cache_alloc_lru_noprof+0x229/0x310 [ 89.072424][ T5962] ? __d_alloc+0x3d/0x340 [ 89.072510][ T5962] ext4_lookup+0x161/0x390 [ 89.072542][ T5962] lookup_one_qstr_excl+0xcb/0x250 [ 89.072567][ T5962] filename_create+0x149/0x230 [ 89.072662][ T5962] kern_path_create+0x37/0x130 [ 89.072686][ T5962] unix_bind+0x1fd/0x920 [ 89.072715][ T5962] __sys_bind+0x1d1/0x2a0 [ 89.072828][ T5962] __x64_sys_bind+0x3f/0x50 [ 89.072926][ T5962] x64_sys_call+0x2b6e/0x2ff0 [ 89.072943][ T5962] do_syscall_64+0xd2/0x200 [ 89.072966][ T5962] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 89.073052][ T5962] ? clear_bhb_loop+0x40/0x90 [ 89.073074][ T5962] ? clear_bhb_loop+0x40/0x90 [ 89.073099][ T5962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.073192][ T5962] RIP: 0033:0x7fa898bee9a9 [ 89.073205][ T5962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.073220][ T5962] RSP: 002b:00007fa89724f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 89.073236][ T5962] RAX: ffffffffffffffda RBX: 00007fa898e15fa0 RCX: 00007fa898bee9a9 [ 89.073246][ T5962] RDX: 000000000000006e RSI: 0000200000000100 RDI: 0000000000000006 [ 89.073274][ T5962] RBP: 00007fa89724f090 R08: 0000000000000000 R09: 0000000000000000 [ 89.073287][ T5962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 89.073337][ T5962] R13: 0000000000000000 R14: 00007fa898e15fa0 R15: 00007ffc3d4c4218 [ 89.073356][ T5962] [ 89.428329][ T5977] loop0: detected capacity change from 0 to 164 [ 89.464155][ T5982] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5982 comm=syz.3.872 [ 89.496931][ T5987] loop1: detected capacity change from 0 to 512 [ 89.504899][ T5987] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 not in group (block 16777219)! [ 89.515787][ T5987] EXT4-fs (loop1): group descriptors corrupted! [ 89.540903][ T5992] netlink: 'syz.4.875': attribute type 1 has an invalid length. [ 89.576172][ T5996] netlink: 8 bytes leftover after parsing attributes in process `+}[@'. [ 89.608689][ T5999] loop4: detected capacity change from 0 to 164 [ 89.618248][ T5999] x_tables: ip6_tables: quota.0 match: invalid size 24 (kernel) != (user) 144 [ 89.643695][ T5987] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 89.654437][ T5987] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 89.685885][ T5987] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.695978][ T5987] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.705618][ T5987] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.715045][ T5987] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 89.728861][ T5999] netlink: 52 bytes leftover after parsing attributes in process `syz.4.878'. [ 89.906402][ T6013] loop2: detected capacity change from 0 to 1024 [ 89.914231][ T6013] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 90.050279][ T6013] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.883: Invalid block bitmap block 0 in block_group 0 [ 90.106019][ T6013] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.883: Failed to acquire dquot type 0 [ 90.202765][ T6013] EXT4-fs error (device loop2): ext4_free_blocks:6587: comm syz.2.883: Freeing blocks not in datazone - block = 0, count = 4096 [ 90.311502][ T6013] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.883: Invalid inode bitmap blk 0 in block_group 0 [ 90.325623][ T6013] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem [ 90.334849][ T6013] EXT4-fs (loop2): 1 orphan inode deleted [ 90.335574][ T3444] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 0 [ 90.376184][ T3311] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 0 [ 90.407145][ T6043] FAULT_INJECTION: forcing a failure. [ 90.407145][ T6043] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 90.420947][ T6043] CPU: 1 UID: 0 PID: 6043 Comm: syz.2.892 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 90.420977][ T6043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 