last executing test programs: 1.05441695s ago: executing program 2 (id=2569): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a32"], 0x2d4}}, 0x4048010) 981.375831ms ago: executing program 2 (id=2572): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0000004}) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xa6c3, 0x0) fcntl$setlease(r2, 0x400, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000340)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) 968.255551ms ago: executing program 2 (id=2573): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x13) r3 = syz_io_uring_setup(0x88e, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x2, 0x1b9}, &(0x7f0000000000)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) io_uring_enter(r3, 0x47f6, 0x0, 0x2, 0x0, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000000c0)=0x8) fcntl$notify(r1, 0x402, 0x8000001f) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000300)='kfree\x00', r5, 0x0, 0xfffffffffffffffd}, 0x18) r6 = socket(0x10, 0x3, 0x6) r7 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000040)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)}) r8 = socket(0x15, 0x5, 0x0) getsockopt(r8, 0x200000000114, 0x2714, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00E6', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000280)={'veth0_macvtap\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x1, [{0x200, 0x5}]}}) r9 = socket(0xa, 0x3, 0x87) ioctl$sock_inet6_tcp_SIOCINQ(r9, 0x890b, &(0x7f0000000000)) sendmsg$nl_route_sched(r7, 0x0, 0x20000000) r10 = open(0x0, 0x0, 0x4) close_range(r0, r10, 0x0) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000004000000b705000008000000850000006a000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000340)='mm_page_free\x00', r11, 0x0, 0x100000002}, 0x18) socket$kcm(0x29, 0x2, 0x0) 901.459783ms ago: executing program 2 (id=2576): socket$inet(0x2, 0x4000000000000001, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@RTM_GETMDB={0x18, 0x56, 0xd23}, 0x18}}, 0x4040000) recvfrom$unix(r1, 0x0, 0x0, 0x40000010, 0x0, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14a}}) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000000)) 899.289973ms ago: executing program 3 (id=2578): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7fff}, 0x18) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300), 0x80, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX, @ANYBLOB]) 844.536364ms ago: executing program 2 (id=2581): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x800, 0xfffffffc, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f80)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000280)='kfree\x00', r2}, 0x18) syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00') r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10) connect$inet(r3, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10) sendmmsg$inet(r3, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0x192}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc", 0x9d6}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x1}}], 0x3, 0x0) 839.337524ms ago: executing program 3 (id=2582): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a32"], 0x2d4}}, 0x4048010) 817.587844ms ago: executing program 2 (id=2583): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_alloc\x00', r0}, 0x10) r1 = inotify_init() r2 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) r3 = inotify_add_watch(r1, &(0x7f0000000200)='./file0\x00', 0x400008bf) write$binfmt_elf32(r2, &(0x7f0000000040)=ANY=[@ANYRES64=r3], 0x69) close(r2) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000"], 0x48) socket$inet_udp(0x2, 0x2, 0x0) r4 = signalfd(0xffffffffffffffff, &(0x7f0000000140)={[0x157]}, 0x8) r5 = syz_io_uring_setup(0x42c8, &(0x7f0000000300)={0x0, 0x125a, 0x40, 0xffffffff, 0x16f, 0x0, r4}, &(0x7f0000000040)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r4, 0x0, 0x0, 0x0, 0x0, 0x0, {0xfffe}}) io_uring_enter(r5, 0x44fd, 0x3, 0x1, 0x0, 0x0) r8 = gettid() timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc)=0x0) timer_settime(r9, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r10 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') mq_timedreceive(r10, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0) mmap$xdp(&(0x7f00005b6000/0x1000)=nil, 0x1000, 0x2, 0x40010, r2, 0x100000000) r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffd8, 0x0, 0x0, 0x0}, 0x94) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r12}, 0x10) r13 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r13, 0xc004743e, &(0x7f0000000380)=0x2) 799.068695ms ago: executing program 3 (id=2584): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0000004}) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xa6c3, 0x0) fcntl$setlease(r2, 0x400, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f0000000340)='system.posix_acl_default\x00', 0x0, 0x0, 0x0) 780.693515ms ago: executing program 3 (id=2585): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newtaction={0x6c, 0x30, 0x1, 0x300, 0x0, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_MPLS_PROTO={0x6, 0x4, 0x8848}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) 705.036346ms ago: executing program 3 (id=2588): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) openat$urandom(0xffffffffffffff9c, &(0x7f0000000100), 0x40202, 0x0) bind$802154_dgram(r0, &(0x7f0000000040)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0002}}}, 0x14) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket(0x10, 0x803, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000380)='kfree\x00', r2}, 0x18) socket$unix(0x1, 0x2, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0xb8, 0x2c, 0xd2b, 0x70bd2b, 0x35dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x8c, 0x2, [@TCA_U32_SEL={0x14, 0x5, {0xfe, 0x1, 0x3, 0x1, 0x4, 0x102, 0x6, 0x7ffffffa}}, @TCA_U32_SEL={0x74, 0x5, {0x10, 0x9, 0x6, 0x10da, 0xa760, 0x0, 0x10, 0x100, [{0x1000, 0xe, 0xb2a1, 0x9f6}, {0x5, 0x3ff, 0x3, 0x4}, {0x9, 0x7, 0x40, 0x80}, {0x3, 0xde5, 0x1, 0xbd}, {0x9, 0x10, 0x5, 0x5}, {0x49f, 0x7, 0x81, 0xb}]}}]}}]}, 0xb8}}, 0x24040084) connect$802154_dgram(r0, &(0x7f0000000140), 0x14) sendmsg$802154_dgram(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20008011}, 0x2000c050) r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) readv(r3, &(0x7f00000000c0)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) 458.437721ms ago: executing program 0 (id=2591): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newqdisc={0x34, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xe}, {0xf, 0xfff9}, {0x10, 0xb}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @qdisc_kind_options=@q_qfg={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x40080}, 0x4000c00) 438.083512ms ago: executing program 0 (id=2592): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7fff}, 0x18) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300), 0x80, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX, @ANYBLOB]) 402.716132ms ago: executing program 0 (id=2593): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x800, 0xfffffffc, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f80)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000280)='kfree\x00', r2}, 0x18) syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00') r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10) connect$inet(r3, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10) sendmmsg$inet(r3, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0x192}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0", 0x9ea}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x1}}], 0x3, 0x0) 385.514073ms ago: executing program 0 (id=2594): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x1, 0x7, 0x0, 0x1}, 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r1, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f0000000700)={[{@noquota}, {@noquota}, {@grpjquota}, {@noauto_da_alloc}, {@dioread_lock}]}, 0x2, 0x507, &(0x7f0000001540)="$eJzs3c9vI1cdAPDvTOJNspviFDiUSpQVFGUrWDtpaBtxaIOE4FSJUi6cQkicKIoTR7HTbqIKpeIPQEL8Epw4cUHijJBQ/wSEVAnuCCFQBdty4EAxGmdMg9dJvLuZuBt/PtLbeTPzZr7vxfazn9+sJ4CRdTMiliJiLCKeiYhyvj3NUxwdp6zcu3ffWM1SEu2JV/+eRJJv657rpXx5Iz9sMiK+/tWIbyf3xm0eHG6t1Ou1vXy92trerTYPDm9vbq9s1DZqO0sL888vvrD43OLchbX1xS//5Uff+8VXXvzt51//0/Lfbn0nq9Z0vu9kOwZxNGC546aXOn+LrvGI2LufYB9iY3l7SsOuCAAAA8k+4380Ij4dEe/9dNi1AQAAAIrQfmk6/p1EtAEAAIArK+1cA5uklfxagOlI00rl+Brej8f1tN5otj633tjfWTu+VnYmSun6Zr02l18rPBOlJFuf7+Q/WH+2Z30hIh6PiB+UpzrrldVGfW3YX34AAADAiLjRM/7/Z/l4/A8AAABcMTMDlpsouB4AAABAcQYd/wMAAACPrlPH/8n45VYEAAAAKMLXXn45S+3u/a/XXjvY32q8dnut1tyqbO+vVlYbe7uVjUZjo/Obfdvnna/eaOx+IXb271RbtWar2jw4XN5u7O+0ljv39V6utcsnS7trNAAAAFyGxz/11h+TiDj64lQnZa7l+wYYnS8VWzugSGm+nByseFJkXYDLNTbsCgBD4wJfGF1m4IFzBvY/7FlPi6wLAABQjNlPPNT8v/lAeIQZyMPoMv8Po8v8P4wu8/8w4ga4r+ep/z/gdxdcFwAAoDDTnZSklXwucDrStFKJeKxzW4BSsr5Zr81FxEci4g/l0kS2Pj/sSgMAAAAAAAAAAAAAAAAAAAAAAADAI6bdTqINAAAAXGkR6V+T/Eb+s+Wnp3u/H7iW/KvcWUbE6z979cd3Vlqtvfls+z/+t731k3z7s90tmW9e8jcZAAAAQFd3nN4dxwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADARXr37hur3dS771qBcd/5UkTM9Is/HpOd5eSvyxFx/b0kxk8cl0TE2AXEP3ozIp7oFz/JqhUzeS1646cRMXVJ8dNT4t+4gPgwyt7K+p+l7PVX6nn9pXGzs+z/+h/P08N65+Zp/V/a7f86/Vy//u+xs0892c08+favqvfsLefx34x4crx//9ONn/SLfx9vCt/6xuHhafvaP4+YPef9J4tfbW3vVpsHh7c3t1c2ahu1nYWF+ecXX1h8bnGuur5Zr+X/9o3x/U/+5j+nxc/afz2Ln/Tvf09tf0Q8PWD733/7zt2PnRH/1mf6P/5PnBE/e058Nn8fyPbPdvNHx/mTnvrl7586q/1rff/+5zz+EXFrwPY/88p3/zxgUQDgEjQPDrdW6vXaXiGZqcLOfKUy77cf8PDGznllss+JD1yx0qU8SWSKzLySP4b3ffgQOyUAAKAQH3zo791T5Kw/AAAAAAAAAAAAAAAAAAAAcFLhP0I28f+/LDA5vKYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJzpvwEAAP//rCjOPA==") chmod(&(0x7f0000000340)='./file1\x00', 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r3 = socket$inet_udp(0x2, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x2f00, 0x0, 0x4, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x4, 0x2f, 0x0, @empty, @multicast1}}}}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) socket(0x2, 0x80000, 0x8) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_PLIMIT={0x8, 0x8}]}}]}, 0x38}}, 0x0) 350.501853ms ago: executing program 1 (id=2595): prctl$PR_SET_NAME(0xf, &(0x7f00000014c0)='w\xde\xa1\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd\xde\xad\xf5\x1eM\x11[\xb6\x98\xda\xd2y\xbd\xad\x87P\xd8\xb2\xe5\xd2\xe7\xf6\xa1\xc8\'\x1e\xbc\xf4\xa0\xe6\xcf*(\xfb_\x9fL\xa2\x86\f\xcd\x1b\xd1\xe7\x11\xe8\xe1-\x0f\x1b:\xff\x11~') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dd"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfe, 0x0, 0x7ffc0002}]}) syslog(0x2, 0x0, 0xb0de) 334.278074ms ago: executing program 1 (id=2596): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x14010, &(0x7f0000001280)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES32], 0x1, 0x11ee, &(0x7f0000003680)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) 296.814585ms ago: executing program 4 (id=2597): r0 = io_uring_setup(0x6cfd, &(0x7f0000000100)={0x0, 0x200023d0, 0x400, 0xfffffffc, 0x299}) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000000), 0x7ffffffe) openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0) r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x40000333}, &(0x7f0000000340)=0x0, &(0x7f0000000040)) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000010000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r4) sendmsg$NLBL_MGMT_C_ADDDEF(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, r5, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4048081}, 0x20008852) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r1, 0x847ba, 0x2000, 0xe, 0x0, 0x0) 236.288286ms ago: executing program 4 (id=2598): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'geneve1\x00'}) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000005600)='sys_enter\x00', r2, 0x0, 0x2}, 0x18) getrandom(0xfffffffffffffffe, 0x0, 0x2) r3 = timerfd_create(0x5, 0x80000) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r3, 0x80286722, &(0x7f0000000040)={&(0x7f0000000300)=""/225, 0xe1, 0x0, 0x80000001}) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000002000000e27f000001"], 0x48) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'dummy0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x40, 0x24, 0xd0f, 0x50bd2f, 0xfffffffc, {0x60, 0x0, 0x0, r5, {0x0, 0x8}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_etf={{0x8}, {0xfffffffffffffea5, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0xb, 0xb}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x3004408c) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x3fffffffc}, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x8001, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) rt_sigqueueinfo(0x0, 0x21, &(0x7f0000000000)) 226.521246ms ago: executing program 1 (id=2599): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'geneve1\x00'}) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r1}, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000005600)='sys_enter\x00', r2, 0x0, 0x2}, 0x18) timerfd_create(0x5, 0x80000) 221.773646ms ago: executing program 0 (id=2600): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0x16, 0x0}, 0x8) syz_open_procfs(0x0, &(0x7f0000000140)='net/netfilter\x00') add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x0}, 0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000340)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000200), &(0x7f0000000240)}, 0x20) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x2010008, &(0x7f0000000740)={[{@orlov}]}, 0xff, 0x53b, &(0x7f00000010c0)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==") fstatfs(r2, &(0x7f0000000640)=""/196) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580), 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b705000000000000850000006d00000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r6) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118) 190.356396ms ago: executing program 1 (id=2601): prctl$PR_GET_SECCOMP(0x15) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a00000004000000fd0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000002955009d5df6a5d4b46bb3d151292bbb9f0785e0a0cca70eea8fc3aa77f0375c50084cd0df9e3c729f5e11f7396414ec6174fb78b6919a5e2e58cbcc26915e0cb0bc967f7f0a4f7108eabd82faf59ea3f2008ac903ddcb99dc3e73edb378bf07426c0bc7ca57b17ce372330d996c7f9d085f844d49112a3c3b39797ef95b095bead9ff08465601eab9df6e3efae2dedb15379fb13445bfaaaa9793ae5a0144f9235c44a5d22ddafdfda962cf890a6c7891d221d0a1735598208cacbe037c63453390e9ce3ad2a804e0a90c418c61fe46a8a1c12ceaff6aea4dfa1bd95917c6926e7d9e2195c845275246d48c842e1ccd52f4b010f3039cd9fca05a0dad47eac3b9ae04185c0c8db2193cbdba3b75ba3b4444fb14058724d124"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0) ioctl$SNAPSHOT_FREE(r1, 0x3305) 184.626957ms ago: executing program 4 (id=2602): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680)) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000680)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@bsdgroups}, {@lazytime}, {@noload}]}, 0x3, 0x45c, &(0x7f0000002400)="$eJzs3MtvG8UfAPDv+pG+m/yq/oA+gCBAlAJJk5bSAxcQSBxAQoJDOYYkrUrdBjVBIlUFBaFyRJU4cUEckfgLOMEFASckLhzgjipVqJcWTkYb76a2a+dVP0j9+UjrzuyuO/P1ztizM7EDGFij6UMSsTMifo+I4Vq28YTR2j+3blya/vvGpekkqtU3/kpK6eGbNy5N56fmz9uRZ0oRhU+SONCi3PnFi2enKpXZC1l+fOHcu+PzixefOXNu6vTs6dnzkydOHDs68dzxyWc7Emca1839H8wd3PfKW1dfmz559e2fvkny+Jvi6JDRlQ4+Xq12uLj+2lWXrrUMNoNirZtGean/D0cxbl+84Xj5475WDuiqarVava/94ctV4B6WRL9rAPRH/kGf3v/mW4+GHv8J11+o3QClcd/KttqRUhSyc8pN97edNBoRJy//82W6RXfmIQAAGnyXjn+ebjX+K0T9vNDubA1lJCL+FxF7IuJ4ROyNiP9HLJ17f0Q8sM7ymxdJ7hz/FK5tKLA1Ssd/z2drW43jv3z0FyPFLLdrKf5ycupMZfZI9pocivKWND+xQhnfv/TrZ+2O1Y//0i0tPx8LZvW4VtrS+JyZqYWpu4m53vWPIvaXWsWfLK8EJBGxLyL2b7CMM4e/Ptju2Orxr6AD60zVryKeqF3/y9EUfy5ZeX1yfGtUZo+M563iTj//cuX1duXfVfwdkF7/7S3b/3L8I0n9eu38ev73L55MH6/88Wnbe5qNtv+h5M2Gfe9PLSxcmIgYSl6tVbp+/2TTeZO3z0/jP/Ro6/6/J26/EgciIm3ED0bEQxHxcFb3R37bveqr8OOLj72z8fi7K41/Zu3XvzockTeExaHIEst7WieKZ3/4tqHQkdbx7257/Y8tpQ5le9by/reWeq23NQMAAMBmVYiInZEUxpbThcLYWO1v+PfG9kJlbn7hqVNz752fqX1HYCTKhXyma7huPnQiu63P85NN+aPZvPHnxW1L+bHpucpMv4OHAbejTf9P/Vnsd+2ArvN9LRhc+j8MLv0fBted/X9rX+oB9F6Lz/9t/agH0Hutxv8fruWJOztfF6C3mvq/ZT8YIOb/YHBtpP97z4B7Q2mln2we6mlVgN6Z3xarf0leYjMl8l+u6UYR5bS1HI6IxYtR6HukEl1M9PudCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+CSeFs") 144.950997ms ago: executing program 1 (id=2603): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x7fff}, 0x18) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300), 0x80, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd', @ANYRESHEX, @ANYBLOB]) 105.571358ms ago: executing program 4 (id=2604): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x800, 0xfffffffc, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000f80)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000280)='kfree\x00', r2}, 