last executing test programs: 32.987542051s ago: executing program 0 (id=371): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r2 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r2, &(0x7f0000000200)={0x18, 0x2, {0xfeff, @local}}, 0x1e) connect$pptp(r2, &(0x7f00000004c0)={0x18, 0x2, {0x0, @broadcast}}, 0x1e) 32.909901991s ago: executing program 0 (id=376): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400000000}, 0x4000, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x18) r3 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_USER_AVC(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000"], 0x14}, 0x1, 0x0, 0x0, 0x24000841}, 0x4008840) 32.829851352s ago: executing program 0 (id=379): bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r0}, 0x9) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x80a, &(0x7f0000000940)={[{@barrier_val}, {@resuid}, {@block_validity}, {@errors_remount}]}, 0x1, 0x7a3, &(0x7f00000009c0)="$eJzs3ctrXNUfAPDvnSRNmvb3awTB1k2z0kLppK2xVRCMuBDBQkHXtmEyDTGTTMlMShOysIggiKDFhaAb1z7qzq3o2r/BjYi0VE2LFRcycueRTF6TR5NMbD4fuMk5d86dc75z5557Zu5hbgD7Vn/6JxNxLCI+TCKO1NcnEdFVTXVGDNXKPZify6VLEpXK678n1TL35+dy0bRN6lA9czQivn834mRmZb2lmdnx4UIhP1XPD5Qnrg6UZmZPjU0Mj+ZH85PnzgwOnj3/7Plz2xfrnz/OHr7z0StPfz309ztP3PrghySG4nD9seY4lkq2XF9/9Ne37kpfwiVe3vKz7k1bf5Vop/TQ7Kgd5XEsjkRHNQUAPMrS838FANhnEud/ANhnGt8D3J+fyzWW9n4jsbvuvhQRPbX4G9c3a4901q/Z9VSvg/beT6KzfkU0tvF6V39EfPbtm1+mS7S8Dgmwvd6+ERGX+/pX9v/JijkLm3V6A2X6l+X1f7B7vkvHP8+tNv7LLIx/YmH8s6h7lWN3K/ojDjTnVx7/mdurbvjiNlReH/+9UJvblgbaNP5bmLTW11HP/S/NHI+IsUI+7dv+HxEnoqv7ylghf6ZFHSfu/XNvrceax39/3Hzri7T+9P9iicztzu6l24wMl4cfJuZmd29EPNm5OLfvwYr+v6c61l2+/9N1F1s98fHF5KvPv/fpWsXS+NN4G8vK+HdW5fOIp2L1+BuSlvMTB9Ldf7r2d/U6vvn5k9616m/e/+mS1t/4LLAb0v3f2zr+vqR5vmZpe+tfP/7V3/8Hkjeq6UbncX24XJ46E3EgeW3l+rOL2zbyjfJp/LVIl8efafn+Tz8JXt5gjJ13fvtq6/Ev2JEplmn8I5va/5tP3How3rH1+NP9P1hNnaiv2Uj/t9EGPsxrBwAAAAAAAAAAAAAAAAAAAAAAAAAblYmIw5FksgvpTCabrd3D+/HozRSKpfLJK8XpyZGo3iu7L7oyjZ+6PFLLJ43fP+1ryp9dln8mIh6LiI+7D1bz2VyxMNLu4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7tAa9/9P/drd7tYBADumZ90S9/JLspVKpbKD7QEAdt76538A4FHT4vx/cDfbAQDsHp//AWD/cf4HgP3H+R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAddvHChXSp/DU/l0vzI9dmpseL106N5Evj2YnpXDZXnLqaHS0WRwv5bK44sd7zFYrFq4MxOX19oJwvlQdKM7OXJorTk+VLYxPDo/lL+a5diQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANqc0Mzs+XCjkpx6JxPsRsQeasROJJPZEM9qS+OXUT0dblbm5ztt4aE9EsbFEpbt2YLa9Pe3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+G/4NAAD//9wMIzc=") r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000002c40)=ANY=[@ANYRESHEX]) 32.565772453s ago: executing program 0 (id=388): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="a98df98fa0ff0e3f0c0000000b"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18) socket$nl_route(0x10, 0x3, 0x0) socket$nl_audit(0x10, 0x3, 0x9) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="24010000", @ANYRES16=r1, @ANYBLOB="a18300000000000000000500000008000300", @ANYRES32=0x0, @ANYBLOB="08010e8004"], 0x124}}, 0x0) stat(&(0x7f0000000480)='./bus\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000780)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}, {@dax_never}, {@nodiscard}], [{@obj_user={'obj_user', 0x3d, 'nodiscard'}}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x32, 0x34, 0x33, 0x33, 0x66, 0x37, 0x62], 0x2d, [0x66, 0x30, 0x65, 0x1], 0x2d, [0x65, 0x33, 0x38, 0x65], 0x2d, [0x33, 0x34, 0x35, 0x35], 0x2d, [0x61, 0x32, 0x64, 0x63, 0x66, 0x64, 0x35, 0x39]}}}, {@fowner_eq}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@fowner_eq={'fowner', 0x3d, r4}}]}, 0x0, 0x479, &(0x7f0000001300)="$eJzs3MtvG8UfAPDvOo82fcW/qj+gDyAIEKVA0qSl9MAFBBIHkJDgUI4hSatSt0FNkEhVQUCoHFElTlwQRyT+Ak5wQcAJCQ4c4I4qVaiXFk5Gm91NHdfOw3Xstv58pHVmdtee+Xpn7NmdeAPoWSPpQxKxIyL+iIjhLLtyh5Hsz41rF6f+uXZxKolq9Y2/k/508/VrF6eKXYvnbS8y/RGlT5LY36DcuYULZyYrlZnzeX5s/uy7Y3MLF545fXby1MypmXMTx48fPTL+3LGJZ9sSZxrX9X0fzB7Y+8pbl1+bOnH57Z++SYr46+K4xW8tFTmy2sbHq9WWXvQONJg+7KxZkbUM7gZ9WTeNgaX+Pxx9cfPgDcfLH3e1csCmqlar1fuab16sAvewJLpdA6A7ii/69Py3WDo09LgjXH0hOwFK476RL9mW/ijl+wzUnd+200hEnFj898t0ibWuQwAAtMF36fjn6Ubjv1LUXhfalc+hlCPifxGxOyKORcSeiPh/xNK+90fEAxssv36S5NbxT+lKS4GtUzr+ez6f21o5/itGf1Huy3M7l+IfSE6erswczt+TgzGwJc2Pr1LG9y/9+lmzbbXjv3RJyy/Ggnk9rvRvWfmc6cn5yduJudbVjyL29TeKP1meCUgiYm9E7GuxjNOHvj7QbNva8a+iDfNM1a8insiO/2LUxV9IsvnJcpP5ybGtUZk5PFa0ihiqefnF9ND9/Mul15uVf1vxt0F6/Lc1bP/L8ZeT2vnauY28+hdPpo+X/vy06TlNq+1/MHlzxbr3J+fnz49HDCavZpWuXT9Rt9/Ezf3T+A8+2rj/746b78T+iEgb8YMR8VBEPJzX/ZHfd635Lvz44mPvtB7/5krjn17/8a8ORxQNYWEw8sTymsaJvjM/fLui0HLj+Hc1Pf5Hl1IH8zXr+fxbT7022poBAADgblWKiB2RlEaX06XS6Gj2P/x7YlupMjs3/9TJ2ffOTWe/ESjHQKm40jVccz10PD+tL/ITdfkj+XXjz/uGlvKjU7OV6W4HDz1ue5P+n/qrr9u1Azad32tB79L/oXfp/9C7sv5fe7a/tWt1ATqrwff/UDfqAXReo/H/h+t54o721wXorLr+b9oPeojrf9C7Wun/PjPg3tC/2i2bBztaFaBz5oZi7R/J32uJrRu4QcDdlyjuXLMZRQykreVQRCxciFLXI5XYxES3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa478AAAD//9OC4M8=") syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f00000017c0)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) truncate(&(0x7f0000000900)='./file1\x00', 0x3000000) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r5, 0x0) r6 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x1e9) pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newchain={0x54, 0x1e, 0x1, 0x70bd2c, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xe, 0x1}, {0x7, 0x8}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xa, 0x2b, 0xca, 0x1, 0x2, 0x8a, 0xa32, 0x40, [{0x4, 0xfffffffa, 0xfffffff9, 0x4}]}}]}}]}, 0x54}}, 0x44004) quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000902, r4, &(0x7f0000000180)) fsopen(&(0x7f0000001240)='9p\x00', 0x0) r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r8) ptrace$cont(0x20, r8, 0x0, 0x0) ptrace(0x11, r8) getpgrp(r8) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 31.494918639s ago: executing program 0 (id=406): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') 31.091687271s ago: executing program 0 (id=422): r0 = socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe468}, 0x94) sendmsg$nl_route_sched(r0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = socket(0x1e, 0x4, 0x0) sendmsg$tipc(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c840}, 0x2400c014) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r3) sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000014c0)=ANY=[@ANYBLOB="50010000", @ANYRES16=r4, @ANYBLOB="010000000000fcdbdf250100000008000100000000000400048008000c8004000b800800020001000000200108801c000780080005"], 0x150}}, 0x0) 31.087627332s ago: executing program 32 (id=422): r0 = socket$netlink(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe468}, 0x94) sendmsg$nl_route_sched(r0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = socket(0x1e, 0x4, 0x0) sendmsg$tipc(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c840}, 0x2400c014) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r3) sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000014c0)=ANY=[@ANYBLOB="50010000", @ANYRES16=r4, @ANYBLOB="010000000000fcdbdf250100000008000100000000000400048008000c8004000b800800020001000000200108801c000780080005"], 0x150}}, 0x0) 26.469715628s ago: executing program 4 (id=505): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000b"], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000018110000", @ANYRES8=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000003c0)=0x2) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000bf03000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = socket$unix(0x1, 0x5, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) bind$unix(r4, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e) bind$unix(r3, &(0x7f0000000280)=@abs={0x1, 0x0, 0x4e24}, 0x6e) syz_clone3(&(0x7f0000000a00)={0x108084080, &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000640)=0x0, {0x12}, &(0x7f00000008c0)=""/173, 0xad, &(0x7f0000000680)=""/66, &(0x7f0000000980)=[0xffffffffffffffff], 0x1}, 0x58) r6 = getpid() sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7) ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000a80)={'\x00', 0xb, 0x7, 0x4, 0x0, 0x3ff, 0x0}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000b00)={0x0, 0x0}) syz_clone3(&(0x7f0000000bc0)={0x900, &(0x7f0000000200), &(0x7f0000000400), &(0x7f0000000440), {0x10}, &(0x7f0000000480)=""/64, 0x40, &(0x7f00000007c0)=""/248, &(0x7f0000000b80)=[0x0, r5, r6, r7, r8], 0x5, {r3}}, 0x58) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='percpu_free_percpu\x00', r2}, 0x10) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r9}, 0x38) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r10, 0x0, 0x3}, 0x18) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=@newtaction={0x8c, 0x30, 0x1, 0x0, 0x0, {}, [{0x78, 0x1, [@m_ct={0x2c, 0x2, 0x0, 0x0, {{0x7}, {0x4}, {0x4, 0x2}, {0xc}, {0xc}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xfffffffffffffffe}}}]}, {0x25}, {0xc}, {0xc}}}]}]}, 0x8c}}, 0x0) r12 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002105000d40930000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e746572"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x200080c0) readv(r1, &(0x7f0000000600)=[{&(0x7f00000002c0)=""/135, 0x87}], 0x1) ioctl$TIOCVHANGUP(r1, 0x5437, 0x2) 26.326786809s ago: executing program 4 (id=511): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r5, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000180)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000024000280040001001c000380"], 0x50}}, 0x0) r7 = socket(0x8000000010, 0x2, 0x0) write(r7, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc) r8 = socket$inet_tcp(0x2, 0x1, 0x0) r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto$inet(r9, &(0x7f0000000040)='\f\x00', 0xffeb, 0x0, &(0x7f0000000340), 0x10) ioctl$sock_inet_SIOCSARP(r8, 0x8953, &(0x7f0000000180)={{0x2, 0x0, @empty}, {}, 0x0, {0x2, 0x0, @multicast1=0xe000cc02}}) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x1, 0x6, 0x8, 0x8, 0x40}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040), &(0x7f00000004c0), 0xce, r10}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r10, &(0x7f0000000040), &(0x7f0000000280)=""/201}, 0x20) pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000001e80)={0xa, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000a00)=""/4096, 0x1000}, {&(0x7f0000001a00)=""/99, 0x63}, {&(0x7f0000001a80)=""/143, 0x8f}, {&(0x7f0000001b40)=""/231, 0xe7}, {&(0x7f0000001c40)=""/124, 0x7c}, {&(0x7f0000001cc0)=""/208, 0xd0}], &(0x7f0000001e40)=[0x1, 0x2, 0x5a4f, 0x8000000000000000, 0x7, 0xb0, 0xffffffffffffff13], 0x6}, 0x20) r11 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000140)={@private, @broadcast, 0x0}, &(0x7f00000001c0)=0xc) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000380)={'ip6tnl0\x00', &(0x7f0000000300)={'ip6tnl0\x00', 0x0, 0x29, 0x4, 0xa, 0xf7, 0x22, @local, @mcast1, 0x1, 0x40, 0x8001, 0x6}}) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000003c0)={'syztnl2\x00', &(0x7f0000000480)={'ip6tnl0\x00', 0x0, 0x29, 0x5, 0x0, 0xff, 0x41, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7, 0x80, 0x382e, 0x5}}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={r0, 0xe0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0xa, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x50, &(0x7f0000000600)=[{}, {}], 0x10, 0x10, &(0x7f0000000640), &(0x7f0000000680), 0x8, 0x24, 0x8, 0x8, &(0x7f00000006c0)}}, 0x10) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r1, &(0x7f00000009c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000980)={&(0x7f0000000840)={0x130, r11, 0x20, 0x70bd2d, 0x25dfdbfc, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x40, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x3a, 0x4, "1e6ad26bdc6f2d32d01e32021bc9df427239dc2fb9db36920afbeb037edd4acf125cf01a2fd05a2c5f66d41b2c7d9678584b27a175e8"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x70, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x4}, 0x804) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18) r16 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r16, &(0x7f0000000440)={0x900, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x2, 0xa, 0xfc, 0x0, 0x7, 0x0, 0x70bd28, 0x25dfdbfe, [@sadb_x_filter={0x5, 0x1a, @in=@empty, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x2c, 0x30}]}, 0x38}}, 0x40408c0) 26.21748535s ago: executing program 4 (id=516): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000d80)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x9d}, 0x18) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18) socket$pptp(0x18, 0x1, 0x2) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x3, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) r5 = socket$unix(0x1, 0x2, 0x0) ppoll(&(0x7f0000000300)=[{r5, 0x4236}], 0x1, 0x0, 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffb, 0x1ff, @empty, 0xa098}, {0xa, 0x5e21, 0x9, @mcast1, 0x9}, r6, 0x8001}}, 0x48) writev(r4, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2) 26.17703635s ago: executing program 4 (id=518): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="a98df98fa0ff0e3f0c0000000b"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18) socket$nl_route(0x10, 0x3, 0x0) socket$nl_audit(0x10, 0x3, 0x9) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="24010000", @ANYRES16=r1, @ANYBLOB="a18300000000000000000500000008000300", @ANYRES32=0x0, @ANYBLOB="08010e8004"], 0x124}}, 0x0) stat(&(0x7f0000000480)='./bus\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000780)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}, {@dax_never}, {@nodiscard}], [{@obj_user={'obj_user', 0x3d, 'nodiscard'}}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x32, 0x34, 0x33, 0x33, 0x66, 0x37, 0x62], 0x2d, [0x66, 0x30, 0x65, 0x1], 0x2d, [0x65, 0x33, 0x38, 0x65], 0x2d, [0x33, 0x34, 0x35, 0x35], 0x2d, [0x61, 0x32, 0x64, 0x63, 0x66, 0x64, 0x35, 0x39]}}}, {@fowner_eq}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@fowner_eq={'fowner', 0x3d, r4}}]}, 0x0, 0x479, &(0x7f0000001300)="$eJzs3MtvG8UfAPDvOo82fcW/qj+gDyAIEKVA0qSl9MAFBBIHkJDgUI4hSatSt0FNkEhVQUCoHFElTlwQRyT+Ak5wQcAJCQ4c4I4qVaiXFk5Gm91NHdfOw3Xstv58pHVmdtee+Xpn7NmdeAPoWSPpQxKxIyL+iIjhLLtyh5Hsz41rF6f+uXZxKolq9Y2/k/508/VrF6eKXYvnbS8y/RGlT5LY36DcuYULZyYrlZnzeX5s/uy7Y3MLF545fXby1MypmXMTx48fPTL+3LGJZ9sSZxrX9X0fzB7Y+8pbl1+bOnH57Z++SYr46+K4xW8tFTmy2sbHq9WWXvQONJg+7KxZkbUM7gZ9WTeNgaX+Pxx9cfPgDcfLH3e1csCmqlar1fuab16sAvewJLpdA6A7ii/69Py3WDo09LgjXH0hOwFK476RL9mW/ijl+wzUnd+200hEnFj898t0ibWuQwAAtMF36fjn6Ubjv1LUXhfalc+hlCPifxGxOyKORcSeiPh/xNK+90fEAxssv36S5NbxT+lKS4GtUzr+ez6f21o5/itGf1Huy3M7l+IfSE6erswczt+TgzGwJc2Pr1LG9y/9+lmzbbXjv3RJyy/Ggnk9rvRvWfmc6cn5yduJudbVjyL29TeKP1meCUgiYm9E7GuxjNOHvj7QbNva8a+iDfNM1a8insiO/2LUxV9IsvnJcpP5ybGtUZk5PFa0ihiqefnF9ND9/Mul15uVf1vxt0F6/Lc1bP/L8ZeT2vnauY28+hdPpo+X/vy06TlNq+1/MHlzxbr3J+fnz49HDCavZpWuXT9Rt9/Ezf3T+A8+2rj/746b78T+iEgb8YMR8VBEPJzX/ZHfd635Lvz44mPvtB7/5krjn17/8a8ORxQNYWEw8sTymsaJvjM/fLui0HLj+Hc1Pf5Hl1IH8zXr+fxbT7022poBAADgblWKiB2RlEaX06XS6Gj2P/x7YlupMjs3/9TJ2ffOTWe/ESjHQKm40jVccz10PD+tL/ITdfkj+XXjz/uGlvKjU7OV6W4HDz1ue5P+n/qrr9u1Azad32tB79L/oXfp/9C7sv5fe7a/tWt1ATqrwff/UDfqAXReo/H/h+t54o721wXorLr+b9oPeojrf9C7Wun/PjPg3tC/2i2bBztaFaBz5oZi7R/J32uJrRu4QcDdlyjuXLMZRQykreVQRCxciFLXI5XYxES3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa478AAAD//9OC4M8=") syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f00000017c0)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) truncate(&(0x7f0000000900)='./file1\x00', 0x3000000) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r5, 0x0) r6 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x1e9) pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newchain={0x54, 0x1e, 0x1, 0x70bd2c, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xe, 0x1}, {0x7, 0x8}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xa, 0x2b, 0xca, 0x1, 0x2, 0x8a, 0xa32, 0x40, [{0x4, 0xfffffffa, 0xfffffff9, 0x4}]}}]}}]}, 0x54}}, 0x44004) quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000902, r4, &(0x7f0000000180)) fsopen(&(0x7f0000001240)='9p\x00', 0x0) r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r8) ptrace(0x11, r8) getpgrp(r8) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 25.839205432s ago: executing program 4 (id=522): syz_emit_ethernet(0x3b6, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00\b@', 0x380, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x3, 0xa, "a7616790fd598080a8030037004023020087aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e340c6d42ca0a5c15b37adac15084dbaf736b41e5af0302"}, {0x0, 0x1, "00001c050000000026000400"}, {0xe, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8675b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x22, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "b8a3e100908f6164000046ef3df9f500000000000000fb0000008879e664852015ca837473f27945dc000400"/55}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c"}, {0x1f, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0) 25.619542053s ago: executing program 4 (id=527): r0 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r2 = socket$inet_udp(0x2, 0x2, 0x0) listen(r1, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x200010, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESDEC=r2]) fcntl$setsig(r0, 0xa, 0x11) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r3}, 0x18) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB="0200000004000000040000000900000000000000eea1958e79bc36615a3a355cbd0a6bae066ed04c100a92243900a74b9dd73bcfd2316382e490a153ef75435c073af87aae9a969fd8f22c25af32decb9f5cca9dbc8b87b5d6b49af1d07545d801c84afdfe658e12102f5e7b8da91e8096703c124896614ea7114ed6e4c801bbac1b9c0b6ad6345320e5d6aa8f712dc54ba1f1a8952442a7de4b1f067d548758e4c6da3bc521be54ff110ea08af34e350b5ad72ff8de268051d07e2c4a6412a395d0a03b1befae3947053e67bbd36885379f90bc", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRESOCT=r6, @ANYRESHEX=r5, @ANYRES8=r5, @ANYRESDEC=r6], 0x50) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000030000000000000000483ed94209860e6bc6000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80042, 0x1bd) close(r8) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8, &(0x7f0000000900)=ANY=[@ANYBLOB="7472616e733d66642c7266ef3ac79c076e034e646e6f3d5db6c25ff9e3a886e55c794c5b4c739b04008e8763b7fa63fef55d7053198eb32a6432fbd52a5078d279c4d3ddc0004b2175da22b78453e8023852de0000", @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',\x00']) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEAUTHENTICATE(r8, &(0x7f0000000600)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="100027bd7000fbfffffffffdff0000000300dbec05eedc420f", @ANYRES32=r9, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20044048) r10 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r10, 0x42, 0x1ff) execveat$binfmt(0xffffffffffffff9c, r10, 0x0, 0x0, 0x0) execveat$binfmt(r8, r10, &(0x7f00000002c0)={[0x0, &(0x7f0000000080)='\x00', &(0x7f00000000c0)='\xbb\xbb\xbb\xbb\xbb\xbb']}, &(0x7f0000000380)={[&(0x7f0000000300)='#/\xab#\x00']}, 0x100) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0d0000000600000004000000ffffff0f01000000", @ANYRES32=r4], 0x50) syz_mount_image$vfat(&(0x7f0000000880), &(0x7f0000003200)='./file2\x00', 0x4204, &(0x7f0000003240)=ANY=[], 0x3, 0x335, &(0x7f0000000a40)="$eJzs3M9rG0cUwPEnWZYlGVs6lJYWiof20l4WW+25VBQbSgU1tlVqFwxre9UKbSWjFS4qpbZPvZbccwrkYHz0zZD4H/Alt+SSS266BHKICSEb9pf107asyJFjfz8QdjQzTzujGYW3i1f1X///s5i3tLxelXBMSUhE5EQkJWEJhPxj2C1HpdmOfD3+4vHni8srP2Wy2dkFpeYyS9+klVKTUw/++ifudzsck+PUav15+tnxx8ef1t8s/VGwVMFSpXJV6Wqt/LSqr5mG2ihYRU2pedPQLUMVSpZR8drLXnveLG9u1pRe2phIbFYMy1J6qaaKRk1Vy6paqSn9d71QUpqmqYmE4ALOgi7omT6j1wc8GlyRSiWjj4hIvKMltzeUAQEAgKFqz//DTkrfV/4vk27+73Ru5P/7XxxVx385mDx0Ylfrh9Fu+f+3T7z3asn/YyLST/5/Vy6R/3dmRLdLbm+h//wf18NUtKMq1PLKyf8T/vfXtfvb/rRbIP8HAAAAAAAAAAAAAAAAAAAAAOBDcGLbSdu2k8Ex+Nd4hMB/jRvprPUfE5GYs/o263+TLS6vSMx9cM9ZY/O/rdxWzjv6HY5ExBRDpiUpr9394HPKwZNHypGSh+a2G//KOY64LZm8FNz4GUlKqj3etud+zM7OKI8ff/qYUqI5Pi1J+ah7fLo13hn/9lYuKl992RSvSVIerUtZTNlw93Uj/t8ZpX74OdsWH/dOAgAAAADADaApFfIvn1Ot17/e9bumKdW93fuVkUzevU10xv0B7/p6uuv1eST5WWTYswcAAAAA4Hawan8XddM0KucU4nJxn/4Lkd46R9tqRs/rPNI0w17HE3VvZIi867zu9fipthSCP6RoaYr5lf2NJ5j/wNZrp7kmLD1ERdoHP+VUqEuefdefyGlNcNsoesbnLPOd7xM+ZyeMDmw/f3Ln/svBfUG+Owh2wMWdd/s9V6x917mF0av+fwcAAADA+9dI+oOa75ubQ0MZFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAt8yV/KRfW2HYcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACui7cBAAD//5Oa+gc=") r11 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x80) sendfile(r11, r11, 0x0, 0x5) syz_emit_ethernet(0x3b6, &(0x7f0000000ec0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd6000084003803afffe8000000000000000000000000000bbff02000000000000000000000000000186009078000000000000000000000000030aa7616790fd598080a8030037004023020087aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e340c6d42ca0a5c15b37a1baa37a29c378d5241e5af0302000100001c0500000000260004000e18fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978001d06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8675b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000220b17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f0032107b8a3e100908f6164000046ef3df9f500000000000000fb0000008879e664852015ca837473f27945dc000400000000000000000000000000145e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c1f05d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81edb40e19f9891bba119d3efbfe3b818c7db591d5138a918cac444982e0d2dc887f84b2c45c0012c41aad359cf586b90e203a92bb0488d66de8dc6ae0d0d8a9b22d6c116577781c9f944179683a583d09c750d903cdd17ce41182f3da2283f4ece9dd2c0a1cad5ff56bc29e7cad4cc3feb7e7e8e9700a2736a6f632cd23cc467eacce4c1c1ba4deaaafa1fe43b5acbf09e396fd79181b81bd0ad943f023276f05fde65796d8e165c37edc54105752fab6266283471517075613"], 0x0) r12 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r12, 0x4c82) 25.598635883s ago: executing program 33 (id=527): r0 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r2 = socket$inet_udp(0x2, 0x2, 0x0) listen(r1, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x200010, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESDEC=r2]) fcntl$setsig(r0, 0xa, 0x11) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r3}, 0x18) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB="0200000004000000040000000900000000000000eea1958e79bc36615a3a355cbd0a6bae066ed04c100a92243900a74b9dd73bcfd2316382e490a153ef75435c073af87aae9a969fd8f22c25af32decb9f5cca9dbc8b87b5d6b49af1d07545d801c84afdfe658e12102f5e7b8da91e8096703c124896614ea7114ed6e4c801bbac1b9c0b6ad6345320e5d6aa8f712dc54ba1f1a8952442a7de4b1f067d548758e4c6da3bc521be54ff110ea08af34e350b5ad72ff8de268051d07e2c4a6412a395d0a03b1befae3947053e67bbd36885379f90bc", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRESOCT=r6, @ANYRESHEX=r5, @ANYRES8=r5, @ANYRESDEC=r6], 0x50) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000030000000000000000483ed94209860e6bc6000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94) r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80042, 