90.420989][ T6043] Call Trace: [ 90.420996][ T6043] [ 90.421004][ T6043] __dump_stack+0x1d/0x30 [ 90.421024][ T6043] dump_stack_lvl+0xe8/0x140 [ 90.421117][ T6043] dump_stack+0x15/0x1b [ 90.421131][ T6043] should_fail_ex+0x265/0x280 [ 90.421150][ T6043] ? __pfx_autofs_dev_ioctl_ismountpoint+0x10/0x10 [ 90.421224][ T6043] should_fail+0xb/0x20 [ 90.421245][ T6043] should_fail_usercopy+0x1a/0x20 [ 90.421271][ T6043] _copy_to_user+0x20/0xa0 [ 90.421308][ T6043] ? __pfx_autofs_dev_ioctl_ismountpoint+0x10/0x10 [ 90.421334][ T6043] autofs_dev_ioctl+0x37e/0x6a0 [ 90.421368][ T6043] ? __pfx_autofs_dev_ioctl+0x10/0x10 [ 90.421391][ T6043] __se_sys_ioctl+0xcb/0x140 [ 90.421413][ T6043] __x64_sys_ioctl+0x43/0x50 [ 90.421508][ T6043] x64_sys_call+0x1816/0x2ff0 [ 90.421529][ T6043] do_syscall_64+0xd2/0x200 [ 90.421553][ T6043] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 90.421578][ T6043] ? clear_bhb_loop+0x40/0x90 [ 90.421647][ T6043] ? clear_bhb_loop+0x40/0x90 [ 90.421669][ T6043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.421800][ T6043] RIP: 0033:0x7f897c83e9a9 [ 90.421815][ T6043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.421831][ T6043] RSP: 002b:00007f897ae9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 90.421847][ T6043] RAX: ffffffffffffffda RBX: 00007f897ca65fa0 RCX: 00007f897c83e9a9 [ 90.421859][ T6043] RDX: 0000200000000200 RSI: 00000000c018937e RDI: 0000000000000003 [ 90.421870][ T6043] RBP: 00007f897ae9f090 R08: 0000000000000000 R09: 0000000000000000 [ 90.422015][ T6043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 90.422026][ T6043] R13: 0000000000000000 R14: 00007f897ca65fa0 R15: 00007ffe79b44ec8 [ 90.422041][ T6043] [ 90.704309][ T6056] tipc: Started in network mode [ 90.709540][ T6056] tipc: Node identity ac141423, cluster identity 4711 [ 90.718175][ T6056] tipc: New replicast peer: 255.255.255.255 [ 90.724718][ T6056] tipc: Enabled bearer , priority 10 [ 90.734133][ T6058] netlink: 'syz.2.900': attribute type 3 has an invalid length. [ 90.742235][ T6054] netlink: 8 bytes leftover after parsing attributes in process `syz.0.897'. [ 90.768895][ T6054] netlink: 24 bytes leftover after parsing attributes in process `syz.0.897'. [ 90.807105][ T6066] loop1: detected capacity change from 0 to 1024 [ 90.815711][ T6066] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 90.839752][ T6066] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.903: Invalid block bitmap block 0 in block_group 0 [ 90.859479][ T6072] loop3: detected capacity change from 0 to 164 [ 90.867342][ T6075] netlink: 'syz.0.906': attribute type 1 has an invalid length. [ 90.872259][ T6066] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.903: Failed to acquire dquot type 0 [ 90.888315][ T6066] EXT4-fs error (device loop1): ext4_free_blocks:6587: comm syz.1.903: Freeing blocks not in datazone - block = 0, count = 4096 [ 90.891033][ T6076] loop2: detected capacity change from 0 to 512 [ 90.903174][ T6066] EXT4-fs error (device loop1): ext4_read_inode_bitmap:139: comm syz.1.903: Invalid inode bitmap blk 0 in block_group 0 [ 90.923263][ T6066] EXT4-fs error (device loop1) in ext4_free_inode:361: Corrupt filesystem [ 90.931440][ T3311] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 0 [ 90.935905][ T6066] EXT4-fs (loop1): 1 orphan inode deleted [ 90.980589][ T3311] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:6: Failed to release dquot type 0 [ 91.043204][ T6085] netlink: 'syz.0.912': attribute type 3 has an invalid length. [ 91.098744][ T6090] loop1: detected capacity change from 0 to 1024 [ 91.115652][ T6090] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.128318][ T6090] FAULT_INJECTION: forcing a failure. [ 91.128318][ T6090] name failslab, interval 1, probability 0, space 0, times 0 [ 91.141577][ T6090] CPU: 0 UID: 0 PID: 6090 Comm: syz.1.910 