last executing test programs: 2.176675177s ago: executing program 1 (id=3943): r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @loopback, @private1, 0x0, 0x80}}) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1}}) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2d, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r5}, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x18, 0x0, 0x0) gettid() timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r6 = semget$private(0x0, 0x6, 0x0) semtimedop(r6, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0) write$eventfd(0xffffffffffffffff, &(0x7f0000000140)=0xfffffffffffffff8, 0x8) 1.99361642s ago: executing program 4 (id=3949): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) socket$nl_rdma(0x10, 0x3, 0x14) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'xfrm0\x00', 0x400}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x7) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x800000000003}, 0x1320, 0xffffffff, 0x3, 0x5, 0x4, 0x1088f109, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002380)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = socket(0x15, 0x5, 0x0) getsockopt(r5, 0x200000000114, 0x2712, 0x0, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe) r6 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14) fcntl$setsig(r6, 0xa, 0x13) r7 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff9) add_key$keyring(&(0x7f0000000100), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r7) fcntl$setlease(r6, 0x400, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x4e21, @multicast2}}}, 0x88) r8 = syz_open_dev$sg(&(0x7f00000003c0), 0xfffffffffffffff2, 0x20000) ioctl$SG_GET_SCSI_ID(r8, 0x2276, &(0x7f0000000400)) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000980)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000300000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x210) sendfile(r1, r1, 0x0, 0x7a680000) 1.97361458s ago: executing program 1 (id=3950): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xec, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18) sysfs$1(0x1, 0x0) 1.937454551s ago: executing program 1 (id=3952): openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xb635773f05ebbeea, 0x8031, 0xffffffffffffffff, 0x4e1a7000) syz_read_part_table(0x1095, &(0x7f0000003200)="$eJzs0LFNK0EQBuDfZ/lsyy9yA68NMiiDlIiUEuyMiC4QLSBqgYQmwBJi0HLnkwuwRPJ9wd7+0tzMaMPfqnlWuZpSqvqsujF2SbfP22Gd9P1UkqRP5rMh7/JRVZ81+Kqqw3d2Dy2kqt6Tu5Nxy+NlluxqbPH8b5Pk9r51/79Otln29XTxOJv+WrRdLsd0ky7juN+K8b5aH8sXw2fbjteXdl63RTcnW+zP9X4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcAY/AQAA//979Txb") madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x14) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x12012, r0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x9, 0x0, 0x7ffc0002}]}) rt_sigsuspend(0x0, 0x0) 1.818091643s ago: executing program 0 (id=3959): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f00000000c0), 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) close(r2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = signalfd(0xffffffffffffffff, &(0x7f00000006c0), 0x8) mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) sendto$inet6(r1, &(0x7f0000000780)="d27c", 0x2, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)="97355d38", 0x4}, {&(0x7f0000000480)="24fabe62f43dda1a0b50ed426e5ec6f6aba8af835a80b8e2c9804ea8688b211898e3a20b262b8b7b43781c6658b6b34611867d8f029e642a151b73ac3978d6a4ca3d970068fe7200b0bebca69a4829a85b3d39b5069c1cd3f298068aed997f57f599ebee8f5ad0c599d438beb9acde8a5226827e380233d910bdaef1dfc8b12bcc2a574193a0dbd52fc3f51be3af359d9e86b7649d4c132b26748be4c47d5914011a3b91e63195c71dded0583108a6cc1267cf88775d", 0xb6}, {&(0x7f00000002c0)="9dd4fd4d74f9eb3333c6d8dffba35897b90aa30e862a2c3b99112e60c40151999c687d3dce081e16a57b2b951c808474ff56f947effa8bae697442625ac8b6fc9cafa17fed4a778b23f1e6339eb99f3c3ccec00abc1bdebbbeb6b1e8afb5c3d346", 0x61}, {&(0x7f00000003c0)="7efbeeed17192430991bf7ddf551c1ae1e6fedf02a0cf6b56eb4606a101ab7fde163729fb0927efbab3226a299e27803b2b0ebd644bbbbef4f6e5a4dfd80ffbf06e127ac2fd76862d9b4d4fcce78a17673f62505eb74bb06383498899ea5848e1c06b533a70f72cb242f523f74545a85c86dca3e949472333c59d3cae424c4e28cb75c45d0ab5576172a857f1d228eaf622dfe6e2f4ca61251f53969bab6", 0x9e}, {&(0x7f0000000640)="e7bb4e7fa968a53d6f4cf5ea1ca1eb426852cf436df1c840853e72ae2943e9c49428fef296f494dd857dfb4508fb165465d536bc45383a3ecc17dc802d8fb9beb8f38db8ec82d5e7d00873938df99df7", 0x50}], 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="14000000000020002900000034000000070000000000000018b9eea00000000000000029000000360000006240000000ff48e18e12b943f768f38450ec"], 0x30}}, {{&(0x7f0000000540)={0xa, 0x4e20, 0x1, @private2, 0x6}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000580)="d0391999", 0x4}], 0x1}}], 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) socket$packet(0x11, 0xa, 0x300) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r5 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0x5, 0x800000000003}, 0x100000, 0x5dd8, 0x5, 0x3, 0x0, 0x8, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) poll(&(0x7f00000001c0)=[{r5, 0x140}], 0x1, 0x800) prctl$PR_SCHED_CORE(0x36, 0x0, 0x0, 0x3, 0x0) r6 = socket(0x10, 0x3, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10) ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000140)={'bridge_slave_1\x00', &(0x7f0000000100)=@ethtool_stats}) 1.774225453s ago: executing program 1 (id=3961): r0 = socket$rxrpc(0x21, 0x2, 0x2) bind$rxrpc(r0, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e24, 0x9, @ipv4={'\x00', '\xff\xff', @local}, 0x800}}, 0x24) (async, rerun: 64) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (rerun: 64) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) (async) lsm_get_self_attr(0x66, &(0x7f0000000240)={0x0, 0x0, 0x3b, 0x1b, ""/27}, &(0x7f0000000100)=0x3b, 0x0) (async) socket$inet6(0xa, 0x3, 0x8000000003c) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) (rerun: 32) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4) (async, rerun: 64) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) (async, rerun: 64) syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r4 = socket$kcm(0x10, 0x2, 0x0) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f00000000c0)={0x0, 'rose0\x00', {0x1}, 0x5}) (async, rerun: 32) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r3, 0x58, &(0x7f0000000140)}, 0x10) (async, rerun: 32) r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) (async, rerun: 64) r8 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async, rerun: 64) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r9, r8, 0x26, 0x0, 0x0, @void, @value}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r9}, &(0x7f0000000000), &(0x7f0000000080)=r5}, 0x20) perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9c}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg$unix(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0) sendmsg$inet(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0) (async) recvmsg$unix(r7, &(0x7f0000000a80)={0x0, 0x0, &(0x7f00000002c0)}, 0x40000022) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x2, 0x5, 0x1, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async, rerun: 32) ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, &(0x7f0000000380)={{r2}, 0x3, &(0x7f00000002c0)=[0x8, 0xffffffffef38b98b, 0xd], 0x0, 0x8}) (async, rerun: 32) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="a1ab0000000000000e003200000008001701"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x0) 1.638597145s ago: executing program 1 (id=3963): r0 = socket$kcm(0x2, 0x3, 0x84) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000400b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{0xffffffffffffffff, 0xffffffffffffffff}, 0x0, &(0x7f00000002c0)}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=@framed={{}, [@map_idx_val={0x18, 0x2, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x8}, @map_val={0x18, 0x6, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x681}, @ldst={0x0, 0x3, 0x2, 0x2, 0x0, 0x50, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @map_idx_val={0x18, 0x7, 0x6, 0x0, 0xd}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r5 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0) ioctl$EVIOCGRAB(r5, 0x40044590, &(0x7f0000000200)) ioctl$EVIOCGABS20(r5, 0x40044591, 0x0) sendmsg$inet(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04180a332e94ee4784fffee263c06f2d924e8699b6af71aa257b5a316af31628e5148c7012f4d55ce4c29fea9e5b0b61fdf0b2dc866fa81b4e775e235eaebe330e16114548f147b8a966bf1f1fc6c24b9d47d349c87c3f789d2ba608cd25b17b6c80a7f0ceb4a06ff270ff8c9f0d3a19133f1fdfd51b767b8cef1f36e5490c5df5fcb378a6fb6eb5d8aaf7791ce81f61a05e1ebdd1789eb70ac1f3dfed378f6f3e237120052113a75ab977796117f7e7b2d6ee499f51dc070c820d10a0eaef4fc94ddc648bafae070caf70c465267497b3de963df649e113e2060c82b057abfae0798d424c81aeb42796189eb0936a2c547a5c4d6351ed786c75beb926118fb7af49ecc00b545fe2563bd4294a982980afed3f9cf390f304611db4c6d7b64d64f38db5fde5cf7cadb29c697013b710e0218660671d0051ddd7fb7f5eb72a34f469b2e20600000091817eb5b952af43d1a40f4770e7220fcdfe25d3e9747e2af76ece5922724840afdba6f6f9e1d11db8561e8e836413ee04d6e084700ec1ac0e00569f0e4d4844f4710299aabbef615c33e276544669ce074528938ec0cc6d2af1ce7a47a64ad676f08507aa08d4210f979ef4aacfa4d524c9952d4743d65c3c527302942a8880116ce7ebc6c84778346f02c806bb466db7d313d7ebc7ea87823d4a8de0b697929fb3277012327827801f75ca3c5776d1a81acb160007f73148dfaf05ab7eed5a0e603ac468eb2bcd9de5f140758e74c20a9931187e0cbc857aa62a4cec8a62f7e31af3a78cdb8608551cdd68e83aebb3c9e05519184ff996c336553fa6bf16865cd6c4eacf1e360b029cdae41070f5fd183ea0eaae427505d56994ccfd0737aae3abbc45f56710d2e3f2662bf4514044f7fa03cde28fa1783970d3c676cb23cb1923a9feb233267ef663936ccf25f7597a2270724527bf468d22786d0548b25582180b72c51742c4e5c373a1008dd4cfba508e8f3f8ec35e6f1375a11b1fbe2dc09e9fe609e80112c8f5c895c922cd547def707b7252d7afa0030d008b1dd10fd4a56e30237a6e0229fb4562cb8df3d4e64b28e15c075e59554e9d61a6065d49c1e765a49195cf5d6b1e2b6192447817fedfe41fcdf9a4fc5af567906e4b6453da7b97eac255cc253d7bceba09f67da4815438583c6843366b76d9e9277558e48681e9cfa920b47aea0e5c46ef86ea7f1ef534cf7565b24b833ba2cbfe60e6271614850dd68f2a8a6be4f315b83abb8e2699ed8e2a4b3506f9dacbb180c4deeef7489f49faf34cdf4e91a402956564f854d71c892e4aada1c91647ce45d4834d000e8d5be1773ecae388e511228977a69d4cc67fbab60ee1555a219e41eebc31807a87d9cbe88a8b05959e1a988f6ea6ed73a6ac1ec2f3d74d73eaa91a39308e008b7fa1ecc2a020f495750f9936d9c07130d950a777c0d8d131416ef55a4ec041113df65ba4aea92fcb3e2268510f316bd17f04993b6473338fe7c08fd9874e743a31582162232c7d6c614e7b3513abcc0feb99b2c9111300004fe291f5bd682c039183e61c1fdac90b2a", 0x45e}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x14}, @loopback}}}], 0x20}, 0x0) 1.106700814s ago: executing program 4 (id=3973): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r3) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x64, 0x4, 0x0, 0x1, [{0x60, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x50, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x2c, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x27}, @NFTA_PAYLOAD_CSUM_FLAGS={0x0, 0x8, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_BASE={0x8}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x42, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xb8}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) syz_io_uring_setup(0x2c0c, &(0x7f0000000400)={0x0, 0x0, 0x4002}, 0x0, 0x0) 1.043830335s ago: executing program 2 (id=3974): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x10, 0xa401) ioctl$USBDEVFS_ALLOC_STREAMS(r1, 0x8008551c, &(0x7f00000002c0)={0x2ffe, 0x1, [{0x1, 0x1}]}) 952.536806ms ago: executing program 2 (id=3975): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f6873720000000014000100766574"], 0xfc}}, 0x0) 951.934896ms ago: executing program 2 (id=3976): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000140)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x23) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 947.210726ms ago: executing program 0 (id=3977): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) io_pgetevents(0x0, 0xa, 0x0, 0x0, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f0000000340)=@name={0x1e, 0x2, 0x3, {{0x41}, 0x4}}, 0x10) r3 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) r4 = syz_open_dev$usbfs(&(0x7f00000002c0), 0xfffffffffffffffe, 0x10081) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f00000004c0)=@usbdevfs_driver={0xc82b, 0x55e, &(0x7f0000000740)="cd950f1d06d06270849ddc3754cc4d02648a59277730aab2f036b1afaaeabf8f20f276c2e9354d3ac418d309e9e98623864560902c4e1a608dd84570954cd5e649e0a898fc1e41be21444bdf9ceff2af9e9e80aba4e3f6cf62bd37d773689d0e72741b8d2872ae0f12176c5b8e39b884995aa90569fca5430404d2d66f9d752c20303bd314"}) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r7}, 0x10) sendmmsg$inet(r5, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da76", 0x87}, {&(0x7f0000000440)="029993440c7a0c8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d0822475586252162f35e73407b8e7743f25c13d084252dd5b49c0db3c6b4361aca8", 0x3e}], 0x2}}], 0x1, 0xc0) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) close_range(r0, 0xffffffffffffffff, 0x0) 919.468186ms ago: executing program 2 (id=3978): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f68737200000000"], 0xfc}}, 0x0) 912.770147ms ago: executing program 4 (id=3979): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r3) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x64, 0x4, 0x0, 0x1, [{0x60, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x50, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x2c, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x27}, @NFTA_PAYLOAD_CSUM_FLAGS={0x0, 0x8, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_BASE={0x8}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x42, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xb8}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10) 911.838357ms ago: executing program 0 (id=3980): r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1}}) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2d, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r5}, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x18, 0x0, 0x0) gettid() timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r6 = semget$private(0x0, 0x6, 0x0) semtimedop(r6, &(0x7f00000003c0)=[{0x2, 0x4, 0x1800}], 0x1, 0x0) write$eventfd(0xffffffffffffffff, &(0x7f0000000140)=0xfffffffffffffff8, 0x8) 894.789057ms ago: executing program 2 (id=3981): pipe(&(0x7f0000005880)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x19, 0xb, &(0x7f0000000180)=ANY=[@ANYRESDEC=r1], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) r3 = socket(0x10, 0x3, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB="00000000000000000f00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB="94000000", @ANYRES16=r5, @ANYBLOB="000226bd7000fedbdf25090000000c0099000e00000034000000740050801800088004000100040002000400020004000200040001000d0004001096c1fdec301163930000000500020005000000090001003630d81f100000001100010011b9b039467c04191ffc4485fb00000009000100b833168b1c00000011000100504d51cf3f1a9f2214a87f0739000000"], 0x94}}, 0x20000c0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffff00000400000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0xfffffffffffffff7}, 0x18) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18) sendmsg$nl_route_sched(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000ec0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) socket$inet6_sctp(0xa, 0x1, 0x84) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x8, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10) mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) r11 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r11, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4) connect$inet(r11, &(0x7f0000000480)={0x2, 0x4e20, @remote}, 0x10) sendmmsg(r11, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$inet_int(r11, 0x0, 0xc, &(0x7f0000000b80)=0xf, 0x4b) 836.865917ms ago: executing program 2 (id=3982): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) socket$nl_rdma(0x10, 0x3, 0x14) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'xfrm0\x00', 0x400}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x7) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x800000000003}, 0x1320, 0xffffffff, 0x3, 0x5, 0x4, 0x1088f109, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002380)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = socket(0x15, 0x5, 0x0) getsockopt(r5, 0x200000000114, 0x2712, 0x0, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe) r6 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14) fcntl$setsig(r6, 0xa, 0x13) r7 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff9) add_key$keyring(&(0x7f0000000100), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r7) fcntl$setlease(r6, 0x400, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x4e21, @multicast2}}}, 0x88) r8 = syz_open_dev$sg(&(0x7f00000003c0), 0xfffffffffffffff2, 0x20000) ioctl$SG_GET_SCSI_ID(r8, 0x2276, &(0x7f0000000400)) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000980)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000300000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000002000000ac1414bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x210) sendfile(r1, r1, 0x0, 0x7a680000) 835.437998ms ago: executing program 0 (id=3983): syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r3) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x64, 0x4, 0x0, 0x1, [{0x60, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x50, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x2c, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8, 0x4, 0x1, 0x0, 0x27}, @NFTA_PAYLOAD_CSUM_FLAGS={0x0, 0x8, 0x1, 0x0, 0x1}, @NFTA_PAYLOAD_BASE={0x8}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x42, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xb8}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}]}}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10) 794.197908ms ago: executing program 4 (id=3984): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10b8}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) unshare(0x2c020400) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) memfd_secret(0x80000) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b705000008000000850000006900"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) 761.004479ms ago: executing program 4 (id=3985): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xffffffff, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3122}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x18) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000400)={[{@nogrpid}, {@noblock_validity}, {@noquota}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x4}}, {@orlov}]}, 0x1, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") lremovexattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@known='system.posix_acl_access\x00') 754.239808ms ago: executing program 1 (id=3986): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) socket$nl_rdma(0x10, 0x3, 0x14) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'xfrm0\x00', 0x400}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x7) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x106, 0x40001, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x800000000003}, 0x1320, 0xffffffff, 0x3, 0x5, 0x4, 0x1088f109, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002380)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = socket(0x15, 0x5, 0x0) getsockopt(r5, 0x200000000114, 0x2712, 0x0, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe) r6 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x14) fcntl$setsig(r6, 0xa, 0x13) r7 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffff9) add_key$keyring(&(0x7f0000000100), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, r7) fcntl$setlease(r6, 0x400, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)) timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x4e21, @multicast2}}}, 0x88) r8 = syz_open_dev$sg(&(0x7f00000003c0), 0xfffffffffffffff2, 0x20000) ioctl$SG_GET_SCSI_ID(r8, 0x2276, &(0x7f0000000400)) sendfile(r1, r1, 0x0, 0x7a680000) truncate(&(0x7f0000000200)='./file2\x00', 0x7) 713.54291ms ago: executing program 0 (id=3987): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'hsr0\x00'}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x17, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) close(0x3) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_usb_connect(0x3, 0x1c, 0x0, 0x0) r4 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) bind$can_j1939(r4, &(0x7f0000000100)={0x1d, r5, 0x2, {0x3, 0x0, 0x3}, 0x1}, 0x18) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r4) sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x14, r6, 0x800, 0x70bd2c, 0x25dfdbfd}, 0x14}}, 0x10) 674.55366ms ago: executing program 4 (id=3988): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f00000000c0), 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) close(r2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = signalfd(0xffffffffffffffff, &(0x7f00000006c0), 0x8) mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) sendto$inet6(r1, &(0x7f0000000780)="d27c", 0x2, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) sendmmsg$inet6(r1, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)="97355d38", 0x4}, {&(0x7f0000000480)="24fabe62f43dda1a0b50ed426e5ec6f6aba8af835a80b8e2c9804ea8688b211898e3a20b262b8b7b43781c6658b6b34611867d8f029e642a151b73ac3978d6a4ca3d970068fe7200b0bebca69a4829a85b3d39b5069c1cd3f298068aed997f57f599ebee8f5ad0c599d438beb9acde8a5226827e380233d910bdaef1dfc8b12bcc2a574193a0dbd52fc3f51be3af359d9e86b7649d4c132b26748be4c47d5914011a3b91e63195c71dded0583108a6cc1267cf88775d", 0xb6}, {&(0x7f00000002c0)="9dd4fd4d74f9eb3333c6d8dffba35897b90aa30e862a2c3b99112e60c40151999c687d3dce081e16a57b2b951c808474ff56f947effa8bae697442625ac8b6fc9cafa17fed4a778b23f1e6339eb99f3c3ccec00abc1bdebbbeb6b1e8afb5c3d346", 0x61}, {&(0x7f00000003c0)="7efbeeed17192430991bf7ddf551c1ae1e6fedf02a0cf6b56eb4606a101ab7fde163729fb0927efbab3226a299e27803b2b0ebd644bbbbef4f6e5a4dfd80ffbf06e127ac2fd76862d9b4d4fcce78a17673f62505eb74bb06383498899ea5848e1c06b533a70f72cb242f523f74545a85c86dca3e949472333c59d3cae424c4e28cb75c45d0ab5576172a857f1d228eaf622dfe6e2f4ca61251f53969bab6", 0x9e}, {&(0x7f0000000640)="e7bb4e7fa968a53d6f4cf5ea1ca1eb426852cf436df1c840853e72ae2943e9c49428fef296f494dd857dfb4508fb165465d536bc45383a3ecc17dc802d8fb9beb8f38db8ec82d5e7d00873938df99df7", 0x50}], 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="14000000000020002900000034000000070000000000000018b9eea00000000000000029000000360000006240000000ff48e18e12b943f768f38450ec"], 0x30}}, {{&(0x7f0000000540)={0xa, 0x4e20, 0x1, @private2, 0x6}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000580)="d0391999", 0x4}], 0x1}}], 0x2, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) socket$packet(0x11, 0xa, 0x300) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r5 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext={0x5, 0x800000000003}, 0x100000, 0x5dd8, 0x5, 0x3, 0x0, 0x8, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) poll(&(0x7f00000001c0)=[{r5, 0x140}], 0x1, 0x800) prctl$PR_SCHED_CORE(0x36, 0x0, 0x0, 0x3, 0x0) r6 = socket(0x10, 0x3, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000140)={'bridge_slave_1\x00', &(0x7f0000000100)=@ethtool_stats}) 205.857507ms ago: executing program 3 (id=3989): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000140)=[{{0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x23) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 146.616278ms ago: executing program 3 (id=3990): prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) io_pgetevents(0x0, 0xa, 0x0, 0x0, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f0000000340)=@name={0x1e, 0x2, 0x3, {{0x41}, 0x4}}, 0x10) r3 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10) r4 = syz_open_dev$usbfs(&(0x7f00000002c0), 0xfffffffffffffffe, 0x10081) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f00000004c0)=@usbdevfs_driver={0xc82b, 0x55e, &(0x7f0000000740)="cd950f1d06d06270849ddc3754cc4d02648a59277730aab2f036b1afaaeabf8f20f276c2e9354d3ac418d309e9e98623864560902c4e1a608dd84570954cd5e649e0a898fc1e41be21444bdf9ceff2af9e9e80aba4e3f6cf62bd37d773689d0e72741b8d2872ae0f12176c5b8e39b884995aa90569fca5430404d2d66f9d752c20303bd314"}) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r5, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r7}, 0x10) sendmmsg$inet(r5, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6941c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c35225ff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041bdc61529260e6c4046d55927c96dcce1609b9c4f8424b9da76", 0x87}, {&(0x7f0000000440)="029993440c7a0c8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d0822475586252162f35e73407b8e7743f25c13d084252dd5b49c0db3c6b4361aca8", 0x3e}], 0x2}}], 0x1, 0xc0) sendto$inet(r5, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) close_range(r0, 0xffffffffffffffff, 0x0) 145.684838ms ago: executing program 0 (id=3991): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18) statx(0xffffffffffffffff, 0x0, 0x6000, 0x4, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10) unshare(0x44040200) syz_emit_ethernet(0x5e, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd6000000800283afffe0000000000000000000000000000aaff02"], 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0900000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000900000000000000000050c41f7f4eced1feeb9646f15b968b93"], 0x50) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000070a8f00e3ffffffb7030000c71f8456b70400000000000085000000030000009d000000000000001cbdbf893c00492d1c720a34670182b172a01bc1a60a398fa05aef2089fe28bf344de556acd2fcba1c5f516e50a312802f9d16cebec4faedcd226ff813ac4783bfcc3699ed59bc941a550d1725"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r7}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0200}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1b, &(0x7f0000002140)={0x1, &(0x7f00000000c0)=[{0x6}]}) r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r0) sendmsg$IEEE802154_ASSOCIATE_RESP(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000005c0)={0x4c, r8, 0x200, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0xdd}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x4}, @IEEE802154_ATTR_STATUS={0x5}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x24008844) openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000440)={0x7, &(0x7f00000001c0)=[{0x9, 0x4, 0x3, 0x7}, {0x8, 0x2, 0xb}, {0x1, 0x7, 0x45, 0x80000000}, {0x9, 0x3, 0x6, 0x2}, {0x0, 0x7}, {0x3, 0x4, 0x4, 0x70000000}, {0x6, 0x31, 0x9, 0x3}]}) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001200)={0x11, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kfree\x00', r10}, 0x18) r11 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x20, 0x3, 0x8, 0x101, 0x0, 0x0, {}, [@CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @tcp}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x20}}, 0x0) 130.585118ms ago: executing program 3 (id=3992): pipe(&(0x7f0000005880)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x19, 0xb, &(0x7f0000000180)=ANY=[@ANYRESDEC=r1], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) r3 = socket(0x10, 0x3, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f00000100000000000000", @ANYRES32, @ANYBLOB="00000000000000000f00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_KEY(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)=ANY=[@ANYBLOB="94000000", @ANYRES16=r5, @ANYBLOB="000226bd7000fedbdf25090000000c0099000e00000034000000740050801800088004000100040002000400020004000200040001000d0004001096c1fdec301163930000000500020005000000090001003630d81f100000001100010011b9b039467c04191ffc4485fb00000009000100b833168b1c00000011000100504d51cf3f1a9f2214a87f0739000000"], 0x94}}, 0x20000c0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="ffffffff00000400000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0xfffffffffffffff7}, 0x18) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0}, 0x18) sendmsg$nl_route_sched(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000ec0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) socket$inet6_sctp(0xa, 0x1, 0x84) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, 0x0, 0x8, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10) mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0) r11 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r11, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4) connect$inet(r11, &(0x7f0000000480)={0x2, 0x4e20, @remote}, 0x10) sendmmsg(r11, &(0x7f0000007fc0), 0x800001d, 0x0) setsockopt$inet_int(r11, 0x0, 0xc, &(0x7f0000000b80)=0xf, 0x4b) 104.773319ms ago: executing program 3 (id=3993): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x120, 0x65, 0x2, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0xa}, {0x0, 0x1}, {0x0, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x64, 0x2, [@TCA_CGROUP_EMATCHES={0x60, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x14, 0x1, 0x0, 0x0, {{0x7, 0x2, 0xffff}, {0x4, 0x1, 0x2, 'w'}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x2c, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0x0, 0x4, 0xb}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x26, 0x73, 0x1}, {0x1, 0xd6}}}]}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x0, 0x8, 0x1}, {0x4, 0x3, 0x6}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6a}}]}]}}, @filter_kind_options=@f_flower={{0xb}, {0x3c, 0x2, [@TCA_FLOWER_KEY_ICMPV6_TYPE={0x5}, @TCA_FLOWER_KEY_ENC_UDP_DST_PORT={0x6}, @TCA_FLOWER_KEY_VLAN_PRIO={0x5, 0x18, 0x5}, @TCA_FLOWER_KEY_MPLS_OPTS={0x8, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x4}}, @TCA_FLOWER_KEY_IP_TTL_MASK={0x5, 0x4c, 0x1}, @TCA_FLOWER_KEY_ICMPV4_CODE_MASK={0x5}, @TCA_FLOWER_KEY_ENC_IP_TOS={0x5, 0x50, 0x2}]}}, @filter_kind_options=@f_matchall={{0xd}, {0x34, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xc, 0x3}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xffe0, 0xffe0}}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0xfff3, 0xd}}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x1}, @TCA_MATCHALL_CLASSID={0x8, 0x1, {0x4, 0xf}}]}}]}, 0x120}, 0x1, 0x0, 0x0, 0x81}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400}) 65.700929ms ago: executing program 3 (id=3994): syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0) 0s ago: executing program 3 (id=3995): r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000c80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xb6, 0xb6, 0x4, [@union={0x7, 0x1, 0x0, 0x5, 0x1, 0x6, [{0x7, 0x2, 0x7fff}]}, @restrict={0xc, 0x0, 0x0, 0xb, 0x5}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x1, 0x2}}, @datasec={0x6, 0x9, 0x0, 0xf, 0x2, [{0x2, 0x54abbe13, 0x9}, {0x4, 0x7f, 0x40}, {0x5, 0x1, 0xfffffff5}, {0x4, 0xfffffff2, 0xfe68}, {0x5, 0x5be, 0x4}, {0x5, 0x0, 0x9}, {0x4, 0x3, 0x5}, {0x3, 0x9, 0x1}, {0x4, 0x4, 0x7}], "35fb"}]}, {0x0, [0x61, 0x0]}}, &(0x7f0000000040)=""/19, 0xd4, 0x13, 0x0, 0x0, 0x10000, @value}, 0x28) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000340)=ANY=[@ANYRESHEX=r1, @ANYBLOB="132091f6c83f8fd9b7eff20a4f630c8be4b03730aafff4bdc00f21e79b6ae5dfcbc016e25fc05980db365ec170a92865969232fc3a57ecb12def46fe0959d4590a5046d5e3304d9a7e6e64a6cb4198eb57db79b63e87d4c2fac4eae98163fe1fba8ae64516b1321716413fc5fe0ea63f4f3118a1802d8679625e41238bb4987158bb901a9c401a84b01b6b52f373e8bc3913f56e928d41224bae8f247c13ad77412aa8feb7948cb4b000b307c63ada784e2732cf5ca85c476dae19b8713a74231b46009daa5f68"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10) gettid() r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff5]}, 0x8, 0x0) readv(r4, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000280)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@bsdgroups}, {@auto_da_alloc}, {@jqfmt_vfsv1}, {@nouid32}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@grpjquota}, {}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = socket$rds(0x15, 0x5, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) bind$rds(r6, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r6, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f00000012c0)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x2}, {&(0x7f0000001080)=""/148, 0x94}, &(0x7f00000011c0)=[{&(0x7f0000001140)=""/102, 0x66}], 0x1, 0x60, 0xffffffff00000001}}], 0x48, 0x8004}, 0x0) kernel console output (not intermixed with test programs): e loop0): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 212.092055][T12330] macvtap1: entered promiscuous mode [ 212.106100][T12325] EXT4-fs (loop0): 1 truncate cleaned up [ 212.113526][T12330] bond_slave_0: entered promiscuous mode [ 212.122685][T12330] bond_slave_1: entered promiscuous mode [ 212.128519][T12330] bond0: entered promiscuous mode [ 212.135524][T12330] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 212.143062][T12330] team0: Device macvtap1 failed to register rx_handler [ 212.150511][T12330] bond0: left promiscuous mode [ 212.155733][T12330] bond_slave_0: left promiscuous mode [ 212.161251][T12330] bond_slave_1: left promiscuous mode [ 212.161291][T12333] loop3: detected capacity change from 0 to 512 [ 212.173637][T12333] EXT4-fs: Ignoring removed orlov option [ 212.199219][T12333] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 212.343866][T12343] FAULT_INJECTION: forcing a failure. [ 212.343866][T12343] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 212.357200][T12343] CPU: 0 UID: 0 PID: 12343 Comm: syz.4.3082 Not tainted 6.14.0-syzkaller-11144-g1e7857b28020 #0 PREEMPT(voluntary) [ 212.357313][T12343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 212.357327][T12343] Call Trace: [ 212.357333][T12343] [ 212.357342][T12343] dump_stack_lvl+0xf6/0x150 [ 212.357369][T12343] dump_stack+0x15/0x1a [ 212.357389][T12343] should_fail_ex+0x261/0x270 [ 212.357493][T12343] should_fail+0xb/0x10 [ 212.357557][T12343] should_fail_usercopy+0x1a/0x20 [ 212.357599][T12343] _copy_from_user+0x1c/0xa0 [ 212.357632][T12343] copy_msghdr_from_user+0x54/0x2b0 [ 212.357674][T12343] ? __fget_files+0x186/0x1c0 [ 212.357716][T12343] __sys_sendmsg+0x141/0x240 [ 212.357752][T12343] __x64_sys_sendmsg+0x46/0x50 [ 212.357771][T12343] x64_sys_call+0x26f3/0x2e10 [ 212.357792][T12343] do_syscall_64+0xc9/0x1c0 [ 212.357835][T12343] ? clear_bhb_loop+0x25/0x80 [ 212.357855][T12343] ? clear_bhb_loop+0x25/0x80 [ 212.357876][T12343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.357901][T12343] RIP: 0033:0x7fc9dc50d169 [ 212.357915][T12343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.357933][T12343] RSP: 002b:00007fc9dab2d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 212.357950][T12343] RAX: ffffffffffffffda RBX: 00007fc9dc726160 RCX: 00007fc9dc50d169 [ 212.357962][T12343] RDX: 0000000004000004 RSI: 0000200000000100 RDI: 0000000000000003 [ 212.357974][T12343] RBP: 00007fc9dab2d090 R08: 0000000000000000 R09: 0000000000000000 [ 212.357985][T12343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.357998][T12343] R13: 0000000000000000 R14: 00007fc9dc726160 R15: 00007ffe1ee48a88 [ 212.358017][T12343] [ 213.023888][T12348] loop1: detected capacity change from 0 to 2048 [ 213.075365][T12352] syzkaller1: entered promiscuous mode [ 213.081532][T12352] syzkaller1: entered allmulticast mode [ 213.110162][T12352] loop2: detected capacity change from 0 to 4096 [ 213.143659][T12348] rdma_op ffff888114c15d80 conn xmit_rdma 0000000000000000 [ 213.391039][T12368] bridge_slave_0: left allmulticast mode [ 213.397094][T12368] bridge_slave_0: left promiscuous mode [ 213.402900][T12368] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.414682][T12368] bridge_slave_1: left allmulticast mode [ 213.420625][T12368] bridge_slave_1: left promiscuous mode [ 213.426719][T12368] bridge0: port 2(bridge_slave_1) entered disabled state [ 213.471067][T12368] bond0: (slave bond_slave_0): Releasing backup interface [ 213.494597][T12368] bond0: (slave bond_slave_1): Releasing backup interface [ 213.513650][T12368] team0: Port device team_slave_0 removed [ 213.524025][T12368] team0: Port device team_slave_1 removed [ 213.533506][T12368] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 