0x18) syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00') r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10) connect$inet(r3, &(0x7f0000000280)={0x2, 0x4, @multicast1}, 0x10) sendmmsg$inet(r3, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0x192}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0", 0x9ea}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x1}}], 0x3, 0x0) 86.293108ms ago: executing program 4 (id=2605): r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) write$evdev(r0, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37) 71.468529ms ago: executing program 1 (id=2606): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000540)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000140), 0x760, 0xa382) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x1e, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000feffdfff0000000000110000850000008b000000950000000000d700d37b3011b0a5f000faf208588642c1e443a45d7dc2e6f067cc362250aeb8a44501b2f8b37caef031ec2b9f545839051ad4299e81631dd090fb1decc31c2ad6f2309ced747b104d03f79fa0c725c52316215a4b5c4c02ccd11dbdc5e9dfbb403cb66661043a929c4ff480edd48234e51586d8ebfdf5bfbc171521031304d228df13e77d224ed8465df1c8eb420309628842183ca3ad531beb3b2ab89937e3b16eaf872c179ca8ce0c3c9c75621c2990940d9dce977fcb0a3fc252babf2d313b9ad7f9ba4300fa29362c2b188b10b9fad6f20b26e6046c3da4145db22cff5f9fbdcb038371cfa55c4edb50d365d301ed02ddf6078d8ff7fa96e710ab8f874c60b77ea25d55e2d9b0bcc7d2539a6271113642"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfl\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x29c780}) io_uring_enter(r8, 0x3518, 0xaddf, 0x2, 0x0, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x8) 46.487019ms ago: executing program 0 (id=2607): openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x105042, 0x20) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) creat(&(0x7f00000000c0)='./file0\x00', 0xf4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000c}, 0x94) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000000)) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x18) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x3ff, &(0x7f0000000500)=0x0) io_getevents(r3, 0x4, 0x4, &(0x7f00000019c0)=[{}, {}, {}, {}], 0x0) io_submit(r3, 0x1, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r2, 0x0}]) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r5}, 0x10) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001440)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c0000800800034000000002140000001100010000000000000000000100000a4f64fd86ad110b339f86ab6abe860315d2339a661413d74945e609"], 0xb0}}, 0x40) io_destroy(r3) fcntl$lock(r0, 0x25, &(0x7f00000000c0)={0x2, 0x0, 0x4004, 0x409}) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) 771.5µs ago: executing program 4 (id=2608): prctl$PR_SET_NAME(0xf, &(0x7f00000014c0)='w\xde\xa1\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd\xde\xad\xf5\x1eM\x11[\xb6\x98\xda\xd2y\xbd\xad\x87P\xd8\xb2\xe5\xd2\xe7\xf6\xa1\xc8\'\x1e\xbc\xf4\xa0\xe6\xcf*(\xfb_\x9fL\xa2\x86\f\xcd\x1b\xd1\xe7\x11\xe8\xe1-\x0f\x1b:\xff\x11~') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfe, 0x0, 0x7ffc0002}]}) syslog(0x2, 0x0, 0xb0de) 0s ago: executing program 3 (id=2609): perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0x5c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_config_ext, 0x8000, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x6) symlinkat(&(0x7f0000000400)='./file0/../file0\x00', r1, 0x0) kernel console output (not intermixed with test programs): 27/0x60 [ 142.539522][T10341] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 142.539550][T10341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.539645][T10341] RIP: 0033:0x7fc898a2ebe9 [ 142.539661][T10341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.539680][T10341] RSP: 002b:00007fc897497038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 142.539753][T10341] RAX: ffffffffffffffda RBX: 00007fc898c65fa0 RCX: 00007fc898a2ebe9 [ 142.539766][T10341] RDX: 0000000000000029 RSI: 0000200000000440 RDI: 0000000000000005 [ 142.539779][T10341] RBP: 00007fc897497090 R08: 0000000000000000 R09: 0000000000000000 [ 142.539792][T10341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.539811][T10341] R13: 00007fc898c66038 R14: 00007fc898c65fa0 R15: 00007ffd56f6ce28 [ 142.539830][T10341] [ 142.539851][T10341] Mem-Info: [ 142.745113][T10347] loop2: detected capacity change from 0 to 1024 [ 142.749412][T10341] active_anon:9152 inactive_anon:0 isolated_anon:0 [ 142.749412][T10341] active_file:9229 inactive_file:2279 isolated_file:0 [ 142.749412][T10341] unevictable:0 dirty:174 writeback:19 [ 142.749412][T10341] slab_reclaimable:3544 slab_unreclaimable:15739 [ 142.749412][T10341] mapped:32342 shmem:5256 pagetables:1159 [ 142.749412][T10341] sec_pagetables:0 bounce:0 [ 142.749412][T10341] kernel_misc_reclaimable:0 [ 142.749412][T10341] free:1872225 free_pcp:28956 free_cma:0 [ 142.764741][T10347] EXT4-fs: Ignoring removed orlov option [ 142.807700][T10341] Node 0 active_anon:36608kB inactive_anon:0kB active_file:36916kB inactive_file:9116kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:129368kB dirty:696kB writeback:76kB shmem:21024kB kernel_stack:5280kB pagetables:4636kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 142.840772][T10341] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 142.869547][T10341] lowmem_reserve[]: 0 2883 7862 7862 [ 142.875060][T10341] Node 0 DMA32 free:2949292kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952824kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB [ 142.905444][T10341] lowmem_reserve[]: 0 0 4978 4978 [ 142.910622][T10341] Node 0 Normal free:4524248kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36608kB inactive_anon:0kB active_file:36916kB inactive_file:9116kB unevictable:0kB writepending:888kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:112292kB local_pcp:61884kB free_cma:0kB [ 142.942637][T10341] lowmem_reserve[]: 0 0 0 0 [ 142.947284][T10341] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 142.960019][T10341] Node 0 DMA32: 3*4kB (M) 4*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949292kB [ 142.976099][T10341] Node 0 Normal: 4*4kB (UME) 3*8kB (UME) 3*16kB (UE) 129*32kB (ME) 81*64kB (UME) 22*128kB (UME) 17*256kB (ME) 8*512kB (ME) 6*1024kB (ME) 2*2048kB (ME) 1097*4096kB (M) = 4524216kB [ 142.994044][T10341] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 143.003336][T10341] 16731 total pagecache pages [ 143.008019][T10341] 0 pages in swap cache [ 143.012154][T10341] Free swap = 124996kB [ 143.016317][T10341] Total swap = 124996kB [ 143.020482][T10341] 2097051 pages RAM [ 143.024299][T10341] 0 pages HighMem/MovableOnly [ 143.029038][T10341] 80445 pages reserved [ 143.033172][T10336] hsr_slave_1 (unregistering): left promiscuous mode [ 143.049587][T10343] netlink: 152 bytes leftover after parsing attributes in process `syz.4.2056'. [ 143.064672][ T29] kauditd_printk_skb: 433 callbacks suppressed [ 143.064687][ T29] audit: type=1326 audit(1756950141.431:7510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.3.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 143.094352][ T29] audit: type=1326 audit(1756950141.431:7511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.3.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 143.117972][ T29] audit: type=1326 audit(1756950141.431:7512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.3.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 143.141458][ T29] audit: type=1326 audit(1756950141.431:7513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.3.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 143.156277][T10354] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 143.165020][ T29] audit: type=1326 audit(1756950141.431:7514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.3.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 143.165079][ T29] audit: type=1326 audit(1756950141.431:7515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.3.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 143.223868][ T29] audit: type=1326 audit(1756950141.431:7516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.3.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 143.247508][ T29] audit: type=1326 audit(1756950141.431:7517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.3.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 143.271197][ T29] audit: type=1326 audit(1756950141.431:7518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.3.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 143.294744][ T29] audit: type=1326 audit(1756950141.431:7519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10334 comm="syz.3.2055" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 143.331448][T10358] loop2: detected capacity change from 0 to 512 [ 143.340588][T10360] netlink: 'syz.1.2061': attribute type 2 has an invalid length. [ 143.347435][T10358] EXT4-fs: Ignoring removed mblk_io_submit option [ 143.348443][T10360] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2061'. [ 143.371515][T10362] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2062'. [ 143.385974][T10362] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2062'. [ 143.475067][T10358] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 143.478554][T10358] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.2060: attempt to clear invalid blocks 2 len 1 [ 143.481959][T10358] EXT4-fs (loop2): Remounting filesystem read-only [ 143.482255][T10358] EXT4-fs (loop2): 1 truncate cleaned up [ 143.562205][T10382] loop4: detected capacity change from 0 to 1024 [ 143.562563][T10382] EXT4-fs: Ignoring removed nobh option [ 143.562599][T10382] EXT4-fs: Ignoring removed bh option [ 143.572291][T10382] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 143.606474][T10382] loop4: detected capacity change from 0 to 8192 [ 143.646346][T10390] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2071'. [ 143.705782][T10396] FAULT_INJECTION: forcing a failure. [ 143.705782][T10396] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 143.705827][T10396] CPU: 1 UID: 0 PID: 10396 Comm: syz.4.2072 Not tainted syzkaller #0 PREEMPT(voluntary) [ 143.705849][T10396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 143.705871][T10396] Call Trace: [ 143.705876][T10396] [ 143.705881][T10396] __dump_stack+0x1d/0x30 [ 143.705903][T10396] dump_stack_lvl+0xe8/0x140 [ 143.705924][T10396] dump_stack+0x15/0x1b [ 143.705940][T10396] should_fail_ex+0x265/0x280 [ 143.706019][T10396] should_fail+0xb/0x20 [ 143.706039][T10396] should_fail_usercopy+0x1a/0x20 [ 143.706060][T10396] _copy_to_user+0x20/0xa0 [ 143.706108][T10396] simple_read_from_buffer+0xb5/0x130 [ 143.706133][T10396] proc_fail_nth_read+0x10e/0x150 [ 143.706168][T10396] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 143.706212][T10396] vfs_read+0x1a5/0x770 [ 143.706230][T10396] ? __rcu_read_unlock+0x4f/0x70 [ 143.706316][T10396] ? __fget_files+0x184/0x1c0 [ 143.706344][T10396] ksys_read+0xda/0x1a0 [ 143.706384][T10396] __x64_sys_read+0x40/0x50 [ 143.706415][T10396] x64_sys_call+0x27bc/0x2ff0 [ 143.706438][T10396] do_syscall_64+0xd2/0x200 [ 143.706567][T10396] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 143.706593][T10396] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 143.706622][T10396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.706670][T10396] RIP: 0033:0x7f858fa7d5fc [ 143.706686][T10396] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 143.706701][T10396] RSP: 002b:00007f858e4c6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 143.706719][T10396] RAX: ffffffffffffffda RBX: 00007f858fcb6090 RCX: 00007f858fa7d5fc [ 143.706740][T10396] RDX: 000000000000000f RSI: 00007f858e4c60a0 RDI: 0000000000000004 [ 143.706753][T10396] RBP: 00007f858e4c6090 R08: 0000000000000000 R09: 0000000000000000 [ 143.706786][T10396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 143.706799][T10396] R13: 00007f858fcb6128 R14: 00007f858fcb6090 R15: 00007ffda6c11908 [ 143.706817][T10396] [ 143.758299][T10404] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 143.933059][T10413] bridge_slave_0: left allmulticast mode [ 143.964544][T10413] bridge_slave_0: left promiscuous mode [ 143.964660][T10413] bridge0: port 1(bridge_slave_0) entered disabled state [ 143.970546][T10416] loop1: detected capacity change from 0 to 256 [ 143.984805][T10416] /dev/loop1: Can't open blockdev [ 143.985300][T10413] bridge_slave_1: left allmulticast mode [ 143.985319][T10413] bridge_slave_1: left promiscuous mode [ 143.985529][T10413] bridge0: port 2(bridge_slave_1) entered disabled state [ 143.986512][T10416] netlink: 'syz.1.2079': attribute type 10 has an invalid length. [ 144.017591][T10416] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2079'. [ 144.027799][T10413] bond0: (slave bond_slave_0): Releasing backup interface [ 144.046298][T10413] bond0: (slave bond_slave_1): Releasing backup interface [ 144.056267][T10419] FAULT_INJECTION: forcing a failure. [ 144.056267][T10419] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.059628][T10413] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 144.069329][T10419] CPU: 1 UID: 0 PID: 10419 Comm: syz.4.2081 Not tainted syzkaller #0 PREEMPT(voluntary) [ 144.069438][T10419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 144.069451][T10419] Call Trace: [ 144.069458][T10419] [ 144.069465][T10419] __dump_stack+0x1d/0x30 [ 144.069532][T10419] dump_stack_lvl+0xe8/0x140 [ 144.069551][T10419] dump_stack+0x15/0x1b [ 144.069568][T10419] should_fail_ex+0x265/0x280 [ 144.069618][T10419] should_fail+0xb/0x20 [ 144.069636][T10419] should_fail_usercopy+0x1a/0x20 [ 144.069658][T10419] _copy_from_user+0x1c/0xb0 [ 144.069762][T10419] bpf_test_init+0xdf/0x160 [ 144.069783][T10419] bpf_prog_test_run_xdp+0x274/0x910 [ 144.069805][T10419] ? kstrtouint+0x76/0xc0 [ 144.069865][T10419] ? __rcu_read_unlock+0x4f/0x70 [ 144.069889][T10419] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 144.069965][T10419] bpf_prog_test_run+0x227/0x390 [ 144.069996][T10419] __sys_bpf+0x4b9/0x7b0 [ 144.070028][T10419] __x64_sys_bpf+0x41/0x50 [ 144.070052][T10419] x64_sys_call+0x2aea/0x2ff0 [ 144.070142][T10419] do_syscall_64+0xd2/0x200 [ 144.070170][T10419] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 144.070213][T10419] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 144.070240][T10419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.070261][T10419] RIP: 0033:0x7f858fa7ebe9 [ 144.070276][T10419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.070294][T10419] RSP: 002b:00007f858e4e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 144.070312][T10419] RAX: ffffffffffffffda RBX: 00007f858fcb5fa0 RCX: 00007f858fa7ebe9 [ 144.070374][T10419] RDX: 0000000000000050 RSI: 00002000000004c0 RDI: 000000000000000a [ 144.070386][T10419] RBP: 00007f858e4e7090 R08: 0000000000000000 R09: 0000000000000000 [ 144.070398][T10419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.070416][T10419] R13: 00007f858fcb6038 R14: 00007f858fcb5fa0 R15: 00007ffda6c11908 [ 144.070481][T10419] [ 144.200018][T10421] loop2: detected capacity change from 0 to 1024 [ 144.204330][T10413] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 144.290634][T10421] EXT4-fs: Ignoring removed nobh option [ 144.291122][T10413] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 144.296316][T10421] EXT4-fs: Ignoring removed bh option [ 144.303740][T10413] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 144.309519][T10425] loop3: detected capacity change from 0 to 764 [ 144.324958][T10421] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal [ 144.348940][T10416] batman_adv: batadv0: Adding interface: veth1_vlan [ 144.355599][T10416] batman_adv: batadv0: The MTU of interface veth1_vlan is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 144.387947][T10416] batman_adv: batadv0: Interface activated: veth1_vlan [ 144.407870][T10428] random: crng reseeded on system resumption [ 144.416657][T10430] FAULT_INJECTION: forcing a failure. [ 144.416657][T10430] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.429814][T10430] CPU: 1 UID: 0 PID: 10430 Comm: syz.0.2085 Not tainted syzkaller #0 PREEMPT(voluntary) [ 144.429844][T10430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 144.429856][T10430] Call Trace: [ 144.429863][T10430] [ 144.429869][T10430] __dump_stack+0x1d/0x30 [ 144.429888][T10430] dump_stack_lvl+0xe8/0x140 [ 144.429960][T10430] dump_stack+0x15/0x1b [ 144.429975][T10430] should_fail_ex+0x265/0x280 [ 144.429998][T10430] should_fail+0xb/0x20 [ 144.430016][T10430] should_fail_usercopy+0x1a/0x20 [ 144.430037][T10430] strncpy_from_user+0x25/0x230 [ 144.430112][T10430] ? kmem_cache_alloc_noprof+0x186/0x310 [ 