last executing test programs: 2.026627188s ago: executing program 3 (id=1877): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x10000, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20) r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r2) 1.926297157s ago: executing program 1 (id=1882): ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'}) syz_open_dev$vcsn(&(0x7f00000003c0), 0x6, 0x100) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000900)={{r0}, &(0x7f0000000480), &(0x7f00000004c0)='%-010d \x00'}, 0x20) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=0x0) timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) pread64(r3, &(0x7f0000000300)=""/150, 0x96, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x40000000, '\x00', 0x0, 0x0, 0x800003, 0x0, 0x40000000, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x50) r5 = socket$kcm(0x10, 0x2, 0x0) recvmsg(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f0000000600)=""/235, 0xeb}, {&(0x7f0000000540)=""/167, 0xa7}], 0x3}, 0x0) write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000040)='kfree\x00', r6}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x2, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100980000009500000000000000b7020000000000007b9af8ff00000000b509000000000000dbaaf8fff1000000bf8600000000000007080000f8ffffffbfa400000000000007090000f0ffffffc70200000800000018290000", @ANYRES32=r4, @ANYBLOB="0000001e00000000ff76000000bf9800000000000056080000000000008500000007000000b70000000000000095000000002300"/64], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 1.860632377s ago: executing program 4 (id=1886): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00'}, 0x10) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) timer_create(0x3, 0x0, &(0x7f0000000180)) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='afs_get_tree\x00', r0}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00'}, 0x10) r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) ioctl$SG_IO(r1, 0x2285, 0x0) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e447511703d", 0x31}], 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t') 1.777489957s ago: executing program 4 (id=1890): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) pipe2$9p(&(0x7f00000001c0), 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) syz_open_dev$tty20(0xc, 0x4, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) select(0x40, &(0x7f0000000180)={0xd6e, 0x9, 0xffffffffffffffff, 0x10000, 0x1ff, 0x10, 0x3, 0x806}, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r6 = syz_io_uring_setup(0x145a, &(0x7f00000004c0)={0x0, 0x3, 0x10180, 0x2000, 0x3ae}, &(0x7f0000000100)=0x0, &(0x7f00000002c0)=0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r9, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x6a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2040, 0x1}) io_uring_enter(r6, 0x2d3e, 0xfffffffd, 0x0, 0x0, 0x0) 1.712034406s ago: executing program 4 (id=1892): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) prlimit64(0x0, 0x7, &(0x7f0000000140)={0x6, 0x7fff}, 0x0) bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) 1.651952446s ago: executing program 4 (id=1893): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1000004, &(0x7f0000000d80)=ANY=[@ANYBLOB='shortname=lower,iocharset=iso8859-1,fmask=00000000000000000000066,uni_xlate=1,uni_xlate=0,fmask=00000000000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00', @ANYBLOB="1a961083c216e398b3852441fbacd14539194e81e2ec74ea00af4757fd632db5866c80f5b55492be6ad393d28d63023cd2e764a6bb41fa00d6c103356045fc3ade2c93339a56afb89b72a46f475c860a952e02dbf9c947a7cb75e89843f6d981fe7eed0ef37d5ab46550aa22", @ANYRES64], 0x6, 0x2bb, &(0x7f0000001240)="$eJzs3U9rI2UcB/DfpMkkKpgcPInggB48Ldu9ekmRXRB7cslBPWhxtyBNEFoo+AdjT169ePDgKxAEX4gX34HgVfBmhcLITGaapI1pIk3rls/n0l+feb4zv5k+tNNDn370yujgSRb7J1/+Fp1OEo1+9OM0iV40ovZ1zOl/GwDAs+w0z+PPfGKdXBIRnc21BQBs0Io//188r36+kbYAgA16/N777+zs7j58N8s68Wj0zfGg+M2++Dg5vrMfn8Qwnsb96MZZRPmi0IrybaEoH+V5Pm5mhV68PhofD4rk6MNfqvPv/BFR5rejG71y6Pxto8y/vftwO5uYyY+LPp6vrt8v8g+iGy+dh+fyDxbkY5DGG6/N9H8vuvHrx/FpDONJ2cQ0/9V2lr2Vf/fXFx8U7RX5ZHw8aJfzpvKtG/7SAAAAAAAAAAAAAAAAAAAAAABwh92r9s5pR7l/TzFU7b+zdVZ80oqs1pvfn2eST+oTze4PlOf5OI8f6v117mdZllcTp/lmvNyM5u3cNQAAAAAAAAAAAAAAAAAAAPy/HH32+cHecPj08FqKejeAZkT8/Tjiv56nPzPyaiyf3K6uuTccNqpyfk5zdiS26jlJxNI2ipu4psdyVfHcpZ6r4sef1j1h5+o5rcXXus6iXl0He8niZ9iOeqRTLZLv04jpnDRWvFb6b4fyWGf5pQsPdde+9/SFshgvmRPJssbe/H3y5KqR5OJdpOVTXRhvVcVM/MLaWGk9R2cSv/y9IrFbBwAAAAAAAAAAAAAAAAAAbNT0r38XHDxZGm3k7Y21BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avr//9coxlV4hclpHB41bvkeAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuPv+CQAA///WoVye") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000b103000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd7, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b000000000000caaf484f000000000000800000000000009497dd7f3b2a51d31b6265a1b3f01543b2f2b9ff3501d6b5aa2906ce757ef99fcd9a4ef9e2783fa454388c3c5d7a81084238fb854bf387984227dbd8bb25aba46efcfe5681d790ca05cc6b20e5f41934ffbbbbef4e8e8b9c8aa7cd7db9fbd695146297cfcb53a8809c04c269adf4d75ca4a5130c01bf9c9837f7bef26e18cabe", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10) r5 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x10, 0xa401) ioctl$USBDEVFS_ALLOC_STREAMS(r5, 0x8008551c, &(0x7f0000000300)=ANY=[@ANYBLOB="fe2f00000100000081c6442138efae03d4a7b5c2619b459e7f7f040dfe2c3576d68515602bf2541c30d22b5b0cad2f1643f1ed33828bf2bc8ffa9a2c06420318e64a217889af8d1c32bc6ac3c8cff4a15040b0a717140d875eb6b098b9488167e4796a0cace3163aee521e896e729d94055d2b656caeeb526c2daa096c555dd7b111aac64e6d07540a352a15a909e719c734ad2acf3a252cdb48675e73b312e1a6b850da8defd3a59f57f17c5e75837729598da6a5009efd819a7e"]) bpf$MAP_CREATE(0x0, 0x0, 0x50) r6 = inotify_add_watch(0xffffffffffffffff, 0x0, 0x81000000) inotify_rm_watch(0xffffffffffffffff, r6) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r7 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r7, &(0x7f0000001240)=""/102400, 0x200000, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) unshare(0x22020600) mlockall(0x4) syz_clone(0x10eb22b000, 0x0, 0x0, 0x0, 0x0, 0x0) getresuid(&(0x7f0000000080), &(0x7f0000000280), &(0x7f00000003c0)) getuid() getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000008c0)={{{@in, @in6=@dev}}, {{@in6=@private0}, 0x0, @in=@loopback}}, &(0x7f00000001c0)=0xe8) 1.514065266s ago: executing program 2 (id=1898): gettid() r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3) sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r2], 0x1c}}, 0x0) 1.281864435s ago: executing program 3 (id=1901): prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000240)={'wpan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000980), r1) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000009c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="083fd7c2e000"/18, @ANYRES32=r2, @ANYBLOB="04002d80"], 0x20}, 0x1, 0x0, 0x0, 0x95}, 0x4000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={0x0, 0x11c}}, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r5 = syz_io_uring_setup(0x111, &(0x7f0000000680)={0x0, 0x6282, 0x10, 0x1, 0x2c2}, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) select(0x40, &(0x7f0000000180)={0xd6c, 0x9, 0xffffffffffffffff, 0x7, 0x200, 0x10, 0x800, 0x806}, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_io_uring_setup(0x1dc7, &(0x7f00000004c0)={0x0, 0x13a3, 0x400, 0x0, 0x7a, 0x0, r5}, &(0x7f0000000100)=0x0, &(0x7f00000002c0)=0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r9, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x6a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2040, 0x1}) io_uring_enter(r5, 0x2d3a, 0xfffffffd, 0x21, 0x0, 0x0) r10 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r11 = fcntl$dupfd(r10, 0x0, r10) ioctl$SG_IO(r11, 0x2285, 0x0) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 1.077944344s ago: executing program 1 (id=1902): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x69) close(0xffffffffffffffff) bpf$MAP_CREATE(0x0, 0x0, 0x48) r1 = openat$selinux_attr(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$selinux_attr(r1, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_SET_CONFIG(r2, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x68, 0x0, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x54, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e23}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x706}, @IPVS_DEST_ATTR_WEIGHT={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x80}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e24}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xfffffffe}, @IPVS_DEST_ATTR_TUN_TYPE={0x5}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000800}, 0x4080) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4) r4 = getpid() r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_RELOAD(r5, &(0x7f0000000100)={0x0, 0x4100, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r4}}]}, 0x3c}}, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) 802.077793ms ago: executing program 4 (id=1903): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='xprtrdma_marshal_failed\x00', r0}, 0x18) openat$ptp0(0xffffffffffffff9c, 0x0, 0x80000, 0x0) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x2, 0x0, 0x0, 0x4, 0x0) syz_pidfd_open(r1, 0x0) mkdir(&(0x7f0000000380)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) getpid() bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r3 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x5, 0x42, 0x7, 0x0, 0x0, 0x9d6d1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x4}, 0x10137f, 0x7ff, 0x7, 0x0, 0x81, 0x2, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x4, 0x12011, r3, 0x0) r4 = socket$rds(0x15, 0x5, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x40, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) bind$rds(r4, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r4, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000300)=[{&(0x7f0000002640)=""/102389, 0x18ff5}], 0x1, 0x1903d}}], 0x48}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000180)={0x2, 0x4e20, @private=0xa010100}, 0x10) connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r5, &(0x7f0000007fc0), 0x2d, 0x0) sendmsg$NFT_MSG_GETOBJ(r2, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="20000000130a030000000000000f4bc377adb29aec00010073797a300000020085634991774f814629dd377b0a194cee9ada2398bb855b5fe15c2a814e02e5860d9c851b75edca6c0891cda7423650a8ce50415c7a400fabb6b7"], 0x20}, 0x1, 0x0, 0x0, 0x20004cc1}, 0x40044) r6 = openat$cgroup_subtree(r2, &(0x7f00000001c0), 0x2, 0x0) write$cgroup_subtree(r6, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x8) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000018c0)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="51cdf55248d9", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20) 674.610953ms ago: executing program 3 (id=1904): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00'}, 0x10) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) timer_create(0x3, 0x0, &(0x7f0000000180)) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='afs_get_tree\x00', r0}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00'}, 0x10) r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) ioctl$SG_IO(r1, 0x2285, 0x0) writev(r1, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e447511703d", 0x31}], 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t') 639.830043ms ago: executing program 2 (id=1906): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94) prlimit64(0x0, 0x7, &(0x7f0000000140)={0x6, 0x7fff}, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r1, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0xa, 0x4000000, 0xfffffed4, 0x20}}, 0x12) 625.917263ms ago: executing program 3 (id=1908): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00'}, 0x10) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x5f21df7aec8d40fb, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10) syz_emit_ethernet(0x82, &(0x7f0000000100)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x61, 0x0, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x2f, 0x9, @dev={0xac, 0x14, 0x14, 0x10}, @remote, {[@timestamp_addr={0x44, 0x44, 0x0, 0x1, 0x0, [{@rand_addr=0x86dd}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x32}}, {@rand_addr, 0x4f}, {@empty}, {@loopback}, {@local, 0x4}, {@multicast1}]}]}}}}}}}, 0x0) timer_create(0x3, 0x0, &(0x7f0000000180)) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='afs_get_tree\x00', r1}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='kfree\x00'}, 0x10) r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) ioctl$SG_IO(r2, 0x2285, 0x0) writev(r2, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9d85e447511703d", 0x31}], 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000340)='cpu\t&0&&\t') 611.159463ms ago: executing program 2 (id=1909): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000002c0)='xprtrdma_marshal_failed\x00', r0}, 0x18) openat$ptp0(0xffffffffffffff9c, 0x0, 0x80000, 0x0) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid(0x2, 0x0, 0x0, 0x4, 0x0) syz_pidfd_open(r1, 0x0) mkdir(&(0x7f0000000380)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) getpid() bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0) r3 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x5, 0x42, 0x7, 0x0, 0x0, 0x9d6d1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x4}, 0x10137f, 0x7ff, 0x7, 0x0, 0x81, 0x2, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x4, 0x12011, r3, 0x0) r4 = socket$rds(0x15, 0x5, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x40, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) bind$rds(r4, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r4, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000300)=[{&(0x7f0000002640)=""/102389, 0x18ff5}], 0x1, 0x1903d}}], 0x48}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000180)={0x2, 0x4e20, @private=0xa010100}, 0x10) connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r5, &(0x7f0000007fc0), 0x2d, 0x0) sendmsg$NFT_MSG_GETOBJ(r2, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="20000000130a030000000000000f4bc377adb29aec00010073797a300000020085634991774f814629dd377b0a194cee9ada2398bb855b5fe15c2a814e02e5860d9c851b75edca6c0891cda7423650a8ce50415c7a400fabb6b7"], 0x20}, 0x1, 0x0, 0x0, 0x20004cc1}, 0x40044) r6 = openat$cgroup_subtree(r2, &(0x7f00000001c0), 0x2, 0x0) write$cgroup_subtree(r6, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x8) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000018c0)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="51cdf552", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20) 571.541063ms ago: executing program 4 (id=1911): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x7, 0x10000, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20) r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r2) 544.344623ms ago: executing program 3 (id=1912): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000564000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0xffff, 0xc, 0x1) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000100085000000710000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0) 523.898752ms ago: executing program 3 (id=1913): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1000004, &(0x7f0000000d80)=ANY=[@ANYBLOB='shortname=lower,iocharset=iso8859-1,fmask=00000000000000000000066,uni_xlate=1,uni_xlate=0,fmask=00000000000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00', @ANYBLOB="1a961083c216e398b3852441fbacd14539194e81e2ec74ea00af4757fd632db5866c80f5b55492be6ad393d28d63023cd2e764a6bb41fa00d6c103356045fc3ade2c93339a56afb89b72a46f475c860a952e02dbf9c947a7cb75e89843f6d981fe7eed0ef37d5ab46550aa22", @ANYRES64], 0x6, 0x2bb, &(0x7f0000001240)="$eJzs3U9rI2UcB/DfpMkkKpgcPInggB48Ldu9ekmRXRB7cslBPWhxtyBNEFoo+AdjT169ePDgKxAEX4gX34HgVfBmhcLITGaapI1pIk3rls/n0l+feb4zv5k+tNNDn370yujgSRb7J1/+Fp1OEo1+9OM0iV40ovZ1zOl/GwDAs+w0z+PPfGKdXBIRnc21BQBs0Io//188r36+kbYAgA16/N777+zs7j58N8s68Wj0zfGg+M2++Dg5vrMfn8Qwnsb96MZZRPmi0IrybaEoH+V5Pm5mhV68PhofD4rk6MNfqvPv/BFR5rejG71y6Pxto8y/vftwO5uYyY+LPp6vrt8v8g+iGy+dh+fyDxbkY5DGG6/N9H8vuvHrx/FpDONJ2cQ0/9V2lr2Vf/fXFx8U7RX5ZHw8aJfzpvKtG/7SAAAAAAAAAAAAAAAAAAAAAABwh92r9s5pR7l/TzFU7b+zdVZ80oqs1pvfn2eST+oTze4PlOf5OI8f6v117mdZllcTp/lmvNyM5u3cNQAAAAAAAAAAAAAAAAAAAPy/HH32+cHecPj08FqKejeAZkT8/Tjiv56nPzPyaiyf3K6uuTccNqpyfk5zdiS26jlJxNI2ipu4psdyVfHcpZ6r4sef1j1h5+o5rcXXus6iXl0He8niZ9iOeqRTLZLv04jpnDRWvFb6b4fyWGf5pQsPdde+9/SFshgvmRPJssbe/H3y5KqR5OJdpOVTXRhvVcVM/MLaWGk9R2cSv/y9IrFbBwAAAAAAAAAAAAAAAAAAbNT0r38XHDxZGm3k7Y21BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avr//9coxlV4hclpHB41bvkeAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuPv+CQAA///WoVye") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000b10300001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd7, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b000000000000caaf484f000000000000800000000000009497dd7f3b2a51d31b6265a1b3f01543b2f2b9ff3501d6b5aa2906ce757ef99fcd9a4ef9e2783fa454388c3c5d7a81084238fb854bf387984227dbd8bb25aba46efcfe5681d790ca05cc6b20e5f41934ffbbbbef4e8e8b9c8aa7cd7db9fbd695146297cfcb53a8809c04c269adf4d75ca4a5130c01bf9c9837f7bef26e18cabe", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10) r6 