213.541929][T12368] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 213.555682][T12368] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 213.563426][T12368] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 213.747611][T12386] loop0: detected capacity change from 0 to 256 [ 213.775749][T12386] __nla_validate_parse: 1 callbacks suppressed [ 213.775768][T12386] netlink: 14 bytes leftover after parsing attributes in process `syz.0.3097'. [ 213.805802][T12386] bond0 (unregistering): Released all slaves [ 214.046193][T12391] loop2: detected capacity change from 0 to 512 [ 214.056274][T12391] EXT4-fs (loop2): orphan cleanup on readonly fs [ 214.065372][T12391] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3099: bg 0: block 248: padding at end of block bitmap is not set [ 214.087071][T12391] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.3099: Failed to acquire dquot type 1 [ 214.142250][T12391] EXT4-fs (loop2): 1 truncate cleaned up [ 214.179767][T12391] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 214.238416][T12391] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 214.271036][T12399] loop0: detected capacity change from 0 to 2048 [ 214.329985][T12405] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3104'. [ 214.350605][T12399] hub 2-0:1.0: USB hub found [ 214.366441][T12399] hub 2-0:1.0: 8 ports detected [ 214.379481][T12412] loop2: detected capacity change from 0 to 512 [ 214.412636][T12412] ext4: Unknown parameter 'euid>00000000000000000000' [ 214.429715][T12419] loop3: detected capacity change from 0 to 512 [ 214.442483][T12412] loop2: detected capacity change from 0 to 128 [ 214.454888][T12422] syzkaller1: entered promiscuous mode [ 214.460756][T12422] syzkaller1: entered allmulticast mode [ 214.471326][T12412] ext4 filesystem being mounted at /34/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 214.476015][T12419] EXT4-fs: Ignoring removed orlov option [ 214.509610][T12422] loop0: detected capacity change from 0 to 4096 [ 214.523558][T12429] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 214.530253][T12429] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 214.539385][T12429] vhci_hcd vhci_hcd.0: Device attached [ 214.546989][T12431] vhci_hcd: connection closed [ 214.547174][ T37] vhci_hcd: stop threads [ 214.557157][ T37] vhci_hcd: release socket [ 214.561676][ T37] vhci_hcd: disconnect device [ 214.585589][T12419] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 214.621850][T12408] chnl_net:caif_netlink_parms(): no params data found [ 214.669045][T12408] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.676189][T12408] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.685460][T12408] bridge_slave_0: entered allmulticast mode [ 214.692490][T12408] bridge_slave_0: entered promiscuous mode [ 214.699387][T12408] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.708476][T12408] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.716160][T12408] bridge_slave_1: entered allmulticast mode [ 214.722854][T12408] bridge_slave_1: entered promiscuous mode [ 214.741952][T12408] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 214.752784][T12408] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 214.773769][T12408] team0: Port device team_slave_0 added [ 214.780596][T12408] team0: Port device team_slave_1 added [ 214.800339][T12408] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 214.807612][T12408] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.836994][T12408] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 214.849041][T12408] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 214.856124][T12408] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.882484][T12408] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 214.910350][T12408] hsr_slave_0: entered promiscuous mode [ 214.916746][T12408] hsr_slave_1: entered promiscuous mode [ 214.922977][T12408] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 214.930588][T12408] Cannot create hsr debugfs directory [ 215.102497][T12454] loop4: detected capacity change from 0 to 2048 [ 215.159667][T12454] hub 2-0:1.0: USB hub found [ 215.164475][T12454] hub 2-0:1.0: 8 ports detected [ 215.225726][T12408] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 215.244367][T12408] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 215.256323][T12408] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 215.269135][T12408] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 215.281994][T12465] loop2: detected capacity change from 0 to 256 [ 215.299267][T12408] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.306920][T12408] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.363274][T12408] 8021q: adding VLAN 0 to HW filter on device bond0 [ 215.385497][T12408] 8021q: adding VLAN 0 to HW filter on device team0 [ 215.394497][T12472] loop2: detected capacity change from 0 to 1024 [ 215.401325][T12474] loop0: detected capacity change from 0 to 2048 [ 215.402117][T12472] EXT4-fs: Ignoring removed orlov option [ 215.413965][T12472] EXT4-fs: Ignoring removed nomblk_io_submit option [ 215.416286][ T56] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.445423][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.452766][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 215.464762][ T3530] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.471989][ T3530] bridge0: port 2(bridge_slave_1) entered forwarding state [ 215.484167][T12474] hub 2-0:1.0: USB hub found [ 215.490535][T12474] hub 2-0:1.0: 8 ports detected [ 215.571986][T12485] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3126'. [ 215.586711][T12485] loop0: detected capacity change from 0 to 512 [ 215.593727][T12485] EXT4-fs: Ignoring removed orlov option [ 215.608251][T12485] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 215.691923][T12408] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 215.781374][T12408] veth0_vlan: entered promiscuous mode [ 215.791127][T12408] veth1_vlan: entered promiscuous mode [ 215.805326][T12511] IPv6: Can't replace route, no match found [ 215.832559][T12408] veth0_macvtap: entered promiscuous mode [ 215.850407][T12408] veth1_macvtap: entered promiscuous mode [ 215.863667][T12408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 215.875953][T12408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.890936][T12408] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 215.903186][T12408] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 215.914281][T12408] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 215.978308][T12408] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 215.992506][T12408] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.001871][T12408] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.010626][T12408] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.020233][T12408] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 216.111578][T12523] loop4: detected capacity change from 0 to 128 [ 216.226576][T12523] FAT-fs (loop4): bogus number of reserved sectors [ 216.233416][T12523] FAT-fs (loop4): Can't find a valid FAT filesystem [ 216.242274][T12530] loop1: detected capacity change from 0 to 8192 [ 216.312337][ T29] kauditd_printk_skb: 82 callbacks suppressed [ 216.312355][ T29] audit: type=1400 audit(1743481984.170:2366): avc: denied { create } for pid=12529 comm="syz.1.3103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1 [ 216.382315][T12537] loop3: detected capacity change from 0 to 512 [ 216.485736][ T29] audit: type=1326 audit(1743481984.200:2367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c7f9d169 code=0x7ffc0000 [ 216.489896][T12537] EXT4-fs (loop3): orphan cleanup on readonly fs [ 216.510032][ T29] audit: type=1326 audit(1743481984.200:2368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c7f9d169 code=0x7ffc0000 [ 216.540467][ T29] audit: type=1326 audit(1743481984.200:2369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f85c7f9d169 code=0x7ffc0000 [ 216.542203][T12544] loop1: detected capacity change from 0 to 1024 [ 216.565199][ T29] audit: type=1326 audit(1743481984.200:2370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c7f9d169 code=0x7ffc0000 [ 216.595339][ T29] audit: type=1326 audit(1743481984.200:2371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85c7f9d169 code=0x7ffc0000 [ 216.617204][T12537] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3143: bg 0: block 248: padding at end of block bitmap is not set [ 216.620772][ T29] audit: type=1326 audit(1743481984.200:2372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c7f9d169 code=0x7ffc0000 [ 216.659595][ T29] audit: type=1326 audit(1743481984.200:2373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f85c7f9d169 code=0x7ffc0000 [ 216.683513][ T29] audit: type=1326 audit(1743481984.200:2374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12529 comm="syz.1.3103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c7f9d169 code=0x7ffc0000 [ 216.697507][T12544] EXT4-fs: Ignoring removed orlov option [ 216.713312][T12544] EXT4-fs: Ignoring removed nomblk_io_submit option [ 216.736620][T12537] Quota error (device loop3): write_blk: dquota write failed [ 216.744273][T12537] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.3143: Failed to acquire dquot type 1 [ 216.784637][T12551] loop0: detected capacity change from 0 to 2048 [ 216.800735][T12537] EXT4-fs (loop3): 1 truncate cleaned up [ 216.827314][T12551] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3147: bg 0: block 234: padding at end of block bitmap is not set [ 216.838912][T12560] loop2: detected capacity change from 0 to 512 [ 216.843109][T12551] EXT4-fs (loop0): Remounting filesystem read-only [ 216.855371][T12537] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 216.869151][T12537] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.3143: Failed to acquire dquot type 1 [ 216.888214][T12537] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 216.908726][T12560] EXT4-fs (loop2): orphan cleanup on readonly fs [ 216.925796][T12560] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3149: bg 0: block 248: padding at end of block bitmap is not set [ 216.947138][T12560] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.3149: Failed to acquire dquot type 1 [ 216.964747][T12560] EXT4-fs (loop2): 1 truncate cleaned up [ 216.974041][T12560] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 216.975879][T12569] bridge_slave_0: left allmulticast mode [ 216.989457][T12569] bridge_slave_0: left promiscuous mode [ 216.995168][T12569] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.997161][T12560] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.3149: Failed to acquire dquot type 1 [ 217.017477][T12560] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 217.018234][T12569] bridge_slave_1: left allmulticast mode [ 217.039406][T12569] bridge_slave_1: left promiscuous mode [ 217.045390][T12569] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.059650][T12569] bond0: (slave bond_slave_0): Releasing backup interface [ 217.078325][T12569] bond0: (slave bond_slave_1): Releasing backup interface [ 217.092160][T12569] team0: Port device team_slave_0 removed [ 217.104389][T12569] team0: Port device team_slave_1 removed [ 217.113840][T12569] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 217.121991][T12569] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 217.122184][T12576] loop2: detected capacity change from 0 to 512 [ 217.139110][T12569] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 217.147107][T12569] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 217.165853][T12576] EXT4-fs (loop2): orphan cleanup on readonly fs [ 217.174215][T12576] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3154: bg 0: block 248: padding at end of block bitmap is not set [ 217.193292][T12576] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.3154: Failed to acquire dquot type 1 [ 217.211247][T12576] EXT4-fs (loop2): 1 truncate cleaned up [ 217.225219][T12576] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 217.238672][T12576] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.3154: Failed to acquire dquot type 1 [ 217.255236][T12576] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 217.532959][T12612] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 217.539699][T12612] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 217.548070][T12612] vhci_hcd vhci_hcd.0: Device attached [ 217.575460][T12614] vhci_hcd: connection closed [ 217.576012][ T56] vhci_hcd: stop threads [ 217.585874][ T56] vhci_hcd: release socket [ 217.591033][ T56] vhci_hcd: disconnect device [ 217.611552][T12619] loop2: detected capacity change from 0 to 1024 [ 217.621202][T12619] EXT4-fs: Ignoring removed orlov option [ 217.627279][T12619] EXT4-fs: Ignoring removed nomblk_io_submit option [ 217.734121][T12631] loop3: detected capacity change from 0 to 2048 [ 217.792966][T12631] hub 2-0:1.0: USB hub found [ 217.803113][T12631] hub 2-0:1.0: 8 ports detected [ 217.851683][T12643] loop3: detected capacity change from 0 to 2048 [ 217.892976][T12645] loop4: detected capacity change from 0 to 8192 [ 217.946684][T12643] hub 2-0:1.0: USB hub found [ 217.951803][T12643] hub 2-0:1.0: 8 ports detected [ 218.002850][T12651] loop2: detected capacity change from 0 to 2048 [ 218.025869][T12651] rdma_op ffff888118a7a180 conn xmit_rdma 0000000000000000 [ 218.077723][T12663] loop3: detected capacity change from 0 to 512 [ 218.086395][T12663] EXT4-fs (loop3): orphan cleanup on readonly fs [ 218.095381][T12663] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3188: bg 0: block 248: padding at end of block bitmap is not set [ 218.125519][T12663] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.3188: Failed to acquire dquot type 1 [ 218.139817][T12668] loop2: detected capacity change from 0 to 2048 [ 218.147107][T12663] EXT4-fs (loop3): 1 truncate cleaned up [ 218.158845][T12663] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 218.179309][T12663] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.3188: Failed to acquire dquot type 1 [ 218.199550][T12663] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 218.216145][T12677] loop1: detected capacity change from 0 to 128 [ 218.232480][T12668] hub 2-0:1.0: USB hub found [ 218.237317][T12668] hub 2-0:1.0: 8 ports detected [ 218.242949][T12676] loop4: detected capacity change from 0 to 256 [ 218.325982][T12685] bridge_slave_0: left allmulticast mode [ 218.331768][T12685] bridge_slave_0: left promiscuous mode [ 218.337628][T12685] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.347966][T12685] bridge_slave_1: left allmulticast mode [ 218.353779][T12685] bridge_slave_1: left promiscuous mode [ 218.359803][T12685] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.373029][T12685] bond0: (slave bond_slave_0): Releasing backup interface [ 218.380459][T12690] loop1: detected capacity change from 0 to 2048 [ 218.389942][T12685] bond0: (slave bond_slave_1): Releasing backup interface [ 218.401399][T12690] rdma_op ffff88811a5d0580 conn xmit_rdma 0000000000000000 [ 218.402300][T12685] team0: Port device team_slave_0 removed [ 218.421970][T12685] team0: Port device team_slave_1 removed [ 218.431257][T12685] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 218.438937][T12685] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 218.444339][T12698] loop1: detected capacity change from 0 to 512 [ 218.454982][T12685] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 218.455801][T12698] ext4: Unknown parameter 'euid>00000000000000000000' [ 218.462485][T12685] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 218.479612][T12698] loop1: detected capacity change from 0 to 128 [ 218.490706][T12698] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 218.523833][T12701] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 218.531104][T12701] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 218.539314][T12701] vhci_hcd vhci_hcd.0: Device attached [ 218.548708][T12702] vhci_hcd: connection closed [ 218.549330][ T1870] vhci_hcd: stop threads [ 218.558686][ T1870] vhci_hcd: release socket [ 218.563227][ T1870] vhci_hcd: disconnect device [ 218.647081][T12708] loop3: detected capacity change from 0 to 1024 [ 218.654947][T12708] EXT4-fs: Ignoring removed orlov option [ 218.661787][T12708] EXT4-fs: Ignoring removed nomblk_io_submit option [ 218.875103][T12718] loop3: detected capacity change from 0 to 512 [ 218.882535][T12718] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 218.892035][T12718] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 218.901069][T12718] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 218.910659][T12718] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 218.918760][T12718] System zones: 0-2, 18-18, 34-34 [ 218.925912][T12718] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 218.941870][T12718] EXT4-fs (loop3): 1 truncate cleaned up [ 219.074236][T12722] loop2: detected capacity change from 0 to 512 [ 219.093008][T12722] EXT4-fs (loop2): orphan cleanup on readonly fs [ 219.100345][T12722] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3207: bg 0: block 248: padding at end of block bitmap is not set [ 219.118621][T12722] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.3207: Failed to acquire dquot type 1 [ 219.132874][T12722] EXT4-fs (loop2): 1 truncate cleaned up [ 219.143395][T12722] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 219.167956][T12722] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 219.277342][T12730] loop2: detected capacity change from 0 to 2048 [ 219.329265][T12730] hub 2-0:1.0: USB hub found [ 219.334180][T12730] hub 2-0:1.0: 8 ports detected [ 219.356184][T12738] loop4: detected capacity change from 0 to 2048 [ 219.385029][T12740] netlink: 232 bytes leftover after parsing attributes in process `syz.2.3214'. [ 219.393398][T12742] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3215'. [ 219.400960][T12740] macvtap1: entered promiscuous mode [ 219.418458][T12740] bond0: entered promiscuous mode [ 219.423951][T12740] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 