144.430141][T10430] ? getname_flags+0x80/0x3b0 [ 144.430279][T10430] getname_flags+0xae/0x3b0 [ 144.430309][T10430] user_path_create+0x27/0x130 [ 144.430351][T10430] bpf_obj_pin_user+0xe0/0x230 [ 144.430373][T10430] bpf_obj_pin+0xac/0xd0 [ 144.430400][T10430] __sys_bpf+0x6cb/0x7b0 [ 144.430481][T10430] __x64_sys_bpf+0x41/0x50 [ 144.430507][T10430] x64_sys_call+0x2aea/0x2ff0 [ 144.430530][T10430] do_syscall_64+0xd2/0x200 [ 144.430559][T10430] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 144.430586][T10430] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 144.430611][T10430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.430642][T10430] RIP: 0033:0x7ff33392ebe9 [ 144.430655][T10430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.430698][T10430] RSP: 002b:00007ff33238f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 144.430719][T10430] RAX: ffffffffffffffda RBX: 00007ff333b65fa0 RCX: 00007ff33392ebe9 [ 144.430781][T10430] RDX: 0000000000000018 RSI: 0000200000000180 RDI: 0000000000000006 [ 144.430792][T10430] RBP: 00007ff33238f090 R08: 0000000000000000 R09: 0000000000000000 [ 144.430805][T10430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.430819][T10430] R13: 00007ff333b66038 R14: 00007ff333b65fa0 R15: 00007ffdb9d300a8 [ 144.430893][T10430] [ 144.714579][T10434] tipc: Started in network mode [ 144.719477][T10434] tipc: Node identity fe566a513f3, cluster identity 4711 [ 144.726857][T10434] tipc: Enabled bearer , priority 0 [ 144.733802][T10421] loop2: detected capacity change from 0 to 8192 [ 144.740552][T10437] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 144.812972][T10432] tipc: Resetting bearer [ 144.835421][T10432] tipc: Disabling bearer [ 144.875909][T10456] loop3: detected capacity change from 0 to 256 [ 144.888379][T10456] FAT-fs (loop3): Directory bread(block 64) failed [ 144.896751][T10456] FAT-fs (loop3): Directory bread(block 65) failed [ 144.903339][T10456] FAT-fs (loop3): Directory bread(block 66) failed [ 144.926260][T10456] FAT-fs (loop3): Directory bread(block 67) failed [ 144.933431][T10458] loop2: detected capacity change from 0 to 512 [ 144.934863][T10456] FAT-fs (loop3): Directory bread(block 68) failed [ 144.969394][T10456] FAT-fs (loop3): Directory bread(block 69) failed [ 144.983208][T10456] FAT-fs (loop3): Directory bread(block 70) failed [ 144.992480][T10463] FAULT_INJECTION: forcing a failure. [ 144.992480][T10463] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.992910][T10465] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10465 comm=syz.4.2098 [ 145.005671][T10463] CPU: 1 UID: 0 PID: 10463 Comm: syz.0.2099 Not tainted syzkaller #0 PREEMPT(voluntary) [ 145.005697][T10463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 145.005708][T10463] Call Trace: [ 145.005745][T10463] [ 145.005753][T10463] __dump_stack+0x1d/0x30 [ 145.005774][T10463] dump_stack_lvl+0xe8/0x140 [ 145.005794][T10463] dump_stack+0x15/0x1b [ 145.005811][T10463] should_fail_ex+0x265/0x280 [ 145.005832][T10463] should_fail+0xb/0x20 [ 145.005886][T10463] should_fail_usercopy+0x1a/0x20 [ 145.005909][T10463] _copy_from_user+0x1c/0xb0 [ 145.005938][T10463] core_sys_select+0x34a/0x6e0 [ 145.005999][T10463] ? set_user_sigmask+0x84/0x190 [ 145.006020][T10463] __se_sys_pselect6+0x216/0x280 [ 145.006095][T10463] __x64_sys_pselect6+0x78/0x90 [ 145.006174][T10463] x64_sys_call+0x28b9/0x2ff0 [ 145.006195][T10463] do_syscall_64+0xd2/0x200 [ 145.006269][T10463] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 145.006303][T10463] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 145.006371][T10463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.006391][T10463] RIP: 0033:0x7ff33392ebe9 [ 145.006404][T10463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.006420][T10463] RSP: 002b:00007ff33238f038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 145.006451][T10463] RAX: ffffffffffffffda RBX: 00007ff333b65fa0 RCX: 00007ff33392ebe9 [ 145.006464][T10463] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040 [ 145.006476][T10463] RBP: 00007ff33238f090 R08: 0000000000000000 R09: 0000000000000000 [ 145.006489][T10463] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 145.006501][T10463] R13: 00007ff333b66038 R14: 00007ff333b65fa0 R15: 00007ffdb9d300a8 [ 145.006519][T10463] [ 145.046760][T10456] FAT-fs (loop3): Directory bread(block 71) failed [ 145.057100][T10464] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10464 comm=syz.4.2098 [ 145.078996][T10456] FAT-fs (loop3): Directory bread(block 72) failed [ 145.112901][T10458] ext4 filesystem being mounted at /370/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.180396][T10456] FAT-fs (loop3): Directory bread(block 73) failed [ 145.198672][T10477] netlink: 'syz.1.2100': attribute type 1 has an invalid length. [ 145.288230][T10481] loop4: detected capacity change from 0 to 1024 [ 145.303240][T10456] 9pnet_fd: Insufficient options for proto=fd [ 145.303632][T10481] EXT4-fs: Ignoring removed nobh option [ 145.315049][T10481] EXT4-fs: Ignoring removed bh option [ 145.336427][T10481] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 145.341235][T10484] loop3: detected capacity change from 0 to 512 [ 145.363631][T10484] ext4 filesystem being mounted at /410/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.419501][T10481] loop4: detected capacity change from 0 to 8192 [ 145.583943][T10502] loop4: detected capacity change from 0 to 1024 [ 145.591225][T10502] EXT4-fs: Ignoring removed orlov option [ 145.639432][T10512] netlink: 'syz.1.2114': attribute type 27 has an invalid length. [ 145.680830][T10520] loop3: detected capacity change from 0 to 1024 [ 145.740823][T10520] EXT4-fs: Ignoring removed nobh option [ 145.746471][T10520] EXT4-fs: Ignoring removed bh option [ 145.830842][T10520] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal [ 145.878364][T10512] batman_adv: batadv0: Interface deactivated: veth1_vlan [ 145.890996][T10529] loop4: detected capacity change from 0 to 512 [ 145.909139][T10520] loop3: detected capacity change from 0 to 8192 [ 145.909754][T10529] ext4 filesystem being mounted at /491/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 145.962843][T10535] loop2: detected capacity change from 0 to 256 [ 145.972093][T10531] bridge_slave_0: left allmulticast mode [ 145.977904][T10531] bridge_slave_0: left promiscuous mode [ 145.983550][T10531] bridge0: port 1(bridge_slave_0) entered disabled state [ 146.056886][T10531] bridge_slave_1: left allmulticast mode [ 146.062603][T10531] bridge_slave_1: left promiscuous mode [ 146.068871][T10531] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.107222][T10531] bond0: (slave bond_slave_0): Releasing backup interface [ 146.116825][T10531] bond0: (slave bond_slave_1): Releasing backup interface [ 146.127491][T10531] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 146.135094][T10531] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 146.145177][T10531] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 146.152794][T10531] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 146.187477][ T56] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.196521][ T56] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.205773][T10535] veth0_vlan: entered allmulticast mode [ 146.257917][T10542] hsr0: entered allmulticast mode [ 146.263060][T10542] hsr_slave_0: entered allmulticast mode [ 146.269004][T10542] hsr_slave_1: entered allmulticast mode [ 146.279328][ T56] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.289526][T10546] hsr_slave_0: left promiscuous mode [ 146.302307][T10542] loop3: detected capacity change from 0 to 1024 [ 146.317295][T10546] hsr_slave_1: left promiscuous mode [ 146.326200][T10542] EXT4-fs: Ignoring removed nomblk_io_submit option [ 146.346977][T10546] hsr0 (unregistering): left allmulticast mode [ 146.357549][ T12] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.376878][T10542] bridge0: entered promiscuous mode [ 146.382176][T10542] macvtap1: entered allmulticast mode [ 146.387628][T10542] bridge0: entered allmulticast mode [ 146.400168][T10542] bridge0: port 3(macvtap1) entered blocking state [ 146.406807][T10542] bridge0: port 3(macvtap1) entered disabled state [ 146.416772][T10542] bridge0: left allmulticast mode [ 146.421820][T10542] bridge0: left promiscuous mode [ 146.428803][T10565] netlink: 'syz.2.2131': attribute type 3 has an invalid length. [ 146.536414][T10578] loop3: detected capacity change from 0 to 1024 [ 146.562587][T10578] EXT4-fs: Ignoring removed orlov option [ 146.631229][T10588] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 146.672432][T10597] loop3: detected capacity change from 0 to 1024 [ 146.679334][T10597] EXT4-fs: Ignoring removed orlov option [ 146.726129][T10597] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2142: bg 0: block 88: padding at end of block bitmap is not set [ 146.828653][T10609] loop3: detected capacity change from 0 to 512 [ 146.845291][T10609] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 146.853605][T10609] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.2146: invalid indirect mapped block 2683928664 (level 1) [ 146.875320][T10609] EXT4-fs (loop3): 1 truncate cleaned up [ 146.887347][T10609] __nla_validate_parse: 4 callbacks suppressed [ 146.887361][T10609] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2146'. [ 146.980067][T10624] vhci_hcd: invalid port number 96 [ 146.986183][T10624] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 146.996623][T10625] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2151'. [ 147.017889][T10627] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 147.080591][T10634] loop3: detected capacity change from 0 to 512 [ 147.095602][T10638] loop4: detected capacity change from 0 to 512 [ 147.117564][T10640] FAULT_INJECTION: forcing a failure. [ 147.117564][T10640] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 147.130844][T10640] CPU: 1 UID: 0 PID: 10640 Comm: syz.3.2159 Not tainted syzkaller #0 PREEMPT(voluntary) [ 147.130873][T10640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 147.130888][T10640] Call Trace: [ 147.130895][T10640] [ 147.130903][T10640] __dump_stack+0x1d/0x30 [ 147.131005][T10640] dump_stack_lvl+0xe8/0x140 [ 147.131023][T10640] dump_stack+0x15/0x1b [ 147.131067][T10640] should_fail_ex+0x265/0x280 [ 147.131087][T10640] should_fail+0xb/0x20 [ 147.131104][T10640] should_fail_usercopy+0x1a/0x20 [ 147.131126][T10640] _copy_from_user+0x1c/0xb0 [ 147.131169][T10640] __copy_msghdr+0x244/0x300 [ 147.131276][T10640] ___sys_sendmsg+0x109/0x1d0 [ 147.131313][T10640] __sys_sendmmsg+0x178/0x300 [ 147.131342][T10640] __x64_sys_sendmmsg+0x57/0x70 [ 147.131373][T10640] x64_sys_call+0x1c4a/0x2ff0 [ 147.131397][T10640] do_syscall_64+0xd2/0x200 [ 147.131427][T10640] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 147.131451][T10640] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 147.131497][T10640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.131589][T10640] RIP: 0033:0x7f89d999ebe9 [ 147.131668][T10640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.131685][T10640] RSP: 002b:00007f89d8407038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 147.131751][T10640] RAX: ffffffffffffffda RBX: 00007f89d9bd5fa0 RCX: 00007f89d999ebe9 [ 147.131764][T10640] RDX: 0000000000000001 RSI: 0000200000000900 RDI: 0000000000000006 [ 147.131778][T10640] RBP: 00007f89d8407090 R08: 0000000000000000 R09: 0000000000000000 [ 147.131791][T10640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 147.131881][T10640] R13: 00007f89d9bd6038 R14: 00007f89d9bd5fa0 R15: 00007ffc4f22ad68 [ 147.131901][T10640] [ 147.317704][T10638] ext4 filesystem being mounted at /506/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 147.353044][T10647] netlink: 'syz.1.2161': attribute type 4 has an invalid length. [ 147.416645][T10646] 9pnet: Could not find request transport: f [ 147.473540][T10653] netlink: 248 bytes leftover after parsing attributes in process `syz.2.2163'. [ 147.484111][T10653] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2163'. [ 147.499895][T10655] syz_tun: entered allmulticast mode [ 147.535700][T10654] syz_tun: left allmulticast mode [ 147.576443][T10653] loop2: detected capacity change from 0 to 512 [ 147.608614][T10660] FAULT_INJECTION: forcing a failure. [ 147.608614][T10660] name failslab, interval 1, probability 0, space 0, times 0 [ 147.621408][T10660] CPU: 0 UID: 0 PID: 10660 Comm: syz.4.2162 Not tainted syzkaller #0 PREEMPT(voluntary) [ 147.621437][T10660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 147.621467][T10660] Call Trace: [ 147.621474][T10660] [ 147.621483][T10660] __dump_stack+0x1d/0x30 [ 147.621506][T10660] dump_stack_lvl+0xe8/0x140 [ 147.621522][T10660] dump_stack+0x15/0x1b [ 147.621537][T10660] should_fail_ex+0x265/0x280 [ 147.621556][T10660] should_failslab+0x8c/0xb0 [ 147.621622][T10660] kmem_cache_alloc_lru_noprof+0x55/0x310 [ 147.621648][T10660] ? __d_alloc+0x3d/0x340 [ 147.621688][T10660] __d_alloc+0x3d/0x340 [ 147.621717][T10660] d_alloc_parallel+0x53/0xc60 [ 147.621845][T10660] ? selinux_inode_permission+0x62d/0x740 [ 147.621877][T10660] ? make_vfsuid+0x49/0xa0 [ 147.621902][T10660] ? lockref_get_not_dead+0x120/0x1c0 [ 147.621955][T10660] ? __rcu_read_unlock+0x4f/0x70 [ 147.622027][T10660] __lookup_slow+0x8c/0x250 [ 147.622056][T10660] lookup_slow+0x3c/0x60 [ 147.622089][T10660] walk_component+0x1ec/0x220 [ 147.622184][T10660] path_lookupat+0xfe/0x2a0 [ 147.622217][T10660] filename_lookup+0x147/0x340 [ 147.622285][T10660] user_path_at+0x3e/0x130 [ 147.622317][T10660] __se_sys_mount+0x25b/0x2e0 [ 147.622342][T10660] ? fput+0x8f/0xc0 [ 147.622451][T10660] __x64_sys_mount+0x67/0x80 [ 147.622471][T10660] x64_sys_call+0x2b4d/0x2ff0 [ 147.622564][T10660] do_syscall_64+0xd2/0x200 [ 147.622590][T10660] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 147.622675][T10660] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 147.622703][T10660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.622727][T10660] RIP: 0033:0x7f858fa7ebe9 [ 147.622744][T10660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.622763][T10660] RSP: 002b:00007f858e4e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 147.622783][T10660] RAX: ffffffffffffffda RBX: 00007f858fcb5fa0 RCX: 00007f858fa7ebe9 [ 147.622800][T10660] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000000 [ 147.622865][T10660] RBP: 00007f858e4e7090 R08: 0000000000000000 R09: 0000000000000000 [ 147.622878][T10660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 147.622888][T10660] R13: 00007f858fcb6038 R14: 00007f858fcb5fa0 R15: 00007ffda6c11908 [ 147.622955][T10660] [ 147.844033][T10653] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 147.959874][T10653] EXT4-fs (loop2): 1 truncate cleaned up [ 148.082029][T10668] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 148.083187][ T3410] IPVS: starting estimator thread 0... [ 148.115362][T10680] loop4: detected capacity change from 0 to 128 [ 148.128130][T10680] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 148.138706][ T29] kauditd_printk_skb: 358 callbacks suppressed [ 148.138719][ T29] audit: type=1326 audit(1756950146.501:7878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10667 comm="syz.1.2167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc898a2ebe9 code=0x7ffc0000 [ 148.168362][ T29] audit: type=1326 audit(1756950146.501:7879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10667 comm="syz.1.2167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc898a2ebe9 code=0x7ffc0000 [ 148.311367][T10683] rdma_op ffff8881214c8180 conn xmit_rdma 0000000000000000 [ 148.326521][T10683] loop3: detected capacity change from 0 to 764 [ 148.404126][T10678] IPVS: using max 2640 ests per chain, 132000 per kthread [ 148.412316][T10685] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2171'. [ 148.497800][ T29] audit: type=1400 audit(1756950146.711:7880): avc: denied { read write } for pid=10681 comm="syz.2.2172" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 148.521434][ T29] audit: type=1400 audit(1756950146.711:7881): avc: denied { open } for pid=10681 comm="syz.2.2172" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1 [ 148.545121][ T29] audit: type=1400 audit(1756950146.731:7882): avc: denied { append } for pid=10679 comm="syz.4.2171" name="event3" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 148.568912][ T29] audit: type=1400 audit(1756950146.731:7883): avc: denied { ioctl } for pid=10679 comm="syz.4.2171" path="/dev/input/event3" dev="devtmpfs" ino=256 ioctlcmd=0x450a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 148.594780][ T29] audit: type=1326 audit(1756950146.741:7884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10667 comm="syz.1.2167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc898a2ebe9 