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 91.141602][ T6090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 91.141632][ T6090] Call Trace: [ 91.141638][ T6090] [ 91.141645][ T6090] __dump_stack+0x1d/0x30 [ 91.141699][ T6090] dump_stack_lvl+0xe8/0x140 [ 91.141715][ T6090] dump_stack+0x15/0x1b [ 91.141728][ T6090] should_fail_ex+0x265/0x280 [ 91.141748][ T6090] should_failslab+0x8c/0xb0 [ 91.141846][ T6090] kmem_cache_alloc_noprof+0x50/0x310 [ 91.141897][ T6090] ? __es_insert_extent+0x508/0xee0 [ 91.141921][ T6090] __es_insert_extent+0x508/0xee0 [ 91.141944][ T6090] ext4_es_insert_extent+0x435/0x1c10 [ 91.142041][ T6090] ext4_map_query_blocks+0x2fd/0x480 [ 91.142135][ T6090] ext4_map_blocks+0x3a1/0xd70 [ 91.142156][ T6090] ? filemap_write_and_wait_range+0x2f9/0x340 [ 91.142240][ T6090] ? xas_load+0x413/0x430 [ 91.142259][ T6090] ? __rcu_read_unlock+0x4f/0x70 [ 91.142277][ T6090] ext4_iomap_begin+0x171/0xe00 [ 91.142296][ T6090] ? __account_obj_stock+0x2d6/0x350 [ 91.142397][ T6090] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 91.142495][ T6090] iomap_iter+0x32f/0x730 [ 91.142517][ T6090] __iomap_dio_rw+0x708/0x1250 [ 91.142619][ T6090] ? selinux_file_open+0x2df/0x330 [ 91.142648][ T6090] ? __kmalloc_noprof+0x1dd/0x3e0 [ 91.142668][ T6090] iomap_dio_rw+0x40/0x90 [ 91.142719][ T6090] ext4_file_read_iter+0x20f/0x290 [ 91.142741][ T6090] do_iter_readv_writev+0x41e/0x4c0 [ 91.142771][ T6090] vfs_readv+0x1ea/0x690 [ 91.142797][ T6090] __se_sys_preadv2+0xfc/0x1c0 [ 91.142815][ T6090] __x64_sys_preadv2+0x67/0x80 [ 91.142831][ T6090] x64_sys_call+0xe0d/0x2ff0 [ 91.142857][ T6090] do_syscall_64+0xd2/0x200 [ 91.142876][ T6090] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 91.142898][ T6090] ? clear_bhb_loop+0x40/0x90 [ 91.142917][ T6090] ? clear_bhb_loop+0x40/0x90 [ 91.142958][ T6090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.142975][ T6090] RIP: 0033:0x7f54a5cbe9a9 [ 91.142988][ T6090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.143002][ T6090] RSP: 002b:00007f54a4327038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147 [ 91.143019][ T6090] RAX: ffffffffffffffda RBX: 00007f54a5ee5fa0 RCX: 00007f54a5cbe9a9 [ 91.143050][ T6090] RDX: 100000000000000d RSI: 00002000000000c0 RDI: 0000000000000004 [ 91.143062][ T6090] RBP: 00007f54a4327090 R08: 0000000000000000 R09: 0000000000000000 [ 91.143075][ T6090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.143086][ T6090] R13: 0000000000000000 R14: 00007f54a5ee5fa0 R15: 00007ffd500f5cc8 [ 91.143100][ T6090] [ 91.428167][ T29] kauditd_printk_skb: 1099 callbacks suppressed [ 91.428184][ T29] audit: type=1326 audit(1753804926.516:6288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.3.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fa898bee9a9 code=0x7ffc0000 [ 91.471835][ T29] audit: type=1326 audit(1753804926.846:6289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.3.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa898be5967 code=0x7ffc0000 [ 91.495916][ T29] audit: type=1326 audit(1753804926.846:6290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.3.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa898b8ab89 code=0x7ffc0000 [ 91.519400][ T29] audit: type=1326 audit(1753804926.846:6291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.3.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fa898bee9a9 code=0x7ffc0000 [ 91.556033][ T29] audit: type=1326 audit(1753804926.916:6292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.3.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa898be5967 code=0x7ffc0000 [ 91.579572][ T29] audit: type=1400 audit(1753804926.926:6293): avc: denied { unmount } for pid=3299 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 91.599571][ T29] audit: type=1326 audit(1753804926.926:6294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.3.