219.433915][T12740] team0: Device macvtap1 failed to register rx_handler [ 219.436318][T12746] loop1: detected capacity change from 0 to 2048 [ 219.450190][T12740] bond0: left promiscuous mode [ 219.455610][T12738] hub 2-0:1.0: USB hub found [ 219.460597][T12747] loop2: detected capacity change from 0 to 512 [ 219.461578][T12738] hub 2-0:1.0: 8 ports detected [ 219.470309][T12747] EXT4-fs: Ignoring removed orlov option [ 219.509629][T12747] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 219.531712][T12746] hub 2-0:1.0: USB hub found [ 219.537055][T12746] hub 2-0:1.0: 8 ports detected [ 219.589113][T12757] loop0: detected capacity change from 0 to 2048 [ 219.603019][T12759] loop1: detected capacity change from 0 to 512 [ 219.622407][T12759] EXT4-fs (loop1): orphan cleanup on readonly fs [ 219.633362][T12757] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3219: bg 0: block 234: padding at end of block bitmap is not set [ 219.651078][T12759] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3220: bg 0: block 248: padding at end of block bitmap is not set [ 219.665698][T12757] EXT4-fs (loop0): Remounting filesystem read-only [ 219.673500][T12759] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.3220: Failed to acquire dquot type 1 [ 219.685698][T12759] EXT4-fs (loop1): 1 truncate cleaned up [ 219.695003][T12759] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 219.708684][T12759] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 219.737785][T12770] loop0: detected capacity change from 0 to 512 [ 219.739535][T12771] netlink: 232 bytes leftover after parsing attributes in process `syz.3.3223'. [ 219.744356][T12770] ext4: Unknown parameter 'euid>00000000000000000000' [ 219.759045][T12771] macvtap1: entered promiscuous mode [ 219.766083][T12771] bond0: entered promiscuous mode [ 219.768082][T12770] loop0: detected capacity change from 0 to 128 [ 219.773285][T12771] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 219.788686][T12770] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 219.800470][T12767] loop4: detected capacity change from 0 to 512 [ 219.802628][T12771] team0: Device macvtap1 failed to register rx_handler [ 219.808108][T12767] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 219.825615][T12771] bond0: left promiscuous mode [ 219.835418][T12774] loop3: detected capacity change from 0 to 512 [ 219.844342][T12774] EXT4-fs: Ignoring removed orlov option [ 219.868935][T12774] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 220.043045][T12783] loop3: detected capacity change from 0 to 256 [ 220.081136][T12785] loop3: detected capacity change from 0 to 256 [ 220.119613][T12787] loop3: detected capacity change from 0 to 2048 [ 220.169455][T12787] hub 2-0:1.0: USB hub found [ 220.175073][T12787] hub 2-0:1.0: 8 ports detected [ 220.212995][T12791] loop3: detected capacity change from 0 to 2048 [ 220.269433][T12791] hub 2-0:1.0: USB hub found [ 220.274470][T12791] hub 2-0:1.0: 8 ports detected [ 220.410607][T12804] loop3: detected capacity change from 0 to 2048 [ 220.469251][T12804] hub 2-0:1.0: USB hub found [ 220.475337][T12804] hub 2-0:1.0: 8 ports detected [ 220.506832][T12808] loop3: detected capacity change from 0 to 512 [ 220.514432][T12808] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 220.523684][T12808] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 220.535489][T12808] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 220.545510][T12808] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 220.548489][T12811] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3235'. [ 220.554732][T12808] System zones: 0-2, 18-18, 34-34 [ 220.571435][T12808] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 220.593535][T12808] EXT4-fs (loop3): 1 truncate cleaned up [ 220.630776][T12814] loop0: detected capacity change from 0 to 1024 [ 220.638582][T12814] EXT4-fs: Ignoring removed nobh option [ 220.644945][T12814] EXT4-fs: Ignoring removed bh option [ 220.681965][T12814] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pid=12814 comm=syz.0.3237 [ 220.719622][T12827] loop0: detected capacity change from 0 to 512 [ 220.728911][T12827] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 220.738183][T12827] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 220.749629][T12827] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 220.759311][T12827] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 220.768204][T12827] System zones: 0-2, 18-18, 34-34 [ 220.773866][T12827] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 220.791326][T12827] EXT4-fs (loop0): 1 truncate cleaned up [ 220.829304][T12815] chnl_net:caif_netlink_parms(): no params data found [ 220.870667][T12815] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.878514][T12815] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.887679][T12815] bridge_slave_0: entered allmulticast mode [ 220.895068][T12815] bridge_slave_0: entered promiscuous mode [ 220.902385][T12815] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.910065][T12815] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.917487][T12815] bridge_slave_1: entered allmulticast mode [ 220.924048][T12815] bridge_slave_1: entered promiscuous mode [ 220.943344][T12815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 220.954233][T12815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 220.975449][T12815] team0: Port device team_slave_0 added [ 220.982942][T12815] team0: Port device team_slave_1 added [ 221.001892][T12815] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 221.009336][T12815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.036346][T12815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 221.048658][T12815] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 221.056865][T12815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 221.084909][T12815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 221.117024][T12815] hsr_slave_0: entered promiscuous mode [ 221.124486][T12815] hsr_slave_1: entered promiscuous mode [ 221.130973][T12815] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 221.139145][T12815] Cannot create hsr debugfs directory [ 221.384161][T12815] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 221.393749][T12837] loop3: detected capacity change from 0 to 2048 [ 221.394109][T12815] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 221.409412][T12815] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 221.418395][T12815] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 221.434686][T12815] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.442018][T12815] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.450014][T12815] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.452047][T12837] hub 2-0:1.0: USB hub found [ 221.457178][T12815] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.478261][T12837] hub 2-0:1.0: 8 ports detected [ 221.493452][T12815] 8021q: adding VLAN 0 to HW filter on device bond0 [ 221.506250][ T31] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.514547][ T31] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.531180][T12815] 8021q: adding VLAN 0 to HW filter on device team0 [ 221.544660][T12841] loop3: detected capacity change from 0 to 512 [ 221.544663][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.556367][T12841] EXT4-fs (loop3): orphan cleanup on readonly fs [ 221.559131][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 221.575381][T12841] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3240: bg 0: block 248: padding at end of block bitmap is not set [ 221.592292][T12841] __quota_error: 66 callbacks suppressed [ 221.592308][T12841] Quota error (device loop3): write_blk: dquota write failed [ 221.598635][ T31] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.605580][T12841] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 221.612734][ T31] bridge0: port 2(bridge_slave_1) entered forwarding state [ 221.624280][T12841] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.3240: Failed to acquire dquot type 1 [ 221.645710][T12841] EXT4-fs (loop3): 1 truncate cleaned up [ 221.663021][T12841] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 221.670485][T12815] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 221.683534][T12815] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 221.718787][T12841] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 221.727358][T12844] loop0: detected capacity change from 0 to 8192 [ 221.762991][T12815] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 221.860393][T12868] loop0: detected capacity change from 0 to 512 [ 221.867878][T12869] loop3: detected capacity change from 0 to 512 [ 221.878966][T12868] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 221.881859][T12869] ext4: Unknown parameter 'euid>00000000000000000000' [ 221.888708][T12868] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 221.910923][T12868] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 221.921252][T12868] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 221.929830][T12868] System zones: 0-2, 18-18, 34-34 [ 221.932092][T12869] loop3: detected capacity change from 0 to 128 [ 221.942272][T12868] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 221.952857][T12869] ext4 filesystem being mounted at /112/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 221.959410][T12868] EXT4-fs (loop0): 1 truncate cleaned up [ 221.979375][ T29] audit: type=1326 audit(1743481989.840:2422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12867 comm="+}[@" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fee4474d169 code=0x0 [ 222.019699][T12815] veth0_vlan: entered promiscuous mode [ 222.027829][T12815] veth1_vlan: entered promiscuous mode [ 222.044597][T12815] veth0_macvtap: entered promiscuous mode [ 222.053670][T12815] veth1_macvtap: entered promiscuous mode [ 222.064896][T12815] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 222.077044][T12815] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 222.088592][T12815] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.099587][T12815] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.109890][T12815] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.120973][T12815] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.164634][T12881] loop4: detected capacity change from 0 to 1024 [ 222.171996][T12881] EXT4-fs: Ignoring removed orlov option [ 222.177885][T12881] EXT4-fs: Ignoring removed nomblk_io_submit option [ 222.223077][T12885] loop4: detected capacity change from 0 to 512 [ 222.230739][T12885] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 222.240219][T12885] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 222.259557][T12885] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 222.268909][T12885] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 222.277087][T12885] System zones: 0-2, 18-18, 34-34 [ 222.283164][T12885] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 222.298599][T12885] EXT4-fs (loop4): 1 truncate cleaned up [ 222.350351][T12890] loop4: detected capacity change from 0 to 512 [ 222.358288][T12890] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 222.368276][T12890] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 222.377868][T12890] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 222.388057][T12890] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 222.396298][T12890] System zones: 0-2, 18-18, 34-34 [ 222.402133][T12890] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 222.418650][T12890] EXT4-fs (loop4): 1 truncate cleaned up [ 222.845429][T12899] syzkaller1: entered promiscuous mode [ 222.851164][T12899] syzkaller1: entered allmulticast mode [ 222.891358][T12897] loop3: detected capacity change from 0 to 8192 [ 222.900078][T12899] loop2: detected capacity change from 0 to 4096 [ 222.931617][T12907] loop1: detected capacity change from 0 to 512 [ 222.942109][T12907] EXT4-fs (loop1): orphan cleanup on readonly fs [ 222.950153][T12907] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3257: bg 0: block 248: padding at end of block bitmap is not set [ 222.967516][T12907] Quota error (device loop1): write_blk: dquota write failed [ 222.975099][T12907] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 222.985361][T12907] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.3257: Failed to acquire dquot type 1 [ 223.000408][T12907] EXT4-fs (loop1): 1 truncate cleaned up [ 223.015406][T12907] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 223.038803][T12907] Quota error (device loop1): write_blk: dquota write failed [ 223.046249][T12907] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 223.056157][T12907] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.3257: Failed to acquire dquot type 1 [ 223.068307][ T29] audit: type=1326 audit(1743481990.900:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12915 comm="syz.3.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4474d169 code=0x7ffc0000 [ 223.092608][ T29] audit: type=1326 audit(1743481990.900:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12915 comm="syz.3.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fee4474d169 code=0x7ffc0000 [ 223.116846][ T29] audit: type=1326 audit(1743481990.900:2425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12915 comm="syz.3.3261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fee4474d169 code=0x7ffc0000 [ 223.146946][T12907] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-28, ino=4). Please run e2fsck to fix. [ 223.262312][T12935] loop4: detected capacity change from 0 to 256 [ 223.305784][T12938] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3269'. [ 223.386765][T12942] loop4: detected capacity change from 0 to 8192 [ 223.461470][T12944] IPv6: Can't replace route, no match found [ 223.523138][T12946] loop4: detected capacity change from 0 to 2048 [ 223.548990][T12946] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3271: bg 0: block 234: padding at end of block bitmap is not set [ 223.568400][T12946] EXT4-fs (loop4): Remounting filesystem read-only [ 223.771566][T12959] loop2: detected capacity change from 0 to 512 [ 223.786260][T12959] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 223.795882][T12959] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 223.816665][T12959] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 223.825986][T12959] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 223.847981][T12959] System zones: 0-2, 18-18, 34-34 [ 223.853727][T12959] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 223.891052][T12964] bridge_slave_0: left allmulticast mode [ 223.896822][T12959] EXT4-fs (loop2): 1 truncate cleaned up [ 223.898187][T12964] bridge_slave_0: left promiscuous mode [ 223.911925][T12964] bridge0: port 1(bridge_slave_0) entered disabled state [ 223.923562][T12964] bridge_slave_1: left allmulticast mode [ 223.931946][T12964] bridge_slave_1: left promiscuous mode [ 223.938136][T12964] bridge0: port 2(bridge_slave_1) entered disabled state [ 223.952585][T12964] bond0: (slave bond_slave_0): Releasing backup interface [ 223.964503][T12964] bond0: (slave bond_slave_1): Releasing backup interface [ 223.978632][T12964] team0: Port device team_slave_0 removed [ 223.988888][T12964] team0: Port device team_slave_1 removed [ 223.997500][T12964] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 224.006907][T12964] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 224.020493][T12964] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 224.028762][T12964] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 224.265095][T12973] loop1: detected capacity change from 0 to 8192 [ 224.393172][T12981] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3284'. [ 224.442041][T12984] loop1: detected capacity change from 0 to 2048 [ 224.490104][T12984] hub 2-0:1.0: USB hub found [ 224.495083][T12984] hub 2-0:1.0: 8 ports detected [ 224.528655][T12988] syzkaller1: entered promiscuous mode [ 224.534927][T12988] syzkaller1: entered allmulticast mode [ 224.559396][T12988] loop1: detected capacity change from 0 to 4096 [ 225.172160][T13007] loop4: detected capacity change from 0 to 8192 [ 225.686718][T13020] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check. [ 225.812389][T13024] loop0: detected capacity change from 0 to 2048 [ 225.831763][T13024] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3300: bg 0: block 234: padding at end of block bitmap is not set [ 225.846527][T13024] EXT4-fs (loop0): Remounting filesystem read-only [ 226.230519][T13047] netem: change failed [ 226.236203][T13047] SELinux: policydb magic number 0x6d656d6b does not match expected magic number 0xf97cff8c [ 226.246902][T13047] SELinux: failed to load policy [ 226.256039][T13047] loop4: detected capacity change from 0 to 1024 [ 226.365766][T13060] loop3: detected capacity change from 0 to 128 [ 226.378243][T13060] FAT-fs (loop3): error, corrupted file size (i_pos 548, 512) [ 226.385932][T13060] FAT-fs (loop3): Filesystem has been set read-only [ 226.406931][T13064] syz.1.3315 uses obsolete (PF_INET,SOCK_PACKET) [ 226.417792][T13062] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3316'. [ 226.445021][T13066] 8021q: adding VLAN 0 to HW filter on device bond1 [ 226.519426][T13074] loop3: detected capacity change from 0 to 256 [ 226.607617][T13086] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 226.615276][T13086] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 226.625018][T13086] vhci_hcd vhci_hcd.0: Device attached [ 226.634215][T13087] vhci_hcd: connection closed [ 226.635742][ T3530] vhci_hcd: stop threads [ 226.645408][ T3530] vhci_hcd: release socket [ 226.650258][ T3530] vhci_hcd: disconnect device [ 227.214641][ T29] kauditd_printk_skb: 103 callbacks suppressed [ 227.214660][ T29] audit: type=1326 audit(1743481995.070:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13063 comm="syz.1.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c7f9d169 code=0x7ffc0000 [ 227.256900][ T29] audit: type=1326 audit(1743481995.070:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13063 comm="syz.1.