code=0x7ffc0000 [ 148.618458][ T29] audit: type=1326 audit(1756950146.741:7885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10667 comm="syz.1.2167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc898a2ebe9 code=0x7ffc0000 [ 148.642264][ T29] audit: type=1326 audit(1756950146.741:7886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10667 comm="syz.1.2167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc898a2ebe9 code=0x7ffc0000 [ 148.667308][ T51] kworker/u8:3: attempt to access beyond end of device [ 148.667308][ T51] loop4: rw=1, sector=138, nr_sectors = 2 limit=128 [ 148.689119][T10691] tipc: New replicast peer: 255.255.255.255 [ 148.695247][T10691] tipc: Enabled bearer , priority 10 [ 148.699201][T10696] loop2: detected capacity change from 0 to 512 [ 148.722866][T10696] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 148.731422][T10696] System zones: 0-2, 18-18, 34-35 [ 148.737981][T10696] ext4 filesystem being mounted at /384/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 148.758411][T10698] 9pnet: Could not find request transport: f [ 148.767640][T10696] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2176'. [ 148.780291][T10696] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2176'. [ 148.790002][T10696] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2176'. [ 148.791264][ T29] audit: type=1400 audit(1756950147.141:7887): avc: denied { create } for pid=10695 comm="syz.2.2176" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 148.868873][T10696] SELinux: policydb string SE Li[J does not match my string SE Linux [ 148.878481][T10696] SELinux: failed to load policy [ 148.889705][T10710] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2180'. [ 148.899241][T10710] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 148.925703][T10710] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 148.954780][T10721] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 148.970894][T10721] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2184'. [ 148.983010][T10715] netlink: 'syz.1.2179': attribute type 8 has an invalid length. [ 148.990898][T10715] netem: change failed [ 149.127319][T10733] loop3: detected capacity change from 0 to 512 [ 149.138674][T10738] loop4: detected capacity change from 0 to 764 [ 149.153247][T10735] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 149.181130][T10736] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_rx_wq": -EINTR [ 149.188932][T10733] ext4 filesystem being mounted at /431/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 149.253641][T10753] netlink: 'syz.2.2191': attribute type 13 has an invalid length. [ 149.342063][T10753] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 149.439355][T10771] loop3: detected capacity change from 0 to 512 [ 149.466134][T10771] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 149.486764][T10771] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 149.496945][T10771] EXT4-fs error (device loop3): ext4_xattr_block_get:593: inode #15: comm syz.3.2198: corrupted xattr block 19: overlapping e_value [ 149.510947][T10771] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop3 ino=15 [ 149.756683][T10800] random: crng reseeded on system resumption [ 149.763341][T10798] loop3: detected capacity change from 0 to 1024 [ 149.782687][T10800] Restarting kernel threads ... [ 149.794434][T10798] EXT4-fs: Ignoring removed orlov option [ 149.799422][T10800] Done restarting kernel threads. [ 149.815343][ T3383] tipc: Node number set to 3244714577 [ 149.857450][T10807] FAULT_INJECTION: forcing a failure. [ 149.857450][T10807] name failslab, interval 1, probability 0, space 0, times 0 [ 149.870105][T10807] CPU: 1 UID: 0 PID: 10807 Comm: syz.3.2209 Not tainted syzkaller #0 PREEMPT(voluntary) [ 149.870131][T10807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 149.870199][T10807] Call Trace: [ 149.870206][T10807] [ 149.870214][T10807] __dump_stack+0x1d/0x30 [ 149.870234][T10807] dump_stack_lvl+0xe8/0x140 [ 149.870251][T10807] dump_stack+0x15/0x1b [ 149.870281][T10807] should_fail_ex+0x265/0x280 [ 149.870306][T10807] should_failslab+0x8c/0xb0 [ 149.870330][T10807] kmem_cache_alloc_noprof+0x50/0x310 [ 149.870358][T10807] ? audit_log_start+0x365/0x6c0 [ 149.870464][T10807] audit_log_start+0x365/0x6c0 [ 149.870529][T10807] audit_seccomp+0x48/0x100 [ 149.870557][T10807] ? __seccomp_filter+0x68c/0x10d0 [ 149.870578][T10807] __seccomp_filter+0x69d/0x10d0 [ 149.870602][T10807] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 149.870701][T10807] ? vfs_write+0x7e8/0x960 [ 149.870782][T10807] ? __rcu_read_unlock+0x4f/0x70 [ 149.870803][T10807] ? __fget_files+0x184/0x1c0 [ 149.870851][T10807] __secure_computing+0x82/0x150 [ 149.870895][T10807] syscall_trace_enter+0xcf/0x1e0 [ 149.870917][T10807] do_syscall_64+0xac/0x200 [ 149.870943][T10807] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 149.870996][T10807] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 149.871056][T10807] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.871078][T10807] RIP: 0033:0x7f89d999ebe9 [ 149.871094][T10807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.871119][T10807] RSP: 002b:00007f89d8407038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 149.871137][T10807] RAX: ffffffffffffffda RBX: 00007f89d9bd5fa0 RCX: 00007f89d999ebe9 [ 149.871147][T10807] RDX: 0000000000000001 RSI: 0000000000000005 RDI: 0000000000000000 [ 149.871157][T10807] RBP: 00007f89d8407090 R08: 0000000000000000 R09: 0000000000000000 [ 149.871168][T10807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 149.871179][T10807] R13: 00007f89d9bd6038 R14: 00007f89d9bd5fa0 R15: 00007ffc4f22ad68 [ 149.871194][T10807] [ 150.087228][T10808] loop1: detected capacity change from 0 to 1024 [ 150.096049][T10808] EXT4-fs: Ignoring removed orlov option [ 150.142785][T10808] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2210: bg 0: block 88: padding at end of block bitmap is not set [ 150.256204][T10827] lo speed is unknown, defaulting to 1000 [ 150.256801][T10829] FAULT_INJECTION: forcing a failure. [ 150.256801][T10829] name failslab, interval 1, probability 0, space 0, times 0 [ 150.267332][T10827] lo speed is unknown, defaulting to 1000 [ 150.274716][T10829] CPU: 1 UID: 0 PID: 10829 Comm: syz.4.2217 Not tainted syzkaller #0 PREEMPT(voluntary) [ 150.274744][T10829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 150.274756][T10829] Call Trace: [ 150.274764][T10829] [ 150.274772][T10829] __dump_stack+0x1d/0x30 [ 150.274794][T10829] dump_stack_lvl+0xe8/0x140 [ 150.274824][T10829] dump_stack+0x15/0x1b [ 150.274840][T10829] should_fail_ex+0x265/0x280 [ 150.274862][T10829] ? alloc_pipe_info+0xae/0x350 [ 150.274935][T10829] should_failslab+0x8c/0xb0 [ 150.275028][T10829] __kmalloc_cache_noprof+0x4c/0x320 [ 150.275062][T10829] alloc_pipe_info+0xae/0x350 [ 150.275086][T10829] splice_direct_to_actor+0x592/0x680 [ 150.275107][T10829] ? kstrtouint_from_user+0x9f/0xf0 [ 150.275130][T10829] ? __pfx_direct_splice_actor+0x10/0x10 [ 150.275224][T10829] ? __rcu_read_unlock+0x4f/0x70 [ 150.275299][T10829] ? get_pid_task+0x96/0xd0 [ 150.275325][T10829] ? avc_policy_seqno+0x15/0x30 [ 150.275349][T10829] ? selinux_file_permission+0x1e4/0x320 [ 150.275371][T10829] do_splice_direct+0xda/0x150 [ 150.275390][T10829] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 150.275427][T10829] do_sendfile+0x380/0x650 [ 150.275457][T10829] __x64_sys_sendfile64+0x105/0x150 [ 150.275503][T10829] x64_sys_call+0x2bb0/0x2ff0 [ 150.275524][T10829] do_syscall_64+0xd2/0x200 [ 150.275553][T10829] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 150.275577][T10829] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 150.275642][T10829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.275664][T10829] RIP: 0033:0x7f858fa7ebe9 [ 150.275775][T10829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.275792][T10829] RSP: 002b:00007f858e4e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 150.275811][T10829] RAX: ffffffffffffffda RBX: 00007f858fcb5fa0 RCX: 00007f858fa7ebe9 [ 150.275823][T10829] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 150.275836][T10829] RBP: 00007f858e4e7090 R08: 0000000000000000 R09: 0000000000000000 [ 150.275889][T10829] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001 [ 150.275902][T10829] R13: 00007f858fcb6038 R14: 00007f858fcb5fa0 R15: 00007ffda6c11908 [ 150.275919][T10829] [ 150.508518][T10840] netlink: 'gtp': attribute type 10 has an invalid length. [ 150.518974][T10827] lo speed is unknown, defaulting to 1000 [ 150.528775][T10827] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 150.536687][T10827] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 150.545085][T10840] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 150.581654][T10840] bond0: (slave lo): Enslaving as an active interface with an up link [ 150.585141][T10827] lo speed is unknown, defaulting to 1000 [ 150.585594][T10827] lo speed is unknown, defaulting to 1000 [ 150.585936][T10827] lo speed is unknown, defaulting to 1000 [ 150.586303][T10827] lo speed is unknown, defaulting to 1000 [ 150.586562][T10827] lo speed is unknown, defaulting to 1000 [ 150.586751][ T10] lo speed is unknown, defaulting to 1000 [ 150.586779][ T10] syz2: Port: 1 Link ACTIVE [ 150.586802][ T3395] lo speed is unknown, defaulting to 1000 [ 150.600867][T10849] loop3: detected capacity change from 0 to 1024 [ 150.601708][T10849] EXT4-fs: Ignoring removed nomblk_io_submit option [ 150.621923][T10847] vhci_hcd: invalid port number 96 [ 150.665542][T10847] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 150.749017][T10860] FAULT_INJECTION: forcing a failure. [ 150.749017][T10860] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 150.762368][T10860] CPU: 0 UID: 0 PID: 10860 Comm: syz.4.2225 Not tainted syzkaller #0 PREEMPT(voluntary) [ 150.762436][T10860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 150.762449][T10860] Call Trace: [ 150.762456][T10860] [ 150.762503][T10860] __dump_stack+0x1d/0x30 [ 150.762525][T10860] dump_stack_lvl+0xe8/0x140 [ 150.762545][T10860] dump_stack+0x15/0x1b [ 150.762559][T10860] should_fail_ex+0x265/0x280 [ 150.762582][T10860] should_fail+0xb/0x20 [ 150.762643][T10860] should_fail_usercopy+0x1a/0x20 [ 150.762664][T10860] _copy_from_user+0x1c/0xb0 [ 150.762695][T10860] __se_sys_cachestat+0x71/0x630 [ 150.762716][T10860] ? __fget_files+0x184/0x1c0 [ 150.762789][T10860] ? fput+0x8f/0xc0 [ 150.762863][T10860] ? ksys_write+0x192/0x1a0 [ 150.762888][T10860] __x64_sys_cachestat+0x55/0x70 [ 150.762919][T10860] x64_sys_call+0x2ca2/0x2ff0 [ 150.762953][T10860] do_syscall_64+0xd2/0x200 [ 150.762989][T10860] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 150.763012][T10860] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 150.763080][T10860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.763173][T10860] RIP: 0033:0x7f858fa7ebe9 [ 150.763189][T10860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.763208][T10860] RSP: 002b:00007f858e4c6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c3 [ 150.763228][T10860] RAX: ffffffffffffffda RBX: 00007f858fcb6090 RCX: 00007f858fa7ebe9 [ 150.763277][T10860] RDX: 0000200000000100 RSI: 0000200000000140 RDI: 0000000000000004 [ 150.763288][T10860] RBP: 00007f858e4c6090 R08: 0000000000000000 R09: 0000000000000000 [ 150.763349][T10860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 150.763359][T10860] R13: 00007f858fcb6128 R14: 00007f858fcb6090 R15: 00007ffda6c11908 [ 150.763374][T10860] [ 150.949909][T10859] loop1: detected capacity change from 0 to 1024 [ 150.956844][T10859] EXT4-fs: Ignoring removed orlov option [ 150.988824][T10859] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2227: bg 0: block 88: padding at end of block bitmap is not set [ 151.118458][T10872] loop1: detected capacity change from 0 to 1024 [ 151.126365][T10872] EXT4-fs: Ignoring removed orlov option [ 151.142001][T10876] loop2: detected capacity change from 0 to 1024 [ 151.149187][T10876] EXT4-fs: Ignoring removed nobh option [ 151.155031][T10876] EXT4-fs: Ignoring removed bh option [ 151.165184][T10876] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal [ 151.198931][T10882] loop4: detected capacity change from 0 to 764 [ 151.227117][T10886] loop2: detected capacity change from 0 to 512 [ 151.249614][T10886] ext4 filesystem being mounted at /392/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 151.272473][T10890] FAULT_INJECTION: forcing a failure. [ 151.272473][T10890] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 151.285569][T10890] CPU: 1 UID: 0 PID: 10890 Comm: syz.3.2234 Not tainted syzkaller #0 PREEMPT(voluntary) [ 151.285596][T10890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 151.285614][T10890] Call Trace: [ 151.285620][T10890] [ 151.285627][T10890] __dump_stack+0x1d/0x30 [ 151.285646][T10890] dump_stack_lvl+0xe8/0x140 [ 151.285666][T10890] dump_stack+0x15/0x1b [ 151.285684][T10890] should_fail_ex+0x265/0x280 [ 151.285707][T10890] should_fail+0xb/0x20 [ 151.285726][T10890] should_fail_usercopy+0x1a/0x20 [ 151.285775][T10890] _copy_from_user+0x1c/0xb0 [ 151.285876][T10890] ___sys_sendmsg+0xc1/0x1d0 [ 151.285907][T10890] __sys_sendmmsg+0x178/0x300 [ 151.285940][T10890] __x64_sys_sendmmsg+0x57/0x70 [ 151.285988][T10890] x64_sys_call+0x1c4a/0x2ff0 [ 151.286007][T10890] do_syscall_64+0xd2/0x200 [ 151.286032][T10890] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 151.286056][T10890] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 151.286128][T10890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.286171][T10890] RIP: 0033:0x7f89d999ebe9 [ 151.286185][T10890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.286260][T10890] RSP: 002b:00007f89d83e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 151.286280][T10890] RAX: ffffffffffffffda RBX: 00007f89d9bd6090 RCX: 00007f89d999ebe9 [ 151.286294][T10890] RDX: 0400000000000181 RSI: 00002000000030c0 RDI: 0000000000000006 [ 151.286305][T10890] RBP: 00007f89d83e6090 R08: 0000000000000000 R09: 0000000000000000 [ 151.286351][T10890] R10: 9200000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 151.286365][T10890] R13: 00007f89d9bd6128 R14: 00007f89d9bd6090 R15: 00007ffc4f22ad68 [ 151.286384][T10890] [ 151.585989][T10900] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 151.684568][T10903] vhci_hcd: invalid port number 96 [ 151.689722][T10903] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 151.739059][T10897] loop1: detected capacity change from 0 to 32768 [ 151.796177][T10897] loop1: p1 p3 < > [ 151.904735][ T3390] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 151.923353][ T3390] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 151.998529][T10907] macsec1: entered promiscuous mode [ 152.003762][T10907] hsr0: entered promiscuous mode [ 152.012258][T10907] hsr0: left promiscuous mode [ 152.072332][T10910] loop4: detected capacity change from 0 to 128 [ 152.080516][T10910] vfat: Bad value for 'uid' [ 152.085140][T10910] vfat: Bad value for 'uid' [ 152.096135][T10912] loop3: detected capacity change from 0 to 128 [ 152.104756][T10912] vfat: Unknown parameter '00000000000000000000ÿÿÿÿ' [ 152.135017][T10916] loop1: detected capacity change from 0 to 1024 [ 152.141643][T10916] EXT4-fs: Ignoring removed nobh option [ 152.147289][T10916] EXT4-fs: Ignoring removed bh option [ 152.154298][T10916] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal [ 152.219836][T10923] loop1: detected capacity change from 0 to 1024 [ 152.227206][T10925] __nla_validate_parse: 2 callbacks suppressed [ 152.227220][T10925] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2248'. [ 152.247059][T10925] ip6gre1: entered allmulticast mode [ 152.255251][T10923] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 152.277757][T10923] FAULT_INJECTION: forcing a failure. [ 152.277757][T10923] name failslab, interval 1, probability 0, space 0, times 0 [ 152.290542][T10923] CPU: 0 UID: 0 PID: 10923 Comm: syz.1.2247 Not tainted syzkaller #0 PREEMPT(voluntary) [ 152.290567][T10923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 152.290586][T10923] Call Trace: [ 152.290592][T10923] [ 152.290599][T10923] __dump_stack+0x1d/0x30 [ 152.290619][T10923] dump_stack_lvl+0xe8/0x140 [ 152.290636][T10923] dump_stack+0x15/0x1b [ 152.290650][T10923] should_fail_ex+0x265/0x280 [ 152.290738][T10923] ? ext4_expand_extra_isize_ea+0x777/0x11f0 [ 152.290765][T10923] should_failslab+0x8c/0xb0 [ 152.290791][T10923] __kmalloc_cache_noprof+0x4c/0x320 [ 152.290943][T10923] ext4_expand_extra_isize_ea+0x777/0x11f0 [ 152.290977][T10923] ? ext4_fc_track_inode+0x9f/0x530 [ 152.291087][T10923] ? errseq_check+0x2c/0x50 [ 152.291121][T10923] __ext4_expand_extra_isize+0x246/0x280 [ 152.291155][T10923] __ext4_mark_inode_dirty+0x29d/0x3f0 [ 152.291217][T10923] ext4_dirty_inode+0x92/0xc0 [ 152.291238][T10923] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 152.291260][T10923] __mark_inode_dirty+0x15f/0x750 [ 152.291291][T10923] file_modified_flags+0x324/0x350 [ 152.291400][T10923] file_modified+0x17/0x20 [ 152.291431][T10923] ext4_buffered_write_iter+0x1d0/0x3c0 [ 152.291525][T10923] ext4_file_write_iter+0x383/0xf00 [ 152.291560][T10923] ? _parse_integer_limit+0x170/0x190 [ 152.291639][T10923] do_iter_readv_writev+0x499/0x540 [ 152.291665][T10923] vfs_writev+0x2df/0x8b0 [ 152.291741][T10923] ? mutex_lock+0xd/0x30 [ 152.291767][T10923] do_writev+0xe7/0x210 [ 152.291799][T10923] __x64_sys_writev+0x45/0x50 [ 152.291889][T10923] x64_sys_call+0x1e9a/0x2ff0 [ 152.291911][T10923] do_syscall_64+0xd2/0x200 [ 152.292017][T10923] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 152.292045][T10923] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 152.292073][T10923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.292097][T10923] RIP: 0033:0x7fc898a2ebe9 [ 152.292123][T10923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.292238][T10923] RSP: 002b:00007fc897497038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 152.292259][T10923] RAX: ffffffffffffffda RBX: 00007fc898c65fa0 RCX: 00007fc898a2ebe9 [ 152.292272][T10923] RDX: 0000000000000001 RSI: 00002000000004c0 RDI: 0000000000000007 [ 152.292287][T10923] RBP: 00007fc897497090 R08: 0000000000000000 R09: 0000000000000000 [ 152.292300][T10923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 152.292314][T10923] R13: 00007fc898c66038 R14: 00007fc898c65fa0 R15: 00007ffd56f6ce28 [ 152.292334][T10923] [ 152.557897][T10934] loop4: detected capacity change from 0 to 1024 [ 152.565145][T10934] EXT4-fs: Ignoring removed orlov option [ 152.570688][T10936] loop3: detected capacity change from 0 to 128 [ 152.582006][T10934] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2251: bg 0: block 88: padding at end of block bitmap is not set [ 152.625761][T10941] 9pnet: Could not find request transport: 0xffffffffffffffff [ 152.707956][T10951] loop4: detected capacity change from 0 to 1024 [ 152.735882][T10951] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=842c018, mo2=0002] [ 152.761252][T10951] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2256: bg 0: block 88: padding at end of block bitmap is not set [ 153.074833][T10969] lo speed is unknown, defaulting to 1000 [ 153.152681][T10969] rdma_op ffff8881033d6180 conn xmit_rdma 0000000000000000 [ 153.166811][T10969] loop4: detected capacity change from 0 to 764 [ 153.485743][ T29] kauditd_printk_skb: 615 callbacks suppressed [ 153.485758][ T29] audit: type=1326 audit(1756950151.781:8499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10976 comm="syz.3.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 153.515616][ T29] audit: type=1326 audit(1756950151.781:8500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10976 comm="syz.3.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 153.539136][ T29] audit: type=1326 audit(1756950151.781:8501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10976 comm="syz.3.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 153.562620][ T29] audit: type=1326 audit(1756950151.781:8502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10976 comm="syz.3.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 153.586051][ T29] audit: type=1326 audit(1756950151.781:8503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10976 comm="syz.3.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 153.609661][ T29] audit: type=1326 audit(1756950151.781:8504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10976 comm="syz.3.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 153.633275][ T29] audit: type=1326 audit(1756950151.791:8505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10976 comm="syz.3.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 153.656834][ T29] audit: type=1326 audit(1756950151.791:8506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10976 comm="syz.3.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 153.680402][ T29] audit: type=1326 audit(1756950151.791:8507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10976 comm="syz.3.2264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 153.713525][T10982] FAULT_INJECTION: forcing a failure. [ 153.713525][T10982] name failslab, interval 1, probability 0, space 0, times 0 [ 153.726474][T10982] CPU: 0 UID: 0 PID: 10982 Comm: syz.0.2265 Not tainted syzkaller #0 PREEMPT(voluntary) [ 153.726568][T10982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 153.726578][T10982] Call Trace: [ 153.726585][T10982] [ 153.726592][T10982] __dump_stack+0x1d/0x30 [ 153.726614][T10982] dump_stack_lvl+0xe8/0x140 [ 153.726634][T10982] dump_stack+0x15/0x1b [ 153.726652][T10982] should_fail_ex+0x265/0x280 [ 153.726675][T10982] should_failslab+0x8c/0xb0 [ 153.726743][T10982] __kmalloc_node_track_caller_noprof+0xa4/0x410 [ 153.726776][T10982] ? __request_module+0x1df/0x3e0 [ 153.726801][T10982] kstrdup+0x3e/0xd0 [ 153.726826][T10982] __request_module+0x1df/0x3e0 [ 153.726876][T10982] ? capable+0x7c/0xb0 [ 153.726944][T10982] ? security_capable+0x83/0x90 [ 153.726971][T10982] dev_load+0x61/0xc0 [ 153.726997][T10982] dev_ioctl+0x777/0x960 [ 153.727034][T10982] sock_ioctl+0x593/0x610 [ 153.727132][T10982] ? __pfx_sock_ioctl+0x10/0x10 [ 153.727161][T10982] __se_sys_ioctl+0xce/0x140 [ 153.727182][T10982] __x64_sys_ioctl+0x43/0x50 [ 153.727202][T10982] x64_sys_call+0x1816/0x2ff0 [ 153.727226][T10982] do_syscall_64+0xd2/0x200 [ 153.727277][T10982] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 153.727304][T10982] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 153.727382][T10982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.727406][T10982] RIP: 0033:0x7ff33392ebe9 [ 153.727423][T10982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.727443][T10982] RSP: 002b:00007ff33238f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 153.727464][T10982] RAX: ffffffffffffffda RBX: 00007ff333b65fa0 RCX: 00007ff33392ebe9 [ 153.727477][T10982] RDX: 0000200000000080 RSI: 00000000000089f3 RDI: 0000000000000003 [ 153.727569][T10982] RBP: 00007ff33238f090 R08: 0000000000000000 R09: 0000000000000000 [ 153.727583][T10982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 153.727596][T10982] R13: 00007ff333b66038 R14: 00007ff333b65fa0 R15: 00007ffdb9d300a8 [ 153.727616][T10982] [ 153.986489][T10985] loop3: detected capacity change from 0 to 512 [ 153.999060][T10987] loop4: detected capacity change from 0 to 512 [ 154.006657][T10987] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 154.015474][T10985] EXT4-fs: Ignoring removed mblk_io_submit option [ 154.026592][T10985] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13 [ 154.035301][T10985] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.2266: attempt to clear invalid blocks 2 len 1 [ 154.045642][ T29] audit: type=1326 audit(1756950152.411:8508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.0.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33392ebe9 code=0x7ffc0000 [ 154.048456][T10985] EXT4-fs (loop3): Remounting filesystem read-only [ 154.074454][T10987] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 154.086050][T10985] EXT4-fs (loop3): 1 truncate cleaned up [ 154.123498][T10987] EXT4-fs error (device loop4): ext4_xattr_block_get:593: inode #15: comm syz.4.2267: corrupted xattr block 19: overlapping e_value [ 154.160405][T10987] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=15 [ 154.206116][T11004] FAULT_INJECTION: forcing a failure. [ 154.206116][T11004] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 154.219220][T11004] CPU: 0 UID: 0 PID: 11004 Comm: syz.3.2272 Not tainted syzkaller #0 PREEMPT(voluntary) [ 154.219298][T11004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 154.219309][T11004] Call Trace: [ 154.219315][T11004] [ 154.219322][T11004] __dump_stack+0x1d/0x30 [ 154.219367][T11004] dump_stack_lvl+0xe8/0x140 [ 154.219383][T11004] dump_stack+0x15/0x1b [ 154.219397][T11004] should_fail_ex+0x265/0x280 [ 154.219416][T11004] should_fail+0xb/0x20 [ 154.219432][T11004] should_fail_usercopy+0x1a/0x20 [ 154.219459][T11004] _copy_from_user+0x1c/0xb0 [ 154.219484][T11004] __sys_bpf+0x178/0x7b0 [ 154.219514][T11004] __x64_sys_bpf+0x41/0x50 [ 154.219534][T11004] x64_sys_call+0x2aea/0x2ff0 [ 154.219559][T11004] do_syscall_64+0xd2/0x200 [ 154.219584][T11004] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 154.219605][T11004] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 154.219632][T11004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.219652][T11004] RIP: 0033:0x7f89d999ebe9 [ 154.219664][T11004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.219687][T11004] RSP: 002b:00007f89d8407038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 154.219753][T11004] RAX: ffffffffffffffda RBX: 00007f89d9bd5fa0 RCX: 00007f89d999ebe9 [ 154.219764][T11004] RDX: 0000000000000094 RSI: 0000200000000480 RDI: 0000000000000005 [ 154.219775][T11004] RBP: 00007f89d8407090 R08: 0000000000000000 R09: 0000000000000000 [ 154.219786][T11004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.219796][T11004] R13: 00007f89d9bd6038 R14: 00007f89d9bd5fa0 R15: 00007ffc4f22ad68 [ 154.219812][T11004] [ 154.446159][T11014] loop4: detected capacity change from 0 to 1024 [ 154.452994][T11014] EXT4-fs: Ignoring removed orlov option [ 154.511048][T11024] netlink: 248 bytes leftover after parsing attributes in process `syz.1.2278'. [ 154.521352][T11024] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2278'. [ 154.534035][T11024] loop1: detected capacity change from 0 to 512 [ 154.541439][T11024] journal_path: Non-blockdev passed as './bus' [ 154.547772][T11024] EXT4-fs: error: could not find journal device path [ 154.577981][T11028] netlink: 248 bytes leftover after parsing attributes in process `syz.1.2279'. [ 154.593653][T11028] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2279'. [ 154.643562][T11028] loop1: detected capacity change from 0 to 512 [ 154.712395][T11034] lo speed is unknown, defaulting to 1000 [ 154.742398][T11034] FAULT_INJECTION: forcing a failure. [ 154.742398][T11034] name failslab, interval 1, probability 0, space 0, times 0 [ 154.755118][T11034] CPU: 1 UID: 0 PID: 11034 Comm: syz.3.2275 Not tainted syzkaller #0 PREEMPT(voluntary) [ 154.755190][T11034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 154.755205][T11034] Call Trace: [ 154.755212][T11034] [ 154.755220][T11034] __dump_stack+0x1d/0x30 [ 154.755243][T11034] dump_stack_lvl+0xe8/0x140 [ 154.755293][T11034] dump_stack+0x15/0x1b [ 154.755307][T11034] should_fail_ex+0x265/0x280 [ 154.755328][T11034] should_failslab+0x8c/0xb0 [ 154.755353][T11034] __kmalloc_node_noprof+0xa9/0x410 [ 154.755385][T11034] ? blk_mq_alloc_tag_set+0x332/0x630 [ 154.755416][T11034] blk_mq_alloc_tag_set+0x332/0x630 [ 154.755442][T11034] ? __pfx_loop_control_ioctl+0x10/0x10 [ 154.755505][T11034] loop_add+0x25f/0x590 [ 154.755539][T11034] ? __pfx_loop_control_ioctl+0x10/0x10 [ 154.755676][T11034] loop_control_ioctl+0xd0/0x3f0 [ 154.755711][T11034] ? __pfx_loop_control_ioctl+0x10/0x10 [ 154.755739][T11034] __se_sys_ioctl+0xce/0x140 [ 154.755756][T11034] __x64_sys_ioctl+0x43/0x50 [ 154.755805][T11034] x64_sys_call+0x1816/0x2ff0 [ 154.755827][T11034] do_syscall_64+0xd2/0x200 [ 154.755858][T11034] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 154.755886][T11034] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 154.755915][T11034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.756063][T11034] RIP: 0033:0x7f89d999ebe9 [ 154.756159][T11034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.756178][T11034] RSP: 002b:00007f89d83c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 154.756200][T11034] RAX: ffffffffffffffda RBX: 00007f89d9bd6180 RCX: 00007f89d999ebe9 [ 154.756213][T11034] RDX: ffffffffffffffb6 RSI: 0000000000004c80 RDI: 0000000000000009 [ 154.756224][T11034] RBP: 00007f89d83c5090 R08: 0000000000000000 R09: 0000000000000000 [ 154.756234][T11034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.756245][T11034] R13: 00007f89d9bd6218 R14: 00007f89d9bd6180 R15: 00007ffc4f22ad68 [ 154.756260][T11034] [ 154.894857][T11028] journal_path: Non-blockdev passed as './bus' [ 154.972370][T11028] EXT4-fs: error: could not find journal device path [ 155.160261][T11048] FAULT_INJECTION: forcing a failure. [ 155.160261][T11048] name failslab, interval 1, probability 0, space 0, times 0 [ 155.172962][T11048] CPU: 1 UID: 0 PID: 11048 Comm: syz.1.2286 Not tainted syzkaller #0 PREEMPT(voluntary) [ 155.172989][T11048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 155.173000][T11048] Call Trace: [ 155.173006][T11048] [ 155.173030][T11048] __dump_stack+0x1d/0x30 [ 155.173053][T11048] dump_stack_lvl+0xe8/0x140 [ 155.173097][T11048] dump_stack+0x15/0x1b [ 155.173160][T11048] should_fail_ex+0x265/0x280 [ 155.173182][T11048] should_failslab+0x8c/0xb0 [ 155.173209][T11048] kmem_cache_alloc_noprof+0x50/0x310 [ 155.173271][T11048] ? audit_log_start+0x365/0x6c0 [ 155.173304][T11048] audit_log_start+0x365/0x6c0 [ 155.173332][T11048] audit_seccomp+0x48/0x100 [ 155.173364][T11048] ? __seccomp_filter+0x68c/0x10d0 [ 155.173385][T11048] __seccomp_filter+0x69d/0x10d0 [ 155.173409][T11048] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 155.173469][T11048] ? vfs_write+0x7e8/0x960 [ 155.173488][T11048] ? __rcu_read_unlock+0x4f/0x70 [ 155.173508][T11048] ? __fget_files+0x184/0x1c0 [ 155.173557][T11048] __secure_computing+0x82/0x150 [ 155.173580][T11048] syscall_trace_enter+0xcf/0x1e0 [ 155.173664][T11048] do_syscall_64+0xac/0x200 [ 155.173695][T11048] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 155.173717][T11048] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 155.173777][T11048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.173795][T11048] RIP: 0033:0x7fc898a2ebe9 [ 155.173809][T11048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.173827][T11048] RSP: 002b:00007fc897497038 EFLAGS: 00000246 ORIG_RAX: 000000000000008a [ 155.173846][T11048] RAX: ffffffffffffffda RBX: 00007fc898c65fa0 RCX: 00007fc898a2ebe9 [ 155.173860][T11048] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff [ 155.173878][T11048] RBP: 00007fc897497090 R08: 0000000000000000 R09: 0000000000000000 [ 155.173888][T11048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 155.173899][T11048] R13: 00007fc898c66038 R14: 00007fc898c65fa0 R15: 00007ffd56f6ce28 [ 155.173976][T11048] [ 155.433373][T11050] loop2: detected capacity change from 0 to 512 [ 155.467749][T11054] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 155.523418][T11068] loop2: detected capacity change from 0 to 1024 [ 155.547251][T11068] EXT4-fs: Ignoring removed orlov option [ 155.553704][T11068] EXT4-fs: Ignoring removed oldalloc option [ 155.559664][T11068] EXT4-fs: Ignoring removed bh option [ 155.565314][T11068] EXT4-fs: inline encryption not supported [ 155.590739][T11083] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2291'. [ 155.633416][T11073] loop4: detected capacity change from 0 to 8192 [ 155.715241][T11089] loop1: detected capacity change from 0 to 1024 [ 155.726648][T11089] EXT4-fs: Ignoring removed orlov option [ 155.775813][T11101] netlink: 248 bytes leftover after parsing attributes in process `syz.4.2299'. [ 155.794392][T11089] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2298: bg 0: block 88: padding at end of block bitmap is not set [ 155.818844][T11101] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2299'. [ 155.851392][T11101] loop4: detected capacity change from 0 to 512 [ 155.858389][T11101] journal_path: Non-blockdev passed as './bus' [ 155.864594][T11101] EXT4-fs: error: could not find journal device path [ 155.922498][T11116] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 156.021840][T11131] loop3: detected capacity change from 0 to 256 [ 156.028950][T11131] FAT-fs (loop3): Invalid FSINFO signature: 0x0ffffff8, 0x00000000 (sector = 33) [ 156.044184][T11131] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 1, start df000002) [ 156.054223][T11131] FAT-fs (loop3): Filesystem has been set read-only [ 156.083002][T11141] loop2: detected capacity change from 0 to 512 [ 156.092294][T11141] EXT4-fs: Ignoring removed orlov option [ 156.111805][T11141] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2306: bg 0: block 248: padding at end of block bitmap is not set [ 156.113850][T11147] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2308'. [ 156.141358][T11146] loop3: detected capacity change from 0 to 1024 [ 156.149835][T11141] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.2306: Failed to acquire dquot type 1 [ 156.151754][T11146] EXT4-fs: Ignoring