0x1bd) close(r8) mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8, &(0x7f0000000900)=ANY=[@ANYBLOB="7472616e733d66642c7266ef3ac79c076e034e646e6f3d5db6c25ff9e3a886e55c794c5b4c739b04008e8763b7fa63fef55d7053198eb32a6432fbd52a5078d279c4d3ddc0004b2175da22b78453e8023852de0000", @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB=',\x00']) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEAUTHENTICATE(r8, &(0x7f0000000600)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="100027bd7000fbfffffffffdff0000000300dbec05eedc420f", @ANYRES32=r9, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x20044048) r10 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00') openat$binfmt(0xffffffffffffff9c, r10, 0x42, 0x1ff) execveat$binfmt(0xffffffffffffff9c, r10, 0x0, 0x0, 0x0) execveat$binfmt(r8, r10, &(0x7f00000002c0)={[0x0, &(0x7f0000000080)='\x00', &(0x7f00000000c0)='\xbb\xbb\xbb\xbb\xbb\xbb']}, &(0x7f0000000380)={[&(0x7f0000000300)='#/\xab#\x00']}, 0x100) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0d0000000600000004000000ffffff0f01000000", @ANYRES32=r4], 0x50) syz_mount_image$vfat(&(0x7f0000000880), &(0x7f0000003200)='./file2\x00', 0x4204, &(0x7f0000003240)=ANY=[], 0x3, 0x335, &(0x7f0000000a40)="$eJzs3M9rG0cUwPEnWZYlGVs6lJYWiof20l4WW+25VBQbSgU1tlVqFwxre9UKbSWjFS4qpbZPvZbccwrkYHz0zZD4H/Alt+SSS266BHKICSEb9pf107asyJFjfz8QdjQzTzujGYW3i1f1X///s5i3tLxelXBMSUhE5EQkJWEJhPxj2C1HpdmOfD3+4vHni8srP2Wy2dkFpeYyS9+klVKTUw/++ifudzsck+PUav15+tnxx8ef1t8s/VGwVMFSpXJV6Wqt/LSqr5mG2ihYRU2pedPQLUMVSpZR8drLXnveLG9u1pRe2phIbFYMy1J6qaaKRk1Vy6paqSn9d71QUpqmqYmE4ALOgi7omT6j1wc8GlyRSiWjj4hIvKMltzeUAQEAgKFqz//DTkrfV/4vk27+73Ru5P/7XxxVx385mDx0Ylfrh9Fu+f+3T7z3asn/YyLST/5/Vy6R/3dmRLdLbm+h//wf18NUtKMq1PLKyf8T/vfXtfvb/rRbIP8HAAAAAAAAAAAAAAAAAAAAAOBDcGLbSdu2k8Ex+Nd4hMB/jRvprPUfE5GYs/o263+TLS6vSMx9cM9ZY/O/rdxWzjv6HY5ExBRDpiUpr9394HPKwZNHypGSh+a2G//KOY64LZm8FNz4GUlKqj3etud+zM7OKI8ff/qYUqI5Pi1J+ah7fLo13hn/9lYuKl992RSvSVIerUtZTNlw93Uj/t8ZpX74OdsWH/dOAgAAAADADaApFfIvn1Ot17/e9bumKdW93fuVkUzevU10xv0B7/p6uuv1eST5WWTYswcAAAAA4Hawan8XddM0KucU4nJxn/4Lkd46R9tqRs/rPNI0w17HE3VvZIi867zu9fipthSCP6RoaYr5lf2NJ5j/wNZrp7kmLD1ERdoHP+VUqEuefdefyGlNcNsoesbnLPOd7xM+ZyeMDmw/f3Ln/svBfUG+Owh2wMWdd/s9V6x917mF0av+fwcAAADA+9dI+oOa75ubQ0MZFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAt8yV/KRfW2HYcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACui7cBAAD//5Oa+gc=") r11 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x143042, 0x80) sendfile(r11, r11, 0x0, 0x5) syz_emit_ethernet(0x3b6, &(0x7f0000000ec0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd6000084003803afffe8000000000000000000000000000bbff02000000000000000000000000000186009078000000000000000000000000030aa7616790fd598080a8030037004023020087aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e340c6d42ca0a5c15b37a1baa37a29c378d5241e5af0302000100001c0500000000260004000e18fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978001d06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8675b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000220b17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f0032107b8a3e100908f6164000046ef3df9f500000000000000fb0000008879e664852015ca837473f27945dc000400000000000000000000000000145e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c1f05d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81edb40e19f9891bba119d3efbfe3b818c7db591d5138a918cac444982e0d2dc887f84b2c45c0012c41aad359cf586b90e203a92bb0488d66de8dc6ae0d0d8a9b22d6c116577781c9f944179683a583d09c750d903cdd17ce41182f3da2283f4ece9dd2c0a1cad5ff56bc29e7cad4cc3feb7e7e8e9700a2736a6f632cd23cc467eacce4c1c1ba4deaaafa1fe43b5acbf09e396fd79181b81bd0ad943f023276f05fde65796d8e165c37edc54105752fab6266283471517075613"], 0x0) r12 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_GET_FREE(r12, 0x4c82) 23.850500053s ago: executing program 3 (id=564): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x1, 0xf0, 0x4}, 0xfe}, 0x18) setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) connect$inet(0xffffffffffffffff, 0x0, 0x0) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x2204806, &(0x7f0000000540)=ANY=[@ANYBLOB="636865636b3d7374726963742c636865636b3d72656c61786564006d6f64653d3078303030303030303030303030303030312c6d61703d6f66662c73657373696f6e3d3078303030303030303030303030303036322c696f636861727365743d6d6163677265656b416d61703d61636f726e2c696f636861727365743d69736f383835392d322c73657373696f6e3d3078303030303030303030303030303035382c73686f776173736f632c6d6f64653d3078666666666666666666666666666666652c636865636b3d7a74726963742c6673636f6e746578743d7379ce54f7585f752c7065726d69745f646972656374696f2c00"], 0xfa, 0x69f, &(0x7f0000000f00)="$eJzs3c9v2+Ydx/EP5V+yOwTFNhRBkB9PkhVwsEyR5MaBkQEtR1E2N0kUSHmwgQFF1thFEDndkg5YfOl82Q+gA3berZcddts/MKDn/he7bUCx3QZsBw4kRVmyRMlqHLdZ3y8jEUV++Txfkgq/oSU+EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkOXUyuWKpYbX2t4x+Zxa4DcnLE9bW9CtdOLW1H4lK/6jYlEX01kXv328+I34rxu6nD67rGL8UNTha2+8fv9b84Vs/QkJfRGatcFnzw8fP+h2956eInZOMzf/ZVLhFEGbbssLfa9pb7rGC32zsb5evrNVD03da7jhbthxm8YJ3ELHD8yqc8tUNjbWjFva9bdbmzW74WYz732vWi6vmx8upQdaUil0trxGw2ttJjHx4jjmnvn4J2mAazeN2X/U3VublmQcVMlbWBgIqk5rqVquViuVarWyfnfj7r1yeX5kRjlmlfs0EnHmL1q8Ys7u5A28oEJc//9mSQ0V1dK2dmTG/jiqKZCvZs7ynqz+v3nHndjvYP3PqvxF6e3e4ktK6v/V9NnVvPqfk4uRSVYYt8TKmT/bz0KSkdEzPdehHuuBuupqT0/PoG0jc+1MWjmHn025aslTKF+emrKTOaY3x2hD61pXWe9qS3WFMqrLU0OuQu0qVEdu8opyFMiVrY58BTJalaNbMqpoQxtak5Grknbla1stbaomW/+Oomhfj5L9vjYhR2VBlZyApcGg6oSW8ur/Tz9KX6e9+l+m/n9dpa+DpfThs0kxwFdA1Lv+n9G1l5MNAAAAAAB4Gazkt+9W8t79FUmR6l7DLeevsHie2QEAAAAAgLNgKVrSZVnx9b+kK7KmXP8DAAAAAIBXjpXcY2dJWkk+1G8d3wl1ml8CzJ1DigAAAAAA4AUld/5fXZSiZNCKa7Jmuv4HAAAAAACvgN8OjLE/n42xG2Vv6xckhe0l66//XFKwYB21d75jHdjxEvtgrpCEjHwCoFO/ZIV/SAfqTcbrXZSUPHPcy1avt94gmP1xBz/fnzbWvxWcSGBxbrCBEwlc6K1txT2vz/ee6WNdf3so9uFhQcmStJeVutdwS47fuF+RbV8odNydzi+ePPqlFPS3c/9Rd6/03gfdh0kuR/Gso4M4j4+ydP6y2Nt1w7kkD/1c/hulpCtjt3hZ9azL37WaK1bSbznb/jnZB4XjY5S7/cN96te6kR6zGytp7Mphf8T9ePuL8fZXSskhG9r6YME6zqJycsvHHYicLIpJFjfTmJurN9OHLL+4nYJV/O6cVC2NHoOhLKqDWUzfF9a/RvbFpCx6+2ItzuLTuKGcLNZmy2LkiADAl2U/GfUnufMvGcR8pO5m5SE7qX2hujO9ur8zXN0//GNcGdP/Xsz33puY2EtR8Rl91Urq0KKSE+v8pZEzerY19oWics7o5ReobnFffz7+DqRe2iNZ/CeKovuVpN/fn6iqn8QrfJLbb9hId/udDw9+lgyAH3t/7/29J9Xq2nr5rXL5blULyWb0HuZE7QEAjJj+HTtTI6y3dD2NuP7wH2+mU0MV75v9jxSU9J4+UFcPtZB9hcC18a2uDHwM4XZ61aqBq1bzxuv3l6WTsRXdzr2qS2rpQGy1H7ugbJXhSn0cu/aSjwIAAOfrxpQ6PL7+F4fq/22tphGrl8Zedw/X8t7Vcf+SPi+2Mj35d856bwAA8PXgBp9bK53fWEHgtd+tbGxU7M6WawLf+ZEJvNqma7xWxw2cLbu16Zp24Hd8x2+YdqAlr+aGJtxut/2gY+p+YNp+6O0k3/xuel/9HrpNu9XxnLDdcO3QNY7f6thOx9S80DHt7R80vHDLDZKVw7breHXPsTue3zKhvx04bsmY0HUHAr2a2+p4dS+ebJl24DXtYNf82G9sN11Tc0Mn8NodP20w68tr1f2gmTRbUjTzFx0CAPD/6Nnzw8cPut29pycnluNL83TOkXJiRicWxzTIGEEAAHzFHJfrGVYq9qc+jV5KVgAAAAAAAAAAAAAAAAAAAAAAYND0W/pmnFgYd7Og1J/z8wu9OfqVjm8xHGnH0lknNstEYda1slsiDh9/NiF4uT8n2/2DMUfntoF//4b0WjJH6Zz5ccHF/Has6X0tTzi4p5yYi3fQaYO/v5/u0dyYeOHYRUv9YzF/9v8c4oknf8pZFEVRNHn1peF9uDhpA4cn5iU9XXyBQ3D+5yIA5+t/AQAA//+xxzz3") open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0) sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081) r4 = epoll_create1(0x0) dup3(r4, 0xffffffffffffffff, 0x0) r5 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000300)={'vxcan1\x00', 0x0}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r7}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x18) bind$can_raw(r5, &(0x7f0000000000)={0x1d, r6}, 0x10) bind$can_raw(r5, &(0x7f0000000080), 0x10) setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000380)=[{0x2, 0x0, {0x2, 0x1, 0x4}, {0x0, 0xff, 0x2}, 0x2, 0xfd}], 0x20) sendmsg$nl_route_sched(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x74, r2, {0xfff3, 0xffff}, {0xfff1, 0x9}, {0x2, 0x6}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x404c083}, 0x20000050) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='kmem_cache_free\x00', r9}, 0x18) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x22) creat(&(0x7f0000000000)='./file0\x00', 0x6a) openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x28001, 0x0) socket$netlink(0x10, 0x3, 0x8000000004) 23.596854914s ago: executing program 3 (id=568): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000700)='./file0\x00') 23.512311995s ago: executing program 3 (id=571): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, 0x0, 0x0}, 0x94) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffb, 0x1ff, @empty, 0xa098}, {0xa, 0x5e21, 0x9, @mcast1, 0x9}, 0xffffffffffffffff, 0x8001}}, 0x48) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2) 23.427981225s ago: executing program 3 (id=573): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="a98df98fa0ff0e3f0c0000000b"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18) socket$nl_route(0x10, 0x3, 0x0) socket$nl_audit(0x10, 0x3, 0x9) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="24010000", @ANYRES16=r1, @ANYBLOB="a18300000000000000000500000008000300", @ANYRES32=0x0, @ANYBLOB="08010e8004"], 0x124}}, 0x0) stat(&(0x7f0000000480)='./bus\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000780)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}, {@dax_never}, {@nodiscard}], [{@obj_user={'obj_user', 0x3d, 'nodiscard'}}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x32, 0x34, 0x33, 0x33, 0x66, 0x37, 0x62], 0x2d, [0x66, 0x30, 0x65, 0x1], 0x2d, [0x65, 0x33, 0x38, 0x65], 0x2d, [0x33, 0x34, 0x35, 0x35], 0x2d, [0x61, 0x32, 0x64, 0x63, 0x66, 0x64, 0x35, 0x39]}}}, {@fowner_eq}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@fowner_eq={'fowner', 0x3d, r4}}]}, 0x0, 0x479, &(0x7f0000001300)="$eJzs3MtvG8UfAPDvOo82fcW/qj+gDyAIEKVA0qSl9MAFBBIHkJDgUI4hSatSt0FNkEhVQUCoHFElTlwQRyT+Ak5wQcAJCQ4c4I4qVaiXFk5Gm91NHdfOw3Xstv58pHVmdtee+Xpn7NmdeAPoWSPpQxKxIyL+iIjhLLtyh5Hsz41rF6f+uXZxKolq9Y2/k/508/VrF6eKXYvnbS8y/RGlT5LY36DcuYULZyYrlZnzeX5s/uy7Y3MLF545fXby1MypmXMTx48fPTL+3LGJZ9sSZxrX9X0fzB7Y+8pbl1+bOnH57Z++SYr46+K4xW8tFTmy2sbHq9WWXvQONJg+7KxZkbUM7gZ9WTeNgaX+Pxx9cfPgDcfLH3e1csCmqlar1fuab16sAvewJLpdA6A7ii/69Py3WDo09LgjXH0hOwFK476RL9mW/ijl+wzUnd+200hEnFj898t0ibWuQwAAtMF36fjn6Ubjv1LUXhfalc+hlCPifxGxOyKORcSeiPh/xNK+90fEAxssv36S5NbxT+lKS4GtUzr+ez6f21o5/itGf1Huy3M7l+IfSE6erswczt+TgzGwJc2Pr1LG9y/9+lmzbbXjv3RJyy/Ggnk9rvRvWfmc6cn5yduJudbVjyL29TeKP1meCUgiYm9E7GuxjNOHvj7QbNva8a+iDfNM1a8insiO/2LUxV9IsvnJcpP5ybGtUZk5PFa0ihiqefnF9ND9/Mul15uVf1vxt0F6/Lc1bP/L8ZeT2vnauY28+hdPpo+X/vy06TlNq+1/MHlzxbr3J+fnz49HDCavZpWuXT9Rt9/Ezf3T+A8+2rj/746b78T+iEgb8YMR8VBEPJzX/ZHfd635Lvz44mPvtB7/5krjn17/8a8ORxQNYWEw8sTymsaJvjM/fLui0HLj+Hc1Pf5Hl1IH8zXr+fxbT7022poBAADgblWKiB2RlEaX06XS6Gj2P/x7YlupMjs3/9TJ2ffOTWe/ESjHQKm40jVccz10PD+tL/ITdfkj+XXjz/uGlvKjU7OV6W4HDz1ue5P+n/qrr9u1Azad32tB79L/oXfp/9C7sv5fe7a/tWt1ATqrwff/UDfqAXReo/H/h+t54o721wXorLr+b9oPeojrf9C7Wun/PjPg3tC/2i2bBztaFaBz5oZi7R/J32uJrRu4QcDdlyjuXLMZRQykreVQRCxciFLXI5XYxES3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa478AAAD//9OC4M8=") syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f00000017c0)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) truncate(&(0x7f0000000900)='./file1\x00', 0x3000000) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r5, 0x0) r6 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x1e9) pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newchain={0x54, 0x1e, 0x1, 0x70bd2c, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xe, 0x1}, {0x7, 0x8}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xa, 0x2b, 0xca, 0x1, 0x2, 0x8a, 0xa32, 0x40, [{0x4, 0xfffffffa, 0xfffffff9, 0x4}]}}]}}]}, 0x54}}, 0x44004) quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000902, r4, &(0x7f0000000180)) fsopen(&(0x7f0000001240)='9p\x00', 0x0) r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$cont(0x20, r8, 0x0, 0x0) ptrace(0x11, r8) getpgrp(r8) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 22.945579678s ago: executing program 3 (id=581): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000000200)={0x18, 0x2, {0xfeff, @local}}, 0x1e) connect$pptp(r1, &(0x7f00000004c0)={0x18, 0x2, {0x0, @broadcast}}, 0x1e) 22.62246875s ago: executing program 3 (id=589): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000700)='./file0\x00') 22.59067196s ago: executing program 34 (id=589): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000700)='./file0\x00') 17.021104882s ago: executing program 7 (id=715): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff"], 0x48) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r2, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x57bb, 0x3c) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x18) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='\x00\x00\x00\x00\x00') setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000000200)=[{0x6}]}, 0x10) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000010c0)=ANY=[@ANYRES8=r0, @ANYRES64=r0], 0x118}, 0x1, 0x0, 0x0, 0x4004040}, 0xa279df9516865e0) openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x8040, 0x0) 16.939537143s ago: executing program 7 (id=717): r0 = perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x95, 0x902}, 0x100002, 0x0, 0xffffffff, 0x6, 0x1cc0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x3f, 0x0, 0x0, 0x0, 0xb}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$kcm(0x29, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x35451d7003000c0b, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETGROUP(r3, 0x400454ce, 0xee01) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='blkio.bfq.empty_time\x00', 0x0, 0x0) ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f00000004c0)=r4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00'}, 0x18) kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0) 16.798272974s ago: executing program 7 (id=724): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) chroot(&(0x7f0000000000)='./file0/../file0\x00') 16.759954183s ago: executing program 7 (id=727): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="a98df98fa0ff0e3f0c0000000b"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18) socket$nl_route(0x10, 0x3, 0x0) socket$nl_audit(0x10, 0x3, 0x9) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="24010000", @ANYRES16=r1, @ANYBLOB="a18300000000000000000500000008000300", @ANYRES32=0x0, @ANYBLOB="08010e8004"], 0x124}}, 0x0) stat(&(0x7f0000000480)='./bus\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000780)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}, {@dax_never}, {@nodiscard}], [{@obj_user={'obj_user', 0x3d, 'nodiscard'}}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x32, 0x34, 0x33, 0x33, 0x66, 0x37, 0x62], 0x2d, [0x66, 0x30, 0x65, 0x1], 0x2d, [0x65, 0x33, 0x38, 0x65], 0x2d, [0x33, 0x34, 0x35, 0x35], 0x2d, [0x61, 0x32, 0x64, 0x63, 0x66, 0x64, 0x35, 0x39]}}}, {@fowner_eq}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@fowner_eq={'fowner', 0x3d, r4}}]}, 0x0, 0x479, &(0x7f0000001300)="$eJzs3MtvG8UfAPDvOo82fcW/qj+gDyAIEKVA0qSl9MAFBBIHkJDgUI4hSatSt0FNkEhVQUCoHFElTlwQRyT+Ak5wQcAJCQ4c4I4qVaiXFk5Gm91NHdfOw3Xstv58pHVmdtee+Xpn7NmdeAPoWSPpQxKxIyL+iIjhLLtyh5Hsz41rF6f+uXZxKolq9Y2/k/508/VrF6eKXYvnbS8y/RGlT5LY36DcuYULZyYrlZnzeX5s/uy7Y3MLF545fXby1MypmXMTx48fPTL+3LGJZ9sSZxrX9X0fzB7Y+8pbl1+bOnH57Z++SYr46+K4xW8tFTmy2sbHq9WWXvQONJg+7KxZkbUM7gZ9WTeNgaX+Pxx9cfPgDcfLH3e1csCmqlar1fuab16sAvewJLpdA6A7ii/69Py3WDo09LgjXH0hOwFK476RL9mW/ijl+wzUnd+200hEnFj898t0ibWuQwAAtMF36fjn6Ubjv1LUXhfalc+hlCPifxGxOyKORcSeiPh/xNK+90fEAxssv36S5NbxT+lKS4GtUzr+ez6f21o5/itGf1Huy3M7l+IfSE6erswczt+TgzGwJc2Pr1LG9y/9+lmzbbXjv3RJyy/Ggnk9rvRvWfmc6cn5yduJudbVjyL29TeKP1meCUgiYm9E7GuxjNOHvj7QbNva8a+iDfNM1a8insiO/2LUxV9IsvnJcpP5ybGtUZk5PFa0ihiqefnF9ND9/Mul15uVf1vxt0F6/Lc1bP/L8ZeT2vnauY28+hdPpo+X/vy06TlNq+1/MHlzxbr3J+fnz49HDCavZpWuXT9Rt9/Ezf3T+A8+2rj/746b78T+iEgb8YMR8VBEPJzX/ZHfd635Lvz44mPvtB7/5krjn17/8a8ORxQNYWEw8sTymsaJvjM/fLui0HLj+Hc1Pf5Hl1IH8zXr+fxbT7022poBAADgblWKiB2RlEaX06XS6Gj2P/x7YlupMjs3/9TJ2ffOTWe/ESjHQKm40jVccz10PD+tL/ITdfkj+XXjz/uGlvKjU7OV6W4HDz1ue5P+n/qrr9u1Azad32tB79L/oXfp/9C7sv5fe7a/tWt1ATqrwff/UDfqAXReo/H/h+t54o721wXorLr+b9oPeojrf9C7Wun/PjPg3tC/2i2bBztaFaBz5oZi7R/J32uJrRu4QcDdlyjuXLMZRQykreVQRCxciFLXI5XYxES3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa478AAAD//9OC4M8=") syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f00000017c0)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) truncate(&(0x7f0000000900)='./file1\x00', 0x3000000) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r5, 0x0) r6 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x1e9) pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newchain={0x54, 0x1e, 0x1, 0x70bd2c, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xe, 0x1}, {0x7, 0x8}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xa, 0x2b, 0xca, 0x1, 0x2, 0x8a, 0xa32, 0x40, [{0x4, 0xfffffffa, 0xfffffff9, 0x4}]}}]}}]}, 0x54}}, 0x44004) fsopen(&(0x7f0000001240)='9p\x00', 0x0) r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r8) ptrace$cont(0x20, r8, 0x0, 0x0) ptrace(0x11, r8) getpgrp(r8) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 16.150299047s ago: executing program 7 (id=739): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff"], 0x48) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x57bb, 0x3c) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='\x00\x00\x00\x00\x00') openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x8040, 0x0) 14.095834299s ago: executing program 7 (id=803): inotify_init() r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000002140)={[0xfffffffffffffff5]}, 0x8, 0x0) readv(r1, &(0x7f0000002940)=[{&(0x7f00000000c0)=""/121, 0x79}], 0x1) r2 = socket$l2tp6(0xa, 0x2, 0x73) connect$l2tp6(r2, &(0x7f0000000200)={0xa, 0x0, 0x401, @private1, 0xb4}, 0x20) pipe(0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x2, @empty, 0xcac2d78a}}, 0x0, 0x0, 0x3f, 0x0, "ee080e650926a96ecc136e7fb980e989db9e8bf9b93129488f65178de213eb94cd46e19d9c65a018444a131f4000000065569607462029add09240005c6776267517308a3d40aa1c788df600"}, 0xd8) connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4e20, 0x3ff, @loopback}, 0x1c) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x810}, 0x40404) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0) signalfd(r3, &(0x7f0000000180)={[0x6]}, 0x8) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_128={{0x303}, "cb1a3d5d186c8a3b", "c1dc6ac03f88da6d2328625791e30125", "adc8edc9", "670f9b7d29e2c3ab"}, 0x28) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4) ioctl$int_in(r3, 0x5421, &(0x7f0000000140)=0x1) writev(r3, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r7, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 14.062054349s ago: executing program 35 (id=803): inotify_init() r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000002140)={[0xfffffffffffffff5]}, 0x8, 0x0) readv(r1, &(0x7f0000002940)=[{&(0x7f00000000c0)=""/121, 0x79}], 0x1) r2 = socket$l2tp6(0xa, 0x2, 0x73) connect$l2tp6(r2, &(0x7f0000000200)={0xa, 0x0, 0x401, @private1, 0xb4}, 0x20) pipe(0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x2, @empty, 0xcac2d78a}}, 0x0, 0x0, 0x3f, 0x0, "ee080e650926a96ecc136e7fb980e989db9e8bf9b93129488f65178de213eb94cd46e19d9c65a018444a131f4000000065569607462029add09240005c6776267517308a3d40aa1c788df600"}, 0xd8) connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4e20, 0x3ff, @loopback}, 0x1c) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x810}, 0x40404) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_BATCH(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0x74}}, 0x0) signalfd(r3, &(0x7f0000000180)={[0x6]}, 0x8) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_128={{0x303}, "cb1a3d5d186c8a3b", "c1dc6ac03f88da6d2328625791e30125", "adc8edc9", "670f9b7d29e2c3ab"}, 0x28) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4) ioctl$int_in(r3, 0x5421, &(0x7f0000000140)=0x1) writev(r3, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r7, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 10.096312862s ago: executing program 2 (id=889): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') 9.997677553s ago: executing program 2 (id=890): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000700)='./file0\x00') 9.967450022s ago: executing program 2 (id=891): ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x6, 0x4, 0xd, 0x2, 0x0, 0xffffffffffffffff, 0xfffb}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x9, 0x3, 0x0, 0x2, 0x0, 0x70bd26, 0x25dfdbff}, 0x10}}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002536702500000000690000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x1c}, [@ldst={0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffff0}]}, &(0x7f0000000000)='syzkaller\x00', 0x5, 0xcab5, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48) 9.891985443s ago: executing program 2 (id=892): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="a98df98fa0ff0e3f0c0000000b"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18) socket$nl_route(0x10, 0x3, 0x0) socket$nl_audit(0x10, 0x3, 0x9) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="24010000", @ANYRES16=r1, @ANYBLOB="a18300000000000000000500000008000300", @ANYRES32=0x0, @ANYBLOB="08010e8004"], 0x124}}, 0x0) stat(&(0x7f0000000480)='./bus\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000780)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}, {@dax_never}, {@nodiscard}], [{@obj_user={'obj_user', 0x3d, 'nodiscard'}}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x32, 0x34, 0x33, 0x33, 0x66, 0x37, 0x62], 0x2d, [0x66, 0x30, 0x65, 0x1], 0x2d, [0x65, 0x33, 0x38, 0x65], 0x2d, [0x33, 0x34, 0x35, 0x35], 0x2d, [0x61, 0x32, 0x64, 0x63, 0x66, 0x64, 0x35, 0x39]}}}, {@fowner_eq}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@fowner_eq={'fowner', 0x3d, r4}}]}, 0x0, 0x479, &(0x7f0000001300)="$eJzs3MtvG8UfAPDvOo82fcW/qj+gDyAIEKVA0qSl9MAFBBIHkJDgUI4hSatSt0FNkEhVQUCoHFElTlwQRyT+Ak5wQcAJCQ4c4I4qVaiXFk5Gm91NHdfOw3Xstv58pHVmdtee+Xpn7NmdeAPoWSPpQxKxIyL+iIjhLLtyh5Hsz41rF6f+uXZxKolq9Y2/k/508/VrF6eKXYvnbS8y/RGlT5LY36DcuYULZyYrlZnzeX5s/uy7Y3MLF545fXby1MypmXMTx48fPTL+3LGJZ9sSZxrX9X0fzB7Y+8pbl1+bOnH57Z++SYr46+K4xW8tFTmy2sbHq9WWXvQONJg+7KxZkbUM7gZ9WTeNgaX+Pxx9cfPgDcfLH3e1csCmqlar1fuab16sAvewJLpdA6A7ii/69Py3WDo09LgjXH0hOwFK476RL9mW/ijl+wzUnd+200hEnFj898t0ibWuQwAAtMF36fjn6Ubjv1LUXhfalc+hlCPifxGxOyKORcSeiPh/xNK+90fEAxssv36S5NbxT+lKS4GtUzr+ez6f21o5/itGf1Huy3M7l+IfSE6erswczt+TgzGwJc2Pr1LG9y/9+lmzbbXjv3RJyy/Ggnk9rvRvWfmc6cn5yduJudbVjyL29TeKP1meCUgiYm9E7GuxjNOHvj7QbNva8a+iDfNM1a8insiO/2LUxV9IsvnJcpP5ybGtUZk5PFa0ihiqefnF9ND9/Mul15uVf1vxt0F6/Lc1bP/L8ZeT2vnauY28+hdPpo+X/vy06TlNq+1/MHlzxbr3J+fnz49HDCavZpWuXT9Rt9/Ezf3T+A8+2rj/746b78T+iEgb8YMR8VBEPJzX/ZHfd635Lvz44mPvtB7/5krjn17/8a8ORxQNYWEw8sTymsaJvjM/fLui0HLj+Hc1Pf5Hl1IH8zXr+fxbT7022poBAADgblWKiB2RlEaX06XS6Gj2P/x7YlupMjs3/9TJ2ffOTWe/ESjHQKm40jVccz10PD+tL/ITdfkj+XXjz/uGlvKjU7OV6W4HDz1ue5P+n/qrr9u1Azad32tB79L/oXfp/9C7sv5fe7a/tWt1ATqrwff/UDfqAXReo/H/h+t54o721wXorLr+b9oPeojrf9C7Wun/PjPg3tC/2i2bBztaFaBz5oZi7R/J32uJrRu4QcDdlyjuXLMZRQykreVQRCxciFLXI5XYxES3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa478AAAD//9OC4M8=") syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f00000017c0)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) truncate(&(0x7f0000000900)='./file1\x00', 