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c7f9d169 code=0x7ffc0000 [ 227.285165][T13108] loop3: detected capacity change from 0 to 512 [ 227.292579][T13108] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 227.302775][T13108] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 227.336397][T13108] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 227.439966][T13115] loop2: detected capacity change from 0 to 512 [ 227.446442][T13108] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 227.462531][T13115] EXT4-fs (loop2): orphan cleanup on readonly fs [ 227.471936][T13115] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3334: bg 0: block 248: padding at end of block bitmap is not set [ 227.474868][T13108] System zones: 0-2, 18-18, 34-34 [ 227.493178][T13115] Quota error (device loop2): write_blk: dquota write failed [ 227.502181][T13115] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 227.514919][T13115] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.3334: Failed to acquire dquot type 1 [ 227.530528][T13115] EXT4-fs (loop2): 1 truncate cleaned up [ 227.561568][T13115] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 227.562905][T13108] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 227.627700][T13115] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 227.633088][T13108] EXT4-fs (loop3): 1 truncate cleaned up [ 227.715498][T13119] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3335'. [ 227.737158][T13121] IPv6: Can't replace route, no match found [ 228.593258][T13146] loop0: detected capacity change from 0 to 2048 [ 228.610244][T13146] EXT4-fs mount: 154 callbacks suppressed [ 228.610330][T13146] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 228.660269][T13146] hub 2-0:1.0: USB hub found [ 228.665340][T13146] hub 2-0:1.0: 8 ports detected [ 228.683699][T11735] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.713500][T13154] loop0: detected capacity change from 0 to 2048 [ 228.750817][T13154] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 228.802192][T13154] hub 2-0:1.0: USB hub found [ 228.806954][T13154] hub 2-0:1.0: 8 ports detected [ 228.829827][T11735] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 228.880049][T13164] loop1: detected capacity change from 0 to 2048 [ 228.910478][T13164] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 228.928442][T13164] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3351: bg 0: block 234: padding at end of block bitmap is not set [ 228.946287][T13164] EXT4-fs (loop1): Remounting filesystem read-only [ 228.967961][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.004078][T13169] loop0: detected capacity change from 0 to 2048 [ 229.030266][T13169] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.046195][T13169] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3353: bg 0: block 234: padding at end of block bitmap is not set [ 229.066949][T13169] EXT4-fs (loop0): Remounting filesystem read-only [ 229.089899][T13180] loop1: detected capacity change from 0 to 512 [ 229.101367][T13180] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 229.112079][T13180] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 229.123532][T11735] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.132702][T13184] syzkaller1: entered promiscuous mode [ 229.138651][T13184] syzkaller1: entered allmulticast mode [ 229.151785][T13180] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 229.167166][T13180] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 229.175745][T13180] System zones: 0-2, 18-18, 34-34 [ 229.181976][T13180] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 229.183886][T13187] loop0: detected capacity change from 0 to 2048 [ 229.200401][T13180] EXT4-fs (loop1): 1 truncate cleaned up [ 229.209826][T13180] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.212601][T13184] loop3: detected capacity change from 0 to 4096 [ 229.244304][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.264947][T13187] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.267660][T13184] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 229.283037][T13187] rdma_op ffff888118746180 conn xmit_rdma 0000000000000000 [ 229.313085][T11735] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.461998][T13204] loop1: detected capacity change from 0 to 512 [ 229.471328][T13204] EXT4-fs (loop1): orphan cleanup on readonly fs [ 229.480703][T13204] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3366: bg 0: block 248: padding at end of block bitmap is not set [ 229.495738][T13204] Quota error (device loop1): write_blk: dquota write failed [ 229.503234][T13204] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 229.513456][T13204] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.3366: Failed to acquire dquot type 1 [ 229.527002][T13204] EXT4-fs (loop1): 1 truncate cleaned up [ 229.540285][T13204] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 229.563765][T13204] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended [ 229.587490][T13204] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 229.611221][T13210] loop4: detected capacity change from 0 to 2048 [ 229.623253][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.646686][T13217] loop1: detected capacity change from 0 to 512 [ 229.654007][T13217] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 229.654632][T13210] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.663338][T13217] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 229.684019][T13215] loop2: detected capacity change from 0 to 2048 [ 229.684375][T13217] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 229.699746][T13217] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 229.708444][T13217] System zones: 0-2, 18-18, 34-34 [ 229.714113][T13217] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 229.716182][T13210] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3369: bg 0: block 234: padding at end of block bitmap is not set [ 229.732485][T13217] EXT4-fs (loop1): 1 truncate cleaned up [ 229.744156][T13210] EXT4-fs (loop4): Remounting filesystem read-only [ 229.752141][T13217] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.771295][T13215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.784696][T12815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.819127][T13215] hub 2-0:1.0: USB hub found [ 229.825907][T13215] hub 2-0:1.0: 8 ports detected [ 229.830847][T13226] loop4: detected capacity change from 0 to 2048 [ 229.849298][T11871] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 229.861730][T13226] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 229.913351][T13226] hub 2-0:1.0: USB hub found [ 229.918331][T13226] hub 2-0:1.0: 8 ports detected [ 229.941083][T12815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.046299][T11536] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.104346][T13247] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3383'. [ 230.152476][ T29] audit: type=1326 audit(1743481998.010:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49ebd6d169 code=0x7ffc0000 [ 230.179169][ T29] audit: type=1326 audit(1743481998.010:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49ebd6d169 code=0x7ffc0000 [ 230.184446][T13257] loop3: detected capacity change from 0 to 2048 [ 230.202783][ T29] audit: type=1326 audit(1743481998.010:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f49ebd6d169 code=0x7ffc0000 [ 230.202819][ T29] audit: type=1326 audit(1743481998.010:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13254 comm="syz.2.3386" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49ebd6d169 code=0x7ffc0000 [ 230.278485][T13257] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 230.345912][T13257] hub 2-0:1.0: USB hub found [ 230.351154][T13257] hub 2-0:1.0: 8 ports detected [ 230.375699][T11536] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.406736][T13263] loop3: detected capacity change from 0 to 128 [ 230.413645][T13263] EXT4-fs: Ignoring removed nobh option [ 230.421777][T13263] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 230.437071][T13263] ext4 filesystem being mounted at /144/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 230.461036][T11536] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 230.489265][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.541192][T13270] FAULT_INJECTION: forcing a failure. [ 230.541192][T13270] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 230.554803][T13270] CPU: 1 UID: 0 PID: 13270 Comm: syz.2.3391 Not tainted 6.14.0-syzkaller-11144-g1e7857b28020 #0 PREEMPT(voluntary) [ 230.554833][T13270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 230.554845][T13270] Call Trace: [ 230.554852][T13270] [ 230.554859][T13270] dump_stack_lvl+0xf6/0x150 [ 230.554983][T13270] dump_stack+0x15/0x1a [ 230.555004][T13270] should_fail_ex+0x261/0x270 [ 230.555055][T13270] should_fail+0xb/0x10 [ 230.555083][T13270] should_fail_usercopy+0x1a/0x20 [ 230.555157][T13270] _copy_from_user+0x1c/0xa0 [ 230.555200][T13270] memdup_sockptr_noprof+0x8b/0x120 [ 230.555233][T13270] raw_setsockopt+0x38f/0xcf0 [ 230.555263][T13270] ? __pfx_raw_setsockopt+0x10/0x10 [ 230.555350][T13270] __sys_setsockopt+0x187/0x200 [ 230.555369][T13270] __x64_sys_setsockopt+0x66/0x80 [ 230.555480][T13270] x64_sys_call+0x2a09/0x2e10 [ 230.555506][T13270] do_syscall_64+0xc9/0x1c0 [ 230.555529][T13270] ? clear_bhb_loop+0x25/0x80 [ 230.555585][T13270] ? clear_bhb_loop+0x25/0x80 [ 230.555736][T13270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.555757][T13270] RIP: 0033:0x7f49ebd6d169 [ 230.555775][T13270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.555795][T13270] RSP: 002b:00007f49ea3d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 230.555893][T13270] RAX: ffffffffffffffda RBX: 00007f49ebf85fa0 RCX: 00007f49ebd6d169 [ 230.555908][T13270] RDX: 0000000000000001 RSI: 0000000000000065 RDI: 0000000000000004 [ 230.555921][T13270] RBP: 00007f49ea3d7090 R08: 0000000000000010 R09: 0000000000000000 [ 230.555934][T13270] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001 [ 230.555946][T13270] R13: 0000000000000000 R14: 00007f49ebf85fa0 R15: 00007ffe4f29db88 [ 230.555967][T13270] [ 230.791325][T13282] loop2: detected capacity change from 0 to 128 [ 230.803757][T13282] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 230.822598][T13282] ext4 filesystem being mounted at /92/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 230.827306][T13285] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3397'. [ 230.851729][T11871] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 230.936273][T13293] loop1: detected capacity change from 0 to 8192 [ 230.952363][T13295] loop4: detected capacity change from 0 to 2048 [ 230.967384][T13293] loop1: p1 < > p2 < p5 > p3 p4 [ 230.973814][T13293] loop1: p3 start 83890176 is beyond EOD, truncated [ 230.980525][T13293] loop1: p4 size 16776960 extends beyond EOD, truncated [ 230.993113][T13295] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 231.009328][T13293] loop1: p5 size 16776960 extends beyond EOD, truncated [ 231.024989][T13295] rdma_op ffff8881187ab980 conn xmit_rdma 0000000000000000 [ 231.064674][T12815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.105078][T13314] loop4: detected capacity change from 0 to 512 [ 231.115492][T13314] EXT4-fs (loop4): orphan cleanup on readonly fs [ 231.133079][T13314] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3410: bg 0: block 248: padding at end of block bitmap is not set [ 231.150384][T13314] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.3410: Failed to acquire dquot type 1 [ 231.157935][T13320] loop3: detected capacity change from 0 to 2048 [ 231.163383][T13314] EXT4-fs (loop4): 1 truncate cleaned up [ 231.176162][T13314] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 231.197460][T13314] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 231.212342][T13320] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 231.237050][T13314] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 231.261159][T12815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.270335][T13320] hub 2-0:1.0: USB hub found [ 231.275047][T13320] hub 2-0:1.0: 8 ports detected [ 231.303536][T11536] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.328222][T13338] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 231.333003][T13342] loop4: detected capacity change from 0 to 512 [ 231.334927][T13338] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 231.334967][T13338] vhci_hcd vhci_hcd.0: Device attached [ 231.355585][T13342] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 231.361490][T13340] vhci_hcd: connection closed [ 231.364710][T13342] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 231.365247][ T56] vhci_hcd: stop threads [ 231.383849][ T56] vhci_hcd: release socket [ 231.389196][ T56] vhci_hcd: disconnect device [ 231.390245][T13342] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 231.411446][T13342] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 231.421178][T13342] System zones: 0-2, 18-18, 34-34 [ 231.427504][T13342] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 231.442941][T13342] EXT4-fs (loop4): 1 truncate cleaned up [ 231.450067][T13342] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 231.542152][T13351] 8021q: adding VLAN 0 to HW filter on device bond1 [ 231.591962][T13355] loop1: detected capacity change from 0 to 2048 [ 231.608221][T13355] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 231.659475][T13355] hub 2-0:1.0: USB hub found [ 231.664334][T13355] hub 2-0:1.0: 8 ports detected [ 231.683604][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 231.731229][T13361] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3425'. [ 232.056136][T13380] loop1: detected capacity change from 0 to 4096 [ 232.109014][T13380] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 232.167043][T13389] loop0: detected capacity change from 0 to 8192 [ 232.177091][T13380] EXT4-fs error (device loop1): ext4_do_update_inode:5194: inode #15: comm syz.1.3436: corrupted inode contents [ 232.194243][T12815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.209622][T13395] loop3: detected capacity change from 0 to 512 [ 232.222696][T13380] EXT4-fs error (device loop1): ext4_dirty_inode:6086: inode #15: comm syz.1.3436: mark_inode_dirty error [ 232.235109][ T29] kauditd_printk_skb: 79 callbacks suppressed [ 232.235122][ T29] audit: type=1400 audit(1743482000.080:2612): avc: denied { unlink } for pid=13379 comm="syz.1.3436" name="file2" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 232.288685][T13397] IPv6: Can't replace route, no match found [ 232.299151][T13395] EXT4-fs (loop3): orphan cleanup on readonly fs [ 232.330272][T13380] EXT4-fs error (device loop1): ext4_do_update_inode:5194: inode #15: comm syz.1.3436: corrupted inode contents [ 232.344209][ T29] audit: type=1326 audit(1743482000.130:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13388 comm="syz.0.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9460d0d169 code=0x7ffc0000 [ 232.344240][ T29] audit: type=1326 audit(1743482000.130:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13388 comm="syz.0.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f9460d0d169 code=0x7ffc0000 [ 232.373439][T13395] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3440: bg 0: block 248: padding at end of block bitmap is not set [ 232.394481][ T29] audit: type=1326 audit(1743482000.130:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13388 comm="syz.0.3438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9460d0d169 code=0x7ffc0000 [ 232.394518][ T29] audit: type=1400 audit(1743482000.170:2616): avc: denied { write } for pid=13379 comm="syz.1.3436" path="socket:[38176]" dev="sockfs" ino=38176 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 232.477404][T13395] Quota error (device loop3): write_blk: dquota write failed [ 232.486717][T13395] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 232.496942][T13380] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.3436: mark_inode_dirty error [ 232.497394][T13395] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.3440: Failed to acquire dquot type 1 [ 232.512639][T13380] EXT4-fs error (device loop1): ext4_do_update_inode:5194: inode #15: comm syz.1.3436: corrupted inode contents [ 232.536092][T13380] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.3436: mark_inode_dirty error [ 232.550522][T13380] EXT4-fs error (device loop1): ext4_do_update_inode:5194: inode #15: comm syz.1.3436: corrupted inode contents [ 232.563235][T13380] EXT4-fs error (device loop1): ext4_truncate:4266: inode #15: comm syz.1.3436: mark_inode_dirty error [ 232.578207][T13395] EXT4-fs (loop3): 1 truncate cleaned up [ 232.584526][T13395] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 232.597690][T13400] loop4: detected capacity change from 0 to 2048 [ 232.628637][T13400] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 232.636741][T13380] EXT4-fs error (device loop1) in ext4_setattr:5611: Corrupt filesystem [ 232.650154][T13395] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 232.668951][T13400] hub 2-0:1.0: USB hub found [ 232.674562][T13400] hub 2-0:1.0: 8 ports detected [ 232.682058][T13395] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 232.699716][T12815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.733939][T12408] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.784574][T13417] loop1: detected capacity change from 0 to 512 [ 232.802558][T11536] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.817283][T13417] ext4: Unknown parameter 'euid>00000000000000000000' [ 232.851563][T13417] loop1: detected capacity change from 0 to 128 [ 232.880120][T13420] loop4: detected capacity change from 0 to 128 [ 232.896203][T13417] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 232.907104][T13420] FAT-fs (loop4): bogus number of reserved sectors [ 232.915608][T13420] FAT-fs (loop4): Can't find a valid FAT filesystem [ 232.958095][T13417] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 232.989232][ T29] audit: type=1326 audit(1743482000.830:2617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13416 comm="+}[@" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f85c7f9d169 code=0x0 [ 233.121661][T13435] loop4: detected capacity change from 0 to 2048 [ 233.145547][T13435] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.165265][T13438] loop3: detected capacity change from 0 to 2048 [ 233.180718][T13435] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3452: bg 0: block 234: padding at end of block bitmap is not set [ 233.216974][T13435] EXT4-fs (loop4): Remounting filesystem read-only [ 233.228836][T13438] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 233.248978][T13438] rdma_op ffff8881175f5d80 conn xmit_rdma 0000000000000000 [ 233.257309][T12815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.291753][T11536] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 233.358885][T13446] loop0: detected capacity change from 0 to 512 [ 233.365741][T13446] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 233.586960][ T29] audit: type=1326 audit(1743482001.440:2618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13464 comm="syz.4.