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x10, 0xa401) ioctl$USBDEVFS_ALLOC_STREAMS(r6, 0x8008551c, &(0x7f0000000300)=ANY=[@ANYBLOB="fe2f00000100000081c6442138efae03d4a7b5c2619b459e7f7f040dfe2c3576d68515602bf2541c30d22b5b0cad2f1643f1ed33828bf2bc8ffa9a2c06420318e64a217889af8d1c32bc6ac3c8cff4a15040b0a717140d875eb6b098b9488167e4796a0cace3163aee521e896e729d94055d2b656caeeb526c2daa096c555dd7b111aac64e6d07540a352a15a909e719c734ad2acf3a252cdb48675e73b312e1a6b850da8defd3a59f57f17c5e75837729598da6a5009efd819a7e"]) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0xf, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={0x0}, 0x18) r7 = inotify_add_watch(0xffffffffffffffff, 0x0, 0x81000000) inotify_rm_watch(0xffffffffffffffff, r7) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r8 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r8, &(0x7f0000001240)=""/102400, 0x200000, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) unshare(0x22020600) mlockall(0x4) syz_clone(0x10eb22b000, 0x0, 0x0, 0x0, 0x0, 0x0) getresuid(&(0x7f0000000080), &(0x7f0000000280), &(0x7f00000003c0)) 440.821662ms ago: executing program 0 (id=1914): prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18) socket$netlink(0x10, 0x3, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000240)={'wpan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000980), r1) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000009c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="083fd7c2e000"/18, @ANYRES32=r2, @ANYBLOB="04002d80"], 0x20}, 0x1, 0x0, 0x0, 0x95}, 0x4000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={0x0, 0x11c}}, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r5 = syz_io_uring_setup(0x111, &(0x7f0000000680)={0x0, 0x6282, 0x10, 0x1, 0x2c2}, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) select(0x40, &(0x7f0000000180)={0xd6c, 0x9, 0xffffffffffffffff, 0x7, 0x200, 0x10, 0x800, 0x806}, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_io_uring_setup(0x1dc7, &(0x7f00000004c0)={0x0, 0x13a3, 0x400, 0x0, 0x7a, 0x0, r5}, &(0x7f0000000100)=0x0, &(0x7f00000002c0)=0x0) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r9, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r9, 0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x6a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2040, 0x1}) io_uring_enter(r5, 0x2d3a, 0xfffffffd, 0x21, 0x0, 0x0) r10 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r11 = fcntl$dupfd(r10, 0x0, r10) ioctl$SG_IO(r11, 0x2285, 0x0) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 414.048442ms ago: executing program 2 (id=1915): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) r1 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x20) sendmmsg(r1, 0x0, 0x0, 0x10) syz_emit_ethernet(0x46, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60f91e2e00107300fc040000000000000000000000000000ff02000000000000000000000000000100000000ff"], 0x0) io_setup(0x3, &(0x7f00000004c0)=0x0) io_submit(r2, 0x0, 0x0) setsockopt$inet6_int(r1, 0x29, 0x31, &(0x7f0000000140)=0xa5cf, 0x4) read(r1, &(0x7f0000002240)=""/4107, 0x100b) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x58, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'team0\x00', 0x0}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001780)=ANY=[@ANYBLOB="3400000010000700000000000000000000000000e24fdd199030557b226b6c2f44df9ce23a7a6b95611224aefcbfe98d526a2f6c4d71f68bcebcd0", @ANYRES32=r7, @ANYBLOB="0000000040080000140037800b000100677265746170000004000280"], 0x34}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'vcan0\x00', 0x0}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f0000000b80)=ANY=[@ANYBLOB="90060000", @ANYRES16=r3, @ANYBLOB="000229bd7000fddbdf250e0000001400018008000100", @ANYRES32=0x0, @ANYBLOB="08000300000000001c00018008000100", @ANYRES32=r4, @ANYBLOB="08930a00", @ANYRES32=r5, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="4400018014000200697036677265300000000000000000000800030002000000080003000000000008000100", @ANYRES32=r9, @ANYBLOB="1400020073797a5f74756e000000000000000000f401028093000400f3807926a7b66bad7e24babfc64a12ce5973fadf48737923f2726d0ec1be8840ec633df08aa9700afc7de89905d1106902d2a0d4f849a9a8df7521f7c49538b1523cb86afe20628e9b92fde862cbec206b0c05d270159184ac16b70136e0d48530d03afb463e9169c0ea82be0a2eba829c09a2e021e2784bd414687d1c932fd94b827a3bbc06ac3cf2bf3739b96d6f0004000100d9000500807f2fdf3f710d4ef2b1484e6f515f7ea9fc17646b098c01e2efa78bc12024ae35dbfb7b131060a0df0f50424d0f83f8aa2df7a0070abab9e77793adf2b97c25da72670d029b708aecc0d3ac100a12207a997f80000f1af7ff663e53cb34e50e84d6090f98accb4616f2dfa4ce141a52abef2bc932906fa132c5bfd8cb137ebe9ef7943c69eb63b7edd60e91d3aee87a582b3ea96d68f6f2f5a318d6a68d3e5f8c68e770ea83f56a9457e25c93768791a0bf02229d138e0c499b08a70543899500968aa9752d82c18bc9d260ea4094c9ea09bb7f49000000040001003000038018000180040003000e00020073797a6b616c6c6572000000140001800800010005000000080001000700000046000400096a79eade5f603324a7fe3b91b8e04ad87d771a5d196b6ba1f731a5cf8ea87067739286b1318066756dbcee02ec6b959390100014511b4e8165d7948286779a543900001404028023000500fae15d2159d1a5e720c4be9ef0beef8260df6ce7dff7ed4847044dc5c73a4d000800020000000000200003801c0001800e00020073797a6b616c6c6572000000050002000000000038010380280001800a0002005227267b40000000050002000000000008000100010000000500020000000000100001800400030008000100080000003c000180040003000a0002006b66726565000000080001002393ed5b080001000400000008000100020000000e00020073797a6b616c6c6572000000400001800400030008000100010000000c0002005b262d405b2d5b00130002005c235c2e2a5e247d2b2c0e2c2f6600000400030004000300050002000000"], 0x690}, 0x1, 0x0, 0x0, 0x20004804}, 0x4000000) r10 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382) r11 