0x3000000) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r5, 0x0) r6 = open(&(0x7f0000000140)='./file1\x00', 0x64042, 0x1e9) pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3) socket$nl_route(0x10, 0x3, 0x0) quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000902, r4, &(0x7f0000000180)) fsopen(&(0x7f0000001240)='9p\x00', 0x0) r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r7) ptrace$cont(0x20, r7, 0x0, 0x0) ptrace(0x11, r7) getpgrp(r7) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 9.568521015s ago: executing program 2 (id=894): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x5) fcntl$notify(r2, 0x402, 0x8000003d) 9.203851017s ago: executing program 2 (id=903): syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x2000000000000089, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) unshare(0x22020600) r1 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) gettid() timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) close(r1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x8000000003c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000600)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000380)=[{0x0}], 0x1, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x5}, 0x2f) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x15, 0x1c, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {0x7, 0x0, 0xb, 0x6, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xa, 0x9, 0x9}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6, 0x2, 0x0, r5}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xd, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) 9.191322417s ago: executing program 36 (id=903): syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0x2000000000000089, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) unshare(0x22020600) r1 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) gettid() timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) close(r1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x8000000003c) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000600)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000380)=[{0x0}], 0x1, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x5}, 0x2f) bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x15, 0x1c, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {0x7, 0x0, 0xb, 0x6, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xa, 0x9, 0x9}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6, 0x2, 0x0, r5}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0xd, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) 7.971670304s ago: executing program 5 (id=940): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000700)='./file0\x00') 7.965041804s ago: executing program 5 (id=941): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe20, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000000), &(0x7f00000001c0)=r0}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x82}, 0x18) r4 = socket$netlink(0x10, 0x3, 0x10) r5 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r6, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) r7 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r7, &(0x7f0000000000)={&(0x7f0000000140)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x30006041) close(r7) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) getresgid(&(0x7f0000000c40), &(0x7f0000000140), &(0x7f0000000240)) capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0xff, 0x6, 0x7}) r8 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x9840) r9 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), r5) sendmsg$TIPC_CMD_GET_LINKS(r4, &(0x7f0000000580)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x24, r9, 0x4, 0x70bd25, 0x25dfdbff, {{}, {}, {0x8, 0x11, 0x2}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40801}, 0x24000001) ioctl$SG_IO(r8, 0x2285, &(0x7f0000000e40)={0x53, 0xfffffffffffffffd, 0x6, 0x6, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000b40)="1e859a05e132", 0x0, 0x2c92, 0x10, 0x0, 0x0}) 6.84775006s ago: executing program 5 (id=970): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dd"], &(0x7f0000000100)='GPL\x00'}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00') r1 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) fchdir(r1) openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0) 6.678565291s ago: executing program 5 (id=971): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="a98df98fa0ff0e3f0c0000000b"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r2], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x18) socket$nl_route(0x10, 0x3, 0x0) socket$nl_audit(0x10, 0x3, 0x9) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB="24010000", @ANYRES16=r1, @ANYBLOB="a18300000000000000000500000008000300", @ANYRES32=0x0, @ANYBLOB="08010e8004"], 0x124}}, 0x0) stat(&(0x7f0000000480)='./bus\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000780)={[{@nolazytime}, {@lazytime}, {@journal_path={'journal_path', 0x3d, './bus'}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}, {@dax_never}, {@nodiscard}], [{@obj_user={'obj_user', 0x3d, 'nodiscard'}}, {@fsuuid={'fsuuid', 0x3d, {[0x31, 0x32, 0x34, 0x33, 0x33, 0x66, 0x37, 0x62], 0x2d, [0x66, 0x30, 0x65, 0x1], 0x2d, [0x65, 0x33, 0x38, 0x65], 0x2d, [0x33, 0x34, 0x35, 0x35], 0x2d, [0x61, 0x32, 0x64, 0x63, 0x66, 0x64, 0x35, 0x39]}}}, {@fowner_eq}, {@func={'func', 0x3d, 'FILE_MMAP'}}, {@fowner_eq={'fowner', 0x3d, r4}}]}, 0x0, 0x479, &(0x7f0000001300)="$eJzs3MtvG8UfAPDvOo82fcW/qj+gDyAIEKVA0qSl9MAFBBIHkJDgUI4hSatSt0FNkEhVQUCoHFElTlwQRyT+Ak5wQcAJCQ4c4I4qVaiXFk5Gm91NHdfOw3Xstv58pHVmdtee+Xpn7NmdeAPoWSPpQxKxIyL+iIjhLLtyh5Hsz41rF6f+uXZxKolq9Y2/k/508/VrF6eKXYvnbS8y/RGlT5LY36DcuYULZyYrlZnzeX5s/uy7Y3MLF545fXby1MypmXMTx48fPTL+3LGJZ9sSZxrX9X0fzB7Y+8pbl1+bOnH57Z++SYr46+K4xW8tFTmy2sbHq9WWXvQONJg+7KxZkbUM7gZ9WTeNgaX+Pxx9cfPgDcfLH3e1csCmqlar1fuab16sAvewJLpdA6A7ii/69Py3WDo09LgjXH0hOwFK476RL9mW/ijl+wzUnd+200hEnFj898t0ibWuQwAAtMF36fjn6Ubjv1LUXhfalc+hlCPifxGxOyKORcSeiPh/xNK+90fEAxssv36S5NbxT+lKS4GtUzr+ez6f21o5/itGf1Huy3M7l+IfSE6erswczt+TgzGwJc2Pr1LG9y/9+lmzbbXjv3RJyy/Ggnk9rvRvWfmc6cn5yduJudbVjyL29TeKP1meCUgiYm9E7GuxjNOHvj7QbNva8a+iDfNM1a8insiO/2LUxV9IsvnJcpP5ybGtUZk5PFa0ihiqefnF9ND9/Mul15uVf1vxt0F6/Lc1bP/L8ZeT2vnauY28+hdPpo+X/vy06TlNq+1/MHlzxbr3J+fnz49HDCavZpWuXT9Rt9/Ezf3T+A8+2rj/746b78T+iEgb8YMR8VBEPJzX/ZHfd635Lvz44mPvtB7/5krjn17/8a8ORxQNYWEw8sTymsaJvjM/fLui0HLj+Hc1Pf5Hl1IH8zXr+fxbT7022poBAADgblWKiB2RlEaX06XS6Gj2P/x7YlupMjs3/9TJ2ffOTWe/ESjHQKm40jVccz10PD+tL/ITdfkj+XXjz/uGlvKjU7OV6W4HDz1ue5P+n/qrr9u1Azad32tB79L/oXfp/9C7sv5fe7a/tWt1ATqrwff/UDfqAXReo/H/h+t54o721wXorLr+b9oPeojrf9C7Wun/PjPg3tC/2i2bBztaFaBz5oZi7R/J32uJrRu4QcDdlyjuXLMZRQykreVQRCxciFLXI5XYxES3P5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa478AAAD//9OC4M8=") syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f00000017c0)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0) truncate(&(0x7f0000000900)='./file1\x00', 0x3000000) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r5, 0x0) pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newchain={0x54, 0x1e, 0x1, 0x70bd2c, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x8}, {0xe, 0x1}, {0x7, 0x8}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xa, 0x2b, 0xca, 0x1, 0x2, 0x8a, 0xa32, 0x40, [{0x4, 0xfffffffa, 0xfffffff9, 0x4}]}}]}}]}, 0x54}}, 0x44004) quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000902, r4, &(0x7f0000000180)) fsopen(&(0x7f0000001240)='9p\x00', 0x0) r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r7) ptrace$cont(0x20, r7, 0x0, 0x0) ptrace(0x11, r7) getpgrp(r7) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 6.149238475s ago: executing program 5 (id=980): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10) 1.66815554s ago: executing program 6 (id=1082): r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401) ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x9, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff}) ioctl$SG_BLKTRACETEARDOWN(r0, 0x1276, 0x0) 1.65962333s ago: executing program 6 (id=1083): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000700)='./file0\x00') 1.63565884s ago: executing program 6 (id=1084): socket$inet_udp(0x2, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) getpid() bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone(0x41064400, 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xfd}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x1) socket$inet6_tcp(0xa, 0x1, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000580)='./file0\x00', 0x4, &(0x7f0000000980)=ANY=[@ANYBLOB="002918d910d46be7099c66b02010b1f0b7c3dc1dabe625969fb0adc922385af53d57a1d35dd71c90d9dd649b53142dd3d4108b4c7db82e8475d5bb6fa2fa626cd92c7326ce1ba2f33b0aef2b2164e01d910058000084696959ea7f5a607a6572d2640cf9312a07000000260e3651a0cbfd2c080990fb4c76e9e613a759863734a70d0600ec77e8ba76aacbb21e4b903aa4873a9951f269a9c0f87805a1a0cbdf6b8644a1de05a8d9dd9687d67c8af7f68cb59e60d1fbefb49b93d6b72cce4162edc4468a13987d94d428df36915621aeff6dc1358a7331fa69e05c417c0196322e1e6b8dc29c496c76d02dfc2d7b48616fb3f01b221f4f8f484a00090964922de8909a1f9f7ef655a12a68a56cb341a8fba4cd81cedec9cb518d13d2a2564427b63b037494748a24daa21fe1256df68d000b2778bf0437cc642cd83c5a1b34eeffdf93ecbd85bb340eeef68dd60101769c74f94d217264c171feea0305bfc87c36247d90b129a9973f00000001d99b195d2f75653a0193672783c6dbca5d1445110621d8095064f0a034f492cf5aa4767a772d6f4967722546bfd83d3202f76c20a9d7f40f9e7818d77129df7fd072804e0227ecaa03dddd303a318d6f7763ce011543587e6a306780ca2f37db7e8a5b64a5059ac91ff2110e40ea13d70e1504653ba9eebcf61b427797fb3fd79d2bb9aaa13c9729fe323c4ac222991981381e004684fb200b17d2f6ede181067662ad8a31f45b613869ca8fc5b1dbe62407a1f6dcb86a4c430210e9bcfca9b83283b87316c4d17f388e0bab0500000092a82e12f8e5348f11e7739033e9081bfc598746cf032fa55d0300470000000019ac65f89ca7d96da3ca2db52f8ec80462fddf42dbbca24b720000000000000000000000000000005214e7febdbc00"], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000001300)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.490586671s ago: executing program 1 (id=1088): r0 = socket$kcm(0x11, 0x200000000000002, 0x300) setsockopt$sock_attach_bpf(r0, 0x107, 0x8, &(0x7f00000000c0), 0x8) r1 = socket$kcm(0x10, 0x2, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)) r3 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r3, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10) ioctl$SIOCPNENABLEPIPE(r3, 0x89ed, 0x0) sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="39000000140081ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0) 1.461784251s ago: executing program 1 (id=1091): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x41}, 0x3}}, 0x10) listen(r1, 0x0) r2 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r2, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x4) accept4(r1, 0x0, 0x0, 0x80800) 1.428046862s ago: executing program 1 (id=1094): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000700)='./file0\x00') 1.396379082s ago: executing program 1 (id=1096): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000002240)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000015c0)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="05"], 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r4}, &(0x7f00000006c0), &(0x7f0000000700)=r3}, 0x20) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r6, 0x0, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957e2013d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg(r7, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000a40)={0xffffffffffffffff}) close_range(r9, 0xffffffffffffffff, 0x2) recvmmsg(0xffffffffffffffff, &(0x7f0000001f40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=""/4096, 0x1000}}], 0x1, 0x0, 0x0) syz_io_uring_setup(0x7290, &(0x7f0000000280)={0x0, 0xfffffffc, 0x2, 0x1, 0x200de}, 0x0, 0x0) recvmmsg(r8, &(0x7f0000001dc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=""/188, 0xbc, 0xdf0e}}], 0x1800, 0x2002, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="020000000400"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) accept$inet6(0xffffffffffffffff, 0x0, 0x0) sendmsg$inet(r2, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3) syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") 1.369989002s ago: executing program 9 (id=1097): set_mempolicy(0x3, &(0x7f0000000100)=0x7, 0x8) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000820100000400000028000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000050000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) r3 = socket$inet(0xa, 0x801, 0x84) connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r3, 0x8) r4 = accept4(r3, 0x0, 0x0, 0x0) sendto$inet(r4, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f0000000580)={0x2, 0x0, 0x6, 0xffffffff}, 0x10) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0x7, 0x2}, 0x8) sendto$inet6(r4, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000001400)={0x0, 0x0, 0x47a}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f00000005c0)={0x0, 0x2, 0x47a}, 0x39) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f0000000240)={0x0, 0x2}, 0x8) getsockopt$llc_int(r2, 0x10c, 0x3, 0x0, &(0x7f0000000040)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18) syz_clone3(&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.364497682s ago: executing program 6 (id=1098): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="050000ee03000000f80f000003816efc5ffa611e547fd89ab277b190a2d2c7bf4e2be3acdd674677f586f8ef5fb3c3acef69de71f14b8bfe"], 0x48) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x80}, 0x8) openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x30, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x8848}, 0x80) r6 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x34, 0x24, 0xd0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r7, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) r9 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000003c0)={'veth0_to_batadv\x00', 0x0}) setsockopt$packet_add_memb(r9, 0x107, 0x1, &(0x7f00000004c0)={r10, 0x3, 0x6, @broadcast}, 0x10) setsockopt$packet_add_memb(r9, 0x107, 0x1, &(0x7f0000000040)={r10, 0x1, 0x6, @local}, 0x10) setsockopt$packet_add_memb(r9, 0x107, 0x1, &(0x7f0000000000)={r10, 0x1, 0x5, @multicast}, 0x10) getsockopt$PNPIPE_IFINDEX(r3, 0x113, 0x2, &(0x7f0000000b00)=0x0, &(0x7f0000000b40)=0x4) sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r2, &(0x7f0000000ec0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000e80)={&(0x7f0000000b80)=ANY=[@ANYBLOB="ec020000", @ANYRES16=0x0, @ANYBLOB="000327bd7000ffdbdf250d000000180001801400020067656e657665310000000000000000007800018008000100", @ANYRES32=0x0, @ANYBLOB="080003000000000008000100", @ANYRES32=0x0, @ANYBLOB="080003000300000008000100", @ANYRES32=0x0, @ANYBLOB="1400020070696d36726567300000000000000000140002006d6163766c616e30000000000000000008000300010000001400020076657468305f746f5f7465616d00000008000100", @ANYRES32=0x0, @ANYBLOB="60000180140002006970366772653000000000000000000008000300000000000800030006000000140002006e657470636930000000000000000000080003000200000008000300000000001400020074756e6c3000000000000000000000007400018014000200626f6e645f736c6176655f3000000000140002006261746164765f736c6176655f31000008000100", @ANYRES32=0x0, @ANYBLOB="080003000300000014000200766972745f7769666930000000000000080003000300000008000100", @ANYRES32=0x0, @ANYBLOB="1400020070696d367265670000000000000000007800018014000200766c616e31000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000300020000000800030002000000080003000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="0800030002000000140002006e6963766630000000000000000000001400020073797a6b616c6c6572300000000000004c0001800800030001000000080003000340000008000300010000001400020063616966300e00000000000000001400020062617461647630000000000000000000080001000000", @ANYRES32=0x0, @ANYBLOB="40000180140002006772653000000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="3c000180140002006e65747063693000000000000000000008000100", @ANYRES32=r10, @ANYBLOB="0800030003000000140002006d6163766c616e3100000000000000003400018014000200776c616e31000000000000000000000008000100", @ANYRES32=r11, @ANYBLOB="1400020077673100"/20], 0x2ec}, 0x1, 0x0, 0x0, 0x8}, 0x40000) r12 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r12, &(0x7f0000001240)=""/102400, 0x200000, 0x0) fcntl$setsig(r3, 0xa, 0x13) close_range(r2, 0xffffffffffffffff, 0x0) 1.363544992s ago: executing program 8 (id=1099): ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x0, r0, 0x0, 0x4, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x1e1802, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x5464fadc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x8}, 0x100b28, 0x9, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0)) pwritev(r1, 0x0, 0x0, 0xee, 0x4000004) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) wait4(r3, 0x0, 0x2, 0x0) 1.309393212s ago: executing program 9 (id=1100): bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61127b00000000006113900000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560702000f0200006706000020000000620a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5d0e14c6c946eeb44fe63275c00000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000003c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRESHEX=r0], 0x48) r2 = socket(0x10, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000240), 0x40900, 0x0) openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000000500)={0x2000}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206010100000000000000000000000005000100070000000900020073797a300000000014000780050015000000000008001240000000000d000300686173683a6e657400000000050005000a000000050004"], 0x5c}}, 0x0) sendmsg$IPSET_CMD_DESTROY(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040800}, 0x8d0) flock(r2, 0x5) close_range(r2, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]}) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r8}, 0x10) truncate(0x0, 0x42d9) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r9}, 0x10) mbind(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4005, &(0x7f0000000c00)=0xb, 0x6, 0x2) 1.153916513s ago: executing program 9 (id=1101): r0 = syz_mount_image$ext4(&(0x7f0000000e80)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x50, &(0x7f0000000900), 0x64, 0x505, &(0x7f0000000940)="$eJzs3cFrHF8dAPDvbHZr06a/5Kce9Af+rLaSFu1u0tg2eKgVRE8Ftd5rTDYhZJMN2U3bhKIp/gGCiAqe9OJF8A8QpEePIhT0rKggoq0ePGjnx+5O0jTdTbbtNptmPx+YzHtvZvb73oaZnTfzmAlgYJ2NiBsR8TRN04sRMZqV57IptlpTY70nj+/PNqYk0vTWP5NIsrLtz0qy+elss5MR8Y2vRnw7eTFubWNzaaZSKa9l+VJ9ebVU29i8tLg8s1BeKK9MTU1enb42fWV6oiftPBMR17/8tx99/xdfuf6bz9398+2/X/hOo1oj2fLd7XhJ+f0WtppeaH4XuzdYe8VgR1G+2cLMcLs1hl4oefCG6wQAQHuNc/wPR8SnI+JijMbQ/qezAAAAwFso/eJI/C+JSNs70aEcAAAAeIvkmmNgk1wxGwswErlcsdgaw/vROJWrVGv1z85X11fmWmNlx6KQm1+slCeyscJjUUga+clm+ln+8p78VES8GxE/HB1u5ouz1cpcvy9+AAAAwIA4vaf//5/RVv8fAAAAOGbG+l0BAAAA4I3T/wcAAIDjT/8fAAAAjrWv3bzZmNLt91/P3dlYX6reuTRXri0Vl9dni7PVtdXiQrW60Hxm3/JBn1epVlc/Hyvr90r1cq1eqm1s3l6urq/Uby8+9wpsAAAA4BC9+8mHf0wiYusLw82p4UR3m3a5GnBU5XdSSTZvs1v/6Z3W/K+HVCngUAz1uwJA3+T7XQGgbwr9rgDQd8kByzsO3vldNv9Ub+sDAAD03vjHO9//z+275db+i4Ejz04Mg8v9fxhczfv/3Y7kdbIAx0rBGQAMvNe+/3+gNH2pCgEAAD030pySXDG7vDcSuVyxGHGm+VqAQjK/WClPRMQ7EfGH0cKHGvnJ5pbJgX0GAAAAAAAAAAAAAAAAAAAAAAAAAKAlTZNIAQAAgGMtIrfzGP/x0fMje68PnEj+OxrZK0Lv/vTWj+/N1Otrk43yf+2U13+SlV8+5IsXAAAAMDhe6gX+2/307X48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTSk8f3Z7enw4z7jy9FxFi7+Pk42ZyfjEJEnPp3Evld2yURMdSD+MONPx9rFz9pVGsnZLv4wz2Iv/Vg3/gxln0L7eKf7kF8GGQPG8efG+32v1ycbc7b73/5iOfyr6rz8S92jn9DHfb/M13GeO/Rr0od4z+IeC/f/vizHT/pEP9cl/G/9c3NzU7L0p9FjLf9/Umei1WqL6+WahublxaXZxbKC+WVqanJq9PXpq9MT5TmFyvl7G/bGD/4xK+f7tf+Ux3ijx3Q/vNdtv//j+49/kgrWWgX/8K5NvF/+/NsjRfj57Lfvs9k6cby8e30Viu92/u//P37+7V/rkP7D/r/X+iy/Re//r2/dLkqAHAIahubSzOVSnnt2CYavfQjUA2JI5j4bk8/ME3TtLFPvcbnJHEUvpZmot9HJgAAoNeenfT3uyYAAAAAAAAAAAAAAAAAAAAwuA7jcWJ7Y27tpJJePEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAnPggAAP//FZnXpg==") (async, rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYBLOB="0000000000000000b7040000010000008500000078"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x9) (async, rerun: 64) timer_create(0x2, 0x0, &(0x7f0000bbdffc)) (rerun: 64) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) (async) timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x77359400}, {0x0, 0x3938700}}, &(0x7f0000000440)={{0x0, 0x0}, {0x0, 0x0}}) (async) inotify_init() (async) read(r1, &(0x7f0000001600)=""/238, 0xee) (async) r4 = perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x47, 0x1e0411, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfefffffe, 0x1, @perf_bp={0x0, 0x3}, 0x300, 0x4005, 0xb, 0x3, 0x4, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r4, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8514, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_config_ext={0x8, 0x6}, 0x120, 0x10000, 0x2, 0x1, 0x8, 0x20007, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, r4, 0x2) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYRESDEC=r2, @ANYRES32=r4, @ANYRESDEC=r3], 0x48) (async, rerun: 64) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) (rerun: 64) r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000880)='ext4_sync_file_exit\x00', 0xffffffffffffffff, 0x0, 0xe}, 0x18) r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000400000001811", @ANYRES16=r5, @ANYBLOB="000000104d1253c31bfdc24b511cb41888f161074a491ac4e72360ad0733004000b7ff0100f9ffffffb75e95ba80458c09004727e0000000812b000000", @ANYRESDEC=r8], 0x0, 0x74, 0x0, 0x0, 0x41100, 0x7c6e4772a20f4568, '\x00', 0x0, @fallback, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @value=r6}, 0x94) (async) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0xf, 0x0, 0x0, &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r10}, 0x10) io_uring_register$IORING_REGISTER_FILES_UPDATE(r6, 0x6, &(0x7f0000000780)={0xfffffffa, 0x0, &(0x7f0000000340)=[r10, r0]}, 0x2) r11 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x1f0719, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa, 0x1, @perf_bp={0x0}, 0xa822, 0x4005, 0xb, 0x3, 0x6, 0x20005, 0xab15, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa) ioctl$PERF_EVENT_IOC_DISABLE(r11, 0x24fd, 0x7) mmap$perf(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r11, 0x0) (async) sendmsg$netlink(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001480)=ANY=[@ANYBLOB="140100002900010000000000fcdbdf250401f2800c0018000bac0f000000000014000100"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) getsockname$l2tp(r7, &(0x7f0000000400)={0x2, 0x0, @remote}, &(0x7f0000000480)=0x10) (async) r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r12}, 