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 233.611206][ T29] audit: type=1326 audit(1743482001.440:2619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13464 comm="syz.4.3461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 233.666172][T13432] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 233.692901][T13467] netlink: 232 bytes leftover after parsing attributes in process `syz.1.3462'. [ 233.729298][T13467] macvtap1: entered promiscuous mode [ 233.734959][T13467] bond0: entered promiscuous mode [ 233.757035][T13467] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 233.764982][T13467] team0: Device macvtap1 failed to register rx_handler [ 233.786796][T13467] bond0: left promiscuous mode [ 233.796812][T13470] IPv6: Can't replace route, no match found [ 234.171869][T13482] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3466'. [ 234.190828][T13484] usb usb1: check_ctrlrecip: process 13484 (syz.1.3465) requesting ep 01 but needs 81 [ 234.275139][T13484] vhci_hcd: default hub control req: 0200 v0000 i0001 l0 [ 234.518479][T13500] loop0: detected capacity change from 0 to 128 [ 234.534853][T13500] FAT-fs (loop0): bogus number of reserved sectors [ 234.541475][T13500] FAT-fs (loop0): Can't find a valid FAT filesystem [ 234.593424][T13502] loop4: detected capacity change from 0 to 512 [ 234.614358][T13502] ext4: Unknown parameter 'euid>00000000000000000000' [ 234.626082][T13502] loop4: detected capacity change from 0 to 128 [ 234.658438][T13509] loop0: detected capacity change from 0 to 2048 [ 234.679038][T13502] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 234.692174][T13502] ext4 filesystem being mounted at /46/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 234.693071][T13509] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 234.759944][T13509] hub 2-0:1.0: USB hub found [ 234.764765][T13509] hub 2-0:1.0: 8 ports detected [ 234.779800][T13515] loop1: detected capacity change from 0 to 512 [ 234.786423][T13515] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 234.807585][T11735] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.875680][T13529] loop0: detected capacity change from 0 to 2048 [ 234.909518][T13529] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 234.935231][T13529] rdma_op ffff88811a5d2180 conn xmit_rdma 0000000000000000 [ 234.957943][T11735] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 234.982147][T13535] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 234.988745][T13535] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 234.996674][T13535] vhci_hcd vhci_hcd.0: Device attached [ 235.011824][T13536] vhci_hcd: connection closed [ 235.012030][ T31] vhci_hcd: stop threads [ 235.021141][ T31] vhci_hcd: release socket [ 235.025592][ T31] vhci_hcd: disconnect device [ 235.025659][T13539] netlink: 232 bytes leftover after parsing attributes in process `syz.2.3484'. [ 235.042505][T13539] macvtap1: entered promiscuous mode [ 235.048212][T13539] bond0: entered promiscuous mode [ 235.053581][T13539] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 235.063204][T13539] team0: Device macvtap1 failed to register rx_handler [ 235.070321][T13539] bond0: left promiscuous mode [ 235.090457][T13540] loop2: detected capacity change from 0 to 512 [ 235.097344][T13540] EXT4-fs: Ignoring removed orlov option [ 235.129240][T13540] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 235.143605][T13540] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 235.165797][T13546] loop3: detected capacity change from 0 to 2048 [ 235.178903][T13546] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.193527][T11871] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.195964][T13546] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3486: bg 0: block 234: padding at end of block bitmap is not set [ 235.219904][T13546] EXT4-fs (loop3): Remounting filesystem read-only [ 235.250127][T11536] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.271343][T13552] loop2: detected capacity change from 0 to 2048 [ 235.284418][T13554] 8021q: adding VLAN 0 to HW filter on device bond2 [ 235.304272][T13552] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 235.349005][T13552] hub 2-0:1.0: USB hub found [ 235.353815][T13552] hub 2-0:1.0: 8 ports detected [ 235.371085][T11871] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 235.415835][T13518] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 235.471918][T13573] loop4: detected capacity change from 0 to 2048 [ 235.588587][T13590] loop1: detected capacity change from 0 to 128 [ 235.595772][T13590] FAT-fs (loop1): bogus number of reserved sectors [ 235.596252][T13588] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3500'. [ 235.602390][T13590] FAT-fs (loop1): Can't find a valid FAT filesystem [ 235.624813][T13592] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3502'. [ 235.664744][T13598] loop0: detected capacity change from 0 to 512 [ 235.682936][T13598] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 235.692138][T13598] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 235.714345][T13598] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 235.724239][T13598] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 235.728273][T13605] loop1: detected capacity change from 0 to 128 [ 235.732869][T13598] System zones: 0-2, 18-18, 34-34 [ 235.744582][T13598] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 235.759372][T13607] loop4: detected capacity change from 0 to 512 [ 235.759797][T13598] EXT4-fs (loop0): 1 truncate cleaned up [ 235.771647][T13607] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 235.780854][T13607] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 235.799810][T13607] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 235.809230][T13607] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 235.819331][T13607] System zones: 0-2, 18-18, 34-34 [ 235.824867][T13607] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 235.840704][T13607] EXT4-fs (loop4): 1 truncate cleaned up [ 236.277894][T13616] loop3: detected capacity change from 0 to 2048 [ 236.301833][T13616] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3511: bg 0: block 234: padding at end of block bitmap is not set [ 236.319092][T13616] EXT4-fs (loop3): Remounting filesystem read-only [ 236.530535][T13631] loop0: detected capacity change from 0 to 512 [ 236.552686][T13631] EXT4-fs (loop0): orphan cleanup on readonly fs [ 236.567616][T13631] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.3516: bg 0: block 248: padding at end of block bitmap is not set [ 236.593115][T13635] IPv6: Can't replace route, no match found [ 236.644747][T13634] loop1: detected capacity change from 0 to 8192 [ 236.672787][T13631] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.3516: Failed to acquire dquot type 1 [ 236.688629][T13631] EXT4-fs (loop0): 1 truncate cleaned up [ 236.783156][T13642] loop1: detected capacity change from 0 to 2048 [ 236.864117][T13642] hub 2-0:1.0: USB hub found [ 236.970601][T13642] hub 2-0:1.0: 8 ports detected [ 237.029085][T13652] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 237.035750][T13652] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 237.043784][T13652] vhci_hcd vhci_hcd.0: Device attached [ 237.050217][T13655] vhci_hcd: connection closed [ 237.050372][ T31] vhci_hcd: stop threads [ 237.059747][ T31] vhci_hcd: release socket [ 237.066172][ T31] vhci_hcd: disconnect device [ 237.149197][T13662] loop2: detected capacity change from 0 to 512 [ 237.156200][T13662] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 237.165651][T13662] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 237.175546][T13662] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 237.185749][T13662] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 237.194620][T13662] System zones: 0-2, 18-18, 34-34 [ 237.200493][T13662] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 237.219810][T13662] EXT4-fs (loop2): 1 truncate cleaned up [ 237.278966][T13665] loop3: detected capacity change from 0 to 128 [ 237.285875][T13665] FAT-fs (loop3): bogus number of reserved sectors [ 237.292685][T13665] FAT-fs (loop3): Can't find a valid FAT filesystem [ 237.425277][T13678] loop3: detected capacity change from 0 to 2048 [ 237.469511][T13678] hub 2-0:1.0: USB hub found [ 237.474884][T13678] hub 2-0:1.0: 8 ports detected [ 237.530062][T13684] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13684 comm=syz.3.3535 [ 237.545972][ T29] kauditd_printk_skb: 48 callbacks suppressed [ 237.545989][ T29] audit: type=1400 audit(1743482005.410:2666): avc: denied { audit_write } for pid=13683 comm="syz.3.3535" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 237.583836][ T29] audit: type=1107 audit(1743482005.410:2667): pid=13683 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 237.598249][ T29] audit: type=1400 audit(1743482005.410:2668): avc: denied { read } for pid=13683 comm="syz.3.3535" path="socket:[39217]" dev="sockfs" ino=39217 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 237.625528][ T29] audit: type=1326 audit(1743482005.420:2669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13685 comm="syz.4.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 237.650483][ T29] audit: type=1326 audit(1743482005.420:2670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13685 comm="syz.4.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 237.675721][ T29] audit: type=1326 audit(1743482005.420:2671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13685 comm="syz.4.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 237.700801][ T29] audit: type=1326 audit(1743482005.420:2672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13685 comm="syz.4.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 237.724847][ T29] audit: type=1326 audit(1743482005.420:2673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13685 comm="syz.4.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 237.748689][ T29] audit: type=1326 audit(1743482005.420:2674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13685 comm="syz.4.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 237.772324][ T29] audit: type=1326 audit(1743482005.420:2675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13685 comm="syz.4.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 237.820226][T13699] loop4: detected capacity change from 0 to 128 [ 237.836059][T13684] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3535'. [ 237.973601][T13705] loop1: detected capacity change from 0 to 2048 [ 238.021722][T13705] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3542: bg 0: block 234: padding at end of block bitmap is not set [ 238.039767][T13705] EXT4-fs (loop1): Remounting filesystem read-only [ 238.094431][T13723] netlink: 232 bytes leftover after parsing attributes in process `syz.1.3549'. [ 238.108313][T13719] loop0: detected capacity change from 0 to 8192 [ 238.118822][T13723] macvtap1: entered promiscuous mode [ 238.125617][T13723] bond0: entered promiscuous mode [ 238.132082][T13723] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 238.140046][T13723] team0: Device macvtap1 failed to register rx_handler [ 238.148993][T13723] bond0: left promiscuous mode [ 238.157550][T13719] loop0: p1 < > p2 < p5 > p3 p4 [ 238.164829][T13728] loop1: detected capacity change from 0 to 512 [ 238.175673][T13728] EXT4-fs: Ignoring removed orlov option [ 238.178101][T13719] loop0: p3 start 83890176 is beyond EOD, truncated [ 238.190971][T13719] loop0: p4 size 16776960 extends beyond EOD, truncated [ 238.208449][T13719] loop0: p5 size 16776960 extends beyond EOD, truncated [ 238.209086][T13731] syzkaller1: entered promiscuous mode [ 238.222436][T13731] syzkaller1: entered allmulticast mode [ 238.250179][T13728] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 238.270295][T13736] loop0: detected capacity change from 0 to 512 [ 238.277676][T13736] ext4: Unknown parameter 'euid>00000000000000000000' [ 238.288826][T13736] loop0: detected capacity change from 0 to 128 [ 238.290392][T13731] loop2: detected capacity change from 0 to 4096 [ 238.315414][T13736] ext4 filesystem being mounted at /105/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 238.333481][T13740] loop3: detected capacity change from 0 to 512 [ 238.340568][T13740] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 238.350495][T13740] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 238.360997][T13740] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 238.372461][T13740] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 238.381813][T13740] System zones: 0-2, 18-18, 34-34 [ 238.387572][T13740] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 238.399037][T13743] loop1: detected capacity change from 0 to 2048 [ 238.404299][T13740] EXT4-fs (loop3): 1 truncate cleaned up [ 238.439957][T13743] rdma_op ffff88811c1f4180 conn xmit_rdma 0000000000000000 [ 238.787868][T13758] loop1: detected capacity change from 0 to 2048 [ 238.801211][T13758] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3560: bg 0: block 234: padding at end of block bitmap is not set [ 238.815965][T13758] EXT4-fs (loop1): Remounting filesystem read-only [ 238.851186][T13762] loop1: detected capacity change from 0 to 2048 [ 238.873774][T13762] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3561: bg 0: block 234: padding at end of block bitmap is not set [ 238.889415][T13762] EXT4-fs (loop1): Remounting filesystem read-only [ 238.953625][T13770] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3564'. [ 238.964012][T13772] loop4: detected capacity change from 0 to 2048 [ 239.010708][T13777] loop1: detected capacity change from 0 to 2048 [ 239.029267][T13772] hub 2-0:1.0: USB hub found [ 239.034355][T13772] hub 2-0:1.0: 8 ports detected [ 239.065502][T13777] rdma_op ffff888103031180 conn xmit_rdma 0000000000000000 [ 239.080351][T13781] loop4: detected capacity change from 0 to 512 [ 239.088606][T13781] EXT4-fs: Ignoring removed orlov option [ 239.113459][T13781] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 239.172564][T13785] loop1: detected capacity change from 0 to 8192 [ 239.208039][T13785] loop1: p1 < > p2 < p5 > p3 p4 [ 239.219003][T13795] loop2: detected capacity change from 0 to 512 [ 239.222144][T13793] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3572'. [ 239.234850][T13785] loop1: p3 start 83890176 is beyond EOD, truncated [ 239.241752][T13785] loop1: p4 size 16776960 extends beyond EOD, truncated [ 239.242705][T13795] ext4: Unknown parameter 'euid>00000000000000000000' [ 239.274729][T13795] loop2: detected capacity change from 0 to 128 [ 239.281682][T13785] loop1: p5 size 16776960 extends beyond EOD, truncated [ 239.358469][T13795] ext4 filesystem being mounted at /117/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 239.374858][T13808] loop1: detected capacity change from 0 to 128 [ 239.391859][T13809] loop4: detected capacity change from 0 to 2048 [ 239.406443][T13808] FAT-fs (loop1): bogus number of reserved sectors [ 239.413328][T13808] FAT-fs (loop1): Can't find a valid FAT filesystem [ 239.416652][T13805] loop3: detected capacity change from 0 to 8192 [ 239.438259][T13811] 8021q: adding VLAN 0 to HW filter on device bond0 [ 239.470736][T13809] rdma_op ffff888117d9e580 conn xmit_rdma 0000000000000000 [ 239.486152][T13817] loop0: detected capacity change from 0 to 512 [ 239.491018][T13805] loop3: p1 < > p2 < p5 > p3 p4 [ 239.493505][T13817] EXT4-fs: Ignoring removed orlov option [ 239.508939][T13819] loop1: detected capacity change from 0 to 512 [ 239.511210][T13805] loop3: p3 start 83890176 is beyond EOD, truncated [ 239.516959][T13819] ext4: Unknown parameter 'euid>00000000000000000000' [ 239.523947][T13805] loop3: p4 size 16776960 extends beyond EOD, truncated [ 239.537023][T13819] loop1: detected capacity change from 0 to 128 [ 239.547377][T13805] loop3: p5 size 16776960 extends beyond EOD, truncated [ 239.555502][T13817] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 239.573502][T13825] loop4: detected capacity change from 0 to 512 [ 239.577768][T13819] ext4 filesystem being mounted at /85/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 239.601321][T13825] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 239.610803][T13825] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 239.637107][T13825] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended [ 239.646127][T13825] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 239.655447][T13825] System zones: 0-2, 18-18, 34-34 [ 239.661668][T13825] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 239.674435][T13831] loop3: detected capacity change from 0 to 2048 [ 239.679462][T13825] EXT4-fs (loop4): 1 truncate cleaned up [ 239.739962][T13831] hub 2-0:1.0: USB hub found [ 239.745324][T13831] hub 2-0:1.0: 8 ports detected [ 239.871193][T13845] loop3: detected capacity change from 0 to 128 [ 239.879178][T13845] FAT-fs (loop3): bogus number of reserved sectors [ 239.887773][T13845] FAT-fs (loop3): Can't find a valid FAT filesystem [ 240.007757][T13851] loop3: detected capacity change from 0 to 2048 [ 240.060610][T13851] hub 