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n0xffffffffffffffff, {0x6}}, './file0\x00'}) sendfile(r0, r0, &(0x7f0000000240)=0x2, 0xffffffff00000000) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000019000109000000000000000002180000000000010000000008000100ac1414"], 0x44}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = syz_io_uring_setup(0x237, &(0x7f0000000100)={0x0, 0x0, 0x10100, 0x0, 0x1eb}, &(0x7f0000000040)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x0, 0x0, @fd_index, 0x2}) io_uring_enter(r3, 0x2def, 0x0, 0x0, 0x0, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001840)=@newtaction={0xe6c, 0x30, 0x25, 0x0, 0x0, {}, [{0xe58, 0x1, [@m_pedit={0xe54, 0x1, 0x0, 0x0, {{0xa}, {0xe28, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x0, 0x0, 0xffffffffffffffff}, 0x3}, [{}, {0x0, 0xfffffffc}, {}, {}, {0x0, 0x4}, {}, {}, {}, {0x0, 0x0, 0xb}, {0x8}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x10000000}, {}, {0x80000}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0xfffffffe}, {}, {}, {}, {0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x7f}, {}, {}, {0x0, 0x0, 0x78b, 0x200}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffe}, {}, {}, {}, {}, {}, {}, {}, {0x400}, {}, {}, {0x0, 0x0, 0x20}, {0x0, 0x0, 0x10000000}, {0x0, 0x0, 0x10001}, {}, {}, {}, {}, {}, {}, {0x6}, {0x0, 0xfffffffc}, {0xfffffffc}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x1bc}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {0x0, 0x0, 0x8001}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x5}, {}, {}, {0x0, 0x2000000}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {0x2}, {0x1}, {}, {}, {}, {0x1}]}}, @TCA_PEDIT_KEYS_EX={0x4}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0xe6c}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYBLOB="6ff17f10fa122142bf9822313f8fc0c46a5c87ebd0808b70fc9a9bc4a408428e1ba225a306faae6ac2dca9729162b16d24cfcdd8dd9d0280d6b61f91d0d4b8febef3e4fe9481cc49936561c77ce588c121258bfe9b824f692585181fedf135d96db7e5c85ad969f2817f57176690ae8b1925627b9bd525a3554a7f5b4fd318f730a7c1711099ceaf69f80db2f69408453915a0cef1d9d1204bb224750b9c7eb254c811d1e50faed66f01da8605e5db96154ada8df7198d5d7e8ae8aa4e61e45e19b1948bc4260f4c46d5445c18d8e4ca024604137839a8b5d9506c3ef71671f5c2e8f5343a95e856"], 0x20}, 0x1, 0x0, 0x0, 0x24008050}, 0x20008000) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x6, 0xe, &(0x7f0000001880)=ANY=[@ANYRES8=r1], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x5, &(0x7f00000000c0), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 0s ago: executing program 1 (id=1926): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r3}, 0x10) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) fcntl$setlease(r4, 0x400, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='ext4_writepages_result\x00', r5}, 0x10) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6) kernel console output (not intermixed with test programs): me+0x77/0x7f [ 64.691936][ T5441] RIP: 0033:0x7f0e4dfecda9 [ 64.691950][ T5441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.691976][ T5441] RSP: 002b:00007f0e4c657038 EFLAGS: 00000246 ORIG_RAX: 0000000000000108 [ 64.691991][ T5441] RAX: ffffffffffffffda RBX: 00007f0e4e205fa0 RCX: 00007f0e4dfecda9 [ 64.692001][ T5441] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: ffffffffffffffff [ 64.692011][ T5441] RBP: 00007f0e4c657090 R08: 0000000000000000 R09: 0000000000000000 [ 64.692020][ T5441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.692029][ T5441] R13: 0000000000000000 R14: 00007f0e4e205fa0 R15: 00007ffcbb22a7c8 [ 64.692043][ T5441] [ 64.999108][ T5442] lo speed is unknown, defaulting to 1000 [ 65.105495][ T5455] loop3: detected capacity change from 0 to 8192 [ 65.126603][ T5455] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 65.189241][ T5462] loop1: detected capacity change from 0 to 256 [ 65.207182][ T5462] usb usb6: usbfs: process 5462 (syz.1.763) did not claim interface 0 before use [ 65.419194][ T5474] FAULT_INJECTION: forcing a failure. [ 65.419194][ T5474] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 65.432358][ T5474] CPU: 1 UID: 0 PID: 5474 Comm: syz.2.768 Not tainted 6.14.0-rc1-syzkaller #0 [ 65.432379][ T5474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 65.432431][ T5474] Call Trace: [ 65.432436][ T5474] [ 65.432442][ T5474] dump_stack_lvl+0xf2/0x150 [ 65.432466][ T5474] dump_stack+0x15/0x1a [ 65.432482][ T5474] should_fail_ex+0x24a/0x260 [ 65.432512][ T5474] should_fail+0xb/0x10 [ 65.432591][ T5474] should_fail_usercopy+0x1a/0x20 [ 65.432607][ T5474] _copy_to_user+0x20/0xa0 [ 65.432663][ T5474] simple_read_from_buffer+0xa0/0x110 [ 65.432682][ T5474] proc_fail_nth_read+0xf9/0x140 [ 65.432824][ T5474] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 65.432842][ T5474] vfs_read+0x19b/0x6f0 [ 65.432857][ T5474] ? __rcu_read_unlock+0x4e/0x70 [ 65.432874][ T5474] ? __fget_files+0x17c/0x1c0 [ 65.432899][ T5474] ksys_read+0xe8/0x1b0 [ 65.432991][ T5474] __x64_sys_read+0x42/0x50 [ 65.433007][ T5474] x64_sys_call+0x2874/0x2dc0 [ 65.433026][ T5474] do_syscall_64+0xc9/0x1c0 [ 65.433092][ T5474] ? clear_bhb_loop+0x55/0xb0 [ 65.433173][ T5474] ? clear_bhb_loop+0x55/0xb0 [ 65.433192][ T5474] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.433212][ T5474] RIP: 0033:0x7f804f95b7bc [ 65.433224][ T5474] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 65.433299][ T5474] RSP: 002b:00007f804dfc1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 65.433316][ T5474] RAX: ffffffffffffffda RBX: 00007f804fb75fa0 RCX: 00007f804f95b7bc [ 65.433328][ T5474] RDX: 000000000000000f RSI: 00007f804dfc10a0 RDI: 0000000000000005 [ 65.433339][ T5474] RBP: 00007f804dfc1090 R08: 0000000000000000 R09: 0000000000000000 [ 65.433350][ T5474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.433362][ T5474] R13: 0000000000000000 R14: 00007f804fb75fa0 R15: 00007ffff025d268 [ 65.433435][ T5474] [ 65.709141][ T5483] bond2: entered promiscuous mode [ 65.714387][ T5483] bond2: entered allmulticast mode [ 65.719853][ T5483] 8021q: adding VLAN 0 to HW filter on device bond2 [ 65.751062][ T5483] bond2 (unregistering): Released all slaves [ 65.792707][ T5491] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.774'. [ 65.877930][ T5496] siw: device registration error -23 [ 65.899940][ T5496] loop7: detected capacity change from 0 to 16384 [ 65.929217][ T5500] 9pnet_fd: Insufficient options for proto=fd [ 65.938559][ T5501] loop2: detected capacity change from 0 to 512 [ 65.960243][ T5502] loop4: detected capacity change from 0 to 512 [ 65.968148][ T5501] FAT-fs (loop2): bogus logical sector size 0 [ 65.974349][ T5501] FAT-fs (loop2): Can't find a valid FAT filesystem [ 66.034911][ T5502] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.777: bg 0: block 248: padding at end of block bitmap is not set [ 66.088297][ T5517] netlink: 'syz.3.786': attribute type 32 has an invalid length. [ 66.088519][ T5502] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.777: Failed to acquire dquot type 1 [ 66.117932][ T5483] ALSA: seq fatal error: cannot create timer (-19) [ 66.124734][ T5502] EXT4-fs (loop4): 1 truncate cleaned up [ 66.130732][ T5502] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.167853][ T5502] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 66.268389][ T5539] 9pnet_fd: Insufficient options for proto=fd [ 66.297750][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.367907][ T5551] __nla_validate_parse: 4 callbacks suppressed [ 66.367921][ T5551] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.794'. [ 66.385203][ T5542] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.794'. [ 66.414259][ T5558] netlink: 'syz.0.800': attribute type 32 has an invalid length. [ 66.422034][ T5558] netlink: 40 bytes leftover after parsing attributes in process `syz.0.800'. [ 66.470852][ T5560] loop2: detected capacity change from 0 to 8192 [ 66.480990][ T5561] bond1: entered promiscuous mode [ 66.486071][ T5561] bond1: entered allmulticast mode [ 66.491472][ T5561] 8021q: adding VLAN 0 to HW filter on device bond1 [ 66.501908][ T5561] bond1 (unregistering): Released all slaves [ 66.516888][ T5560] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 66.571318][ T5561] loop4: detected capacity change from 0 to 512 [ 66.578691][ T5561] FAT-fs (loop4): bogus logical sector size 0 [ 66.584863][ T5561] FAT-fs (loop4): Can't find a valid FAT filesystem [ 66.604700][ T5561] ALSA: seq fatal error: cannot create timer (-19) [ 66.618912][ T5582] 9pnet_fd: Insufficient options for proto=fd [ 66.661822][ T5589] usb usb7: check_ctrlrecip: process 5589 (syz.2.812) requesting ep 01 but needs 81 [ 66.671482][ T5589] usb usb7: usbfs: process 5589 (syz.2.812) did not claim interface 0 before use [ 66.675363][ T5590] netlink: 'syz.4.814': attribute type 32 has an invalid length. [ 66.688436][ T5590] netlink: 40 bytes leftover after parsing attributes in process `syz.4.814'. [ 66.700298][ T5593] loop2: detected capacity change from 0 to 256 [ 66.744668][ T5593] usb usb6: usbfs: process 5593 (syz.2.816) did not claim interface 0 before use [ 66.759064][ T5597] loop1: detected capacity change from 0 to 8192 [ 66.771475][ T5597] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 66.846435][ T5610] loop1: detected capacity change from 0 to 256 [ 66.863011][ T5610] usb usb6: usbfs: process 5610 (syz.1.823) did not claim interface 0 before use [ 67.159132][ T5619] 9pnet_fd: Insufficient options for proto=fd [ 67.159898][ T5621] usb usb7: check_ctrlrecip: process 5621 (syz.3.826) requesting ep 01 but needs 81 [ 67.174892][ T5621] usb usb7: usbfs: process 5621 (syz.3.826) did not claim interface 0 before use [ 67.398486][ T5643] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.832'. [ 67.411364][ T5637] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.832'. [ 67.483064][ T5653] usb usb7: check_ctrlrecip: process 5653 (syz.3.840) requesting ep 01 but needs 81 [ 67.492630][ T5653] usb usb7: usbfs: process 5653 (syz.3.840) did not claim interface 0 before use [ 67.542832][ T5646] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 67.801157][ T5666] loop3: detected capacity change from 0 to 8192 [ 67.818395][ T5676] usb usb7: check_ctrlrecip: process 5676 (syz.2.851) requesting ep 01 but needs 81 [ 67.827832][ T5676] usb usb7: usbfs: process 5676 (syz.2.851) did not claim interface 0 before use [ 67.837864][ T5666] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 67.921351][ T5678] loop2: detected capacity change from 0 to 8192 [ 67.951485][ T5678] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 67.968278][ T5690] loop3: detected capacity change from 0 to 256 [ 68.024571][ T5690] usb usb6: usbfs: process 5690 (syz.3.858) did not claim interface 0 before use [ 68.076236][ T5695] syzkaller0: entered promiscuous mode [ 68.081752][ T5695] syzkaller0: entered allmulticast mode [ 68.345412][ T29] kauditd_printk_skb: 401 callbacks suppressed [ 68.345424][ T29] audit: type=1326 audit(1738602600.697:2016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5718 comm="syz.4.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b4370cda9 code=0x7ffc0000 [ 68.414169][ T29] audit: type=1326 audit(1738602600.727:2017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5718 comm="syz.4.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b4370cda9 code=0x7ffc0000 [ 68.437552][ T29] audit: type=1326 audit(1738602600.727:2018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5718 comm="syz.4.