0x10) (async) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180)={[{@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") 1.125526913s ago: executing program 9 (id=1102): bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000003c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x8}, [@exit]}, &(0x7f0000000000)='GPL\x00'}, 0x94) (fail_nth: 7) 994.319634ms ago: executing program 9 (id=1103): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0) chroot(&(0x7f0000000000)='./file0/../file0\x00') mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000700)='./file0\x00') 974.735384ms ago: executing program 9 (id=1104): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000001, 0x6031, 0xffffffffffffffff, 0x4000) mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) munlock(&(0x7f00002a4000/0x2000)=nil, 0x2000) munlock(&(0x7f0000daf000/0x1000)=nil, 0x1000) munlockall() r1 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2, 0x0, 0xd76}, 0x18) r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0)=@chain={'key_or_keyring:', r1}) keyctl$KEYCTL_MOVE(0x1e, r1, 0xffffffffffffffff, r3, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x2f, 0x73, 0x1, 0x401, 0x1, @dev={0xfe, 0x80, '\x00', 0x19}, @local, 0x7800, 0x40, 0x7, 0x9}}) r5 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r5, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty=0x300, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x10001}}}}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0xffffffffffffffa0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r7, r8, 0x0, 0x20000023896) r9 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r9, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000c00)="d800000018009903e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901223fc6ab007f6f94007100a007a290457f0189b316277ce06bf75c10dde13fb206b33b174e54980ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1000000730d7a5025ccca262f3d40fad956d2b6d5a3a6692ac217e11382e767e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6cc452a92307f00000e970300000000", 0xd8}], 0x1}, 0x20048812) 757.357535ms ago: executing program 6 (id=1105): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0xffffffffffffffa0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000c00)="d800000018009903e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901223fc6ab007f6f94007100a007a290457f0189b316277ce06bf75c10dde13fb206b33b174e54980ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1000000730d7a5025ccca262f3d40fad956d2b6d5a3a6692ac217e11382e767e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6cc452a92307f00000e970300000000", 0xd8}], 0x1}, 0x20048812) 756.615215ms ago: executing program 8 (id=1106): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000700)='./file0\x00') 735.702776ms ago: executing program 8 (id=1107): r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100202, 0x0, 0xfffffffb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0xffffffffffffffa0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) ioctl$sock_SIOCGIFCONF(0xffffffffffffffff, 0x8912, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000c00)="d800000018009903e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000015000500fef32702d3001500030001400200000901223fc6ab007f6f94007100a007a290457f0189b316277ce06bf75c10dde13fb206b33b174e54980ebace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1000000730d7a5025ccca262f3d40fad956d2b6d5a3a6692ac217e11382e767e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6cc452a92307f00000e970300000000", 0xd8}], 0x1}, 0x20048812) (fail_nth: 1) 472.164887ms ago: executing program 1 (id=1108): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x7a05, 0x1700) mmap$IORING_OFF_SQ_RING(&(0x7f0000003000/0x6000)=nil, 0x6000, 0x4, 0x88012, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x9604, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00') r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r3, 0x0, 0xfffffffffffffffd}, 0x18) writev(r2, &(0x7f0000000240)=[{&(0x7f0000000080)='=', 0x1}], 0x1) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000080000000000005e553e18b0c05a112fadd7cc246251c57708cf26029988cddae713a94ab2b559838644d8dbc1c91744b54195f496a8726eef2d2ffd50f5eb2d216c1c094c1cb9eb06c87a0ea2f0ada2844923911a633e32f6bf0a0dc99437812e9665ea11a6927cc324d0eb0a75f04cce9f9850c8391f39d7e8d115dae83ccdd7b4caf42f7b8d7039afd7760a3b738ccd3f532f07e880576b64e9295459c2c40e4d801ca23d37ad6e0248a26deb62ce1acc87509333ee9d6ddde0f9698eef33ff75214f66d13a63917d6a42c065bf", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fdffffff18110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000108500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) ioctl$USBDEVFS_ALLOC_STREAMS(r4, 0x8008551c, &(0x7f0000000000)=ANY=[@ANYBLOB="4a1800000500"]) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002", @ANYRESHEX=r3], 0x3c}, 0x1, 0x0, 0x0, 0x4008001}, 0x0) mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb:\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00 [ 48.258511][ T4573] __dump_stack+0x1d/0x30 [ 48.258538][ T4573] dump_stack_lvl+0xe8/0x140 [ 48.258562][ T4573] dump_stack+0x15/0x1b [ 48.258612][ T4573] should_fail_ex+0x265/0x280 [ 48.258632][ T4573] should_fail_alloc_page+0xf2/0x100 [ 48.258662][ T4573] __alloc_frozen_pages_noprof+0xff/0x360 [ 48.258702][ T4573] alloc_pages_mpol+0xb3/0x260 [ 48.258770][ T4573] vma_alloc_folio_noprof+0x1aa/0x300 [ 48.258802][ T4573] handle_mm_fault+0xec2/0x2be0 [ 48.258826][ T4573] ? __rcu_read_lock+0x37/0x50 [ 48.258928][ T4573] ? __pte_offset_map_lock+0x1d4/0x230 [ 48.259041][ T4573] __get_user_pages+0x102a/0x1ed0 [ 48.259079][ T4573] __gup_longterm_locked+0x2fb/0xe60 [ 48.259113][ T4573] ? ___pte_offset_map+0xea/0x150 [ 48.259187][ T4573] gup_fast_fallback+0x1f5/0x1420 [ 48.259302][ T4573] pin_user_pages_fast+0x5f/0x90 [ 48.259326][ T4573] io_pin_pages+0xba/0x170 [ 48.259362][ T4573] io_sqe_buffer_register+0x184/0x1430 [ 48.259392][ T4573] ? __kvmalloc_node_noprof+0x4e7/0x670 [ 48.259467][ T4573] io_sqe_buffers_register+0x2b1/0x540 [ 48.259496][ T4573] __se_sys_io_uring_register+0x90e/0xf00 [ 48.259577][ T4573] ? fput+0x8f/0xc0 [ 48.259666][ T4573] ? ksys_write+0x192/0x1a0 [ 48.259768][ T4573] __x64_sys_io_uring_register+0x55/0x70 [ 48.259791][ T4573] x64_sys_call+0x18a3/0x3000 [ 48.259812][ T4573] do_syscall_64+0xd2/0x200 [ 48.259831][ T4573] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 48.259878][ T4573] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 48.259908][ T4573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.259979][ T4573] RIP: 0033:0x7f7aead0f6c9 [ 48.259994][ T4573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 48.260011][ T4573] RSP: 002b:00007f7ae976f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 48.260111][ T4573] RAX: ffffffffffffffda RBX: 00007f7aeaf65fa0 RCX: 00007f7aead0f6c9 [ 48.260123][ T4573] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000000000000006 [ 48.260149][ T4573] RBP: 00007f7ae976f090 R08: 0000000000000000 R09: 0000000000000000 [ 48.260160][ T4573] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000001 [ 48.260172][ T4573] R13: 00007f7aeaf66038 R14: 00007f7aeaf65fa0 R15: 00007ffc2bc17998 [ 48.260188][ T4573] [ 48.612236][ T12] hsr_slave_0: left promiscuous mode [ 48.625539][ T12] hsr_slave_1: left promiscuous mode [ 48.631718][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 48.639590][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 48.651782][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 48.659365][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 48.675063][ T12] veth1_macvtap: left promiscuous mode [ 48.687147][ T12] veth0_macvtap: left promiscuous mode [ 48.701203][ T4587] loop3: detected capacity change from 0 to 512 [ 48.703233][ T12] veth1_vlan: left promiscuous mode [ 48.715031][ T4587] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 48.728236][ T4587] EXT4-fs (loop3): invalid journal inode [ 48.734336][ T12] veth0_vlan: left promiscuous mode [ 48.744452][ T4587] EXT4-fs (loop3): can't get journal size [ 48.777137][ T4587] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002] [ 48.795091][ T4591] FAULT_INJECTION: forcing a failure. [ 48.795091][ T4591] name failslab, interval 1, probability 0, space 0, times 0 [ 48.807995][ T4591] CPU: 1 UID: 0 PID: 4591 Comm: syz.4.444 Not tainted syzkaller #0 PREEMPT(voluntary) [ 48.808083][ T4591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 48.808097][ T4591] Call Trace: [ 48.808144][ T4591] [ 48.808152][ T4591] __dump_stack+0x1d/0x30 [ 48.808218][ T4591] dump_stack_lvl+0xe8/0x140 [ 48.808242][ T4591] dump_stack+0x15/0x1b [ 48.808268][ T4591] should_fail_ex+0x265/0x280 [ 48.808354][ T4591] ? __pfx_cond_bools_destroy+0x10/0x10 [ 48.808429][ T4591] should_failslab+0x8c/0xb0 [ 48.808464][ T4591] kmem_cache_alloc_noprof+0x50/0x480 [ 48.808493][ T4591] ? hashtab_duplicate+0xfe/0x360 [ 48.808534][ T4591] ? __pfx_cond_bools_destroy+0x10/0x10 [ 48.808557][ T4591] hashtab_duplicate+0xfe/0x360 [ 48.808590][ T4591] ? __pfx_cond_bools_copy+0x10/0x10 [ 48.808616][ T4591] cond_policydb_dup+0xd2/0x4e0 [ 48.808696][ T4591] security_set_bools+0xa0/0x340 [ 48.808731][ T4591] sel_commit_bools_write+0x1ea/0x270 [ 48.808754][ T4591] vfs_writev+0x406/0x8b0 [ 48.808784][ T4591] ? __pfx_sel_commit_bools_write+0x10/0x10 [ 48.808913][ T4591] ? mutex_lock+0xd/0x30 [ 48.808942][ T4591] do_writev+0xe7/0x210 [ 48.809047][ T4591] __x64_sys_writev+0x45/0x50 [ 48.809130][ T4591] x64_sys_call+0x1e9a/0x3000 [ 48.809155][ T4591] do_syscall_64+0xd2/0x200 [ 48.809175][ T4591] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 48.809207][ T4591] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 48.809323][ T4591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.809349][ T4591] RIP: 0033:0x7f238132f6c9 [ 48.809444][ T4591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 48.809524][ T4591] RSP: 002b:00007f237fd6e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 48.809548][ T4591] RAX: ffffffffffffffda RBX: 00007f2381586090 RCX: 00007f238132f6c9 [ 48.809563][ T4591] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000005 [ 48.809578][ T4591] RBP: 00007f237fd6e090 R08: 0000000000000000 R09: 0000000000000000 [ 48.809592][ T4591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 48.809643][ T4591] R13: 00007f2381586128 R14: 00007f2381586090 R15: 00007ffe8ec60548 [ 48.809660][ T4591] [ 49.034438][ T4587] System zones: 1-12, 13-13 [ 49.041536][ T4587] EXT4-fs (loop3): 1 truncate cleaned up [ 49.082544][ T12] team0 (unregistering): Port device team_slave_1 removed [ 49.113296][ T12] team0 (unregistering): Port device team_slave_0 removed [ 49.186452][ T4525] chnl_net:caif_netlink_parms(): no params data found [ 49.255965][ T4525] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.263226][ T4525] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.286856][ T4525] bridge_slave_0: entered allmulticast mode [ 49.306669][ T4525] bridge_slave_0: entered promiscuous mode [ 49.333121][ T4525] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.340395][ T4525] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.356838][ T4525] bridge_slave_1: entered allmulticast mode [ 49.417194][ T4525] bridge_slave_1: entered promiscuous mode [ 49.450203][ T4629] loop3: detected capacity change from 0 to 512 [ 49.483255][ T4525] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.500573][ T4525] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 49.541081][ T4629] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.599912][ T4525] team0: Port device team_slave_0 added [ 49.617063][ T4525] team0: Port device team_slave_1 added [ 49.620248][ T4646] loop3: detected capacity change from 0 to 512 [ 49.653090][ T4646] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 49.684019][ T4525] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 49.691137][ T4525] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 49.717181][ T4525] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.738932][ T4525] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.745988][ T4525] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 49.772084][ T4525] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.814598][ T4652] Zero length message leads to an empty skb [ 49.821294][ T4525] hsr_slave_0: entered promiscuous mode [ 49.828030][ T4525] hsr_slave_1: entered promiscuous mode [ 49.981057][ T4673] netlink: 'syz.3.461': attribute type 10 has an invalid length. [ 49.988928][ T4673] __nla_validate_parse: 10 callbacks suppressed [ 49.988945][ T4673] netlink: 40 bytes leftover after parsing attributes in process `syz.3.461'. [ 50.024248][ T4525] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 50.058449][ T4673] net_ratelimit: 10 callbacks suppressed [ 50.058467][ T4673] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check. [ 50.085800][ T4525] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 50.106022][ T4525] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 50.124104][ T4525] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 50.137020][ T4689] netlink: 'syz.1.468': attribute type 1 has an invalid length. [ 50.214634][ T4707] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4707 comm=syz.1.468 [ 50.256409][ T4715] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4715 comm=syz.4.471 [ 50.294964][ T4704] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 50.330141][ T4525] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.338211][ T4704] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 50.371289][ T4525] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.385723][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.392932][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.419162][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.426310][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.754074][ T4525] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 50.892672][ T4748] FAULT_INJECTION: forcing a failure. [ 50.892672][ T4748] name failslab, interval 1, probability 0, space 0, times 0 [ 50.905402][ T4748] CPU: 1 UID: 0 PID: 4748 Comm: syz.2.479 Not tainted syzkaller #0 PREEMPT(voluntary) [ 50.905463][ T4748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 50.905478][ T4748] Call Trace: [ 50.905486][ T4748] [ 50.905496][ T4748] __dump_stack+0x1d/0x30 [ 50.905534][ T4748] dump_stack_lvl+0xe8/0x140 [ 50.905568][ T4748] dump_stack+0x15/0x1b [ 50.905586][ T4748] should_fail_ex+0x265/0x280 [ 50.905610][ T4748] ? resv_map_alloc+0x57/0x190 [ 50.905719][ T4748] should_failslab+0x8c/0xb0 [ 50.905755][ T4748] __kmalloc_cache_noprof+0x4c/0x4a0 [ 50.905797][ T4748] resv_map_alloc+0x57/0x190 [ 50.905911][ T4748] hugetlbfs_get_inode+0x67/0x370 [ 50.905949][ T4748] hugetlb_file_setup+0x192/0x3d0 [ 50.905985][ T4748] ksys_mmap_pgoff+0x157/0x310 [ 50.906092][ T4748] x64_sys_call+0x14a3/0x3000 [ 50.906122][ T4748] do_syscall_64+0xd2/0x200 [ 50.906195][ T4748] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 50.906227][ T4748] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 50.906281][ T4748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.906350][ T4748] RIP: 0033:0x7f135a72f6c9 [ 50.906370][ T4748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.906393][ T4748] RSP: 002b:00007f1359197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 50.906421][ T4748] RAX: ffffffffffffffda RBX: 00007f135a985fa0 RCX: 00007f135a72f6c9 [ 50.906437][ T4748] RDX: 0000000000000000 RSI: 0000000001400000 RDI: 0000200000000000 [ 50.906452][ T4748] RBP: 00007f1359197090 R08: ffffffffffffffff R09: 0000000000000000 [ 50.906540][ T4748] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001 [ 50.906555][ T4748] R13: 00007f135a986038 R14: 00007f135a985fa0 R15: 00007fff5aae3188 [ 50.906576][ T4748] [ 50.965294][ T4525] veth0_vlan: entered promiscuous mode [ 51.147115][ T4525] veth1_vlan: entered promiscuous mode [ 51.197220][ T4525] veth0_macvtap: entered promiscuous mode [ 51.216267][ T4525] veth1_macvtap: entered promiscuous mode [ 51.226856][ T4788] loop4: detected capacity change from 0 to 512 [ 51.243683][ T4788] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 51.253889][ T4525] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 51.284518][ T4525] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 51.327519][ T2658] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.355669][ T2658] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.372562][ T2658] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.409169][ T2658] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.455178][ T4805] netlink: 12 bytes leftover after parsing attributes in process `syz.4.491'. [ 51.465438][ T4807] loop2: detected capacity change from 0 to 512 [ 51.474186][ T4807] ext4: Unknown parameter 'smackfshat' [ 51.555934][ T4811] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 51.573627][ T4811] vhci_hcd: invalid port number 96 [ 51.578862][ T4811] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 51.587874][ T4815] atomic_op ffff888126568128 conn xmit_atomic 0000000000000000 [ 51.735230][ T4830] netlink: 16 bytes leftover after parsing attributes in process `syz.1.496'. [ 51.758057][ T29] kauditd_printk_skb: 243 callbacks suppressed [ 51.758097][ T29] audit: type=1326 audit(1762692582.754:3642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4832 comm="syz.5.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 51.788764][ T4834] netlink: 12 bytes leftover after parsing attributes in process `syz.4.503'. [ 51.800587][ T4776] netlink: 'syz.3.482': attribute type 1 has an invalid length. [ 51.807107][ T4829] loop2: detected capacity change from 0 to 128 [ 51.808309][ T4776] netlink: 224 bytes leftover after parsing attributes in process `syz.3.482'. [ 51.822527][ T29] audit: type=1326 audit(1762692582.754:3643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4832 comm="syz.5.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 51.847136][ T29] audit: type=1326 audit(1762692582.754:3644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4832 comm="syz.5.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 51.870945][ T29] audit: type=1326 audit(1762692582.754:3645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4832 comm="syz.5.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 51.894761][ T29] audit: type=1326 audit(1762692582.754:3646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4832 comm="syz.5.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 51.918557][ T29] audit: type=1326 audit(1762692582.754:3647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4832 comm="syz.5.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 51.942017][ T29] audit: type=1326 audit(1762692582.754:3648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4832 comm="syz.5.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 51.965633][ T29] audit: type=1326 audit(1762692582.754:3649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4832 comm="syz.5.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 51.989091][ T29] audit: type=1326 audit(1762692582.754:3650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4832 comm="syz.5.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 52.012544][ T29] audit: type=1326 audit(1762692582.754:3651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4832 comm="syz.5.502" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 52.117053][ T4841] netlink: 28 bytes leftover after parsing attributes in process `syz.4.505'. [ 52.125988][ T4841] netlink: 28 bytes leftover after parsing attributes in process `syz.4.505'. [ 52.135790][ T4841] serio: Serial port ttyS3 [ 52.160913][ T4848] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=4848 comm=syz.5.508 [ 52.252298][ T4854] netlink: 'syz.4.511': attribute type 12 has an invalid length. [ 52.361531][ T4870] netlink: 12 bytes leftover after parsing attributes in process `syz.5.517'. [ 52.399702][ T4872] loop4: detected capacity change from 0 to 512 [ 52.407671][ T4872] journal_path: Non-blockdev passed as './bus' [ 52.413908][ T4872] EXT4-fs: error: could not find journal device path [ 52.459496][ T4872] loop4: detected capacity change from 0 to 4096 [ 52.659516][ T4886] loop5: detected capacity change from 0 to 128 [ 52.666868][ T4886] FAT-fs (loop5): Directory bread(block 162) failed [ 52.675435][ T4886] FAT-fs (loop5): Directory bread(block 163) failed [ 52.682111][ T4886] FAT-fs (loop5): Directory bread(block 164) failed [ 52.689061][ T4886] FAT-fs (loop5): Directory bread(block 165) failed [ 52.713191][ T4886] FAT-fs (loop5): Directory bread(block 166) failed [ 52.719927][ T4886] FAT-fs (loop5): Directory bread(block 167) failed [ 52.752306][ T4886] FAT-fs (loop5): Directory bread(block 168) failed [ 52.759163][ T4886] FAT-fs (loop5): Directory bread(block 169) failed [ 52.780520][ T4886] netlink: 52 bytes leftover after parsing attributes in process `syz.5.521'. [ 52.794370][ T4886] dvmrp1: entered allmulticast mode [ 52.802448][ T4886] dvmrp1: left allmulticast mode [ 52.853632][ T4893] FAT-fs (loop5): Directory bread(block 162) failed [ 52.860361][ T4893] FAT-fs (loop5): Directory bread(block 163) failed [ 52.867708][ T4893] bio_check_eod: 102 callbacks suppressed [ 52.867723][ T4893] syz.5.521: attempt to access beyond end of device [ 52.867723][ T4893] loop5: rw=3, sector=226, nr_sectors = 6 limit=128 [ 52.887247][ T4893] syz.5.521: attempt to access beyond end of device [ 52.887247][ T4893] loop5: rw=2051, sector=232, nr_sectors = 2 limit=128 [ 52.903578][ T4893] netlink: 4 bytes leftover after parsing attributes in process `syz.5.521'. [ 52.928210][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 52.940370][ T4898] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 53.014974][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.075878][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.147198][ T4918] loop3: detected capacity change from 0 to 128 [ 53.183144][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.224590][ T4901] chnl_net:caif_netlink_parms(): no params data found [ 53.280846][ T4901] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.288035][ T4901] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.295527][ T4901] bridge_slave_0: entered allmulticast mode [ 53.302186][ T4901] bridge_slave_0: entered promiscuous mode [ 53.309336][ T4901] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.316663][ T4901] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.323957][ T4901] bridge_slave_1: entered allmulticast mode [ 53.330488][ T4901] bridge_slave_1: entered promiscuous mode [ 53.356507][ T4901] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.370955][ T4901] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.380502][ T12] bridge_slave_1: left allmulticast mode [ 53.386260][ T12] bridge_slave_1: left promiscuous mode [ 53.391904][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.399910][ T12] bridge_slave_0: left allmulticast mode [ 53.405737][ T12] bridge_slave_0: left promiscuous mode [ 53.411437][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.515652][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 53.528581][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 53.538684][ T12] bond0 (unregistering): Released all slaves [ 53.571114][ T4901] team0: Port device team_slave_0 added [ 53.579729][ T4901] team0: Port device team_slave_1 added [ 53.585533][ T4939] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4939 comm=syz.3.538 [ 53.600242][ T4939] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 53.609144][ T4939] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 53.618015][ T4901] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.625149][ T4901] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.651098][ T4901] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.665743][ T12] hsr_slave_0: left promiscuous mode [ 53.671617][ T12] hsr_slave_1: left promiscuous mode [ 53.678550][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 53.686191][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 53.695089][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 53.702712][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 53.716884][ T12] veth1_macvtap: left promiscuous mode [ 53.729545][ T12] veth0_macvtap: left promiscuous mode [ 53.808665][ T4963] sd 0:0:1:0: device reset [ 53.816051][ T4963] netlink: 'syz.1.542': attribute type 10 has an invalid length. [ 53.829017][ T12] team0 (unregistering): Port device team_slave_1 removed [ 53.840748][ T12] team0 (unregistering): Port device team_slave_0 removed [ 53.864332][ T12] team0 (unregistering): Port device dummy0 removed [ 53.877344][ T4901] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.884356][ T4901] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.910516][ T4901] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.924571][ T4963] team0: Port device dummy0 added [ 53.951576][ T4901] hsr_slave_0: entered promiscuous mode [ 53.957629][ T4901] hsr_slave_1: entered promiscuous mode [ 53.963693][ T4901] debugfs: 'hsr0' already exists in 'hsr' [ 53.969608][ T4901] Cannot create hsr debugfs directory [ 54.106774][ T4901] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 54.117721][ T4901] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 54.126074][ T4989] FAULT_INJECTION: forcing a failure. [ 54.126074][ T4989] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 54.139344][ T4989] CPU: 1 UID: 0 PID: 4989 Comm: syz.2.547 Not tainted syzkaller #0 PREEMPT(voluntary) [ 54.139372][ T4989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 54.139384][ T4989] Call Trace: [ 54.139397][ T4989] [ 54.139404][ T4989] __dump_stack+0x1d/0x30 [ 54.139427][ T4989] dump_stack_lvl+0xe8/0x140 [ 54.139447][ T4989] dump_stack+0x15/0x1b [ 54.139466][ T4989] should_fail_ex+0x265/0x280 [ 54.139518][ T4989] should_fail+0xb/0x20 [ 54.139538][ T4989] should_fail_usercopy+0x1a/0x20 [ 54.139571][ T4989] strncpy_from_user+0x25/0x230 [ 54.139598][ T4989] ? kmem_cache_alloc_noprof+0x242/0x480 [ 54.139639][ T4989] ? getname_flags+0x80/0x3b0 [ 54.139673][ T4989] getname_flags+0xae/0x3b0 [ 54.139715][ T4989] user_path_at+0x28/0x130 [ 54.139791][ T4989] do_fchownat+0xb0/0x210 [ 54.139902][ T4989] __x64_sys_fchownat+0x64/0x80 [ 54.140003][ T4989] x64_sys_call+0x255e/0x3000 [ 54.140030][ T4989] do_syscall_64+0xd2/0x200 [ 54.140054][ T4989] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 54.140125][ T4989] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 54.140162][ T4989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.140187][ T4989] RIP: 0033:0x7f135a72f6c9 [ 54.140206][ T4989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.140255][ T4989] RSP: 002b:00007f1359197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104 [ 54.140278][ T4989] RAX: ffffffffffffffda RBX: 00007f135a985fa0 RCX: 00007f135a72f6c9 [ 54.140293][ T4989] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffffff [ 54.140372][ T4989] RBP: 00007f1359197090 R08: 0000000000000000 R09: 0000000000000000 [ 54.140384][ T4989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 54.140396][ T4989] R13: 00007f135a986038 R14: 00007f135a985fa0 R15: 00007fff5aae3188 [ 54.140416][ T4989] [ 54.143478][ T4901] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 54.346850][ T4901] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 54.416483][ T4901] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.444425][ T4901] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.469614][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.476837][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.503253][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.510360][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.547354][ T4901] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 54.557959][ T4901] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 54.663450][ T5048] loop2: detected capacity change from 0 to 512 [ 54.730484][ T5056] loop3: detected capacity change from 0 to 164 [ 54.741471][ T5048] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 54.754545][ T4901] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.837015][ T5056] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 54.848108][ T5056] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 55.097114][ T5101] loop3: detected capacity change from 0 to 512 [ 55.110883][ T5104] vlan1: entered allmulticast mode [ 55.137304][ T4901] veth0_vlan: entered promiscuous mode [ 55.172438][ T5101] journal_path: Non-blockdev passed as './bus' [ 55.178667][ T5101] EXT4-fs: error: could not find journal device path [ 55.192019][ T4901] veth1_vlan: entered promiscuous mode [ 55.218981][ T4901] veth0_macvtap: entered promiscuous mode [ 55.233920][ T4901] veth1_macvtap: entered promiscuous mode [ 55.249211][ T5101] loop3: detected capacity change from 0 to 4096 [ 55.260973][ T4901] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.274646][ T4901] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.309576][ T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.375371][ T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.413490][ T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.422672][ T52] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.621508][ T5132] loop6: detected capacity change from 0 to 1024 [ 55.697835][ T5132] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 55.722056][ T5132] EXT4-fs (loop6): revision level too high, forcing read-only mode [ 55.742065][ T5132] EXT4-fs (loop6): orphan cleanup on readonly fs [ 55.754131][ T5132] EXT4-fs warning (device loop6): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 55.768986][ T5132] EXT4-fs (loop6): Cannot turn on quotas: error -5 [ 55.813239][ T5132] EXT4-fs (loop6): 1 truncate cleaned up [ 55.947347][ T52] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.025662][ T52] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.054374][ T5161] loop5: detected capacity change from 0 to 512 [ 56.072532][ T5161] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.124370][ T52] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.233300][ T52] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.251142][ T5183] netlink: 'syz.6.599': attribute type 16 has an invalid length. [ 56.259069][ T5183] __nla_validate_parse: 4 callbacks suppressed [ 56.259084][ T5183] netlink: 156 bytes leftover after parsing attributes in process `syz.6.599'. [ 56.391791][ T52] bridge_slave_1: left allmulticast mode [ 56.397802][ T52] bridge_slave_1: left promiscuous mode [ 56.403540][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.416175][ T5194] netlink: 8 bytes leftover after parsing attributes in process `syz.5.601'. [ 56.425155][ T5194] netlink: 8 bytes leftover after parsing attributes in process `syz.5.601'. [ 56.439212][ T52] bridge_slave_0: left allmulticast mode [ 56.445160][ T52] bridge_slave_0: left promiscuous mode [ 56.451101][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.457313][ T5203] loop6: detected capacity change from 0 to 128 [ 56.515975][ T5211] loop2: detected capacity change from 0 to 512 [ 56.559888][ T5211] ext4 filesystem being mounted at /107/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.656350][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 56.693689][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 56.707302][ T52] bond0 (unregistering): Released all slaves [ 56.733905][ T52] bond1 (unregistering): Released all slaves [ 56.749387][ T5239] FAULT_INJECTION: forcing a failure. [ 56.749387][ T5239] name failslab, interval 1, probability 0, space 0, times 0 [ 56.762132][ T5239] CPU: 1 UID: 0 PID: 5239 Comm: syz.1.616 Not tainted syzkaller #0 PREEMPT(voluntary) [ 56.762160][ T5239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 56.762173][ T5239] Call Trace: [ 56.762181][ T5239] [ 56.762191][ T5239] __dump_stack+0x1d/0x30 [ 56.762297][ T5239] dump_stack_lvl+0xe8/0x140 [ 56.762321][ T5239] dump_stack+0x15/0x1b [ 56.762380][ T5239] should_fail_ex+0x265/0x280 [ 56.762465][ T5239] ? bpf_prog_alloc_no_stats+0xc4/0x3b0 [ 56.762511][ T5239] should_failslab+0x8c/0xb0 [ 56.762617][ T5239] __kmalloc_cache_noprof+0x4c/0x4a0 [ 56.762653][ T5239] bpf_prog_alloc_no_stats+0xc4/0x3b0 [ 56.762709][ T5239] bpf_prog_alloc+0x3c/0x150 [ 56.762740][ T5239] bpf_prog_load+0x506/0x1100 [ 56.762766][ T5239] ? security_bpf+0x2b/0x90 [ 56.762796][ T5239] __sys_bpf+0x469/0x7c0 [ 56.762896][ T5239] __x64_sys_bpf+0x41/0x50 [ 56.762940][ T5239] x64_sys_call+0x2aee/0x3000 [ 56.762976][ T5239] do_syscall_64+0xd2/0x200 [ 56.762999][ T5239] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 56.763081][ T5239] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 56.763112][ T5239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.763134][ T5239] RIP: 0033:0x7fcc61b9f6c9 [ 56.763192][ T5239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.763292][ T5239] RSP: 002b:00007fcc60607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 56.763316][ T5239] RAX: ffffffffffffffda RBX: 00007fcc61df5fa0 RCX: 00007fcc61b9f6c9 [ 56.763351][ T5239] RDX: 0000000000000094 RSI: 00002000000001c0 RDI: 0000000000000005 [ 56.763364][ T5239] RBP: 00007fcc60607090 R08: 0000000000000000 R09: 0000000000000000 [ 56.763376][ T5239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.763388][ T5239] R13: 00007fcc61df6038 R14: 00007fcc61df5fa0 R15: 00007ffe707e4408 [ 56.763469][ T5239] [ 56.962604][ T5240] netlink: 8 bytes leftover after parsing attributes in process `syz.6.613'. [ 56.996752][ T5245] loop2: detected capacity change from 0 to 512 [ 57.014947][ T52] tipc: Disabling bearer [ 57.020315][ T52] tipc: Left network mode [ 57.031753][ T5245] journal_path: Non-blockdev passed as './bus' [ 57.038271][ T5245] EXT4-fs: error: could not find journal device path [ 57.045542][ T52] hsr_slave_0: left promiscuous mode [ 57.053157][ T52] hsr_slave_1: left promiscuous mode [ 57.071580][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 57.079052][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 57.116128][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 57.123592][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 57.135675][ T29] kauditd_printk_skb: 680 callbacks suppressed [ 57.135693][ T29] audit: type=1326 audit(1762692588.134:4331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.1.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc61b9f6c9 code=0x7ffc0000 [ 57.165951][ T5245] loop2: detected capacity change from 0 to 4096 [ 57.168034][ T29] audit: type=1326 audit(1762692588.134:4332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.1.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc61b9f6c9 code=0x7ffc0000 [ 57.196216][ T29] audit: type=1326 audit(1762692588.134:4333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.1.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcc61b9f6c9 code=0x7ffc0000 [ 57.196609][ T52] veth1_macvtap: left promiscuous mode [ 57.219486][ T29] audit: type=1326 audit(1762692588.134:4334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.1.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc61b9f6c9 code=0x7ffc0000 [ 57.248348][ T29] audit: type=1326 audit(1762692588.134:4335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.1.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc61b9f6c9 code=0x7ffc0000 [ 57.272081][ T29] audit: type=1326 audit(1762692588.134:4336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.1.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc61b9f6c9 code=0x7ffc0000 [ 57.282973][ T52] veth0_macvtap: left promiscuous mode [ 57.295622][ T29] audit: type=1326 audit(1762692588.134:4337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.1.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc61b9f6c9 code=0x7ffc0000 [ 57.301410][ T52] veth1_vlan: left promiscuous mode [ 57.325013][ T29] audit: type=1326 audit(1762692588.134:4338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.1.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc61b9f6c9 code=0x7ffc0000 [ 57.330743][ T52] veth0_vlan: left promiscuous mode [ 57.353532][ T29] audit: type=1326 audit(1762692588.134:4339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.1.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc61b9f6c9 code=0x7ffc0000 [ 57.382162][ T29] audit: type=1326 audit(1762692588.134:4340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5254 comm="syz.1.619" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc61b9f6c9 code=0x7ffc0000 [ 57.643726][ T5285] netlink: 28 bytes leftover after parsing attributes in process `syz.1.627'. [ 57.652670][ T5285] netlink: 28 bytes leftover after parsing attributes in process `syz.1.627'. [ 57.816370][ T5291] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5291 comm=syz.6.629 [ 57.877666][ T5159] chnl_net:caif_netlink_parms(): no params data found [ 57.898536][ T5291] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 57.933339][ T5291] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 58.027969][ T5159] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.035284][ T5159] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.042478][ T5159] bridge_slave_0: entered allmulticast mode [ 58.048955][ T5159] bridge_slave_0: entered promiscuous mode [ 58.055942][ T5159] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.063273][ T5159] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.070708][ T5159] bridge_slave_1: entered allmulticast mode [ 58.078559][ T5159] bridge_slave_1: entered promiscuous mode [ 58.103840][ T5159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 58.115342][ T5159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 58.132684][ T5339] loop2: detected capacity change from 0 to 512 [ 58.133607][ T5337] syzkaller0: entered allmulticast mode [ 58.155564][ T5339] EXT4-fs (loop2): orphan cleanup on readonly fs [ 58.163021][ T5339] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.639: bad orphan inode 13 [ 58.185454][ T5159] team0: Port device team_slave_0 added [ 58.197908][ T5337] syzkaller0: entered promiscuous mode [ 58.206480][ T5339] ext4_test_bit(bit=12, block=18) = 1 [ 58.207382][ T5159] team0: Port device team_slave_1 added [ 58.211908][ T5339] is_bad_inode(inode)=0 [ 58.211920][ T5339] NEXT_ORPHAN(inode)=2130706432 [ 58.211930][ T5339] max_ino=32 [ 58.211938][ T5339] i_nlink=1 [ 58.262287][ T5337] syzkaller0 (unregistering): left allmulticast mode [ 58.269104][ T5337] syzkaller0 (unregistering): left promiscuous mode [ 58.306949][ T5345] netlink: 'syz.1.641': attribute type 4 has an invalid length. [ 58.321094][ T5159] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 58.328232][ T5159] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 58.354606][ T5159] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 58.365882][ T5352] netlink: 'syz.1.641': attribute type 4 has an invalid length. [ 58.414127][ T5354] loop2: detected capacity change from 0 to 128 [ 58.418268][ T5159] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 58.427491][ T5159] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 58.453568][ T5159] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 58.620946][ T5159] hsr_slave_0: entered promiscuous mode [ 58.632006][ T5159] hsr_slave_1: entered promiscuous mode [ 58.638472][ T5159] debugfs: 'hsr0' already exists in 'hsr' [ 58.644284][ T5159] Cannot create hsr debugfs directory [ 58.671049][ T5391] netlink: 'syz.5.655': attribute type 16 has an invalid length. [ 58.678922][ T5391] netlink: 156 bytes leftover after parsing attributes in process `syz.5.655'. [ 58.815716][ T5400] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5400 comm=syz.1.657 [ 58.818334][ T5159] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 58.838933][ T5159] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 58.848767][ T5159] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 58.856192][ T5400] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 58.859802][ T5159] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 58.868753][ T5400] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 58.896894][ T5159] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.904018][ T5159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.935544][ T5159] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.946993][ T5414] loop2: detected capacity change from 0 to 512 [ 58.948236][ T5159] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.963631][ T95] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.992085][ T5414] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 59.014936][ T5414] EXT4-fs (loop2): mount failed [ 59.015340][ T95] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.027147][ T95] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.044305][ T95] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.051457][ T95] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.188238][ T5159] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.528587][ T5159] veth0_vlan: entered promiscuous mode [ 59.539355][ T5159] veth1_vlan: entered promiscuous mode [ 59.570232][ T5159] veth0_macvtap: entered promiscuous mode [ 59.619431][ T5159] veth1_macvtap: entered promiscuous mode [ 59.648014][ T5159] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.677140][ T5159] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.687029][ T5473] loop5: detected capacity change from 0 to 512 [ 59.703358][ T5473] EXT4-fs (loop5): failed to initialize system zone (-117) [ 59.716155][ T41] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.742514][ T5473] EXT4-fs (loop5): mount failed [ 59.749445][ T41] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.862481][ T12] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.875662][ T12] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.947840][ T5492] loop7: detected capacity change from 0 to 512 [ 59.954360][ T5480] loop2: detected capacity change from 0 to 1024 [ 59.961090][ T5480] EXT4-fs: Ignoring removed orlov option [ 59.973523][ T5492] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #15: comm syz.7.591: iget: bad i_size value: 38620345925642 [ 60.071668][ T5492] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.591: couldn't read orphan inode 15 (err -117) [ 60.113344][ T5500] FAULT_INJECTION: forcing a failure. [ 60.113344][ T5500] name failslab, interval 1, probability 0, space 0, times 0 [ 60.126139][ T5500] CPU: 0 UID: 0 PID: 5500 Comm: syz.5.682 Not tainted syzkaller #0 PREEMPT(voluntary) [ 60.126171][ T5500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 60.126184][ T5500] Call Trace: [ 60.126191][ T5500] [ 60.126201][ T5500] __dump_stack+0x1d/0x30 [ 60.126230][ T5500] dump_stack_lvl+0xe8/0x140 [ 60.126391][ T5500] dump_stack+0x15/0x1b [ 60.126414][ T5500] should_fail_ex+0x265/0x280 [ 60.126437][ T5500] should_failslab+0x8c/0xb0 [ 60.126465][ T5500] __kmalloc_noprof+0xa5/0x570 [ 60.126641][ T5500] ? process_preds+0x2ce/0x2bb0 [ 60.126686][ T5500] process_preds+0x2ce/0x2bb0 [ 60.126715][ T5500] ? __memcg_slab_free_hook+0x135/0x230 [ 60.126747][ T5500] ? avc_has_perm_noaudit+0x1b1/0x200 [ 60.126772][ T5500] ? should_fail_ex+0xdb/0x280 [ 60.126795][ T5500] ? ftrace_profile_set_filter+0xc2/0x1b0 [ 60.126872][ T5500] ? should_failslab+0x8c/0xb0 [ 60.126970][ T5500] ? __kmalloc_cache_noprof+0x249/0x4a0 [ 60.127001][ T5500] ftrace_profile_set_filter+0xff/0x1b0 [ 60.127093][ T5500] perf_ioctl+0x7b3/0x12e0 [ 60.127125][ T5500] ? ioctl_has_perm+0x289/0x2a0 [ 60.127197][ T5500] ? do_vfs_ioctl+0x866/0xe10 [ 60.127224][ T5500] ? selinux_file_ioctl+0x308/0x3a0 [ 60.127335][ T5500] ? __fget_files+0x184/0x1c0 [ 60.127407][ T5500] ? __pfx_perf_ioctl+0x10/0x10 [ 60.127439][ T5500] __se_sys_ioctl+0xce/0x140 [ 60.127462][ T5500] __x64_sys_ioctl+0x43/0x50 [ 60.127481][ T5500] x64_sys_call+0x1816/0x3000 [ 60.127558][ T5500] do_syscall_64+0xd2/0x200 [ 60.127584][ T5500] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 60.127648][ T5500] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 60.127685][ T5500] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.127791][ T5500] RIP: 0033:0x7fdb67d8f6c9 [ 60.127811][ T5500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.127843][ T5500] RSP: 002b:00007fdb667ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 60.127862][ T5500] RAX: ffffffffffffffda RBX: 00007fdb67fe5fa0 RCX: 00007fdb67d8f6c9 [ 60.127875][ T5500] RDX: 0000200000000180 RSI: 0000000040082406 RDI: 0000000000000005 [ 60.127887][ T5500] RBP: 00007fdb667ef090 R08: 0000000000000000 R09: 0000000000000000 [ 60.127902][ T5500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 60.127917][ T5500] R13: 00007fdb67fe6038 R14: 00007fdb67fe5fa0 R15: 00007ffddd96d4e8 [ 60.127946][ T5500] [ 60.445380][ T3004] udevd[3004]: worker [4557] terminated by signal 33 (Unknown signal 33) [ 60.487075][ T5504] loop5: detected capacity change from 0 to 128 [ 60.678659][ T5514] loop5: detected capacity change from 0 to 2048 [ 60.729314][ T5522] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5522 comm=syz.2.692 [ 60.745917][ T5520] loop7: detected capacity change from 0 to 2048 [ 60.765521][ T5514] EXT4-fs error (device loop5): ext4_ext_precache:632: inode #2: comm syz.5.688: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 60.825148][ T5514] EXT4-fs (loop5): Remounting filesystem read-only [ 60.859248][ T5520] EXT4-fs error (device loop7): ext4_ext_precache:632: inode #2: comm syz.7.691: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 60.931998][ T5520] EXT4-fs (loop7): Remounting