removed orlov option [ 156.163530][T11141] EXT4-fs (loop2): 1 truncate cleaned up [ 156.173373][T11141] ext4 filesystem being mounted at /401/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 156.189586][T11141] syz.2.2306 (11141) used greatest stack depth: 9200 bytes left [ 156.208008][T11146] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2311: bg 0: block 88: padding at end of block bitmap is not set [ 156.242230][ T3427] EXT4-fs error (device loop2): ext4_release_dquot:6973: comm kworker/u8:7: Failed to release dquot type 1 [ 156.282517][T11163] loop4: detected capacity change from 0 to 1024 [ 156.292669][T11163] EXT4-fs: Ignoring removed orlov option [ 156.299668][ T3390] hid-generic 0000:0000:0000.0002: unknown main item tag 0x1 [ 156.302091][T11156] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 156.307258][ T3390] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 156.322258][ T3390] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 156.329841][ T3390] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 156.337254][ T3390] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 156.344727][ T3390] hid-generic 0000:0000:0000.0002: unknown main item tag 0x2 [ 156.352126][ T3390] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 156.359670][ T3390] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 156.367276][ T3390] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 156.375490][ T3390] hid-generic 0000:0000:0000.0002: hidraw0: HID v8.00 Device [syz0] on syz0 [ 156.398122][T11166] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2318'. [ 156.465293][T11164] syz.2.2313: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0 [ 156.479897][T11164] CPU: 1 UID: 0 PID: 11164 Comm: syz.2.2313 Not tainted syzkaller #0 PREEMPT(voluntary) [ 156.479965][T11164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 156.479979][T11164] Call Trace: [ 156.479987][T11164] [ 156.479995][T11164] __dump_stack+0x1d/0x30 [ 156.480018][T11164] dump_stack_lvl+0xe8/0x140 [ 156.480038][T11164] dump_stack+0x15/0x1b [ 156.480066][T11164] warn_alloc+0x12b/0x1a0 [ 156.480180][T11164] ? __list_add_valid_or_report+0x38/0xe0 [ 156.480212][T11164] ? merge_sched_in+0x605/0xa60 [ 156.480237][T11164] __vmalloc_node_range_noprof+0x9c/0xe00 [ 156.480298][T11164] ? __rcu_read_unlock+0x4f/0x70 [ 156.480321][T11164] ? avc_has_perm_noaudit+0x1b1/0x200 [ 156.480349][T11164] ? should_fail_ex+0x30/0x280 [ 156.480371][T11164] ? xskq_create+0x36/0xe0 [ 156.480483][T11164] vmalloc_user_noprof+0x7d/0xb0 [ 156.480519][T11164] ? xskq_create+0x80/0xe0 [ 156.480577][T11164] xskq_create+0x80/0xe0 [ 156.480612][T11164] xsk_init_queue+0x95/0xf0 [ 156.480716][T11164] xsk_setsockopt+0x477/0x640 [ 156.480756][T11164] ? __pfx_xsk_setsockopt+0x10/0x10 [ 156.480787][T11164] __sys_setsockopt+0x181/0x200 [ 156.480826][T11164] __x64_sys_setsockopt+0x64/0x80 [ 156.480850][T11164] x64_sys_call+0x20ec/0x2ff0 [ 156.480942][T11164] do_syscall_64+0xd2/0x200 [ 156.480973][T11164] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 156.481003][T11164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.481028][T11164] RIP: 0033:0x7fdf9f81ebe9 [ 156.481044][T11164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.481137][T11164] RSP: 002b:00007fdf9e27f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 156.481158][T11164] RAX: ffffffffffffffda RBX: 00007fdf9fa55fa0 RCX: 00007fdf9f81ebe9 [ 156.481173][T11164] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000009 [ 156.481217][T11164] RBP: 00007fdf9f8a1e19 R08: 0000000000000004 R09: 0000000000000000 [ 156.481231][T11164] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000 [ 156.481244][T11164] R13: 00007fdf9fa56038 R14: 00007fdf9fa55fa0 R15: 00007ffe61b91ff8 [ 156.481263][T11164] [ 156.481270][T11164] Mem-Info: [ 156.597108][T11171] netlink: 'syz.0.2319': attribute type 13 has an invalid length. [ 156.598849][T11164] active_anon:9123 inactive_anon:0 isolated_anon:0 [ 156.598849][T11164] active_file:9309 inactive_file:2265 isolated_file:0 [ 156.598849][T11164] unevictable:0 dirty:619 writeback:5 [ 156.598849][T11164] slab_reclaimable:3544 slab_unreclaimable:29409 [ 156.598849][T11164] mapped:32385 shmem:5264 pagetables:1147 [ 156.598849][T11164] sec_pagetables:0 bounce:0 [ 156.598849][T11164] kernel_misc_reclaimable:0 [ 156.598849][T11164] free:1878068 free_pcp:8584 free_cma:0 [ 156.606078][T11171] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 156.608169][T11164] Node 0 active_anon:36492kB inactive_anon:0kB active_file:37236kB inactive_file:9060kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:129540kB dirty:2476kB writeback:20kB shmem:21056kB kernel_stack:5264kB pagetables:4588kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 156.615054][T11171] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue [ 156.619838][T11164] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 156.634218][T11171] gretap1: entered promiscuous mode [ 156.644006][T11164] lowmem_reserve[]: 0 2883 7862 7862 [ 156.652470][T11171] gretap1: entered allmulticast mode [ 156.660430][T11164] [ 156.660437][T11164] Node 0 [ 156.813009][T11176] loop1: detected capacity change from 0 to 764 [ 156.824440][T11164] DMA32 free:2949292kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952824kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB [ 156.881243][T11164] lowmem_reserve[]: 0 0 4978 4978 [ 156.886384][T11164] Node 0 Normal free:4541424kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36840kB inactive_anon:0kB active_file:37236kB inactive_file:10684kB unevictable:0kB writepending:3888kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:30356kB local_pcp:24568kB free_cma:0kB [ 156.918596][T11164] lowmem_reserve[]: 0 0 0 0 [ 156.918646][T11164] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 156.936327][T11164] Node 0 DMA32: 3*4kB (M) 4*8kB (M) 4*16kB (M) 2*32kB (M) 4*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949292kB [ 156.953157][T11164] Node 0 Normal: 1195*4kB (UM) 1061*8kB (UME) 685*16kB (UME) 375*32kB (UME) 115*64kB (UME) 19*128kB (UE) 28*256kB (UME) 36*512kB (UME) 15*1024kB (UME) 7*2048kB (UME) 1084*4096kB (M) = 4541380kB [ 156.972494][T11164] Node 0 hugepages_total=6 hugepages_free=0 hugepages_surp=2 hugepages_size=2048kB [ 156.981788][T11164] 17327 total pagecache pages [ 156.986522][T11164] 0 pages in swap cache [ 156.994621][T11164] Free swap = 124996kB [ 156.998797][T11164] Total swap = 124996kB [ 157.002937][T11164] 2097051 pages RAM [ 157.006757][T11164] 0 pages HighMem/MovableOnly [ 157.011484][T11164] 80445 pages reserved [ 157.017156][ T3309] EXT4-fs unmount: 71 callbacks suppressed [ 157.017170][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.413341][T11213] random: crng reseeded on system resumption [ 157.423424][T11213] Restarting kernel threads ... [ 157.429631][T11213] Done restarting kernel threads. [ 157.819319][T11230] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 158.148656][T11237] bridge_slave_0: left allmulticast mode [ 158.154375][T11237] bridge_slave_0: left promiscuous mode [ 158.160318][T11237] bridge0: port 1(bridge_slave_0) entered disabled state [ 158.189507][T11242] __nla_validate_parse: 3 callbacks suppressed [ 158.189523][T11242] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2342'. [ 158.227610][T11237] bridge_slave_1: left allmulticast mode [ 158.233352][T11237] bridge_slave_1: left promiscuous mode [ 158.239116][T11237] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.260232][T11249] random: crng reseeded on system resumption [ 158.270570][T11249] Restarting kernel threads ... [ 158.277807][T11237] bond0: (slave bond_slave_0): Releasing backup interface [ 158.294926][T11237] bond0: (slave bond_slave_1): Releasing backup interface [ 158.310593][T11249] Done restarting kernel threads. [ 158.324327][T11237] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 158.331791][T11237] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 158.374410][T11237] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 158.381871][T11237] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 158.398642][T11251] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2342'. [ 158.438182][T11261] loop3: detected capacity change from 0 to 1024 [ 158.460546][T11261] EXT4-fs: Ignoring removed orlov option [ 158.509310][T11261] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 158.558273][ T29] kauditd_printk_skb: 219 callbacks suppressed [ 158.558288][ T29] audit: type=1326 audit(1756950156.921:8723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11239 comm="syz.1.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc898a2ebe9 code=0x7ffc0000 [ 158.588145][ T29] audit: type=1326 audit(1756950156.921:8724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11239 comm="syz.1.2341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc898a2ebe9 code=0x7ffc0000 [ 158.613309][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 158.633635][T11272] FAULT_INJECTION: forcing a failure. [ 158.633635][T11272] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 158.646769][T11272] CPU: 0 UID: 0 PID: 11272 Comm: syz.3.2349 Not tainted syzkaller #0 PREEMPT(voluntary) [ 158.646794][T11272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 158.646805][T11272] Call Trace: [ 158.646810][T11272] [ 158.646816][T11272] __dump_stack+0x1d/0x30 [ 158.646837][T11272] dump_stack_lvl+0xe8/0x140 [ 158.646936][T11272] dump_stack+0x15/0x1b [ 158.646954][T11272] should_fail_ex+0x265/0x280 [ 158.646978][T11272] should_fail+0xb/0x20 [ 158.646997][T11272] should_fail_usercopy+0x1a/0x20 [ 158.647074][T11272] _copy_from_user+0x1c/0xb0 [ 158.647099][T11272] set_selection_user+0x4a/0xe0 [ 158.647134][T11272] tioclinux+0x347/0x460 [ 158.647166][T11272] vt_ioctl+0x75f/0x1880 [ 158.647205][T11272] ? tty_jobctrl_ioctl+0x29e/0x810 [ 158.647230][T11272] tty_ioctl+0x7db/0xb80 [ 158.647258][T11272] ? __pfx_tty_ioctl+0x10/0x10 [ 158.647290][T11272] __se_sys_ioctl+0xce/0x140 [ 158.647311][T11272] __x64_sys_ioctl+0x43/0x50 [ 158.647331][T11272] x64_sys_call+0x1816/0x2ff0 [ 158.647403][T11272] do_syscall_64+0xd2/0x200 [ 158.647434][T11272] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 158.647538][T11272] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 158.647618][T11272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.647637][T11272] RIP: 0033:0x7f89d999ebe9 [ 158.647726][T11272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.647745][T11272] RSP: 002b:00007f89d8407038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 158.647795][T11272] RAX: ffffffffffffffda RBX: 00007f89d9bd5fa0 RCX: 00007f89d999ebe9 [ 158.647875][T11272] RDX: 0000200000001900 RSI: 000000000000541c RDI: 0000000000000007 [ 158.647886][T11272] RBP: 00007f89d8407090 R08: 0000000000000000 R09: 0000000000000000 [ 158.647896][T11272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 158.647907][T11272] R13: 00007f89d9bd6038 R14: 00007f89d9bd5fa0 R15: 00007ffc4f22ad68 [ 158.647923][T11272] [ 159.034892][T11281] loop1: detected capacity change from 0 to 1024 [ 159.035457][T11281] EXT4-fs: Ignoring removed orlov option [ 159.059011][T11281] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 159.087153][T11287] random: crng reseeded on system resumption [ 159.130775][T11281] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2353: bg 0: block 88: padding at end of block bitmap is not set [ 159.139140][T11287] Restarting kernel threads ... [ 159.150206][T11287] Done restarting kernel threads. [ 159.176169][T11301] FAULT_INJECTION: forcing a failure. [ 159.176169][T11301] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.189394][T11301] CPU: 0 UID: 0 PID: 11301 Comm: syz.4.2360 Not tainted syzkaller #0 PREEMPT(voluntary) [ 159.189419][T11301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 159.189437][T11301] Call Trace: [ 159.189443][T11301] [ 159.189450][T11301] __dump_stack+0x1d/0x30 [ 159.189469][T11301] dump_stack_lvl+0xe8/0x140 [ 159.189485][T11301] dump_stack+0x15/0x1b [ 159.189533][T11301] should_fail_ex+0x265/0x280 [ 159.189555][T11301] should_fail+0xb/0x20 [ 159.189571][T11301] should_fail_usercopy+0x1a/0x20 [ 159.189591][T11301] _copy_from_user+0x1c/0xb0 [ 159.189622][T11301] hci_get_conn_list+0x4f/0x490 [ 159.189674][T11301] ? kmem_cache_free+0xdf/0x300 [ 159.189704][T11301] ? hci_sock_ioctl+0x2f3/0x7f0 [ 159.189736][T11301] ? __kfree_skb+0x109/0x150 [ 159.189760][T11301] hci_sock_ioctl+0x520/0x7f0 [ 159.189821][T11301] sock_do_ioctl+0x73/0x220 [ 159.189852][T11301] sock_ioctl+0x41b/0x610 [ 159.189881][T11301] ? __pfx_sock_ioctl+0x10/0x10 [ 159.189909][T11301] __se_sys_ioctl+0xce/0x140 [ 159.189955][T11301] __x64_sys_ioctl+0x43/0x50 [ 159.190045][T11301] x64_sys_call+0x1816/0x2ff0 [ 159.190069][T11301] do_syscall_64+0xd2/0x200 [ 159.190099][T11301] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 159.190126][T11301] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 159.190159][T11301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.190181][T11301] RIP: 0033:0x7f858fa7ebe9 [ 159.190200][T11301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.190269][T11301] RSP: 002b:00007f858e4e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 159.190289][T11301] RAX: ffffffffffffffda RBX: 00007f858fcb5fa0 RCX: 00007f858fa7ebe9 [ 159.190302][T11301] RDX: 0000200000000080 RSI: 00000000800448d4 RDI: 0000000000000004 [ 159.190316][T11301] RBP: 00007f858e4e7090 R08: 0000000000000000 R09: 0000000000000000 [ 159.190409][T11301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.190423][T11301] R13: 00007f858fcb6038 R14: 00007f858fcb5fa0 R15: 00007ffda6c11908 [ 159.190488][T11301] [ 159.209377][ T29] audit: type=1326 audit(1756950157.571:8725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11306 comm="syz.0.2363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33392ebe9 code=0x7ffc0000 [ 159.306621][T11311] loop4: detected capacity change from 0 to 512 [ 159.320809][ T29] audit: type=1326 audit(1756950157.611:8726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11306 comm="syz.0.2363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff33392ebe9 code=0x7ffc0000 [ 159.334926][T11311] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 159.350499][ T29] audit: type=1326 audit(1756950157.611:8727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11306 comm="syz.0.2363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33392ebe9 code=0x7ffc0000 [ 159.360198][T11311] System zones: [ 159.366936][ T29] audit: type=1326 audit(1756950157.611:8728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11306 comm="syz.0.2363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33392ebe9 code=0x7ffc0000 [ 159.366966][ T29] audit: type=1326 audit(1756950157.611:8729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11306 comm="syz.0.2363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff33392d550 code=0x7ffc0000 [ 159.374958][T11311] 0-2, 18-18, 34-35 [ 159.382968][ T29] audit: type=1326 audit(1756950157.611:8730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11306 comm="syz.0.2363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33392ebe9 code=0x7ffc0000 [ 159.391017][T11311] [ 159.393090][T11311] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.399001][ T29] audit: type=1326 audit(1756950157.611:8731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11306 comm="syz.0.2363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff33392ebe9 code=0x7ffc0000 [ 159.402046][T11311] ext4 filesystem being mounted at /551/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 159.414288][T11311] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2364'. [ 159.425555][ T29] audit: type=1326 audit(1756950157.611:8732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11306 comm="syz.0.2363" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff33392ebe9 code=0x7ffc0000 [ 159.657713][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.698056][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 159.720253][ T3383] hid_parser_main: 24 callbacks suppressed [ 159.720272][ T3383] hid-generic 0000:0000:0000.0003: unknown main item tag 0x1 [ 159.728147][T11327] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 159.733756][ T3383] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 159.748958][ T3383] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 159.749187][T11325] loop1: detected capacity change from 0 to 512 [ 159.756453][ T3383] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 159.763732][T11325] EXT4-fs: Ignoring removed orlov option [ 159.770392][ T3383] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 159.783409][ T3383] hid-generic 0000:0000:0000.0003: unknown main item tag 0x2 [ 159.790892][ T3383] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 