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b4370cda9 code=0x7ffc0000 [ 68.460922][ T29] audit: type=1326 audit(1738602600.727:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5718 comm="syz.4.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b4370cda9 code=0x7ffc0000 [ 68.484243][ T29] audit: type=1326 audit(1738602600.727:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5718 comm="syz.4.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b4370cda9 code=0x7ffc0000 [ 68.507556][ T29] audit: type=1326 audit(1738602600.727:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5718 comm="syz.4.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9b4370cda9 code=0x7ffc0000 [ 68.530872][ T29] audit: type=1326 audit(1738602600.727:2022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5718 comm="syz.4.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b4370cda9 code=0x7ffc0000 [ 68.554203][ T29] audit: type=1326 audit(1738602600.727:2023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5718 comm="syz.4.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f9b4370cda9 code=0x7ffc0000 [ 68.577488][ T29] audit: type=1326 audit(1738602600.727:2024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5718 comm="syz.4.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b4370cda9 code=0x7ffc0000 [ 68.600835][ T29] audit: type=1326 audit(1738602600.727:2025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5718 comm="syz.4.869" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b4370cda9 code=0x7ffc0000 [ 68.647447][ T5721] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.868'. [ 68.685539][ T5725] loop4: detected capacity change from 0 to 256 [ 68.705663][ T5725] usb usb6: usbfs: process 5725 (syz.4.871) did not claim interface 0 before use [ 68.741134][ T5720] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.868'. [ 69.407032][ T5775] 9pnet_fd: Insufficient options for proto=fd [ 69.491304][ T5778] loop1: detected capacity change from 0 to 8192 [ 69.523891][ T5778] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 69.585258][ T5793] loop4: detected capacity change from 0 to 128 [ 69.704623][ T5796] syzkaller0: entered promiscuous mode [ 69.710134][ T5796] syzkaller0: entered allmulticast mode [ 69.874270][ T5815] bond1: entered promiscuous mode [ 69.879338][ T5815] bond1: entered allmulticast mode [ 69.885619][ T5815] 8021q: adding VLAN 0 to HW filter on device bond1 [ 69.903345][ T5815] bond1 (unregistering): Released all slaves [ 69.920385][ T5814] loop2: detected capacity change from 0 to 8192 [ 69.944186][ T5814] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 69.983265][ T5826] 9pnet_fd: Insufficient options for proto=fd [ 70.153528][ T5815] loop1: detected capacity change from 0 to 512 [ 70.160364][ T5815] FAT-fs (loop1): bogus logical sector size 0 [ 70.166510][ T5815] FAT-fs (loop1): Can't find a valid FAT filesystem [ 70.193097][ T5815] ALSA: seq fatal error: cannot create timer (-19) [ 70.359753][ T5855] lo speed is unknown, defaulting to 1000 [ 70.547747][ T5872] 9pnet_fd: Insufficient options for proto=fd [ 70.896517][ T5893] lo speed is unknown, defaulting to 1000 [ 71.075066][ T5913] netlink: 'syz.3.943': attribute type 32 has an invalid length. [ 71.082929][ T5913] netlink: 12 bytes leftover after parsing attributes in process `syz.3.943'. [ 71.106349][ T5908] siw: device registration error -23 [ 71.117436][ T5905] loop1: detected capacity change from 0 to 8192 [ 71.124160][ T5908] loop4: detected capacity change from 0 to 512 [ 71.160048][ T5908] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.940: bg 0: block 248: padding at end of block bitmap is not set [ 71.186682][ T5908] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.940: Failed to acquire dquot type 1 [ 71.199507][ T5908] EXT4-fs (loop4): 1 truncate cleaned up [ 71.205853][ T5908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.218432][ T5908] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 71.247438][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.373821][ T5947] 9pnet_fd: Insufficient options for proto=fd [ 71.399251][ T5949] bond1: entered promiscuous mode [ 71.404347][ T5949] bond1: entered allmulticast mode [ 71.409779][ T5949] 8021q: adding VLAN 0 to HW filter on device bond1 [ 71.418673][ T5949] bond1 (unregistering): Released all slaves [ 71.488435][ T5949] loop3: detected capacity change from 0 to 512 [ 71.495380][ T5949] FAT-fs (loop3): bogus logical sector size 0 [ 71.501512][ T5949] FAT-fs (loop3): Can't find a valid FAT filesystem [ 71.518058][ T5949] ALSA: seq fatal error: cannot create timer (-19) [ 71.823736][ T5954] bond1: entered promiscuous mode [ 71.828887][ T5954] bond1: entered allmulticast mode [ 71.834555][ T5954] 8021q: adding VLAN 0 to HW filter on device bond1 [ 71.841393][ T5959] 9pnet_fd: Insufficient options for proto=fd [ 71.849277][ T5954] bond1 (unregistering): Released all slaves [ 71.915859][ T5963] netlink: 20 bytes leftover after parsing attributes in process `syz.0.960'. [ 71.936277][ T5954] loop3: detected capacity change from 0 to 512 [ 71.943094][ T5954] FAT-fs (loop3): bogus logical sector size 0 [ 71.949243][ T5954] FAT-fs (loop3): Can't find a valid FAT filesystem [ 71.983309][ T5954] ALSA: seq fatal error: cannot create timer (-19) [ 72.059715][ T5977] bond1: entered promiscuous mode [ 72.064901][ T5977] bond1: entered allmulticast mode [ 72.070472][ T5977] 8021q: adding VLAN 0 to HW filter on device bond1 [ 72.077373][ T5973] loop2: detected capacity change from 0 to 8192 [ 72.085361][ T5977] bond1 (unregistering): Released all slaves [ 72.192149][ T5977] loop3: detected capacity change from 0 to 512 [ 72.211412][ T5977] FAT-fs (loop3): bogus logical sector size 0 [ 72.217677][ T5977] FAT-fs (loop3): Can't find a valid FAT filesystem [ 72.235599][ T5997] 9pnet_fd: Insufficient options for