filesystem read-only [ 61.170059][ T5542] loop7: detected capacity change from 0 to 1024 [ 61.176978][ T5542] EXT4-fs: Ignoring removed orlov option [ 61.191852][ T5555] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=5555 comm=syz.2.703 [ 61.416421][ T5573] loop6: detected capacity change from 0 to 512 [ 61.437380][ T5573] EXT4-fs: Invalid want_extra_isize 32768 [ 61.457855][ T5575] loop2: detected capacity change from 0 to 2048 [ 61.474773][ T5573] loop6: detected capacity change from 0 to 512 [ 61.491869][ T5573] ext4: Unknown parameter 'smackfshat' [ 61.499908][ T5575] EXT4-fs error (device loop2): ext4_ext_precache:632: inode #2: comm syz.2.713: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 61.547994][ T5575] EXT4-fs (loop2): Remounting filesystem read-only [ 61.618944][ T5585] loop6: detected capacity change from 0 to 2048 [ 61.699582][ T5585] EXT4-fs error (device loop6): ext4_ext_precache:632: inode #2: comm syz.6.716: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 61.756358][ T5585] EXT4-fs (loop6): Remounting filesystem read-only [ 61.801871][ T5612] loop7: detected capacity change from 0 to 512 [ 61.810519][ T5612] journal_path: Non-blockdev passed as './bus' [ 61.816828][ T5612] EXT4-fs: error: could not find journal device path [ 61.865517][ T5612] loop7: detected capacity change from 0 to 4096 [ 61.873559][ T5623] netlink: 12 bytes leftover after parsing attributes in process `syz.1.730'. [ 61.882516][ T5623] netlink: 12 bytes leftover after parsing attributes in process `syz.1.730'. [ 61.995014][ T5635] netlink: 8 bytes leftover after parsing attributes in process `syz.6.734'. [ 62.006271][ T5635] netlink: 8 bytes leftover after parsing attributes in process `syz.6.734'. [ 62.015215][ T5635] netlink: 8 bytes leftover after parsing attributes in process `syz.6.734'. [ 62.026851][ T5634] loop5: detected capacity change from 0 to 128 [ 62.052748][ T5634] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 62.054247][ T5637] loop2: detected capacity change from 0 to 128 [ 62.182227][ T5634] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 62.211346][ T29] kauditd_printk_skb: 634 callbacks suppressed [ 62.211364][ T29] audit: type=1326 audit(1762692593.204:4974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5633 comm="syz.5.735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 62.241386][ T29] audit: type=1326 audit(1762692593.214:4975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5633 comm="syz.5.735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 62.264918][ T29] audit: type=1326 audit(1762692593.214:4976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5633 comm="syz.5.735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 62.288539][ T29] audit: type=1326 audit(1762692593.214:4977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5633 comm="syz.5.735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 62.312099][ T29] audit: type=1326 audit(1762692593.214:4978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5633 comm="syz.5.735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 62.335590][ T29] audit: type=1326 audit(1762692593.214:4979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5633 comm="syz.5.735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 62.359226][ T29] audit: type=1326 audit(1762692593.214:4980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5633 comm="syz.5.735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 62.382523][ T29] audit: type=1326 audit(1762692593.214:4981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5633 comm="syz.5.735" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 62.439649][ T29] audit: type=1326 audit(1762692593.424:4982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5645 comm="syz.5.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 62.463195][ T29] audit: type=1326 audit(1762692593.424:4983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5645 comm="syz.5.740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdb67d8f6c9 code=0x7ffc0000 [ 62.515622][ T5652] netlink: 12 bytes leftover after parsing attributes in process `syz.5.742'. [ 62.524699][ T5652] netlink: 12 bytes leftover after parsing attributes in process `syz.5.742'. [ 62.554273][ T5661] FAULT_INJECTION: forcing a failure. [ 62.554273][ T5661] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 62.567724][ T5661] CPU: 0 UID: 0 PID: 5661 Comm: syz.1.745 Not tainted syzkaller #0 PREEMPT(voluntary) [ 62.567788][ T5661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 62.567800][ T5661] Call Trace: [ 62.567805][ T5661] [ 62.567813][ T5661] __dump_stack+0x1d/0x30 [ 62.567838][ T5661] dump_stack_lvl+0xe8/0x140 [ 62.567864][ T5661] dump_stack+0x15/0x1b [ 62.567884][ T5661] should_fail_ex+0x265/0x280 [ 62.567960][ T5661] should_fail+0xb/0x20 [ 62.568075][ T5661] should_fail_usercopy+0x1a/0x20 [ 62.568105][ T5661] _copy_from_user+0x1c/0xb0 [ 62.568134][ T5661] copy_from_bpfptr+0x5c/0x90 [ 62.568154][ T5661] bpf_prog_load+0x73b/0x1100 [ 62.568180][ T5661] ? security_bpf+0x2b/0x90 [ 62.568208][ T5661] __sys_bpf+0x469/0x7c0 [ 62.568253][ T5661] __x64_sys_bpf+0x41/0x50 [ 62.568287][ T5661] x64_sys_call+0x2aee/0x3000 [ 62.568314][ T5661] do_syscall_64+0xd2/0x200 [ 62.568334][ T5661] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 62.568368][ T5661] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 62.568400][ T5661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.568424][ T5661] RIP: 0033:0x7fcc61b9f6c9 [ 62.568443][ T5661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.568492][ T5661] RSP: 002b:00007fcc60607038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 62.568549][ T5661] RAX: ffffffffffffffda RBX: 00007fcc61df5fa0 RCX: 00007fcc61b9f6c9 [ 62.568572][ T5661] RDX: 00000000000000a8 RSI: 0000200000000480 RDI: 0000000000000005 [ 62.568588][ T5661] RBP: 00007fcc60607090 R08: 0000000000000000 R09: 0000000000000000 [ 62.568602][ T5661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 62.568615][ T5661] R13: 00007fcc61df6038 R14: 00007fcc61df5fa0 R15: 00007ffe707e4408 [ 62.568632][ T5661] [ 62.931535][ T5670] tmpfs: Bad value for 'mpol' [ 62.948286][ T5685] netlink: 4 bytes leftover after parsing attributes in process `syz.1.757'. [ 62.967908][ T5670] netlink: 12 bytes leftover after parsing attributes in process `syz.5.750'. [ 62.980803][ T5670] netlink: 12 bytes leftover after parsing attributes in process `syz.5.750'. [ 63.135036][ T5700] loop5: detected capacity change from 0 to 128 [ 63.141792][ T5700] msdos: Unknown parameter 'dos1xfl%4?օy' [ 63.214899][ T5698] loop6: detected capacity change from 0 to 1024 [ 63.221583][ T5698] EXT4-fs: Ignoring removed orlov option [ 63.313010][ T5718] loop2: detected capacity change from 0 to 1024 [ 63.321507][ T5718] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 63.374092][ T5718] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 63.386134][ T5718] EXT4-fs (loop2): orphan cleanup on readonly fs [ 63.432472][ T5718] EXT4-fs error (device loop2): ext4_free_blocks:6706: comm syz.2.771: Freeing blocks not in datazone - block = 0, count = 4096 [ 63.446864][ T5718] EXT4-fs (loop2): 1 orphan inode deleted [ 63.541572][ T5726] FAULT_INJECTION: forcing a failure. [ 63.541572][ T5726] name failslab, interval 1, probability 0, space 0, times 0 [ 63.554340][ T5726] CPU: 0 UID: 0 PID: 5726 Comm: syz.6.773 Not tainted syzkaller #0 PREEMPT(voluntary) [ 63.554371][ T5726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 63.554385][ T5726] Call Trace: [ 63.554394][ T5726] [ 63.554482][ T5726] __dump_stack+0x1d/0x30 [ 63.554573][ T5726] dump_stack_lvl+0xe8/0x140 [ 63.554730][ T5726] dump_stack+0x15/0x1b [ 63.554818][ T5726] should_fail_ex+0x265/0x280 [ 63.554867][ T5726] should_failslab+0x8c/0xb0 [ 63.554900][ T5726] kmem_cache_alloc_noprof+0x50/0x480 [ 63.554976][ T5726] ? skb_clone+0x151/0x1f0 [ 63.554999][ T5726] skb_clone+0x151/0x1f0 [ 63.555020][ T5726] __netlink_deliver_tap+0x2c9/0x500 [ 63.555106][ T5726] netlink_unicast+0x66b/0x690 [ 63.555197][ T5726] netlink_sendmsg+0x58b/0x6b0 [ 63.555223][ T5726] ? __pfx_netlink_sendmsg+0x10/0x10 [ 63.555248][ T5726] __sock_sendmsg+0x145/0x180 [ 63.555276][ T5726] ____sys_sendmsg+0x31e/0x4e0 [ 63.555321][ T5726] ___sys_sendmsg+0x17b/0x1d0 [ 63.555352][ T5726] __x64_sys_sendmsg+0xd4/0x160 [ 63.555377][ T5726] x64_sys_call+0x191e/0x3000 [ 63.555445][ T5726] do_syscall_64+0xd2/0x200 [ 63.555469][ T5726] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 63.555555][ T5726] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 63.555611][ T5726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 63.555632][ T5726] RIP: 0033:0x7fbcb838f6c9 [ 63.555719][ T5726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 63.555741][ T5726] RSP: 002b:00007fbcb6df7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 63.555761][ T5726] RAX: ffffffffffffffda RBX: 00007fbcb85e5fa0 RCX: 00007fbcb838f6c9 [ 63.555773][ T5726] RDX: 0000000000042000 RSI: 0000200000000380 RDI: 0000000000000005 [ 63.555786][ T5726] RBP: 00007fbcb6df7090 R08: 0000000000000000 R09: 0000000000000000 [ 63.555799][ T5726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 63.555889][ T5726] R13: 00007fbcb85e6038 R14: 00007fbcb85e5fa0 R15: 00007ffc4bbba5f8 [ 63.555990][ T5726] [ 63.826770][ T5731] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 63.833512][ T5731] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 63.841288][ T5731] vhci_hcd vhci_hcd.0: Device attached [ 63.849578][ T5739] vhci_hcd: connection closed [ 63.849783][ T52] vhci_hcd: stop threads [ 63.858967][ T52] vhci_hcd: release socket [ 63.859104][ T5742] loop6: detected capacity change from 0 to 512 [ 63.863701][ T52] vhci_hcd: disconnect device [ 63.870133][ T5742] EXT4-fs: Ignoring removed i_version option [ 63.880574][ T5742] EXT4-fs: Ignoring removed bh option [ 63.904194][ T5742] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 63.945623][ T5742] EXT4-fs error (device loop6): ext4_lookup:1787: inode #12: comm syz.6.780: iget: bad i_size value: 2533274857506816 [ 63.976776][ T5742] pim6reg1: entered promiscuous mode [ 63.982232][ T5742] pim6reg1: entered allmulticast mode [ 63.992734][ T5752] loop5: detected capacity change from 0 to 128 [ 63.999984][ T5752] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 64.014497][ T5750] batadv1: entered promiscuous mode [ 64.019765][ T5750] batadv1: entered allmulticast mode [ 64.181334][ T5767] IPVS: set_ctl: invalid protocol: 27402 10.1.1.1:20003 [ 64.464894][ T52] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.525583][ T52] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.557736][ T5820] FAULT_INJECTION: forcing a failure. [ 64.557736][ T5820] name failslab, interval 1, probability 0, space 0, times 0 [ 64.570561][ T5820] CPU: 1 UID: 0 PID: 5820 Comm: syz.6.808 Not tainted syzkaller #0 PREEMPT(voluntary) [ 64.570649][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 64.570724][ T5820] Call Trace: [ 64.570734][ T5820] [ 64.570744][ T5820] __dump_stack+0x1d/0x30 [ 64.570772][ T5820] dump_stack_lvl+0xe8/0x140 [ 64.570798][ T5820] dump_stack+0x15/0x1b [ 64.570819][ T5820] should_fail_ex+0x265/0x280 [ 64.570843][ T5820] should_failslab+0x8c/0xb0 [ 64.570946][ T5820] kmem_cache_alloc_noprof+0x50/0x480 [ 64.570981][ T5820] ? audit_log_start+0x342/0x720 [ 64.571008][ T5820] audit_log_start+0x342/0x720 [ 64.571034][ T5820] audit_seccomp+0x48/0x100 [ 64.571136][ T5820] ? __seccomp_filter+0x82d/0x1250 [ 64.571165][ T5820] __seccomp_filter+0x83e/0x1250 [ 64.571262][ T5820] ? __list_add_valid_or_report+0x38/0xe0 [ 64.571293][ T5820] ? __set_next_task_fair+0x5b/0x150 [ 64.571320][ T5820] ? tracing_record_taskinfo_sched_switch+0x71/0x260 [ 64.571357][ T5820] ? _raw_spin_unlock+0x26/0x50 [ 64.571404][ T5820] __secure_computing+0x82/0x150 [ 64.571434][ T5820] syscall_trace_enter+0xcf/0x1e0 [ 64.571460][ T5820] do_syscall_64+0xac/0x200 [ 64.571480][ T5820] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 64.571520][ T5820] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 64.571703][ T5820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.571724][ T5820] RIP: 0033:0x7fbcb838e0dc [ 64.571741][ T5820] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 64.571763][ T5820] RSP: 002b:00007fbcb6df7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 64.571788][ T5820] RAX: ffffffffffffffda RBX: 00007fbcb85e5fa0 RCX: 00007fbcb838e0dc [ 64.571803][ T5820] RDX: 000000000000000f RSI: 00007fbcb6df70a0 RDI: 0000000000000006 [ 64.571842][ T5820] RBP: 00007fbcb6df7090 R08: 0000000000000000 R09: 0000000000000000 [ 64.571857][ T5820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.571872][ T5820] R13: 00007fbcb85e6038 R14: 00007fbcb85e5fa0 R15: 00007ffc4bbba5f8 [ 64.571894][ T5820] [ 64.853429][ T52] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.919139][ T52] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.993392][ T5846] loop6: detected capacity change from 0 to 164 [ 65.038953][ T52] bridge_slave_1: left allmulticast mode [ 65.044851][ T52] bridge_slave_1: left promiscuous mode [ 65.050805][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.059477][ T52] bridge_slave_0: left allmulticast mode [ 65.065285][ T52] bridge_slave_0: left promiscuous mode [ 65.070973][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.086126][ T5846] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 65.094485][ T5846] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 65.194948][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 65.215900][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 65.235994][ T52] bond0 (unregistering): Released all slaves [ 65.255372][ T5817] chnl_net:caif_netlink_parms(): no params data found [ 65.322758][ T52] hsr_slave_0: left promiscuous mode [ 65.328601][ T52] hsr_slave_1: left promiscuous mode [ 65.340550][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 65.348093][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 65.371552][ T5861] loop6: detected capacity change from 0 to 1024 [ 65.378557][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 65.386130][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 65.386393][ T5861] EXT4-fs: Ignoring removed orlov option [ 65.478325][ T52] veth1_macvtap: left promiscuous mode [ 65.486876][ T5866] loop5: detected capacity change from 0 to 512 [ 65.497801][ T5866] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.822: inode has both inline data and extents flags [ 65.522290][ T5866] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.822: couldn't read orphan inode 15 (err -117) [ 65.534260][ T52] veth0_macvtap: left promiscuous mode [ 65.539864][ T52] veth1_vlan: left promiscuous mode [ 65.635833][ T52] veth0_vlan: left promiscuous mode [ 65.728539][ T3421] hid_parser_main: 16 callbacks suppressed [ 65.728561][ T3421] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 65.743140][ T3421] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 65.824517][ T52] team0 (unregistering): Port device team_slave_1 removed [ 65.834881][ T52] team0 (unregistering): Port device team_slave_0 removed [ 65.890323][ T5864] team0: Failed to send options change via netlink (err -105) [ 65.905211][ T5864] team0: Failed to send port change of device team_slave_1 via netlink (err -105) [ 65.934106][ T5864] team0: Port device team_slave_1 removed [ 65.988044][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.995363][ T5817] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.034308][ T5817] bridge_slave_0: entered allmulticast mode [ 66.062452][ T5817] bridge_slave_0: entered promiscuous mode [ 66.092863][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.100167][ T5817] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.127238][ T5817] bridge_slave_1: entered allmulticast mode [ 66.173640][ T5881] loop6: detected capacity change from 0 to 512 [ 66.180643][ T5881] EXT4-fs (loop6): couldn't mount as ext2 due to feature incompatibilities [ 66.181124][ T5817] bridge_slave_1: entered promiscuous mode [ 66.274722][ T5817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.301176][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.316448][ T5893] loop2: detected capacity change from 0 to 128 [ 66.340608][ T5817] team0: Port device team_slave_0 added [ 66.347690][ T5817] team0: Port device team_slave_1 added [ 66.404442][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.411530][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 66.437749][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.459548][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.466604][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 66.492578][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.517607][ T5899] loop2: detected capacity change from 0 to 164 [ 66.532659][ T5899] iso9660: Unknown parameter 'xVT !G+E+[A?aF' [ 66.563134][ T5817] hsr_slave_0: entered promiscuous mode [ 66.572765][ T5817] hsr_slave_1: entered promiscuous mode [ 66.578635][ T5817] debugfs: 'hsr0' already exists in 'hsr' [ 66.584447][ T5817] Cannot create hsr debugfs directory [ 66.590270][ T5904] lo speed is unknown, defaulting to 1000 [ 66.601916][ T5904] lo speed is unknown, defaulting to 1000 [ 66.620561][ T5904] lo speed is unknown, defaulting to 1000 [ 66.630436][ T5904] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 66.655783][ T5910] SELinux: Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped). [ 66.678938][ T5904] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 66.757685][ T5904] lo speed is unknown, defaulting to 1000 [ 66.788119][ T5904] lo speed is unknown, defaulting to 1000 [ 66.804092][ T5904] lo speed is unknown, defaulting to 1000 [ 66.809748][ T5817] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 66.837723][ T5904] lo speed is unknown, defaulting to 1000 [ 66.838082][ T5817] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 66.862682][ T5904] lo speed is unknown, defaulting to 1000 [ 66.862798][ T5817] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 66.923300][ T5922] bond3: entered allmulticast mode [ 66.930387][ T5922] 8021q: adding VLAN 0 to HW filter on device bond3 [ 66.938500][ T5817] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 67.128080][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.154746][ T5817] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.166134][ T2658] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.173245][ T2658] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.202383][ T2658] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.209489][ T2658] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.212244][ T29] kauditd_printk_skb: 2445 callbacks suppressed [ 67.212258][ T29] audit: type=1326 audit(67.189:7427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5938 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcc61b3b779 code=0x7ffc0000 [ 67.226070][ T5817] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 67.245752][ T29] audit: type=1326 audit(67.189:7428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5938 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcc61b96567 code=0x7ffc0000 [ 67.256127][ T5817] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.278721][ T29] audit: type=1326 audit(67.189:7429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5938 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcc61b3b779 code=0x7ffc0000 [ 67.278751][ T29] audit: type=1326 audit(67.189:7430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5938 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcc61b96567 code=0x7ffc0000 [ 67.278779][ T29] audit: type=1326 audit(67.189:7431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5938 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcc61b3b779 code=0x7ffc0000 [ 67.278834][ T29] audit: type=1326 audit(67.189:7432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5938 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcc61b96567 code=0x7ffc0000 [ 67.278856][ T29] audit: type=1326 audit(67.189:7433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5938 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcc61b3b779 code=0x7ffc0000 [ 67.387061][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.402565][ T29] audit: type=1326 audit(67.189:7434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5938 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcc61b96567 code=0x7ffc0000 [ 67.431787][ T29] audit: type=1326 audit(67.189:7435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5938 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcc61b3b779 code=0x7ffc0000 [ 67.454515][ T29] audit: type=1326 audit(67.189:7436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5938 comm="syz.1.