159.798310][ T3383] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 159.805722][ T3383] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 159.813117][ T3383] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 159.826252][T11325] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2365: bg 0: block 248: padding at end of block bitmap is not set [ 159.842651][T11325] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.2365: Failed to acquire dquot type 1 [ 159.856143][T11325] EXT4-fs (loop1): 1 truncate cleaned up [ 159.862262][T11325] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 159.868757][ T3383] hid-generic 0000:0000:0000.0003: hidraw0: HID v8.00 Device [syz0] on syz0 [ 159.875612][T11325] ext4 filesystem being mounted at /443/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 159.920474][T11337] FAULT_INJECTION: forcing a failure. [ 159.920474][T11337] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 159.933592][T11337] CPU: 0 UID: 0 PID: 11337 Comm: syz.4.2371 Not tainted syzkaller #0 PREEMPT(voluntary) [ 159.933642][T11337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 159.933656][T11337] Call Trace: [ 159.933664][T11337] [ 159.933673][T11337] __dump_stack+0x1d/0x30 [ 159.933692][T11337] dump_stack_lvl+0xe8/0x140 [ 159.933709][T11337] dump_stack+0x15/0x1b [ 159.933729][T11337] should_fail_ex+0x265/0x280 [ 159.933752][T11337] should_fail+0xb/0x20 [ 159.933771][T11337] should_fail_usercopy+0x1a/0x20 [ 159.933837][T11337] _copy_from_iter+0xd2/0xe80 [ 159.933865][T11337] ? __build_skb_around+0x1a0/0x200 [ 159.933884][T11337] ? __alloc_skb+0x223/0x320 [ 159.933952][T11337] netlink_sendmsg+0x471/0x6b0 [ 159.933984][T11337] ? __pfx_netlink_sendmsg+0x10/0x10 [ 159.934007][T11337] __sock_sendmsg+0x142/0x180 [ 159.934057][T11337] ____sys_sendmsg+0x31e/0x4e0 [ 159.934079][T11337] ___sys_sendmsg+0x17b/0x1d0 [ 159.934110][T11337] __x64_sys_sendmsg+0xd4/0x160 [ 159.934135][T11337] x64_sys_call+0x191e/0x2ff0 [ 159.934168][T11337] do_syscall_64+0xd2/0x200 [ 159.934193][T11337] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 159.934215][T11337] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 159.934243][T11337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.934263][T11337] RIP: 0033:0x7f858fa7ebe9 [ 159.934279][T11337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.934297][T11337] RSP: 002b:00007f858e4e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 159.934390][T11337] RAX: ffffffffffffffda RBX: 00007f858fcb5fa0 RCX: 00007f858fa7ebe9 [ 159.934404][T11337] RDX: 0000000020050890 RSI: 00002000000000c0 RDI: 0000000000000005 [ 159.934416][T11337] RBP: 00007f858e4e7090 R08: 0000000000000000 R09: 0000000000000000 [ 159.934429][T11337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.934441][T11337] R13: 00007f858fcb6038 R14: 00007f858fcb5fa0 R15: 00007ffda6c11908 [ 159.934540][T11337] [ 160.164160][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.178205][ T12] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:0: Failed to release dquot type 1 [ 160.221878][T11345] loop2: detected capacity change from 0 to 512 [ 160.230186][T11345] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 160.257252][T11345] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 160.266232][T11348] loop1: detected capacity change from 0 to 512 [ 160.273306][T11348] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 160.273744][T11345] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 160.301806][T11348] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 160.315323][T11348] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 160.324204][T11345] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.2374: corrupted xattr block 19: overlapping e_value [ 160.363406][T11348] EXT4-fs error (device loop1): ext4_xattr_block_get:593: inode #15: comm syz.1.2375: corrupted xattr block 19: overlapping e_value [ 160.380174][T11345] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop2 ino=15 [ 160.391023][T11348] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop1 ino=15 [ 160.428537][T11360] loop4: detected capacity change from 0 to 512 [ 160.462170][T11360] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 160.484350][T11365] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2378'. [ 160.498443][T11360] ext4 filesystem being mounted at /557/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 160.571131][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.599341][T11374] FAULT_INJECTION: forcing a failure. [ 160.599341][T11374] name failslab, interval 1, probability 0, space 0, times 0 [ 160.612064][T11374] CPU: 1 UID: 0 PID: 11374 Comm: syz.0.2380 Not tainted syzkaller #0 PREEMPT(voluntary) [ 160.612090][T11374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 160.612102][T11374] Call Trace: [ 160.612106][T11374] [ 160.612114][T11374] __dump_stack+0x1d/0x30 [ 160.612136][T11374] dump_stack_lvl+0xe8/0x140 [ 160.612158][T11374] dump_stack+0x15/0x1b [ 160.612211][T11374] should_fail_ex+0x265/0x280 [ 160.612234][T11374] ? __pfx_loop_control_ioctl+0x10/0x10 [ 160.612268][T11374] ? loop_add+0x64/0x590 [ 160.612318][T11374] should_failslab+0x8c/0xb0 [ 160.612343][T11374] __kmalloc_cache_noprof+0x4c/0x320 [ 160.612372][T11374] ? __pfx_loop_control_ioctl+0x10/0x10 [ 160.612399][T11374] loop_add+0x64/0x590 [ 160.612516][T11374] ? __pfx_loop_control_ioctl+0x10/0x10 [ 160.612550][T11374] loop_control_ioctl+0xd0/0x3f0 [ 160.612660][T11374] ? __pfx_loop_control_ioctl+0x10/0x10 [ 160.612738][T11374] __se_sys_ioctl+0xce/0x140 [ 160.612759][T11374] __x64_sys_ioctl+0x43/0x50 [ 160.612776][T11374] x64_sys_call+0x1816/0x2ff0 [ 160.612823][T11374] do_syscall_64+0xd2/0x200 [ 160.612854][T11374] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 160.612960][T11374] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 160.612988][T11374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.613050][T11374] RIP: 0033:0x7ff33392ebe9 [ 160.613066][T11374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.613084][T11374] RSP: 002b:00007ff33238f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 160.613101][T11374] RAX: ffffffffffffffda RBX: 00007ff333b65fa0 RCX: 00007ff33392ebe9 [ 160.613111][T11374] RDX: 0000000007000000 RSI: 0000000000004c80 RDI: 0000000000000006 [ 160.613122][T11374] RBP: 00007ff33238f090 R08: 0000000000000000 R09: 0000000000000000 [ 160.613137][T11374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.613151][T11374] R13: 00007ff333b66038 R14: 00007ff333b65fa0 R15: 00007ffdb9d300a8 [ 160.613171][T11374] [ 160.820868][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.832707][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 160.860168][T11380] loop2: detected capacity change from 0 to 512 [ 160.874945][T11380] FAT-fs (loop2): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 4) [ 160.887555][T11380] FAT-fs (loop2): FAT read failed (blocknr 52768) [ 160.898218][T11386] netlink: 248 bytes leftover after parsing attributes in process `syz.3.2386'. [ 160.911165][T11386] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2386'. [ 160.922777][T11380] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=11380 comm=syz.2.2381 [ 160.935442][T11380] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=11380 comm=syz.2.2381 [ 160.937800][T11391] netem: change failed [ 160.953410][T11386] loop3: detected capacity change from 0 to 512 [ 160.960273][T11386] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 160.974473][T11386] EXT4-fs (loop3): 1 truncate cleaned up [ 160.984077][T11386] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.023373][T11400] loop1: detected capacity change from 0 to 1024 [ 161.035184][T11386] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.044508][T11380] loop2: detected capacity change from 0 to 8192 [ 161.048724][T11400] EXT4-fs: Ignoring removed orlov option [ 161.073838][T11400] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 161.084664][T11402] FAULT_INJECTION: forcing a failure. [ 161.084664][T11402] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 161.086948][T11380] loop2: p1 p2 < > p3 p4 < p5 > [ 161.097834][T11402] CPU: 0 UID: 0 PID: 11402 Comm: syz.4.2390 Not tainted syzkaller #0 PREEMPT(voluntary) [ 161.097922][T11402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 161.097934][T11402] Call Trace: [ 161.097942][T11402] [ 161.097949][T11402] __dump_stack+0x1d/0x30 [ 161.097970][T11402] dump_stack_lvl+0xe8/0x140 [ 161.097989][T11402] dump_stack+0x15/0x1b [ 161.098006][T11402] should_fail_ex+0x265/0x280 [ 161.098030][T11402] should_fail+0xb/0x20 [ 161.098048][T11402] should_fail_usercopy+0x1a/0x20 [ 161.098071][T11402] _copy_from_iter+0xd2/0xe80 [ 161.098170][T11402] ? __build_skb_around+0x1a0/0x200 [ 161.098189][T11402] ? __alloc_skb+0x223/0x320 [ 161.098209][T11402] netlink_sendmsg+0x471/0x6b0 [ 161.098315][T11402] ? __pfx_netlink_sendmsg+0x10/0x10 [ 161.098345][T11402] __sock_sendmsg+0x142/0x180 [ 161.098373][T11402] ____sys_sendmsg+0x31e/0x4e0 [ 161.098403][T11402] ___sys_sendmsg+0x17b/0x1d0 [ 161.098447][T11402] __x64_sys_sendmsg+0xd4/0x160 [ 161.098472][T11402] x64_sys_call+0x191e/0x2ff0 [ 161.098543][T11402] do_syscall_64+0xd2/0x200 [ 161.098572][T11402] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 161.098596][T11402] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 161.098630][T11402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.098652][T11402] RIP: 0033:0x7f858fa7ebe9 [ 161.098667][T11402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.098685][T11402] RSP: 002b:00007f858e4e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 161.098749][T11402] RAX: ffffffffffffffda RBX: 00007f858fcb5fa0 RCX: 00007f858fa7ebe9 [ 161.098761][T11402] RDX: 0000000020000004 RSI: 00002000000004c0 RDI: 0000000000000007 [ 161.098825][T11402] RBP: 00007f858e4e7090 R08: 0000000000000000 R09: 0000000000000000 [ 161.098837][T11402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.098849][T11402] R13: 00007f858fcb6038 R14: 00007f858fcb5fa0 R15: 00007ffda6c11908 [ 161.098923][T11402] [ 161.149270][T11404] random: crng reseeded on system resumption [ 161.150762][T11380] loop2: partition table partially beyond EOD, [ 161.160005][T11404] Restarting kernel threads ... [ 161.160497][T11380] truncated [ 161.161837][T11380] loop2: p1 size 100663296 extends beyond EOD, [ 161.165999][T11404] Done restarting kernel threads. [ 161.170400][T11380] truncated [ 161.178645][T11380] loop2: p2 start 591104 is beyond EOD, [ 161.231610][T11407] random: crng reseeded on system resumption [ 161.250657][T11380] truncated [ 161.250667][T11380] loop2: p3 start 33572980 is beyond EOD, truncated [ 161.259653][T11380] loop2: p5 size 100663296 extends beyond EOD, [ 161.302379][T11411] loop3: detected capacity change from 0 to 1024 [ 161.302833][T11380] truncated [ 161.309143][T11411] EXT4-fs: Ignoring removed nobh option [ 161.318593][T11400] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.336522][T11411] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 161.413958][T11411] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.2394: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 161.433116][T11411] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2394: couldn't read orphan inode 11 (err -117) [ 161.446147][T11411] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.463608][T11411] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2394: Invalid block bitmap block 0 in block_group 0 [ 161.481163][T11400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2389'. [ 161.486090][T11411] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.2394: Failed to acquire dquot type 0 [ 161.524680][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.530006][T11423] loop4: detected capacity change from 0 to 1024 [ 161.540653][T11423] EXT4-fs: Ignoring removed orlov option [ 161.547253][ T12] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm kworker/u8:0: Invalid inode table block 8589934593 in block_group 0 [ 161.562752][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.579685][T11423] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.608336][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.636502][T11439] loop2: detected capacity change from 0 to 512 [ 161.651472][T11441] loop4: detected capacity change from 0 to 512 [ 161.677861][T11450] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2408'. [ 161.704967][T11451] netlink: 'syz.0.2407': attribute type 1 has an invalid length. [ 161.731376][T11441] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 161.743060][T11439] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 161.757444][T11439] EXT4-fs (loop2): 1 truncate cleaned up [ 161.764030][T11441] EXT4-fs (loop4): 1 truncate cleaned up [ 161.770017][T11439] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.776772][T11441] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.783793][T11439] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.796281][T11441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.875107][T11460] loop4: detected capacity change from 0 to 1024 [ 161.882000][T11460] EXT4-fs: Ignoring removed orlov option [ 161.888598][T11462] loop2: detected capacity change from 0 to 1024 [ 161.895495][T11462] EXT4-fs: Ignoring removed orlov option [ 161.902756][T11463] loop1: detected capacity change from 0 to 764 [ 161.911011][T11462] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.925806][T11460] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.956435][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.958471][T11460] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2411: bg 0: block 88: padding at end of block bitmap is not set [ 162.011517][T11471] FAULT_INJECTION: forcing a failure. [ 162.011517][T11471] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 162.024688][T11471] CPU: 1 UID: 0 PID: 11471 Comm: gtp Not tainted syzkaller #0 PREEMPT(voluntary) [ 162.024713][T11471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 162.024726][T11471] Call Trace: [ 162.024733][T11471] [ 162.024742][T11471] __dump_stack+0x1d/0x30 [ 162.024794][T11471] dump_stack_lvl+0xe8/0x140 [ 162.024814][T11471] dump_stack+0x15/0x1b [ 162.025050][T11471] should_fail_ex+0x265/0x280 [ 162.025070][T11471] should_fail+0xb/0x20 [ 162.025151][T11471] should_fail_usercopy+0x1a/0x20 [ 162.025180][T11471] _copy_from_user+0x1c/0xb0 [ 162.025206][T11471] tls_setsockopt+0x3ec/0xce0 [ 162.025293][T11471] sock_common_setsockopt+0x66/0x80 [ 162.025326][T11471] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 162.025358][T11471] __sys_setsockopt+0x181/0x200 [ 162.025383][T11471] __x64_sys_setsockopt+0x64/0x80 [ 162.025429][T11471] x64_sys_call+0x20ec/0x2ff0 [ 162.025449][T11471] do_syscall_64+0xd2/0x200 [ 162.025505][T11471] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 162.025531][T11471] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 162.025560][T11471] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.025583][T11471] RIP: 0033:0x7fdf9f81ebe9 [ 162.025599][T11471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 162.025652][T11471] RSP: 002b:00007fdf9e27f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 162.025672][T11471] RAX: ffffffffffffffda RBX: 00007fdf9fa55fa0 RCX: 00007fdf9f81ebe9 [ 162.025685][T11471] RDX: 0000000000000002 RSI: 000000000000011a RDI: 0000000000000003 [ 162.025698][T11471] RBP: 00007fdf9e27f090 R08: 0000000000000028 R09: 0000000000000000 [ 162.025710][T11471] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001 [ 162.025722][T11471] R13: 00007fdf9fa56038 R14: 00007fdf9fa55fa0 R15: 00007ffe61b91ff8 [ 162.025845][T11471] [ 162.253439][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.399236][T11482] loop4: detected capacity change from 0 to 512 [ 162.406103][T11482] EXT4-fs: Ignoring removed orlov option [ 162.416859][T11482] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2418: bg 0: block 248: padding at end of block bitmap is not set [ 162.432092][T11482] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.2418: Failed to acquire dquot type 1 [ 162.444658][T11482] EXT4-fs (loop4): 1 truncate cleaned up [ 162.450706][T11482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 162.463346][T11482] ext4 filesystem being mounted at /567/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 162.498572][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.514142][ T3427] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:7: Failed to release dquot type 1 [ 162.558850][T11490] random: crng reseeded on system resumption [ 162.579441][T11490] Restarting kernel threads ... [ 162.585535][T11490] Done restarting kernel threads. [ 162.722982][T11516] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2429'. [ 