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa898b8ab89 code=0x7ffc0000 [ 91.622991][ T29] audit: type=1326 audit(1753804926.926:6295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.3.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa898be5967 code=0x7ffc0000 [ 91.646231][ T29] audit: type=1326 audit(1753804926.926:6296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.3.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa898b8ab89 code=0x7ffc0000 [ 91.670041][ T29] audit: type=1326 audit(1753804926.926:6297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6061 comm="syz.3.901" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fa898bee9a9 code=0x7ffc0000 [ 91.786976][ T6104] loop3: detected capacity change from 0 to 1024 [ 91.831323][ T1051] tipc: Node number set to 2886997027 [ 91.846427][ T6104] ext4 filesystem being mounted at /169/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.862484][ T6106] loop0: detected capacity change from 0 to 512 [ 91.875042][ T6104] FAULT_INJECTION: forcing a failure. [ 91.875042][ T6104] name failslab, interval 1, probability 0, space 0, times 0 [ 91.887784][ T6104] CPU: 0 UID: 0 PID: 6104 Comm: syz.3.918 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 91.887835][ T6104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 91.887845][ T6104] Call Trace: [ 91.887851][ T6104] [ 91.887859][ T6104] __dump_stack+0x1d/0x30 [ 91.887881][ T6104] dump_stack_lvl+0xe8/0x140 [ 91.887900][ T6104] dump_stack+0x15/0x1b [ 91.887917][ T6104] should_fail_ex+0x265/0x280 [ 91.888015][ T6104] should_failslab+0x8c/0xb0 [ 91.888037][ T6104] kmem_cache_alloc_noprof+0x50/0x310 [ 91.888063][ T6104] ? __es_insert_extent+0x508/0xee0 [ 91.888085][ T6104] __es_insert_extent+0x508/0xee0 [ 91.888107][ T6104] ext4_es_insert_extent+0x435/0x1c10 [ 91.888202][ T6104] ext4_map_query_blocks+0x2fd/0x480 [ 91.888228][ T6104] ext4_map_blocks+0x3a1/0xd70 [ 91.888246][ T6104] ? filemap_write_and_wait_range+0x2f9/0x340 [ 91.888269][ T6104] ? xas_load+0x413/0x430 [ 91.888321][ T6104] ? __rcu_read_unlock+0x4f/0x70 [ 91.888339][ T6104] ext4_iomap_begin+0x171/0xe00 [ 91.888358][ T6104] ? __account_obj_stock+0x2d6/0x350 [ 91.888455][ T6104] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 91.888486][ T6104] iomap_iter+0x32f/0x730 [ 91.888522][ T6104] __iomap_dio_rw+0x708/0x1250 [ 91.888604][ T6104] ? selinux_file_open+0x2df/0x330 [ 91.888639][ T6104] ? __kmalloc_noprof+0x1dd/0x3e0 [ 91.888664][ T6104] iomap_dio_rw+0x40/0x90 [ 91.888700][ T6104] ext4_file_read_iter+0x20f/0x290 [ 91.888723][ T6104] do_iter_readv_writev+0x41e/0x4c0 [ 91.888763][ T6104] vfs_readv+0x1ea/0x690 [ 91.888789][ T6104] __se_sys_preadv2+0xfc/0x1c0 [ 91.888807][ T6104] __x64_sys_preadv2+0x67/0x80 [ 91.888827][ T6104] x64_sys_call+0xe0d/0x2ff0 [ 91.888845][ T6104] do_syscall_64+0xd2/0x200 [ 91.888864][ T6104] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 91.888888][ T6104] ? clear_bhb_loop+0x40/0x90 [ 91.888905][ T6104] ? clear_bhb_loop+0x40/0x90 [ 91.888956][ T6104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.888974][ T6104] RIP: 0033:0x7fa898bee9a9 [ 91.888990][ T6104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.889007][ T6104] RSP: 002b:00007fa89724f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147 [ 91.889024][ T6104] RAX: ffffffffffffffda RBX: 00007fa898e15fa0 RCX: 00007fa898bee9a9 [ 91.889051][ T6104] RDX: 100000000000000d RSI: 00002000000000c0 RDI: 0000000000000004 [ 91.889062][ T6104] RBP: 00007fa89724f090 R08: 0000000000000000 R09: 0000000000000000 [ 91.889072][ T6104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.889082][ T6104] R13: 0000000000000000 R14: 00007fa898e15fa0 R15: 00007ffc3d4c4218 [ 91.889097][ T6104] [ 92.175897][ T6106] ext4 filesystem being mounted at /178/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 92.245668][ T6121] loop3: detected capacity change from 0 to 1024 [ 92.266971][ T6121] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 92.299274][ T6121] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.921: Invalid block bitmap block 0 in block_group 0 [ 92.317881][ T6121] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.921: Failed to acquire dquot type 0 [ 92.329985][ T6121] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.921: Freeing blocks not in datazone - block = 0, count = 4096 [ 92.348788][ T6121] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.921: Invalid inode bitmap blk 0 in block_group 0 [ 92.361676][ T293] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0 [ 92.374576][ T6121] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem [ 92.386292][ T6121] EXT4-fs (loop3): 1 orphan inode deleted [ 92.401515][ T6119] loop2: detected capacity change from 0 to 32768 [ 92.432583][ T51] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:3: Failed to release dquot type 0 [ 92.470780][ T6119] loop2: p1 p2 p3 < p5 p6 > [ 92.475734][ T6119] loop2: p1 size 242222080 extends beyond EOD, truncated [ 92.487105][ T6119] loop2: p2 start 4294967295 is beyond EOD, truncated [ 92.655108][ T6147] ================================================================== [ 92.663322][ T6147] BUG: KCSAN: data-race in __bpf_get_stackid / __bpf_get_stackid [ 92.665029][ T6160] loop2: detected capacity change from 0 to 2048 [ 92.671071][ T6147] [ 92.671082][ T6147] write to 0xffff88810b91218c of 4 bytes by task 3359 on cpu 1: [ 92.671098][ T6147] __bpf_get_stackid+0x77a/0x800 [ 92.671122][ T6147] bpf_get_stackid+0xee/0x120 [ 92.671139][ T6147] bpf_get_stackid_raw_tp+0xf6/0x120 [ 92.671157][ T6147] bpf_prog_e6fc920cfeff8120+0x2a/0x32 [ 92.708110][ T6147] bpf_trace_run2+0x107/0x1c0 [ 92.712874][ T6147] kfree+0x27b/0x320 [ 92.716754][ T6147] __bpf_prog_free+0x43/0xa0 [ 92.721421][ T6147] bpf_jit_free+0x27c/0x310 [ 92.725933][ T6147] bpf_prog_free_deferred+0x401/0x450 [ 92.731384][ T6147] process_scheduled_works+0x4cb/0x9d0 [ 92.736847][ T6147] worker_thread+0x582/0x770 [ 92.741460][ T6147] kthread+0x489/0x510 [ 92.745534][ T6147] ret_from_fork+0xdd/0x150 [ 92.750041][ T6147] ret_from_fork_asm+0x1a/0x30 [ 92.754809][ T6147] [ 92.757134][ T6147] read to 0xffff88810b91218c of 4 bytes by task 6147 on cpu 0: [ 92.764682][ T6147] __bpf_get_stackid+0x33a/0x800 [ 92.769726][ T6147] bpf_get_stackid+0xee/0x120 [ 92.774427][ T6147] bpf_get_stackid_raw_tp+0xf6/0x120 [ 92.779729][ T6147] bpf_prog_e6fc920cfeff8120+0x2a/0x32 [ 92.785191][ T6147] bpf_trace_run2+0x107/0x1c0 [ 92.789881][ T6147] kfree+0x27b/0x320 [ 92.793886][ T6147] ___sys_recvmsg+0x135/0x370 [ 92.798581][ T6147] do_recvmmsg+0x1ef/0x540 [ 92.803015][ T6147] __x64_sys_recvmmsg+0xe5/0x170 [ 92.807972][ T6147] x64_sys_call+0x27a6/0x2ff0 [ 92.812661][ T6147] do_syscall_64+0xd2/0x200 [ 92.817173][ T6147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.823074][ T6147] [ 92.825437][ T6147] value changed: 0x0000000a -> 0x0000000c [ 92.831160][ T6147] [ 92.833482][ T6147] Reported by Kernel Concurrency Sanitizer on: [ 92.839726][ T6147] CPU: 0 UID: 0 PID: 6147 Comm: syz.4.930 Not tainted 6.16.0-syzkaller-01056-gae388edd4a8f #0 PREEMPT(voluntary) [ 92.851714][ T6147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 92.861775][ T6147] ================================================================== [ 92.934725][ T6166] loop2: detected capacity change from 0 to 4096 [ 92.943158][ T6166] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 92.957300][ T6166] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #3: comm syz.2.939: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 92.977354][ T6166] EXT4-fs error (device loop2): ext4_quota_enable:7127: comm syz.2.939: Bad quota inode: 3, type: 0 [ 92.991162][ T6166] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 93.007896][ T6166] EXT4-fs (loop2): mount failed