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcc61b96567 code=0x7ffc0000 [ 67.563622][ T5974] __nla_validate_parse: 8 callbacks suppressed [ 67.563643][ T5974] netlink: 16 bytes leftover after parsing attributes in process `syz.5.857'. [ 67.586437][ T5972] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5972 comm=syz.2.856 [ 67.602718][ T5972] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 67.611268][ T5972] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 67.619652][ T5974] netlink: 16 bytes leftover after parsing attributes in process `syz.5.857'. [ 67.669314][ T5817] veth0_vlan: entered promiscuous mode [ 67.684721][ T5817] veth1_vlan: entered promiscuous mode [ 67.715213][ T5987] netlink: 4 bytes leftover after parsing attributes in process `syz.1.859'. [ 67.715438][ T5817] veth0_macvtap: entered promiscuous mode [ 67.750617][ T5817] veth1_macvtap: entered promiscuous mode [ 67.765660][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.783999][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.805128][ T2658] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.815394][ T2658] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.834667][ T2658] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.848499][ T2658] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.967446][ T6017] loop8: detected capacity change from 0 to 2048 [ 67.996881][ T6017] EXT4-fs mount: 53 callbacks suppressed [ 67.996901][ T6017] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.029063][ T6017] EXT4-fs error (device loop8): ext4_ext_precache:632: inode #2: comm syz.8.870: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 68.057431][ T6017] EXT4-fs (loop8): Remounting filesystem read-only [ 68.095806][ T5817] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.195570][ T6092] loop8: detected capacity change from 0 to 164 [ 68.206956][ T6092] netlink: 4 bytes leftover after parsing attributes in process `syz.8.877'. [ 68.267707][ T6101] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 68.276071][ T6101] iso9660: Corrupted directory entry in block 2 of inode 1792 [ 68.367069][ T6109] loop6: detected capacity change from 0 to 2048 [ 68.391073][ T6109] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 68.414539][ T6109] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 68.450418][ T6109] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 68.462892][ T6109] EXT4-fs (loop6): This should not happen!! Data will be lost [ 68.462892][ T6109] [ 68.472631][ T6109] EXT4-fs (loop6): Total free blocks count 0 [ 68.478635][ T6109] EXT4-fs (loop6): Free/Dirty block details [ 68.482518][ T6122] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6122 comm=syz.5.888 [ 68.484622][ T6109] EXT4-fs (loop6): free_blocks=2415919104 [ 68.484638][ T6109] EXT4-fs (loop6): dirty_blocks=16 [ 68.507927][ T6109] EXT4-fs (loop6): Block reservation details [ 68.513974][ T6109] EXT4-fs (loop6): i_reserved_data_blocks=1 [ 68.535786][ T6125] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 68.548010][ T6125] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 68.625500][ T6131] loop2: detected capacity change from 0 to 512 [ 68.632392][ T6131] journal_path: Non-blockdev passed as './bus' [ 68.638667][ T6131] EXT4-fs: error: could not find journal device path [ 68.673426][ T6131] loop2: detected capacity change from 0 to 4096 [ 68.682475][ T6109] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 930 with error 28 [ 68.710625][ T6131] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.989599][ T6139] macvtap0: refused to change device tx_queue_len [ 69.284502][ T6144] loop5: detected capacity change from 0 to 1024 [ 69.291343][ T6144] EXT4-fs: Ignoring removed orlov option [ 69.294147][ T6140] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.299299][ T6144] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 69.386047][ T6030] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.476492][ T6030] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.518462][ T6030] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.541552][ T6177] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6177 comm=syz.8.906 [ 69.558138][ T6171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 69.566887][ T6171] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 69.626742][ T6030] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.694883][ T6167] lo speed is unknown, defaulting to 1000 [ 69.706430][ T4525] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.739681][ T6191] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6191 comm=syz.1.912 [ 69.766751][ T6030] bridge_slave_1: left allmulticast mode [ 69.772615][ T6030] bridge_slave_1: left promiscuous mode [ 69.778362][ T6030] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.791928][ T6030] bridge_slave_0: left promiscuous mode [ 69.798028][ T6030] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.860095][ T6205] loop5: detected capacity change from 0 to 2048 [ 69.878675][ T6205] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.902467][ T6205] EXT4-fs error (device loop5): ext4_ext_precache:632: inode #2: comm syz.5.918: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 69.923999][ T6209] netlink: 12 bytes leftover after parsing attributes in process `syz.6.919'. [ 69.933093][ T6209] netlink: 12 bytes leftover after parsing attributes in process `syz.6.919'. [ 69.942362][ T6205] EXT4-fs (loop5): Remounting filesystem read-only [ 69.949330][ T6030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 69.962468][ T6030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 69.974686][ T4525] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.985581][ T6030] bond0 (unregistering): Released all slaves [ 69.995154][ T6030] bond1 (unregistering): Released all slaves [ 70.041786][ T6167] chnl_net:caif_netlink_parms(): no params data found [ 70.074501][ T6030] hsr_slave_0: left promiscuous mode [ 70.080129][ T6223] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6223 comm=syz.5.923 [ 70.102749][ T6030] hsr_slave_1: left promiscuous mode [ 70.108588][ T6030] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 70.116060][ T6030] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 70.130697][ T6030] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 70.138274][ T6030] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 70.152369][ T6030] veth1_macvtap: left promiscuous mode [ 70.157998][ T6030] veth0_macvtap: left promiscuous mode [ 70.163959][ T6228] FAULT_INJECTION: forcing a failure. [ 70.163959][ T6228] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 70.164268][ T6030] veth1_vlan: left promiscuous mode [ 70.177050][ T6228] CPU: 1 UID: 0 PID: 6228 Comm: +}[@ Not tainted syzkaller #0 PREEMPT(voluntary) [ 70.177079][ T6228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 70.177092][ T6228] Call Trace: [ 70.177098][ T6228] [ 70.177107][ T6228] __dump_stack+0x1d/0x30 [ 70.177176][ T6228] dump_stack_lvl+0xe8/0x140 [ 70.177199][ T6228] dump_stack+0x15/0x1b [ 70.177218][ T6228] should_fail_ex+0x265/0x280 [ 70.177239][ T6228] should_fail+0xb/0x20 [ 70.177274][ T6228] should_fail_usercopy+0x1a/0x20 [ 70.177297][ T6228] _copy_from_user+0x1c/0xb0 [ 70.177394][ T6228] sctp_setsockopt+0x154/0xe30 [ 70.177420][ T6228] sock_common_setsockopt+0x69/0x80 [ 70.177447][ T6228] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 70.177536][ T6228] __sys_setsockopt+0x184/0x200 [ 70.177569][ T6228] __x64_sys_setsockopt+0x64/0x80 [ 70.177622][ T6228] x64_sys_call+0x20ec/0x3000 [ 70.177646][ T6228] do_syscall_64+0xd2/0x200 [ 70.177668][ T6228] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 70.177697][ T6228] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 70.177803][ T6228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.177825][ T6228] RIP: 0033:0x7fbcb838f6c9 [ 70.177842][ T6228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.177862][ T6228] RSP: 002b:00007fbcb6df7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 70.177915][ T6228] RAX: ffffffffffffffda RBX: 00007fbcb85e5fa0 RCX: 00007fbcb838f6c9 [ 70.177929][ T6228] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 0000000000000003 [ 70.177942][ T6228] RBP: 00007fbcb6df7090 R08: 0000000000000008 R09: 0000000000000000 [ 70.177955][ T6228] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.177968][ T6228] R13: 00007fbcb85e6038 R14: 00007fbcb85e5fa0 R15: 00007ffc4bbba5f8 [ 70.178025][ T6228] [ 70.371707][ T6030] veth0_vlan: left promiscuous mode [ 70.380771][ T6238] netlink: 12 bytes leftover after parsing attributes in process `syz.5.930'. [ 70.389873][ T6238] netlink: 12 bytes leftover after parsing attributes in process `syz.5.930'. [ 70.431918][ T6237] loop6: detected capacity change from 0 to 512 [ 70.438746][ T6237] journal_path: Non-blockdev passed as './bus' [ 70.445119][ T6237] EXT4-fs: error: could not find journal device path [ 70.487741][ T6237] loop6: detected capacity change from 0 to 4096 [ 70.494542][ T6030] team0 (unregistering): Port device team_slave_1 removed [ 70.530763][ T6030] team0 (unregistering): Port device team_slave_0 removed [ 70.541017][ T6237] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.618892][ T6267] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.647536][ T6167] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.654707][ T6167] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.666440][ T6167] bridge_slave_0: entered allmulticast mode [ 70.680974][ T6167] bridge_slave_0: entered promiscuous mode [ 70.690359][ T6267] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.711602][ T6167] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.718965][ T6167] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.719460][ T4901] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.735739][ T6167] bridge_slave_1: entered allmulticast mode [ 70.755610][ T6167] bridge_slave_1: entered promiscuous mode [ 70.763008][ T6278] SELinux: failed to load policy [ 70.782456][ T6280] netlink: 12 bytes leftover after parsing attributes in process `syz.6.944'. [ 70.791412][ T6280] netlink: 12 bytes leftover after parsing attributes in process `syz.6.944'. [ 70.831010][ T6267] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.847025][ T6167] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.868724][ T6167] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.879378][ T6292] loop6: detected capacity change from 0 to 512 [ 70.888287][ T6292] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities [ 70.898372][ T6267] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.926773][ T6298] FAULT_INJECTION: forcing a failure. [ 70.926773][ T6298] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 70.940185][ T6298] CPU: 0 UID: 0 PID: 6298 Comm: syz.1.953 Not tainted syzkaller #0 PREEMPT(voluntary) [ 70.940216][ T6298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 70.940273][ T6298] Call Trace: [ 70.940280][ T6298] [ 70.940288][ T6298] __dump_stack+0x1d/0x30 [ 70.940312][ T6298] dump_stack_lvl+0xe8/0x140 [ 70.940336][ T6298] dump_stack+0x15/0x1b [ 70.940424][ T6298] should_fail_ex+0x265/0x280 [ 70.940448][ T6298] should_fail_alloc_page+0xf2/0x100 [ 70.940484][ T6298] __alloc_frozen_pages_noprof+0xff/0x360 [ 70.940518][ T6298] alloc_pages_mpol+0xb3/0x260 [ 70.940590][ T6298] vma_alloc_folio_noprof+0x1aa/0x300 [ 70.940617][ T6298] handle_mm_fault+0xec2/0x2be0 [ 70.940682][ T6298] ? vma_start_read+0x141/0x1f0 [ 70.940722][ T6298] do_user_addr_fault+0x630/0x1080 [ 70.940749][ T6298] ? fpregs_assert_state_consistent+0xb4/0xe0 [ 70.940788][ T6298] exc_page_fault+0x62/0xa0 [ 70.940864][ T6298] asm_exc_page_fault+0x26/0x30 [ 70.940970][ T6298] RIP: 0033:0x7fcc61a609e0 [ 70.940990][ T6298] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41 [ 70.941011][ T6298] RSP: 002b:00007fcc606064a0 EFLAGS: 00010202 [ 70.941033][ T6298] RAX: 0000000000001000 RBX: 00007fcc60606540 RCX: 0000000000000003 [ 70.941049][ T6298] RDX: 00000000000007e3 RSI: 0000000000000be4 RDI: 00007fcc606065e0 [ 70.941063][ T6298] RBP: 0000000000000004 R08: 00007fcc581e7000 R09: 0000000000000002 [ 70.941136][ T6298] R10: 0000200000000642 R11: 000000000000052c R12: 0000000000000801 [ 70.941149][ T6298] R13: 00007fcc61c3dc40 R14: 0000000000000016 R15: 00007fcc606065e0 [ 70.941167][ T6298] [ 70.941176][ T6298] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 71.134074][ T6167] team0: Port device team_slave_0 added [ 71.141033][ T6167] team0: Port device team_slave_1 added [ 71.180793][ T6167] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.187885][ T6167] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 71.214147][ T6167] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.225589][ T6167] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.232642][ T6167] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 71.258608][ T6167] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.338171][ T6033] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.350296][ T6167] hsr_slave_0: entered promiscuous mode [ 71.358526][ T6167] hsr_slave_1: entered promiscuous mode [ 71.371852][ T6167] debugfs: 'hsr0' already exists in 'hsr' [ 71.377856][ T6167] Cannot create hsr debugfs directory [ 71.391043][ T6033] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.400543][ T6033] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.430395][ T6033] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.593945][ T6331] FAULT_INJECTION: forcing a failure. [ 71.593945][ T6331] name failslab, interval 1, probability 0, space 0, times 0 [ 71.606702][ T6331] CPU: 1 UID: 0 PID: 6331 Comm: syz.8.967 Not tainted syzkaller #0 PREEMPT(voluntary) [ 71.606736][ T6331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 71.606748][ T6331] Call Trace: [ 71.606760][ T6331] [ 71.606768][ T6331] __dump_stack+0x1d/0x30 [ 71.606791][ T6331] dump_stack_lvl+0xe8/0x140 [ 71.606811][ T6331] dump_stack+0x15/0x1b [ 71.606842][ T6331] should_fail_ex+0x265/0x280 [ 71.606922][ T6331] should_failslab+0x8c/0xb0 [ 71.606956][ T6331] kmem_cache_alloc_lru_noprof+0x55/0x490 [ 71.606990][ T6331] ? __d_alloc+0x3d/0x340 [ 71.607053][ T6331] __d_alloc+0x3d/0x340 [ 71.607158][ T6331] ? mpol_shared_policy_init+0xbd/0x4c0 [ 71.607244][ T6331] d_alloc_pseudo+0x1e/0x80 [ 71.607273][ T6331] alloc_file_pseudo+0x71/0x160 [ 71.607333][ T6331] __shmem_file_setup+0x1de/0x210 [ 71.607358][ T6331] shmem_file_setup+0x3b/0x50 [ 71.607380][ T6331] __se_sys_memfd_create+0x2c3/0x590 [ 71.607412][ T6331] __x64_sys_memfd_create+0x31/0x40 [ 71.607442][ T6331] x64_sys_call+0x2ac2/0x3000 [ 71.607550][ T6331] do_syscall_64+0xd2/0x200 [ 71.607573][ T6331] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 71.607606][ T6331] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 71.607643][ T6331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.607751][ T6331] RIP: 0033:0x7fdcdebbf6c9 [ 71.607771][ T6331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.607792][ T6331] RSP: 002b:00007fdcdd626d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 71.607824][ T6331] RAX: ffffffffffffffda RBX: 00000000000005c2 RCX: 00007fdcdebbf6c9 [ 71.607845][ T6331] RDX: 00007fdcdd626dec RSI: 0000000000000000 RDI: 00007fdcdec42960 [ 71.607861][ T6331] RBP: 0000200000000000 R08: 00007fdcdd626b07 R09: 0000000000000000 [ 71.607877][ T6331] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001 [ 71.607892][ T6331] R13: 00007fdcdd626dec R14: 00007fdcdd626df0 R15: 00007ffeb20e26f8 [ 71.607914][ T6331] [ 71.610237][ T6167] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 71.842052][ T6167] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 71.852676][ T6167] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 71.878064][ T6167] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 71.967298][ T6349] loop5: detected capacity change from 0 to 512 [ 71.979441][ T6167] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.993777][ T6167] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.000697][ T6349] journal_path: Non-blockdev passed as './bus' [ 72.007020][ T6349] EXT4-fs: error: could not find journal device path [ 72.025161][ T6024] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.032342][ T6024] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.051617][ T6024] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.058761][ T6024] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.067735][ T6349] loop5: detected capacity change from 0 to 4096 [ 72.081319][ T6349] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.100230][ T6353] loop8: detected capacity change from 0 to 512 [ 72.111927][ T6167] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 72.123417][ T6353] EXT4-fs (loop8): failed to initialize system zone (-117) [ 72.131604][ T6353] EXT4-fs (loop8): mount failed [ 72.222413][ T29] kauditd_printk_skb: 1986 callbacks suppressed [ 72.222428][ T29] audit: type=1326 audit(72.209:9423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6367 comm="syz.6.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcb838f6c9 code=0x7ffc0000 [ 72.224645][ T6167] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.232033][ T29] audit: type=1326 audit(72.209:9424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6367 comm="syz.6.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcb838f6c9 code=0x7ffc0000 [ 72.281125][ T29] audit: type=1326 audit(72.209:9425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6367 comm="syz.6.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcb838f6c9 code=0x7ffc0000 [ 72.303954][ T29] audit: type=1326 audit(72.209:9426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6367 comm="syz.6.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7fbcb838f6c9 code=0x7ffc0000 [ 72.326642][ T29] audit: type=1326 audit(72.209:9427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6367 comm="syz.6.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcb838f6c9 code=0x7ffc0000 [ 72.370015][ T29] audit: type=1326 audit(72.289:9428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6367 comm="syz.6.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcb838f6c9 code=0x7ffc0000 [ 72.392963][ T29] audit: type=1326 audit(72.289:9429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6367 comm="syz.6.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcb838f6c9 code=0x7ffc0000 [ 72.415920][ T29] audit: type=1326 audit(72.329:9430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6367 comm="syz.6.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fbcb838f6c9 code=0x7ffc0000 [ 72.438613][ T29] audit: type=1326 audit(72.329:9431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6367 comm="syz.6.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcb838f6c9 code=0x7ffc0000 [ 72.461593][ T29] audit: type=1326 audit(72.329:9432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6367 comm="syz.6.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcb838f6c9 code=0x7ffc0000 [ 72.491613][ T6167] veth0_vlan: entered promiscuous mode [ 72.500293][ T6167] veth1_vlan: entered promiscuous mode [ 72.519426][ T6167] veth0_macvtap: entered promiscuous mode [ 72.528185][ T6167] veth1_macvtap: entered promiscuous mode [ 72.543284][ T6167] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.554974][ T6167] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.566012][ T6036] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.576813][ T6036] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.592393][ T6036] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.607002][ T6036] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.612978][ T6393] loop8: detected capacity change from 0 to 2048 [ 72.651563][ T6393] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none. [ 72.672006][ T6393] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 72.687556][ T6393] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 72.699811][ T6393] EXT4-fs (loop8): This should not happen!! Data will be lost [ 72.699811][ T6393] [ 72.709653][ T6393] EXT4-fs (loop8): Total free blocks count 0 [ 72.715920][ T6393] EXT4-fs (loop8): Free/Dirty block details [ 72.721936][ T6393] EXT4-fs (loop8): free_blocks=2415919104 [ 72.727720][ T6393] EXT4-fs (loop8): dirty_blocks=16 [ 72.732915][ T6393] EXT4-fs (loop8): Block reservation details [ 72.738970][ T6393] EXT4-fs (loop8): i_reserved_data_blocks=1 [ 72.812449][ T6397] loop6: detected capacity change from 0 to 1024 [ 72.819081][ T6397] EXT4-fs: Ignoring removed orlov option [ 72.829043][ T6397] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.853273][ T6416] netlink: 7 bytes leftover after parsing attributes in process `syz.9.991'. [ 72.862179][ T6416] netlink: 12 bytes leftover after parsing attributes in process `syz.9.991'. [ 72.871079][ T6416] netlink: 12 bytes leftover after parsing attributes in process `syz.9.991'. [ 72.907959][ T6416] netlink: 7 bytes leftover after parsing attributes in process `syz.9.991'. [ 72.932262][ T6416] netlink: 12 bytes leftover after parsing attributes in process `syz.9.991'. [ 72.941213][ T6416] netlink: 12 bytes leftover after parsing attributes in process `syz.9.991'. [ 72.942289][ T4901] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.968743][ T6403] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 72.990618][ T6423] netlink: 'syz.9.991': attribute type 2 has an invalid length. [ 73.020739][ T6416] netlink: 7 bytes leftover after parsing attributes in process `syz.9.991'. [ 73.033617][ T6416] netlink: 12 bytes leftover after parsing attributes in process `syz.9.991'. [ 73.042784][ T6416] netlink: 12 bytes leftover after parsing attributes in process `syz.9.991'. [ 73.114200][ T6433] bond_slave_0: entered promiscuous mode [ 73.120062][ T6433] bond_slave_1: entered promiscuous mode [ 73.142230][ T6433] vlan2: entered promiscuous mode [ 73.147301][ T6433] bond0: entered promiscuous mode [ 73.188615][ T6440] loop9: detected capacity change from 0 to 164 [ 73.458388][ T6454] loop9: detected capacity change from 0 to 1024 [ 73.465348][ T6454] EXT4-fs: Ignoring removed orlov option [ 73.493135][ T6454] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.521322][ T6473] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.574339][ T6473] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.630643][ T6167] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.661387][ T6473] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.731107][ T6485] loop6: detected capacity change from 0 to 2048 [ 73.743005][ T6473] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.756601][ T6485] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.775152][ T6485] EXT4-fs error (device loop6): ext4_ext_precache:632: inode #2: comm syz.6.1018: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 73.794967][ T6485] EXT4-fs (loop6): Remounting filesystem read-only [ 73.816429][ T4901] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.862593][ T6036] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.890699][ T6036] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.910683][ T6036] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.933863][ T6036] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.949887][ T6493] loop6: detected capacity change from 0 to 128 [ 74.038394][ T6501] loop6: detected capacity change from 0 to 512 [ 74.062452][ T6501] journal_path: Non-blockdev passed as './file0' [ 74.068873][ T6501] EXT4-fs: error: could not find journal device path [ 74.085810][ T6504] netlink: 96 bytes leftover after parsing attributes in process `syz.8.1022'. [ 74.170475][ T6478] syz.9.1014 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 74.181595][ T6478] CPU: 1 UID: 0 PID: 6478 Comm: syz.9.1014 Not tainted syzkaller #0 PREEMPT(voluntary) [ 74.181629][ T6478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 74.181645][ T6478] Call Trace: [ 74.181653][ T6478] [ 74.181671][ T6478] __dump_stack+0x1d/0x30 [ 74.181756][ T6478] dump_stack_lvl+0xe8/0x140 [ 74.181782][ T6478] dump_stack+0x15/0x1b [ 74.181805][ T6478] dump_header+0x81/0x220 [ 74.181828][ T6478] oom_kill_process+0x342/0x400 [ 74.181864][ T6478] out_of_memory+0x979/0xb80 [ 74.181921][ T6478] try_charge_memcg+0x610/0xa10 [ 74.181959][ T6478] charge_memcg+0x51/0xc0 [ 74.182052][ T6478] mem_cgroup_swapin_charge_folio+0xcc/0x150 [ 74.182078][ T6478] __read_swap_cache_async+0x17b/0x2d0 [ 74.182108][ T6478] swap_cluster_readahead+0x262/0x3c0 [ 74.182144][ T6478] swapin_readahead+0xde/0x6f0 [ 74.182166][ T6478] ? mod_memcg_lruvec_state+0x1fc/0x2c0 [ 74.182339][ T6478] ? __lruvec_stat_mod_folio+0xd6/0x120 [ 74.182402][ T6478] ? __rcu_read_unlock+0x4f/0x70 [ 74.182433][ T6478] ? swap_cache_get_folio+0x277/0x280 [ 74.182456][ T6478] do_swap_page+0x2ae/0x2370 [ 74.182483][ T6478] ? css_rstat_updated+0xb7/0x240 [ 74.182509][ T6478] ? __pfx_default_wake_function+0x10/0x10 [ 74.182615][ T6478] handle_mm_fault+0x9a5/0x2be0 [ 