2-0:1.0: USB hub found [ 240.065838][T13851] hub 2-0:1.0: 8 ports detected [ 240.217330][T13869] loop3: detected capacity change from 0 to 128 [ 240.224587][T13869] FAT-fs (loop3): bogus number of reserved sectors [ 240.232954][T13869] FAT-fs (loop3): Can't find a valid FAT filesystem [ 240.378111][T13882] loop3: detected capacity change from 0 to 2048 [ 240.441614][T13882] hub 2-0:1.0: USB hub found [ 240.447837][T13882] hub 2-0:1.0: 8 ports detected [ 240.466336][T13887] loop1: detected capacity change from 0 to 512 [ 240.473672][T13887] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 240.532023][T13900] 8021q: adding VLAN 0 to HW filter on device bond3 [ 240.582549][T13909] syzkaller1: entered promiscuous mode [ 240.588773][T13909] syzkaller1: entered allmulticast mode [ 240.649769][T13909] loop0: detected capacity change from 0 to 4096 [ 240.718748][T13923] loop3: detected capacity change from 0 to 2048 [ 240.794711][T13923] hub 2-0:1.0: USB hub found [ 240.801025][T13923] hub 2-0:1.0: 8 ports detected [ 240.847819][T13938] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3627'. [ 240.882941][T13939] loop3: detected capacity change from 0 to 8192 [ 240.897970][T13942] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13942 comm=syz.4.3629 [ 241.079998][T13942] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3629'. [ 241.143726][T13953] loop3: detected capacity change from 0 to 2048 [ 241.162663][T13953] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3631: bg 0: block 234: padding at end of block bitmap is not set [ 241.179224][T13953] EXT4-fs (loop3): Remounting filesystem read-only [ 241.294721][T13965] loop4: detected capacity change from 0 to 2048 [ 241.299883][T13967] loop3: detected capacity change from 0 to 2048 [ 241.340408][T13972] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3639'. [ 241.365882][T13965] rdma_op ffff888114e33d80 conn xmit_rdma 0000000000000000 [ 241.372135][T13973] loop1: detected capacity change from 0 to 8192 [ 241.389254][T13967] hub 2-0:1.0: USB hub found [ 241.394184][T13967] hub 2-0:1.0: 8 ports detected [ 241.458152][T13986] loop2: detected capacity change from 0 to 512 [ 241.468296][T13986] EXT4-fs: Ignoring removed orlov option [ 241.487989][T13984] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13984 comm=syz.3.3643 [ 241.488776][T13986] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 241.518268][T13988] loop1: detected capacity change from 0 to 2048 [ 241.543138][T13988] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3644: bg 0: block 234: padding at end of block bitmap is not set [ 241.568552][T13988] EXT4-fs (loop1): Remounting filesystem read-only [ 241.594610][T13997] loop0: detected capacity change from 0 to 8192 [ 241.666409][T14009] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3652'. [ 241.687614][T14011] loop0: detected capacity change from 0 to 2048 [ 241.702854][T13984] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3643'. [ 241.721812][T14011] rdma_op ffff888118746180 conn xmit_rdma 0000000000000000 [ 241.812344][T14021] loop2: detected capacity change from 0 to 8192 [ 241.860678][T14029] loop3: detected capacity change from 0 to 512 [ 241.872285][T14029] ext4: Unknown parameter 'euid>00000000000000000000' [ 241.896952][T14029] loop3: detected capacity change from 0 to 128 [ 241.909564][T14034] loop2: detected capacity change from 0 to 128 [ 241.917570][T14029] ext4 filesystem being mounted at /223/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 241.929335][T14034] FAT-fs (loop2): bogus number of reserved sectors [ 241.935921][T14034] FAT-fs (loop2): Can't find a valid FAT filesystem [ 241.997115][T14040] SELinux: ebitmap: truncated map [ 242.003809][T14040] SELinux: failed to load policy [ 242.004518][T14045] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3665'. [ 242.042539][T14049] loop1: detected capacity change from 0 to 512 [ 242.050473][T14049] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 242.063237][T14049] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 242.076409][T14049] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 242.093097][T14049] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 242.102877][T14049] System zones: 0-2, 18-18, 34-34 [ 242.110802][T14049] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 242.130229][T14049] EXT4-fs (loop1): 1 truncate cleaned up [ 242.467661][T14074] FAULT_INJECTION: forcing a failure. [ 242.467661][T14074] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 242.473787][T14072] 8021q: adding VLAN 0 to HW filter on device bond1 [ 242.480902][T14074] CPU: 0 UID: 0 PID: 14074 Comm: syz.4.3677 Not tainted 6.14.0-syzkaller-11144-g1e7857b28020 #0 PREEMPT(voluntary) [ 242.480940][T14074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 242.481036][T14074] Call Trace: [ 242.481044][T14074] [ 242.481053][T14074] dump_stack_lvl+0xf6/0x150 [ 242.481084][T14074] dump_stack+0x15/0x1a [ 242.481125][T14074] should_fail_ex+0x261/0x270 [ 242.481154][T14074] should_fail+0xb/0x10 [ 242.481176][T14074] should_fail_usercopy+0x1a/0x20 [ 242.481206][T14074] _copy_from_user+0x1c/0xa0 [ 242.481241][T14074] io_submit_one+0x56/0x1230 [ 242.481289][T14074] ? __rcu_read_unlock+0x4e/0x70 [ 242.481327][T14074] __se_sys_io_submit+0xf7/0x280 [ 242.481434][T14074] __x64_sys_io_submit+0x43/0x50 [ 242.481469][T14074] x64_sys_call+0xa8b/0x2e10 [ 242.481497][T14074] do_syscall_64+0xc9/0x1c0 [ 242.481525][T14074] ? clear_bhb_loop+0x25/0x80 [ 242.481552][T14074] ? clear_bhb_loop+0x25/0x80 [ 242.481626][T14074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.481653][T14074] RIP: 0033:0x7f347dedd169 [ 242.481672][T14074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.481695][T14074] RSP: 002b:00007f347c547038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 242.481762][T14074] RAX: ffffffffffffffda RBX: 00007f347e0f5fa0 RCX: 00007f347dedd169 [ 242.481777][T14074] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 00007f347e0cf000 [ 242.481793][T14074] RBP: 00007f347c547090 R08: 0000000000000000 R09: 0000000000000000 [ 242.481807][T14074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 242.481822][T14074] R13: 0000000000000000 R14: 00007f347e0f5fa0 R15: 00007fff0be0b5e8 [ 242.481846][T14074] [ 242.747129][T14085] loop3: detected capacity change from 0 to 512 [ 242.754354][T14085] EXT4-fs: Ignoring removed orlov option [ 242.768291][T14085] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 242.820742][T14086] loop2: detected capacity change from 0 to 512 [ 242.828855][T14086] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 242.908731][T14106] loop1: detected capacity change from 0 to 2048 [ 242.910517][T14105] 8021q: adding VLAN 0 to HW filter on device bond4 [ 242.933122][T14106] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3688: bg 0: block 234: padding at end of block bitmap is not set [ 242.950310][T14106] EXT4-fs (loop1): Remounting filesystem read-only [ 243.205493][T14128] loop3: detected capacity change from 0 to 128 [ 243.212617][T14128] FAT-fs (loop3): bogus number of reserved sectors [ 243.220348][T14128] FAT-fs (loop3): Can't find a valid FAT filesystem [ 243.254511][T14130] loop3: detected capacity change from 0 to 2048 [ 243.269960][T14130] rdma_op ffff8881033e3d80 conn xmit_rdma 0000000000000000 [ 243.300827][T14134] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14134 comm=syz.3.3698 [ 243.314754][ T29] kauditd_printk_skb: 107 callbacks suppressed [ 243.314766][ T29] audit: type=1107 audit(1743482011.170:2783): pid=14133 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 243.553801][T14140] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3699'. [ 243.562861][T14140] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3699'. [ 243.645625][T14144] loop3: detected capacity change from 0 to 2048 [ 243.690261][T14144] hub 2-0:1.0: USB hub found [ 243.695302][T14144] hub 2-0:1.0: 8 ports detected [ 243.747483][T14152] loop4: detected capacity change from 0 to 512 [ 243.762853][T14152] EXT4-fs warning (device loop4): dx_probe:848: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 243.775344][T14152] EXT4-fs warning (device loop4): dx_probe:851: Enable large directory feature to access it [ 243.787970][T14152] EXT4-fs warning (device loop4): dx_probe:936: inode #2: comm syz.4.3704: Corrupt directory, running e2fsck is recommended [ 243.804491][T14154] loop2: detected capacity change from 0 to 4096 [ 243.813513][T14152] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 243.823766][T14152] EXT4-fs error (device loop4): ext4_iget_extra_inode:4704: inode #15: comm syz.4.3704: corrupted in-inode xattr: invalid ea_ino [ 243.839039][T14152] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.3704: couldn't read orphan inode 15 (err -117) [ 243.865356][T14152] EXT4-fs warning (device loop4): dx_probe:848: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 243.877803][T14152] EXT4-fs warning (device loop4): dx_probe:851: Enable large directory feature to access it [ 243.889307][T14152] EXT4-fs warning (device loop4): dx_probe:936: inode #2: comm syz.4.3704: Corrupt directory, running e2fsck is recommended [ 243.916904][T14152] futex_wake_op: syz.4.3704 tries to shift op by -1; fix this program [ 243.927738][T14160] loop3: detected capacity change from 0 to 128 [ 243.938780][T14152] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3704'. [ 243.950313][T14160] FAT-fs (loop3): bogus number of reserved sectors [ 243.957215][T14160] FAT-fs (loop3): Can't find a valid FAT filesystem [ 243.988778][T14166] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14166 comm=syz.3.3710 [ 244.004560][ T29] audit: type=1107 audit(1743482011.860:2784): pid=14165 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='' [ 244.024264][T14152] EXT4-fs warning (device loop4): dx_probe:848: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 244.036541][T14152] EXT4-fs warning (device loop4): dx_probe:851: Enable large directory feature to access it [ 244.046775][T14152] EXT4-fs warning (device loop4): dx_probe:936: inode #2: comm syz.4.3704: Corrupt directory, running e2fsck is recommended [ 244.079569][ T29] audit: type=1400 audit(1743482011.940:2785): avc: denied { map } for pid=14151 comm="syz.4.3704" path="socket:[40382]" dev="sockfs" ino=40382 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 244.104298][ T29] audit: type=1400 audit(1743482011.940:2786): avc: denied { read } for pid=14151 comm="syz.4.3704" path="socket:[40382]" dev="sockfs" ino=40382 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 244.139632][T14168] loop1: detected capacity change from 0 to 512 [ 244.149957][T14168] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 244.179247][ T29] audit: type=1326 audit(1743482012.040:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14172 comm="syz.4.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 244.203600][ T29] audit: type=1326 audit(1743482012.040:2788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14172 comm="syz.4.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 244.213989][T14173] loop4: detected capacity change from 0 to 512 [ 244.234961][ T29] audit: type=1326 audit(1743482012.040:2789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14172 comm="syz.4.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 244.259028][ T29] audit: type=1326 audit(1743482012.060:2790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14172 comm="syz.4.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 244.282737][ T29] audit: type=1326 audit(1743482012.060:2791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14172 comm="syz.4.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 244.286750][T14173] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 244.306504][ T29] audit: type=1326 audit(1743482012.060:2792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14175 comm="syz.4.3711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f347df0fa25 code=0x7ffc0000 [ 244.353668][T14173] EXT4-fs (loop4): 1 truncate cleaned up [ 244.502926][T14188] loop4: detected capacity change from 0 to 512 [ 244.520253][T14186] loop3: detected capacity change from 0 to 2048 [ 244.531453][T14188] ext4: Unknown parameter 'appraise_type' [ 244.586415][T14201] loop0: detected capacity change from 0 to 256 [ 244.593579][T14201] vfat: Bad value for 'check' [ 244.600868][T14186] hub 2-0:1.0: USB hub found [ 244.605905][T14186] hub 2-0:1.0: 8 ports detected [ 244.660174][T14205] loop4: detected capacity change from 0 to 512 [ 244.677292][T14205] EXT4-fs: Ignoring removed orlov option [ 244.694531][T14205] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 244.987239][T14226] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3721'. [ 244.989207][T14229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 245.005864][T14229] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 245.125729][T14235] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14235 comm=syz.0.3723 [ 245.454435][T14243] loop0: detected capacity change from 0 to 2048 [ 245.509438][T14243] hub 2-0:1.0: USB hub found [ 245.514210][T14243] hub 2-0:1.0: 8 ports detected [ 245.703544][T14254] loop3: detected capacity change from 0 to 2048 [ 245.838731][T14254] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3729: bg 0: block 234: padding at end of block bitmap is not set [ 245.870493][T14267] loop0: detected capacity change from 0 to 2048 [ 245.879808][T14254] EXT4-fs (loop3): Remounting filesystem read-only [ 245.909381][T14273] tmpfs: Unknown parameter 'grpquota_block_hardlimit' [ 245.919725][T14273] loop1: detected capacity change from 0 to 512 [ 245.923341][T14267] rdma_op ffff88811e678980 conn xmit_rdma 0000000000000000 [ 245.926195][T14273] journal_path: Non-blockdev passed as './bus' [ 245.939690][T14273] EXT4-fs: error: could not find journal device path [ 245.975217][T14278] loop3: detected capacity change from 0 to 2048 [ 246.042001][T14278] rdma_op ffff88811e678980 conn xmit_rdma 0000000000000000 [ 246.175269][T14293] loop1: detected capacity change from 0 to 8192 [ 246.260597][T14302] loop4: detected capacity change from 0 to 2048 [ 246.324588][T14305] loop3: detected capacity change from 0 to 2048 [ 246.339001][T14311] loop1: detected capacity change from 0 to 164 [ 246.348093][T14311] rock: directory entry would overflow storage [ 246.354448][T14311] rock: sig=0x5053, size=7, remaining=4 [ 246.360151][T14311] isofs_fill_super: root inode is not a directory. Corrupted media? [ 246.375190][T14305] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3747: bg 0: block 234: padding at end of block bitmap is not set [ 246.392095][T14305] EXT4-fs (loop3): Remounting filesystem read-only [ 246.408859][T14302] hub 2-0:1.0: USB hub found [ 246.413994][T14302] hub 2-0:1.0: 8 ports detected [ 246.437729][T14311] __nla_validate_parse: 1 callbacks suppressed [ 246.437749][T14311] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3748'. [ 246.462806][T14315] loop3: detected capacity change from 0 to 512 [ 246.470076][T14315] EXT4-fs: Ignoring removed orlov option [ 246.499091][T14315] ext4 filesystem being mounted at /252/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 246.740032][T14334] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3755'. [ 246.848993][T14348] loop4: detected capacity change from 0 to 128 [ 246.858000][T14348] FAT-fs (loop4): bogus number of reserved sectors [ 246.864731][T14348] FAT-fs (loop4): Can't find a valid FAT filesystem [ 246.885903][T14346] loop3: detected capacity change from 0 to 2048 [ 246.990368][T14346] hub 2-0:1.0: USB hub found [ 246.995271][T14346] hub 2-0:1.0: 8 ports detected [ 247.036772][T14364] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3768'. [ 247.073788][T14370] 8021q: adding VLAN 0 to HW filter on device bond1 [ 247.136024][T14381] FAULT_INJECTION: forcing a failure. [ 247.136024][T14381] name failslab, interval 1, probability 0, space 0, times 0 [ 247.149546][T14381] CPU: 0 UID: 0 PID: 14381 Comm: GPL Not tainted 6.14.0-syzkaller-11144-g1e7857b28020 #0 PREEMPT(voluntary) [ 247.149579][T14381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 247.149594][T14381] Call Trace: [ 247.149603][T14381] [ 247.149614][T14381] dump_stack_lvl+0xf6/0x150 [ 247.149644][T14381] dump_stack+0x15/0x1a [ 247.149723][T14381] should_fail_ex+0x261/0x270 [ 247.149822][T14381] ? __pfx_cgroup_show_path+0x10/0x10 [ 247.149844][T14381] should_failslab+0x8f/0xb0 [ 247.149871][T14381] __kmalloc_cache_noprof+0x55/0x320 [ 247.149910][T14381] ? cgroup_show_path+0x6b/0x2a0 [ 247.149989][T14381] ? __pfx_cgroup_show_path+0x10/0x10 [ 247.150009][T14381] cgroup_show_path+0x6b/0x2a0 [ 247.150102][T14381] ? __pfx_cgroup_show_path+0x10/0x10 [ 247.150126][T14381] kernfs_sop_show_path+0xa8/0xe0 [ 247.150155][T14381] ? __pfx_kernfs_sop_show_path+0x10/0x10 [ 247.150186][T14381] show_path+0x57/0x80 [ 247.150220][T14381] show_mountinfo+0xd9/0x620 [ 247.150240][T14381] m_show+0x3b/0x50 [ 247.150263][T14381] traverse+0x155/0x3c0 [ 247.150291][T14381] seq_lseek+0xa8/0x160 [ 247.150351][T14381] __x64_sys_lseek+0xe7/0x160 [ 247.150459][T14381] x64_sys_call+0x2c43/0x2e10 [ 247.150562][T14381] do_syscall_64+0xc9/0x1c0 [ 247.150583][T14381] ? clear_bhb_loop+0x25/0x80 [ 247.150604][T14381] ? clear_bhb_loop+0x25/0x80 [ 247.150629][T14381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.150654][T14381] RIP: 0033:0x7f347dedd169 [ 247.150746][T14381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.150772][T14381] RSP: 002b:00007f347c547038 EFLAGS: 00000246 ORIG_RAX: 0000000000000008 [ 247.150790][T14381] RAX: ffffffffffffffda RBX: 00007f347e0f5fa0 RCX: 00007f347dedd169 [ 247.150805][T14381] RDX: 0000000000000000 RSI: 0000000000010001 RDI: 0000000000000005 [ 247.150819][T14381] RBP: 00007f347c547090 R08: 0000000000000000 R09: 0000000000000000 [ 247.150833][T14381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 247.150847][T14381] R13: 0000000000000000 R14: 00007f347e0f5fa0 R15: 00007fff0be0b5e8 [ 247.150877][T14381] [ 247.423719][T14388] loop4: detected capacity change from 0 to 128 [ 247.447234][T14388] FAT-fs (loop4): bogus number of reserved sectors [ 247.453816][T14388] FAT-fs (loop4): Can't find a valid FAT filesystem [ 247.521138][T14393] loop4: detected capacity change from 0 to 512 [ 247.527990][T14393] EXT4-fs: Ignoring removed orlov option [ 247.616143][T14393] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 247.661256][T14401] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3779'. [ 247.675208][T14403] loop3: detected capacity change from 0 to 764 [ 247.694270][T14403] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 247.725705][T14406] loop1: detected capacity change from 0 to 2048 [ 247.739854][T14410] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3785'. [ 247.749347][T14411] loop4: detected capacity change from 0 to 2048 [ 247.781433][T14411] rdma_op ffff88811656f180 conn xmit_rdma 0000000000000000 [ 247.810247][T14406] hub 2-0:1.0: USB hub found [ 247.815279][T14406] hub 2-0:1.0: 8 ports detected [ 247.830288][T14426] loop3: detected capacity change from 0 to 128 [ 247.906930][T14439] loop1: detected capacity change from 0 to 512 [ 247.914161][T14441] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3796'. [ 247.938703][T14439] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 247.947920][T14439] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 247.948414][T14443] loop2: detected capacity change from 0 to 512 [ 247.962684][T14443] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 247.970558][T14439] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended [ 247.982947][T14439] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 247.991306][T14439] System zones: 0-2, 18-18, 34-34 [ 247.999176][T14439] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 248.026022][T14439] EXT4-fs (loop1): 1 truncate cleaned up [ 248.067060][T14451] loop4: detected capacity change from 0 to 2048 [ 248.085087][T14451] rdma_op ffff88811c335180 conn xmit_rdma 0000000000000000 [ 248.184765][T14464] loop4: detected capacity change from 0 to 512 [ 248.192500][T14464] ext4: Unknown parameter '.x000000000000fe8e' [ 248.222399][T14476] loop4: detected capacity change from 0 to 1024 [ 248.229923][T14476] EXT4-fs: Ignoring removed bh option [ 248.320277][ T29] kauditd_printk_skb: 132 callbacks suppressed [ 248.320292][ T29] audit: type=1326 audit(1743482016.180:2925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14490 comm="syz.4.