162.808304][T11528] random: crng reseeded on system resumption [ 162.819213][T11528] Restarting kernel threads ... [ 162.861497][T11537] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 162.863641][T11532] loop1: detected capacity change from 0 to 1024 [ 162.884285][T11528] Done restarting kernel threads. [ 162.915668][T11532] EXT4-fs: Ignoring removed orlov option [ 162.942087][T11532] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 162.990828][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 163.281287][T11560] lo speed is unknown, defaulting to 1000 [ 163.393499][T11560] rdma_op ffff888119310980 conn xmit_rdma 0000000000000000 [ 163.410333][T11560] loop4: detected capacity change from 0 to 764 [ 163.440157][T11562] unsupported nla_type 52263 [ 163.473225][T11565] 9pnet_virtio: no channels available for device 127.0.0.1 [ 163.602692][T11571] loop1: detected capacity change from 0 to 8192 [ 163.639858][ T29] kauditd_printk_skb: 304 callbacks suppressed [ 163.639874][ T29] audit: type=1326 audit(1756950162.011:9029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11574 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 163.671956][ T29] audit: type=1326 audit(1756950162.011:9030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11574 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 163.695410][ T29] audit: type=1326 audit(1756950162.011:9031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11574 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 163.719071][ T29] audit: type=1326 audit(1756950162.011:9032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11574 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 163.742754][ T29] audit: type=1326 audit(1756950162.011:9033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11574 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f89d999d550 code=0x7ffc0000 [ 163.766299][ T29] audit: type=1326 audit(1756950162.011:9034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11574 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 163.789865][ T29] audit: type=1326 audit(1756950162.011:9035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11574 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 163.813415][ T29] audit: type=1326 audit(1756950162.011:9036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11574 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 163.837004][ T29] audit: type=1326 audit(1756950162.011:9037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11574 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 163.860636][ T29] audit: type=1326 audit(1756950162.011:9038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11574 comm="syz.3.2455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f89d999ebe9 code=0x7ffc0000 [ 163.980831][T11591] loop4: detected capacity change from 0 to 512 [ 163.994085][T11591] EXT4-fs: Ignoring removed orlov option [ 164.016058][T11591] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.2459: bg 0: block 248: padding at end of block bitmap is not set [ 164.041788][T11591] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.2459: Failed to acquire dquot type 1 [ 164.054588][T11591] EXT4-fs (loop4): 1 truncate cleaned up [ 164.065835][T11597] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2461'. [ 164.077880][T11591] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.102605][T11591] ext4 filesystem being mounted at /575/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.131793][T11599] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2462'. [ 164.172742][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.200381][ T41] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:2: Failed to release dquot type 1 [ 164.254866][T11603] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 164.271429][T11601] loop1: detected capacity change from 0 to 8192 [ 164.363026][T11612] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2468'. [ 164.404678][T11612] vhci_hcd: invalid port number 96 [ 164.409943][T11612] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 164.559082][T11648] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2483'. [ 164.595786][T11652] random: crng reseeded on system resumption [ 164.608179][T11652] Restarting kernel threads ... [ 164.613345][T11652] Done restarting kernel threads. [ 164.621760][T11656] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 164.822229][T11681] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2497'. [ 164.841945][T11683] block device autoloading is deprecated and will be removed. [ 164.865868][T11691] FAULT_INJECTION: forcing a failure. [ 164.865868][T11691] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.879224][T11691] CPU: 1 UID: 0 PID: 11691 Comm: syz.1.2500 Not tainted syzkaller #0 PREEMPT(voluntary) [ 164.879333][T11691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 164.879340][T11691] Call Trace: [ 164.879345][T11691] [ 164.879349][T11691] __dump_stack+0x1d/0x30 [ 164.879363][T11691] dump_stack_lvl+0xe8/0x140 [ 164.879374][T11691] dump_stack+0x15/0x1b [ 164.879383][T11691] should_fail_ex+0x265/0x280 [ 164.879403][T11691] should_fail+0xb/0x20 [ 164.879491][T11691] should_fail_usercopy+0x1a/0x20 [ 164.879504][T11691] _copy_to_user+0x20/0xa0 [ 164.879520][T11691] simple_read_from_buffer+0xb5/0x130 [ 164.879543][T11691] proc_fail_nth_read+0x10e/0x150 [ 164.879558][T11691] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 164.879573][T11691] vfs_read+0x1a5/0x770 [ 164.879639][T11691] ? __rcu_read_unlock+0x4f/0x70 [ 164.879688][T11691] ? __fget_files+0x184/0x1c0 [ 164.879703][T11691] ksys_read+0xda/0x1a0 [ 164.879734][T11691] __x64_sys_read+0x40/0x50 [ 164.879778][T11691] x64_sys_call+0x27bc/0x2ff0 [ 164.879823][T11691] do_syscall_64+0xd2/0x200 [ 164.879895][T11691] ? arch_exit_to_user_mode_prepare+0x27/0x60 [ 164.879909][T11691] ? irqentry_exit_to_user_mode+0x7e/0xa0 [ 164.879924][T11691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.879995][T11691] RIP: 0033:0x7fc898a2d5fc [ 164.880005][T11691] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 164.880020][T11691] RSP: 002b:00007fc897497030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 164.880032][T11691] RAX: ffffffffffffffda RBX: 00007fc898c65fa0 RCX: 00007fc898a2d5fc [ 164.880039][T11691] RDX: 000000000000000f RSI: 00007fc8974970a0 RDI: 0000000000000006 [ 164.880046][T11691] RBP: 00007fc897497090 R08: 0000000000000000 R09: 0000000000000000 [ 164.880093][T11691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 164.880100][T11691] R13: 00007fc898c66038 R14: 00007fc898c65fa0 R15: 00007ffd56f6ce28 [ 164.880111][T11691] [ 165.102574][T11693] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 165.121981][T11698] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2503'. [ 165.240429][T11715] loop1: detected capacity change from 0 to 512 [ 165.248955][T11715] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 165.278441][T11719] loop3: detected capacity change from 0 to 1024 [ 165.286268][T11719] EXT4-fs: Ignoring removed orlov option [ 165.293407][T11715] EXT4-fs (loop1): 1 truncate cleaned up [ 165.300328][T11715] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.313747][T11719] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.315247][T11715] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.332445][T11719] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2512: bg 0: block 88: padding at end of block bitmap is not set [ 165.382080][T11725] loop0: detected capacity change from 0 to 512 [ 165.389707][T11725] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 165.390687][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.420970][T11725] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 165.429611][T11725] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 165.435286][T11734] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2516'. [ 165.452527][T11725] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.2514: corrupted xattr block 19: overlapping e_value [ 165.467757][T11725] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=15 [ 165.555575][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.638165][T11757] loop0: detected capacity change from 0 to 512 [ 165.645573][T11758] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2523'. [ 165.655458][T11757] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 165.669161][T11757] EXT4-fs (loop0): 1 truncate cleaned up [ 165.682112][T11757] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.695579][T11757] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.723234][T11767] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2528'. [ 165.846661][T11784] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2536'. [ 165.899860][T11792] loop3: detected capacity change from 0 to 512 [ 165.908454][T11792] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 165.924338][T11792] EXT4-fs (loop3): 1 truncate cleaned up [ 165.930739][T11792] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 165.931523][T11792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 165.962085][T11796] loop2: detected capacity change from 0 to 8192 [ 166.044793][T11814] loop2: detected capacity change from 0 to 1024 [ 166.051809][T11814] EXT4-fs: Ignoring removed orlov option [ 166.071143][T11818] loop1: detected capacity change from 0 to 512 [ 166.071792][T11820] loop3: detected capacity change from 0 to 512 [ 166.077829][T11818] journal_path: Non-blockdev passed as './bus' [ 166.090062][T11818] EXT4-fs: error: could not find journal device path [ 166.091887][T11814] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 166.112636][T11820] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec018, mo2=0002] [ 166.121025][T11814] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2549: bg 0: block 88: padding at end of block bitmap is not set [ 166.136044][T11820] System zones: 0-2, 18-18, 34-35 [ 166.142458][T11820] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.156199][T11820] ext4 filesystem being mounted at /512/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 166.168458][T11830] loop1: detected capacity change from 0 to 512 [ 166.176598][T11830] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 166.187673][ T3303] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.206475][T11830] EXT4-fs (loop1): 1 truncate cleaned up [ 166.212647][T11830] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 166.225720][T11830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.256146][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.270821][T11836] loop1: detected capacity change from 0 to 512 [ 166.287991][T11836] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 166.288134][T11836] ext4 filesystem being mounted at /502/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 166.372577][T11852] loop3: detected capacity change from 0 to 512 [ 166.387977][T11852] journal_path: Non-blockdev passed as './bus' [ 166.394242][T11852] EXT4-fs: error: could not find journal device path [ 166.478069][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 166.558880][ T12] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.601167][ T12] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.628510][ T12] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.639151][ T12] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.812037][T11905] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 166.861964][T11899] loop0: detected capacity change from 0 to 8192 [ 166.991260][T11931] loop0: detected capacity change from 0 to 512 [ 166.998845][T11931] EXT4-fs: Ignoring removed orlov option [ 167.016752][T11931] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2587: bg 0: block 248: padding at end of block bitmap is not set [ 167.032713][T11931] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.2587: Failed to acquire dquot type 1 [ 167.045788][T11931] EXT4-fs (loop0): 1 truncate cleaned up [ 167.052012][T11931] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.064804][T11931] ext4 filesystem being mounted at /530/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 167.099177][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.108769][ T12] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:0: Failed to release dquot type 1 [ 167.175316][T11937] loop0: detected capacity change from 0 to 512 [ 167.182881][T11937] journal_path: Non-blockdev passed as './bus' [ 167.189099][T11937] EXT4-fs: error: could not find journal device path [ 167.259696][T11941] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 167.303602][T11946] loop0: detected capacity change from 0 to 512 [ 167.311854][T11946] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 167.325663][T11946] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 167.334485][T11946] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 167.349150][T11946] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm syz.0.2594: corrupted xattr block 19: overlapping e_value [ 167.363288][T11946] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop0 ino=15 [ 167.419723][T11952] loop1: detected capacity change from 0 to 8192 [ 167.460117][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.489179][T11962] random: crng reseeded on system resumption [ 167.504139][T11962] Restarting kernel threads ... [ 167.506523][T11965] loop0: detected capacity change from 0 to 512 [ 167.509617][T11962] Done restarting kernel threads. [ 167.515338][T11966] loop4: detected capacity change from 0 to 512 [ 167.528469][T11965] EXT4-fs: Ignoring removed orlov option [ 167.536115][T11966] journal_path: Non-blockdev passed as './bus' [ 167.542371][T11966] EXT4-fs: error: could not find journal device path [ 167.550471][T11968] 9pnet: Could not find request transport: fd0xffffffffffffffff [ 167.559837][T11965] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.2600: bg 0: block 248: padding at end of block bitmap is not set [ 167.574807][T11965] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.2600: Failed to acquire dquot type 1 [ 167.587851][T11965] EXT4-fs (loop0): 1 truncate cleaned up [ 167.593816][T11965] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 167.606654][T11965] ext4 filesystem being mounted at /537/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 167.636002][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 167.646266][ T2705] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 1 [ 167.694197][T11976] ================================================================== [ 167.702298][T11976] BUG: KCSAN: data-race in __bio_queue_enter / blk_mq_unfreeze_queue_nomemrestore [ 167.711501][T11976] [ 167.713834][T11976] read-write to 0xffff88810242a1b4 of 4 bytes by task 11980 on cpu 1: [ 167.721969][T11976] blk_mq_unfreeze_queue_nomemrestore+0x38/0xc0 [ 167.728207][T11976] loop_set_status+0x3a3/0x6a0 [ 167.732982][T11976] lo_ioctl+0x71b/0x12b0 [ 167.737223][T11976] blkdev_ioctl+0x34f/0x440 [ 167.741721][T11976] __se_sys_ioctl+0xce/0x140 [ 167.746301][T11976] __x64_sys_ioctl+0x43/0x50 [ 167.750873][T11976] x64_sys_call+0x1816/0x2ff0 [ 167.755539][T11976] do_syscall_64+0xd2/0x200 [ 167.760035][T11976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.765916][T11976] [ 167.768226][T11976] read to 0xffff88810242a1b4 of 4 bytes by task 11976 on cpu 0: [ 167.775941][T11976] __bio_queue_enter+0x279/0x5a0 [ 167.780867][T11976] blk_mq_submit_bio+0x196/0x1020 [ 167.785969][T11976] __submit_bio+0xed/0x4d0 [ 167.790373][T11976] submit_bio_noacct_nocheck+0x208/0x6a0 [ 167.795993][T11976] submit_bio_noacct+0x6ed/0x920 [ 167.800918][T11976] submit_bio+0x2a6/0x2c0 [ 167.805321][T11976] mpage_readahead+0x295/0x2e0 [ 167.810091][T11976] blkdev_readahead+0x1c/0x30 [ 167.814761][T11976] read_pages+0xa0/0x480 [ 167.818995][T11976] page_cache_ra_unbounded+0x347/0x380 [ 167.824448][T11976] page_cache_async_ra+0x4d0/0x4e0 [ 167.829558][T11976] filemap_get_pages+0x510/0x1150 [ 167.834651][T11976] filemap_splice_read+0x3a9/0x740 [ 167.839795][T11976] splice_direct_to_actor+0x26c/0x680 [ 167.845323][T11976] do_splice_direct+0xda/0x150 [ 167.850078][T11976] do_sendfile+0x380/0x650 [ 167.854487][T11976] __x64_sys_sendfile64+0x105/0x150 [ 167.859676][T11976] x64_sys_call+0x2bb0/0x2ff0 [ 167.864337][T11976] do_syscall_64+0xd2/0x200 [ 167.868832][T11976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.874711][T11976] [ 167.877014][T11976] value changed: 0x00000001 -> 0x00000000 [ 167.882718][T11976] [ 167.885022][T11976] Reported by Kernel Concurrency Sanitizer on: [ 167.891241][T11976] CPU: 0 UID: 0 PID: 11976 Comm: syz.1.2606 Not tainted syzkaller #0 PREEMPT(voluntary) [ 167.901030][T11976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 167.911082][T11976] ==================================================================