74.182647][ T6478] ? vma_start_read+0x141/0x1f0 [ 74.182705][ T6478] do_user_addr_fault+0x630/0x1080 [ 74.182787][ T6478] ? fpregs_restore_userregs+0xad/0x1d0 [ 74.182825][ T6478] ? switch_fpu_return+0xe/0x20 [ 74.182881][ T6478] ? fpregs_assert_state_consistent+0xb4/0xe0 [ 74.182921][ T6478] exc_page_fault+0x62/0xa0 [ 74.182951][ T6478] asm_exc_page_fault+0x26/0x30 [ 74.183037][ T6478] RIP: 0033:0x7f143830593c [ 74.183054][ T6478] Code: 66 0f 1f 44 00 00 69 3d 76 fd ea 00 e8 03 00 00 48 8d 1d 77 06 38 00 e8 f2 9c 12 00 eb 0c 48 81 c3 f0 00 00 00 48 39 eb 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00 [ 74.183071][ T6478] RSP: 002b:00007ffff2f9caa0 EFLAGS: 00010202 [ 74.183090][ T6478] RAX: 0000000000000000 RBX: 00007f1438685fa0 RCX: 0000000000000000 [ 74.183106][ T6478] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555593a61808 [ 74.183121][ T6478] RBP: 00007f1438687da0 R08: 0000000000000000 R09: 7fffffffffffffff [ 74.183136][ T6478] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000122f4 [ 74.183212][ T6478] R13: 00007ffff2f9cb90 R14: ffffffffffffffff R15: 00007ffff2f9cbb0 [ 74.183230][ T6478] [ 74.418378][ T6478] memory: usage 307036kB, limit 307200kB, failcnt 53 [ 74.425359][ T6478] memory+swap: usage 307228kB, limit 9007199254740988kB, failcnt 0 [ 74.433308][ T6478] kmem: usage 307172kB, limit 9007199254740988kB, failcnt 0 [ 74.440600][ T6478] Memory cgroup stats for /syz9: [ 74.440885][ T6478] cache 0 [ 74.448760][ T6478] rss 0 [ 74.451694][ T6478] shmem 0 [ 74.454634][ T6478] mapped_file 0 [ 74.458091][ T6478] dirty 0 [ 74.461026][ T6478] writeback 8192 [ 74.464580][ T6478] workingset_refault_anon 28 [ 74.469255][ T6478] workingset_refault_file 0 [ 74.473874][ T6478] swap 167936 [ 74.477271][ T6478] swapcached 28672 [ 74.480989][ T6478] pgpgin 3362 [ 74.484466][ T6478] pgpgout 3355 [ 74.487834][ T6478] pgfault 3847 [ 74.491209][ T6478] pgmajfault 8 [ 74.494598][ T6478] inactive_anon 8192 [ 74.498541][ T6478] active_anon 20480 [ 74.502377][ T6478] inactive_file 0 [ 74.506028][ T6478] active_file 0 [ 74.509633][ T6478] unevictable 0 [ 74.513215][ T6478] hierarchical_memory_limit 314572800 [ 74.518613][ T6478] hierarchical_memsw_limit 9223372036854771712 [ 74.524871][ T6478] total_cache 0 [ 74.528350][ T6478] total_rss 0 [ 74.531804][ T6478] total_shmem 0 [ 74.535330][ T6478] total_mapped_file 0 [ 74.539330][ T6478] total_dirty 0 [ 74.542874][ T6478] total_writeback 8192 [ 74.544974][ T6509] loop8: detected capacity change from 0 to 1024 [ 74.546987][ T6478] total_workingset_refault_anon 28 [ 74.553793][ T6509] EXT4-fs: Ignoring removed orlov option [ 74.558457][ T6478] total_workingset_refault_file 0 [ 74.569192][ T6478] total_swap 167936 [ 74.570413][ T6509] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.573144][ T6478] total_swapcached 28672 [ 74.589993][ T6478] total_pgpgin 3362 [ 74.590731][ T6513] FAULT_INJECTION: forcing a failure. [ 74.590731][ T6513] name failslab, interval 1, probability 0, space 0, times 0 [ 74.593841][ T6478] total_pgpgout 3355 [ 74.593868][ T6478] total_pgfault 3847 [ 74.606492][ T6513] CPU: 0 UID: 0 PID: 6513 Comm: syz.6.1026 Not tainted syzkaller #0 PREEMPT(voluntary) [ 74.606616][ T6513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 74.606629][ T6513] Call Trace: [ 74.606636][ T6513] [ 74.606644][ T6513] __dump_stack+0x1d/0x30 [ 74.606676][ T6513] dump_stack_lvl+0xe8/0x140 [ 74.606742][ T6513] dump_stack+0x15/0x1b [ 74.606761][ T6513] should_fail_ex+0x265/0x280 [ 74.606856][ T6513] should_failslab+0x8c/0xb0 [ 74.606910][ T6513] kmem_cache_alloc_lru_noprof+0x55/0x490 [ 74.606946][ T6513] ? __d_alloc+0x3d/0x340 [ 74.606979][ T6513] __d_alloc+0x3d/0x340 [ 74.607011][ T6513] d_alloc_pseudo+0x1e/0x80 [ 74.607043][ T6513] alloc_file_pseudo+0x71/0x160 [ 74.607119][ T6513] sock_alloc_file+0x9c/0x1e0 [ 74.607147][ T6513] __sys_socketpair+0x2b8/0x430 [ 74.607192][ T6513] __x64_sys_socketpair+0x52/0x60 [ 74.607221][ T6513] x64_sys_call+0x2bf6/0x3000 [ 74.607244][ T6513] do_syscall_64+0xd2/0x200 [ 74.607344][ T6513] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 74.607373][ T6513] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 74.607407][ T6513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.607428][ T6513] RIP: 0033:0x7fbcb838f6c9 [ 74.607473][ T6513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.607493][ T6513] RSP: 002b:00007fbcb6df7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 74.607589][ T6513] RAX: ffffffffffffffda RBX: 00007fbcb85e5fa0 RCX: 00007fbcb838f6c9 [ 74.607603][ T6513] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 74.607617][ T6513] RBP: 00007fbcb6df7090 R08: 0000000000000000 R09: 0000000000000000 [ 74.607630][ T6513] R10: 0000200000000940 R11: 0000000000000246 R12: 0000000000000002 [ 74.607643][ T6513] R13: 00007fbcb85e6038 R14: 00007fbcb85e5fa0 R15: 00007ffc4bbba5f8 [ 74.607669][ T6513] [ 74.804671][ T6478] total_pgmajfault 8 [ 74.808556][ T6478] total_inactive_anon 8192 [ 74.812978][ T6478] total_active_anon 20480 [ 74.817299][ T6478] total_inactive_file 0 [ 74.821440][ T6478] total_active_file 0 [ 74.825527][ T6478] total_unevictable 0 [ 74.829503][ T6478] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz9,task_memcg=/syz9,task=syz.9.1014,pid=6478,uid=0 [ 74.844187][ T6478] Memory cgroup out of memory: Killed process 6478 (syz.9.1014) total-vm:93956kB, anon-rss:1136kB, file-rss:22180kB, shmem-rss:0kB, UID:0 pgtables:132kB oom_score_adj:1000 [ 74.968297][ T5817] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.994766][ T6486] syz.9.1014 (6486) used greatest stack depth: 7432 bytes left [ 75.012180][ T6528] syzkaller0: entered promiscuous mode [ 75.015168][ T6531] random: crng reseeded on system resumption [ 75.017700][ T6528] syzkaller0: entered allmulticast mode [ 75.380380][ T6558] loop6: detected capacity change from 0 to 512 [ 75.380925][ T6562] netlink: 'syz.1.1046': attribute type 3 has an invalid length. [ 75.394358][ T6558] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.422465][ T4901] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.835213][ T6594] netlink: 'syz.6.1058': attribute type 10 has an invalid length. [ 75.846191][ T6594] team0: Port device dummy0 added [ 75.853153][ T6594] netlink: 'syz.6.1058': attribute type 10 has an invalid length. [ 75.861616][ T6594] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 75.873722][ T6594] team0: Failed to send options change via netlink (err -105) [ 75.881382][ T6594] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 75.890773][ T6594] team0: Port device dummy0 removed [ 75.898259][ T6594] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 76.019300][ T6611] FAULT_INJECTION: forcing a failure. [ 76.019300][ T6611] name failslab, interval 1, probability 0, space 0, times 0 [ 76.032177][ T6611] CPU: 0 UID: 0 PID: 6611 Comm: syz.9.1066 Not tainted syzkaller #0 PREEMPT(voluntary) [ 76.032209][ T6611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 76.032242][ T6611] Call Trace: [ 76.032250][ T6611] [ 76.032259][ T6611] __dump_stack+0x1d/0x30 [ 76.032286][ T6611] dump_stack_lvl+0xe8/0x140 [ 76.032311][ T6611] dump_stack+0x15/0x1b [ 76.032331][ T6611] should_fail_ex+0x265/0x280 [ 76.032378][ T6611] should_failslab+0x8c/0xb0 [ 76.032412][ T6611] kmem_cache_alloc_noprof+0x50/0x480 [ 76.032504][ T6611] ? locks_get_lock_context+0x89/0x210 [ 76.032538][ T6611] locks_get_lock_context+0x89/0x210 [ 76.032630][ T6611] posix_lock_inode+0x67/0x2380 [ 76.032673][ T6611] ? file_has_perm+0x35c/0x3a0 [ 76.032811][ T6611] fcntl_setlk+0x61f/0x950 [ 76.032849][ T6611] do_fcntl+0x5dd/0xdf0 [ 76.032881][ T6611] ? selinux_file_fcntl+0x1cb/0x1e0 [ 76.032990][ T6611] __se_sys_fcntl+0xb1/0x120 [ 76.033014][ T6611] __x64_sys_fcntl+0x43/0x50 [ 76.033035][ T6611] x64_sys_call+0x29a4/0x3000 [ 76.033062][ T6611] do_syscall_64+0xd2/0x200 [ 76.033086][ T6611] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 76.033182][ T6611] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 76.033220][ T6611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.033245][ T6611] RIP: 0033:0x7f143842f6c9 [ 76.033264][ T6611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.033288][ T6611] RSP: 002b:00007f1436e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 76.033312][ T6611] RAX: ffffffffffffffda RBX: 00007f1438685fa0 RCX: 00007f143842f6c9 [ 76.033328][ T6611] RDX: 0000200000000000 RSI: 0000000000000026 RDI: 0000000000000006 [ 76.033342][ T6611] RBP: 00007f1436e8f090 R08: 0000000000000000 R09: 0000000000000000 [ 76.033357][ T6611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.033371][ T6611] R13: 00007f1438686038 R14: 00007f1438685fa0 R15: 00007ffff2f9c938 [ 76.033393][ T6611] [ 76.045947][ T6615] loop8: detected capacity change from 0 to 2048 [ 76.120969][ T6626] FAULT_INJECTION: forcing a failure. [ 76.120969][ T6626] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 76.263167][ T6626] CPU: 0 UID: 0 PID: 6626 Comm: syz.6.1071 Not tainted syzkaller #0 PREEMPT(voluntary) [ 76.263202][ T6626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 76.263217][ T6626] Call Trace: [ 76.263226][ T6626] [ 76.263235][ T6626] __dump_stack+0x1d/0x30 [ 76.263329][ T6626] dump_stack_lvl+0xe8/0x140 [ 76.263354][ T6626] dump_stack+0x15/0x1b [ 76.263377][ T6626] should_fail_ex+0x265/0x280 [ 76.263402][ T6626] should_fail+0xb/0x20 [ 76.263423][ T6626] should_fail_usercopy+0x1a/0x20 [ 76.263474][ T6626] _copy_to_iter+0x387/0xe70 [ 76.263499][ T6626] ? _raw_spin_unlock_irqrestore+0x2b/0x60 [ 76.263533][ T6626] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 76.263558][ T6626] __skb_datagram_iter+0xc6/0x690 [ 76.263583][ T6626] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 76.263681][ T6626] skb_copy_datagram_iter+0x3d/0x110 [ 76.263701][ T6626] netlink_recvmsg+0x1a8/0x550 [ 76.263723][ T6626] ? __pfx_netlink_recvmsg+0x10/0x10 [ 76.263747][ T6626] sock_recvmsg+0x139/0x170 [ 76.263798][ T6626] ____sys_recvmsg+0xf5/0x280 [ 76.263880][ T6626] ___sys_recvmsg+0x11f/0x370 [ 76.263981][ T6626] __x64_sys_recvmsg+0xd1/0x160 [ 76.264010][ T6626] x64_sys_call+0x2b46/0x3000 [ 76.264035][ T6626] do_syscall_64+0xd2/0x200 [ 76.264061][ T6626] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 76.264128][ T6626] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 76.264160][ T6626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.264229][ T6626] RIP: 0033:0x7fbcb838f6c9 [ 76.264246][ T6626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.264265][ T6626] RSP: 002b:00007fbcb6df7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 76.264289][ T6626] RAX: ffffffffffffffda RBX: 00007fbcb85e5fa0 RCX: 00007fbcb838f6c9 [ 76.264305][ T6626] RDX: 0000000000002000 RSI: 0000200000000040 RDI: 0000000000000003 [ 76.264321][ T6626] RBP: 00007fbcb6df7090 R08: 0000000000000000 R09: 0000000000000000 [ 76.264337][ T6626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.264429][ T6626] R13: 00007fbcb85e6038 R14: 00007fbcb85e5fa0 R15: 00007ffc4bbba5f8 [ 76.264451][ T6626] [ 76.324738][ T6620] vlan2: entered allmulticast mode [ 76.348181][ T6640] lo speed is unknown, defaulting to 1000 [ 76.577931][ T6641] loop6: detected capacity change from 0 to 8192 [ 76.593360][ T6641] FAULT_INJECTION: forcing a failure. [ 76.593360][ T6641] name failslab, interval 1, probability 0, space 0, times 0 [ 76.606106][ T6641] CPU: 0 UID: 0 PID: 6641 Comm: syz.6.1076 Not tainted syzkaller #0 PREEMPT(voluntary) [ 76.606140][ T6641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 76.606155][ T6641] Call Trace: [ 76.606162][ T6641] [ 76.606171][ T6641] __dump_stack+0x1d/0x30 [ 76.606282][ T6641] dump_stack_lvl+0xe8/0x140 [ 76.606306][ T6641] dump_stack+0x15/0x1b [ 76.606327][ T6641] should_fail_ex+0x265/0x280 [ 76.606351][ T6641] should_failslab+0x8c/0xb0 [ 76.606464][ T6641] kmem_cache_alloc_noprof+0x50/0x480 [ 76.606494][ T6641] ? getname_flags+0x80/0x3b0 [ 76.606524][ T6641] getname_flags+0x80/0x3b0 [ 76.606616][ T6641] __x64_sys_rename+0x40/0x70 [ 76.606648][ T6641] x64_sys_call+0x1f9/0x3000 [ 76.606675][ T6641] do_syscall_64+0xd2/0x200 [ 76.606698][ T6641] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 76.606802][ T6641] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 76.606912][ T6641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.606936][ T6641] RIP: 0033:0x7fbcb838f6c9 [ 76.607025][ T6641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.607117][ T6641] RSP: 002b:00007fbcb6dd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 76.607139][ T6641] RAX: ffffffffffffffda RBX: 00007fbcb85e6090 RCX: 00007fbcb838f6c9 [ 76.607152][ T6641] RDX: 0000000000000000 RSI: 0000200000001300 RDI: 0000200000000040 [ 76.607166][ T6641] RBP: 00007fbcb6dd6090 R08: 0000000000000000 R09: 0000000000000000 [ 76.607178][ T6641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.607192][ T6641] R13: 00007fbcb85e6128 R14: 00007fbcb85e6090 R15: 00007ffc4bbba5f8 [ 76.607278][ T6641] [ 76.928255][ T6662] lo speed is unknown, defaulting to 1000 [ 77.016043][ T6665] loop6: detected capacity change from 0 to 8192 [ 77.048391][ T6671] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6671 comm=syz.9.1087 [ 77.227253][ T6700] veth0_to_batadv: entered promiscuous mode [ 77.234095][ T29] kauditd_printk_skb: 1484 callbacks suppressed [ 77.234114][ T29] audit: type=1326 audit(77.219:10917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6702 comm="syz.9.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143842f6c9 code=0x7ffc0000 [ 77.234383][ T6700] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=0 sclass=netlink_tcpdiag_socket pid=6700 comm=syz.6.1098 [ 77.242341][ T29] audit: type=1326 audit(77.229:10918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6702 comm="syz.9.1100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f143842f6c9 code=0x7ffc0000 [ 77.319786][ T29] audit: type=1326 audit(77.249:10919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6694 comm="syz.8.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdebbf6c9 code=0x7ffc0000 [ 77.342890][ T29] audit: type=1326 audit(77.249:10920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6694 comm="syz.8.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdebbf6c9 code=0x7ffc0000 [ 77.365841][ T29] audit: type=1326 audit(77.249:10921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6694 comm="syz.8.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdebbf6c9 code=0x7ffc0000 [ 77.377423][ T6700] veth0_to_batadv: left promiscuous mode [ 77.388940][ T29] audit: type=1326 audit(77.249:10922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6694 comm="syz.8.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdebbf6c9 code=0x7ffc0000 [ 77.417568][ T29] audit: type=1326 audit(77.249:10923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6694 comm="syz.8.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdebbf6c9 code=0x7ffc0000 [ 77.440897][ T29] audit: type=1326 audit(77.249:10924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6694 comm="syz.8.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fdcdebbf6c9 code=0x7ffc0000 [ 77.464432][ T6716] FAULT_INJECTION: forcing a failure. [ 77.464432][ T6716] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.464450][ T29] audit: type=1326 audit(77.299:10925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6694 comm="syz.8.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdebbf6c9 code=0x7ffc0000 [ 77.477540][ T6716] CPU: 0 UID: 0 PID: 6716 Comm: syz.9.1102 Not tainted syzkaller #0 PREEMPT(voluntary) [ 77.477644][ T6716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 77.477657][ T6716] Call Trace: [ 77.477664][ T6716] [ 77.477672][ T6716] __dump_stack+0x1d/0x30 [ 77.477696][ T6716] dump_stack_lvl+0xe8/0x140 [ 77.477719][ T6716] dump_stack+0x15/0x1b [ 77.477811][ T6716] should_fail_ex+0x265/0x280 [ 77.477833][ T6716] should_fail+0xb/0x20 [ 77.477850][ T6716] should_fail_usercopy+0x1a/0x20 [ 77.477941][ T6716] _copy_from_user+0x1c/0xb0 [ 77.477968][ T6716] copy_from_bpfptr+0x5c/0x90 [ 77.477991][ T6716] bpf_prog_load+0x73b/0x1100 [ 77.478020][ T6716] ? security_bpf+0x2b/0x90 [ 77.478101][ T6716] __sys_bpf+0x469/0x7c0 [ 77.478185][ T6716] __x64_sys_bpf+0x41/0x50 [ 77.478218][ T6716] x64_sys_call+0x2aee/0x3000 [ 77.478257][ T6716] do_syscall_64+0xd2/0x200 [ 77.478279][ T6716] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 77.478309][ T6716] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 77.478396][ T6716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.478419][ T6716] RIP: 0033:0x7f143842f6c9 [ 77.478437][ T6716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.478456][ T6716] RSP: 002b:00007f1436e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 77.478478][ T6716] RAX: ffffffffffffffda RBX: 00007f1438685fa0 RCX: 00007f143842f6c9 [ 77.478492][ T6716] RDX: 0000000000000094 RSI: 00002000000001c0 RDI: 0000000000000005 [ 77.478534][ T6716] RBP: 00007f1436e8f090 R08: 0000000000000000 R09: 0000000000000000 [ 77.478547][ T6716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.478561][ T6716] R13: 00007f1438686038 R14: 00007f1438685fa0 R15: 00007ffff2f9c938 [ 77.478580][ T6716] [ 77.684898][ T29] audit: type=1326 audit(77.299:10926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6694 comm="syz.8.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdcdebbf6c9 code=0x7ffc0000 [ 77.814272][ T6726] FAULT_INJECTION: forcing a failure. [ 77.814272][ T6726] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.827499][ T6726] CPU: 0 UID: 0 PID: 6726 Comm: syz.8.1107 Not tainted syzkaller #0 PREEMPT(voluntary) [ 77.827726][ T6726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 77.827741][ T6726] Call Trace: [ 77.827748][ T6726] [ 77.827756][ T6726] __dump_stack+0x1d/0x30 [ 77.827842][ T6726] dump_stack_lvl+0xe8/0x140 [ 77.827866][ T6726] dump_stack+0x15/0x1b [ 77.827889][ T6726] should_fail_ex+0x265/0x280 [ 77.827913][ T6726] should_fail+0xb/0x20 [ 77.827932][ T6726] should_fail_usercopy+0x1a/0x20 [ 77.827975][ T6726] _copy_from_user+0x1c/0xb0 [ 77.828000][ T6726] ___sys_sendmsg+0xc1/0x1d0 [ 77.828030][ T6726] __x64_sys_sendmsg+0xd4/0x160 [ 77.828134][ T6726] x64_sys_call+0x191e/0x3000 [ 77.828162][ T6726] do_syscall_64+0xd2/0x200 [ 77.828186][ T6726] ? arch_exit_to_user_mode_prepare+0x27/0x80 [ 77.828219][ T6726] ? irqentry_exit_to_user_mode+0x7b/0xa0 [ 77.828320][ T6726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.828347][ T6726] RIP: 0033:0x7fdcdebbf6c9 [ 77.828366][ T6726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.828388][ T6726] RSP: 002b:00007fdcdd627038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 77.828421][ T6726] RAX: ffffffffffffffda RBX: 00007fdcdee15fa0 RCX: 00007fdcdebbf6c9 [ 77.828436][ T6726] RDX: 0000000020048812 RSI: 00002000000004c0 RDI: 0000000000000005 [ 77.828449][ T6726] RBP: 00007fdcdd627090 R08: 0000000000000000 R09: 0000000000000000 [ 77.828461][ T6726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.828473][ T6726] R13: 00007fdcdee16038 R14: 00007fdcdee15fa0 R15: 00007ffeb20e26f8 [ 77.828496][ T6726] [ 78.397041][ T6365] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.514044][ T6036] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.544642][ T6720] ================================================================== [ 78.552783][ T6720] BUG: KCSAN: data-race in hrtimer_reprogram / print_cpu [ 78.559856][ T6720] [ 78.562190][ T6720] write to 0xffff888237d1b2a0 of 8 bytes by task 6719 on cpu 1: [ 78.569833][ T6720] hrtimer_reprogram+0x1a5/0x220 [ 78.574801][ T6720] hrtimer_start_range_ns+0x6b1/0x740 [ 78.580211][ T6720] do_nanosleep+0x79/0x330 [ 78.584863][ T6720] hrtimer_nanosleep+0xdd/0x280 [ 78.589736][ T6720] common_nsleep+0x62/0x80 [ 78.594237][ T6720] __se_sys_clock_nanosleep+0x21a/0x250 [ 78.599988][ T6720] __x64_sys_clock_nanosleep+0x55/0x70 [ 78.605474][ T6720] x64_sys_call+0x2731/0x3000 [ 78.610171][ T6720] do_syscall_64+0xd2/0x200 [ 78.614706][ T6720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.620625][ T6720] [ 78.622962][ T6720] read to 0xffff888237d1b2a0 of 8 bytes by task 6720 on cpu 0: [ 78.630538][ T6720] print_cpu+0x2ea/0x660 [ 78.634811][ T6720] timer_list_show+0x107/0x170 [ 78.639700][ T6720] seq_read_iter+0x636/0x950 [ 78.644309][ T6720] proc_reg_read_iter+0x110/0x180 [ 78.649440][ T6720] copy_splice_read+0x442/0x660 [ 78.654316][ T6720] splice_direct_to_actor+0x26f/0x680 [ 78.659708][ T6720] do_splice_direct+0xda/0x150 [ 78.664489][ T6720] do_sendfile+0x380/0x650 [ 78.668934][ T6720] __x64_sys_sendfile64+0x105/0x150 [ 78.674157][ T6720] x64_sys_call+0x2bb4/0x3000 [ 78.678860][ T6720] do_syscall_64+0xd2/0x200 [ 78.683401][ T6720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.689393][ T6720] [ 78.691726][ T6720] value changed: 0x0000001248c0b480 -> 0x00000012485ce934 [ 78.698852][ T6720] [ 78.701187][ T6720] Reported by Kernel Concurrency Sanitizer on: [ 78.707354][ T6720] CPU: 0 UID: 0 PID: 6720 Comm: syz.9.1104 Not tainted syzkaller #0 PREEMPT(voluntary) [ 78.717103][ T6720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 78.727255][ T6720] ================================================================== [ 78.764023][ T6036] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.834178][ T6036] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.898271][ T6036] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 78.969473][ T6036] bridge_slave_1: left allmulticast mode [ 78.975342][ T6036] bridge_slave_1: left promiscuous mode [ 78.981120][ T6036] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.989742][ T6036] bridge_slave_0: left allmulticast mode [ 78.995639][ T6036] bridge_slave_0: left promiscuous mode [ 79.001341][ T6036] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.124960][ T6036] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 79.145048][ T6036] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 79.165484][ T6036] bond0 (unregistering): Released all slaves [ 79.185767][ T6036] bond1 (unregistering): Released all slaves [ 79.196973][ T6036] bond2 (unregistering): Released all slaves [ 79.224856][ T6036] bond3 (unregistering): Released all slaves [ 79.287446][ T6036] hsr_slave_0: left promiscuous mode [ 79.293530][ T6036] hsr_slave_1: left promiscuous mode [ 79.299143][ T6036] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 79.306569][ T6036] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 79.323191][ T6036] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 79.330773][ T6036] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 79.345366][ T6036] veth1_macvtap: left promiscuous mode [ 79.350924][ T6036] veth0_macvtap: left promiscuous mode [ 79.362333][ T6036] veth1_vlan: left promiscuous mode [ 79.367575][ T6036] veth0_vlan: left promiscuous mode [ 79.457122][ T6036] team0 (unregistering): Port device team_slave_0 removed