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 248.359471][ T29] audit: type=1326 audit(1743482016.220:2926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14490 comm="syz.4.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=139 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 248.383714][ T29] audit: type=1326 audit(1743482016.220:2927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14490 comm="syz.4.3803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 248.508680][T14503] loop4: detected capacity change from 0 to 2048 [ 248.517403][T14505] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3811'. [ 248.538141][T14503] rdma_op ffff88811ae86180 conn xmit_rdma 0000000000000000 [ 248.612060][T14513] loop4: detected capacity change from 0 to 8192 [ 248.677148][T14515] loop0: detected capacity change from 0 to 8192 [ 248.694563][T14519] loop2: detected capacity change from 0 to 512 [ 248.701886][T14519] EXT4-fs: Ignoring removed orlov option [ 248.739161][T14524] loop3: detected capacity change from 0 to 2048 [ 248.746508][ T29] audit: type=1326 audit(1743482016.590:2928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14514 comm="syz.0.3815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9460d0d169 code=0x7ffc0000 [ 248.770917][ T29] audit: type=1326 audit(1743482016.590:2929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14514 comm="syz.0.3815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f9460d0d169 code=0x7ffc0000 [ 248.794851][ T29] audit: type=1326 audit(1743482016.590:2930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14514 comm="syz.0.3815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9460d0d169 code=0x7ffc0000 [ 248.823255][T14519] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 248.876638][ T29] audit: type=1400 audit(1743482016.730:2931): avc: denied { create } for pid=14512 comm="syz.4.3814" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 248.906227][ T29] audit: type=1400 audit(1743482016.760:2932): avc: denied { getopt } for pid=14523 comm="syz.3.3819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 248.926629][ T29] audit: type=1400 audit(1743482016.760:2933): avc: denied { write } for pid=14523 comm="syz.3.3819" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 248.956282][T14537] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3822'. [ 248.997277][T14535] loop1: detected capacity change from 0 to 2048 [ 249.035600][T14541] loop4: detected capacity change from 0 to 2048 [ 249.079097][T14535] hub 2-0:1.0: USB hub found [ 249.093535][T14535] hub 2-0:1.0: 8 ports detected [ 249.106885][ T29] audit: type=1326 audit(1743482016.960:2934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14557 comm="syz.2.3830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49ebd6d169 code=0x7ffc0000 [ 249.125496][T14560] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3831'. [ 249.147267][T14541] rdma_op ffff88811656f980 conn xmit_rdma 0000000000000000 [ 249.211672][T14563] loop0: detected capacity change from 0 to 512 [ 249.218532][T14563] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 249.245636][T14574] loop2: detected capacity change from 0 to 2048 [ 249.282616][T14574] rdma_op ffff88811656e180 conn xmit_rdma 0000000000000000 [ 249.385059][T14601] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3843'. [ 249.403566][T14603] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 249.411378][T14603] IPv6: NLM_F_CREATE should be set when creating new route [ 249.425201][T14603] bond0: option resend_igmp: invalid value (7540) [ 249.433553][T14603] bond0: option resend_igmp: allowed values 0 - 255 [ 249.448583][T14607] loop4: detected capacity change from 0 to 512 [ 249.460045][T14607] EXT4-fs: Ignoring removed orlov option [ 249.479971][T14607] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 249.566185][T14619] loop1: detected capacity change from 0 to 1024 [ 249.840200][T14631] loop3: detected capacity change from 0 to 128 [ 250.447225][T14656] loop4: detected capacity change from 0 to 2048 [ 250.460835][T14656] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3863: bg 0: block 234: padding at end of block bitmap is not set [ 250.476403][T14656] EXT4-fs (loop4): Remounting filesystem read-only [ 250.552325][T14661] loop1: detected capacity change from 0 to 512 [ 250.559257][T14661] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 251.437120][T14700] loop1: detected capacity change from 0 to 2048 [ 251.534883][T14700] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 251.555482][T14700] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 640 with max blocks 32 with error 28 [ 251.570067][T14700] EXT4-fs (loop1): This should not happen!! Data will be lost [ 251.570067][T14700] [ 251.582126][T14700] EXT4-fs (loop1): Total free blocks count 0 [ 251.588890][T14700] EXT4-fs (loop1): Free/Dirty block details [ 251.595366][T14700] EXT4-fs (loop1): free_blocks=2415919104 [ 251.601344][T14700] EXT4-fs (loop1): dirty_blocks=32 [ 251.608293][T14700] EXT4-fs (loop1): Block reservation details [ 251.615083][T14700] EXT4-fs (loop1): i_reserved_data_blocks=2 [ 251.630716][T14700] syz.1.3878 (14700) used greatest stack depth: 9208 bytes left [ 251.696801][T14720] loop1: detected capacity change from 0 to 2048 [ 251.721910][T14720] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3879: bg 0: block 234: padding at end of block bitmap is not set [ 251.755261][T14720] EXT4-fs (loop1): Remounting filesystem read-only [ 251.843154][T14749] __nla_validate_parse: 1 callbacks suppressed [ 251.843173][T14749] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3882'. [ 251.987300][T14774] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3887'. [ 252.088537][T14782] loop1: detected capacity change from 0 to 512 [ 252.105532][T14782] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 252.254611][T14807] loop2: detected capacity change from 0 to 128 [ 252.621004][T14816] loop0: detected capacity change from 0 to 2048 [ 252.736935][T14816] hub 2-0:1.0: USB hub found [ 252.742217][T14816] hub 2-0:1.0: 8 ports detected [ 252.857579][T14832] loop1: detected capacity change from 0 to 2048 [ 252.871496][T14832] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3903: bg 0: block 234: padding at end of block bitmap is not set [ 252.892034][T14832] EXT4-fs (loop1): Remounting filesystem read-only [ 252.903600][T14836] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3904'. [ 253.040294][T14841] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3906'. [ 253.204894][T14863] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 253.210004][T14862] loop2: detected capacity change from 0 to 2048 [ 253.211504][T14863] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 253.223204][T14868] loop1: detected capacity change from 0 to 512 [ 253.225951][T14863] vhci_hcd vhci_hcd.0: Device attached [ 253.238693][T14869] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 253.248337][T14869] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 253.257708][T14868] EXT4-fs: Ignoring removed orlov option [ 253.267788][T14864] vhci_hcd: connection closed [ 253.269457][T14868] EXT4-fs error (device loop1): ext4_iget_extra_inode:4704: inode #15: comm syz.1.3918: corrupted in-inode xattr: invalid ea_ino [ 253.289755][ T31] vhci_hcd: stop threads [ 253.294819][ T31] vhci_hcd: release socket [ 253.299634][ T31] vhci_hcd: disconnect device [ 253.305376][T14868] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.3918: couldn't read orphan inode 15 (err -117) [ 253.322854][T14870] loop0: detected capacity change from 0 to 512 [ 253.329710][T14870] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 253.365586][T14862] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 253.384984][T14862] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 704 with max blocks 2 with error 28 [ 253.399739][T14862] EXT4-fs (loop2): This should not happen!! Data will be lost [ 253.399739][T14862] [ 253.410697][T14862] EXT4-fs (loop2): Total free blocks count 0 [ 253.416903][T14862] EXT4-fs (loop2): Free/Dirty block details [ 253.423778][T14862] EXT4-fs (loop2): free_blocks=2415919104 [ 253.429819][T14862] EXT4-fs (loop2): dirty_blocks=16 [ 253.434960][T14862] EXT4-fs (loop2): Block reservation details [ 253.441041][T14862] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 253.987335][ T29] kauditd_printk_skb: 171 callbacks suppressed [ 253.987352][ T29] audit: type=1326 audit(1743482021.850:3106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.4.3923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 254.026835][ T29] audit: type=1326 audit(1743482021.880:3107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.4.3923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 254.050571][ T29] audit: type=1326 audit(1743482021.880:3108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.4.3923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 254.074162][ T29] audit: type=1326 audit(1743482021.880:3109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14888 comm="syz.4.3923" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 254.119355][T14892] loop4: detected capacity change from 0 to 128 [ 254.135826][T14892] ext4 filesystem being mounted at /150/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 254.152823][ T29] audit: type=1326 audit(1743482022.010:3110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14891 comm="+}[@" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f347dedd169 code=0x0 [ 254.180678][T14897] loop1: detected capacity change from 0 to 2048 [ 254.462547][T14915] IPv6: Can't replace route, no match found [ 254.474443][T14914] loop2: detected capacity change from 0 to 2048 [ 254.524042][T14914] hub 2-0:1.0: USB hub found [ 254.534584][T14914] hub 2-0:1.0: 8 ports detected [ 254.755968][ T29] audit: type=1326 audit(1743482022.610:3111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14921 comm="syz.2.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49ebd6d169 code=0x7ffc0000 [ 254.780879][ T29] audit: type=1326 audit(1743482022.610:3112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14921 comm="syz.2.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f49ebd6d169 code=0x7ffc0000 [ 254.805222][ T29] audit: type=1326 audit(1743482022.610:3113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14921 comm="syz.2.3934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49ebd6d169 code=0x7ffc0000 [ 254.853765][T14924] loop2: detected capacity change from 0 to 512 [ 254.868184][T14924] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 254.878663][T14924] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 254.902242][T14924] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 254.917368][T14924] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 254.936780][T14924] System zones: 0-2, 18-18, 34-34 [ 254.943215][T14924] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 254.990609][T14929] loop3: detected capacity change from 0 to 512 [ 254.997962][T14929] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 255.076941][T14924] EXT4-fs (loop2): 1 truncate cleaned up [ 255.406417][T14948] loop2: detected capacity change from 0 to 2048 [ 255.428610][ T29] audit: type=1326 audit(1743482023.280:3114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14949 comm="syz.4.3945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 255.452265][ T29] audit: type=1326 audit(1743482023.280:3115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14949 comm="syz.4.3945" exe="/root/syz-executor" sig=0 arch=c000003e syscall=130 compat=0 ip=0x7f347dedd169 code=0x7ffc0000 [ 255.531427][T14948] rdma_op ffff88811ae84980 conn xmit_rdma 0000000000000000 [ 255.588276][T14959] loop2: detected capacity change from 0 to 2048 [ 255.613731][T14961] loop4: detected capacity change from 0 to 2048 [ 255.639014][T14959] hub 2-0:1.0: USB hub found [ 255.643841][T14959] hub 2-0:1.0: 8 ports detected [ 255.711297][T14968] loop1: detected capacity change from 0 to 8192 [ 255.755955][T14986] loop3: detected capacity change from 0 to 2048 [ 255.770218][T14986] rdma_op ffff88811c1f5980 conn xmit_rdma 0000000000000000 [ 255.830627][T14994] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3960'. [ 255.889370][T15002] x_tables: ip6_tables: tcpmss match: only valid for protocol 6 [ 256.250418][T15020] loop3: detected capacity change from 0 to 2048 [ 256.311255][T15020] hub 2-0:1.0: USB hub found [ 256.316176][T15020] hub 2-0:1.0: 8 ports detected [ 256.368159][T15024] loop3: detected capacity change from 0 to 2048 [ 256.387365][T15024] rdma_op ffff88811ae85180 conn xmit_rdma 0000000000000000 [ 256.567530][T15031] usb usb6: usbfs: process 15031 (+}[@) did not claim interface 0 before use [ 256.590258][T15033] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3973'. [ 256.679052][T15045] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3979'. [ 256.743585][T15051] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3983'. [ 256.761271][T15049] loop2: detected capacity change from 0 to 2048 [ 256.818553][T15058] loop4: detected capacity change from 0 to 512 [ 256.825257][T15058] EXT4-fs: Ignoring removed orlov option [ 256.845770][T15060] loop1: detected capacity change from 0 to 2048 [ 256.854020][T15058] ext4 filesystem being mounted at /162/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 257.568926][T15063] ================================================================== [ 257.577599][T15063] BUG: KCSAN: data-race in mem_cgroup_track_foreign_dirty_slowpath / mem_cgroup_track_foreign_dirty_slowpath [ 257.590479][T15063] [ 257.592912][T15063] write to 0xffff8881184b45d8 of 8 bytes by task 15048 on cpu 0: [ 257.601424][T15063] mem_cgroup_track_foreign_dirty_slowpath+0x3bf/0x450 [ 257.609809][T15063] __folio_mark_dirty+0x3f5/0x4e0 [ 257.615117][T15063] mark_buffer_dirty+0x134/0x230 [ 257.621984][T15063] block_page_mkwrite+0x29b/0x3f0 [ 257.627055][T15063] ext4_page_mkwrite+0x75c/0xba0 [ 257.632460][T15063] do_wp_page+0xcaf/0x2380 [ 257.638036][T15063] handle_mm_fault+0xc78/0x2b30 [ 257.643534][T15063] exc_page_fault+0x3b9/0x650 [ 257.648383][T15063] asm_exc_page_fault+0x26/0x30 [ 257.653249][T15063] [ 257.655577][T15063] read to 0xffff8881184b45d8 of 8 bytes by task 15063 on cpu 1: [ 257.663300][T15063] mem_cgroup_track_foreign_dirty_slowpath+0xdb/0x450 [ 257.670443][T15063] __folio_mark_dirty+0x3f5/0x4e0 [ 257.675587][T15063] mark_buffer_dirty+0x134/0x230 [ 257.680653][T15063] block_write_end+0x123/0x210 [ 257.685521][T15063] ext4_da_write_end+0x20a/0x810 [ 257.690478][T15063] generic_perform_write+0x31e/0x4b0 [ 257.695871][T15063] ext4_buffered_write_iter+0x1ed/0x3c0 [ 257.702831][T15063] ext4_file_write_iter+0x3b2/0xf80 [ 257.708529][T15063] iter_file_splice_write+0x5f2/0x980 [ 257.714018][T15063] direct_splice_actor+0x160/0x2c0 [ 257.719161][T15063] splice_direct_to_actor+0x305/0x680 [ 257.724645][T15063] do_splice_direct+0xd9/0x150 [ 257.729786][T15063] do_sendfile+0x40a/0x690 [ 257.734321][T15063] __x64_sys_sendfile64+0x113/0x160 [ 257.739654][T15063] x64_sys_call+0xfc3/0x2e10 [ 257.744464][T15063] do_syscall_64+0xc9/0x1c0 [ 257.749033][T15063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.755026][T15063] [ 257.757439][T15063] value changed: 0x00000000ffffebe1 -> 0x00000000ffffef33 [ 257.764678][T15063] [ 257.767018][T15063] Reported by Kernel Concurrency Sanitizer on: [ 257.773176][T15063] CPU: 1 UID: 0 PID: 15063 Comm: syz.2.3982 Not tainted 6.14.0-syzkaller-11144-g1e7857b28020 #0 PREEMPT(voluntary) [ 257.785363][T15063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 257.795779][T15063] ================================================================== [ 257.838647][T15090] loop3: detected capacity change from 0 to 2048 [ 257.881264][T15090] rdma_op ffff8881175f5980 conn xmit_rdma 0000000000000000