proto=fd [ 72.274510][ T5977] ALSA: seq fatal error: cannot create timer (-19) [ 72.296008][ T5994] bond1: entered promiscuous mode [ 72.301063][ T5994] bond1: entered allmulticast mode [ 72.314739][ T5994] 8021q: adding VLAN 0 to HW filter on device bond1 [ 72.322652][ T6011] netlink: 20 bytes leftover after parsing attributes in process `syz.0.979'. [ 72.346053][ T5994] bond1 (unregistering): Released all slaves [ 72.378911][ T6021] loop4: detected capacity change from 0 to 512 [ 72.399345][ T6021] FAT-fs (loop4): bogus logical sector size 0 [ 72.405545][ T6021] FAT-fs (loop4): Can't find a valid FAT filesystem [ 72.447880][ T5994] ALSA: seq fatal error: cannot create timer (-19) [ 72.486485][ T6035] netlink: 'syz.4.987': attribute type 32 has an invalid length. [ 72.494378][ T6035] netlink: 12 bytes leftover after parsing attributes in process `syz.4.987'. [ 72.686140][ T6065] netlink: 'syz.4.1003': attribute type 32 has an invalid length. [ 72.694025][ T6065] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1003'. [ 72.879104][ T6093] netlink: 'syz.4.1017': attribute type 32 has an invalid length. [ 72.887065][ T6093] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1017'. [ 72.953183][ T6106] 9pnet_fd: Insufficient options for proto=fd [ 73.021710][ T6121] netlink: 'syz.1.1029': attribute type 32 has an invalid length. [ 73.029641][ T6121] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1029'. [ 73.222033][ T6138] 9pnet_fd: Insufficient options for proto=fd [ 73.276078][ T6146] loop3: detected capacity change from 0 to 512 [ 73.296083][ T6146] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1040: bg 0: block 248: padding at end of block bitmap is not set [ 73.310768][ T6146] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.1040: Failed to acquire dquot type 1 [ 73.322679][ T6146] EXT4-fs (loop3): 1 truncate cleaned up [ 73.328659][ T6146] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.341476][ T6146] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 73.375286][ T29] kauditd_printk_skb: 751 callbacks suppressed [ 73.375299][ T29] audit: type=1400 audit(1738602605.727:2773): avc: denied { create } for pid=6149 comm="syz.2.1041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 73.403330][ T6150] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1041'. [ 73.419561][ T29] audit: type=1400 audit(1738602605.757:2774): avc: denied { write } for pid=6149 comm="syz.2.1041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 73.439747][ T29] audit: type=1400 audit(1738602605.757:2775): avc: denied { nlmsg_write } for pid=6149 comm="syz.2.1041" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 73.475396][ T29] audit: type=1400 audit(1738602605.827:2776): avc: denied { read write } for pid=6152 comm="syz.2.1042" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 73.499117][ T29] audit: type=1400 audit(1738602605.827:2777): avc: denied { open } for pid=6152 comm="syz.2.1042" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 73.522671][ T29] audit: type=1400 audit(1738602605.847:2778): avc: denied { unmount } for pid=3303 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 73.524342][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.563404][ T29] audit: type=1400 audit(1738602605.907:2779): avc: denied { ioctl } for pid=6158 comm="syz.3.1043" path="socket:[13427]" dev="sockfs" ino=13427 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 73.594183][ T29] audit: type=1400 audit(1738602605.937:2780): avc: denied { map } for pid=6158 comm="syz.3.1043" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13428 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 73.618459][ T29] audit: type=1400 audit(1738602605.937:2781): avc: denied { read write } for pid=6158 comm="syz.3.1043" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=13428 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 73.643300][ T29] audit: type=1400 audit(1738602605.937:2782): avc: denied { create } for pid=6158 comm="syz.3.1043" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 73.730014][ T6165] loop3: detected capacity change from 0 to 8192 [ 73.752752][ T6171] loop2: detected capacity change from 0 to 256 [ 73.794598][ T6171] usb usb6: usbfs: process 6171 (syz.2.1049) did not claim interface 0 before use [ 73.864421][ T6180] netlink: 140 bytes leftover after parsing attributes in process `syz.0.1052'. [ 73.956628][ T6181] loop4: detected capacity change from 0 to 8192 [ 73.963979][ T6186] siw: device registration error -23 [ 74.007161][ T6186] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1055'. [ 74.021262][ T6186] loop1: detected capacity change from 0 to 512 [ 74.048441][ T6186] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1055: bg 0: block 248: padding at end of block bitmap is not set [ 74.063544][ T6186] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.1055: Failed to acquire dquot type 1 [ 74.081103][ T6186] EXT4-fs (loop1): 1 truncate cleaned up [ 74.087933][ T6186] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.100638][ T6186] ext4 filesystem being mounted at /174/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.129959][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.251546][ T6208] bond1: entered promiscuous mode [ 74.256688][ T6208] bond1: entered allmulticast mode [ 74.284336][ T6208] 8021q: adding VLAN 0 to HW filter on device bond1 [ 74.432685][ T6208] bond1 (unregistering): Released all slaves [ 74.447237][ T6210] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1060'. [ 74.471585][ T6213] loop1: detected capacity change from 0 to 512 [ 74.501215][ T6213] FAT-fs (loop1): bogus logical sector size 0 [ 74.507521][ T6213] FAT-fs (loop1): Can't find a valid FAT filesystem [ 74.541793][ T6220] 9pnet_fd: Insufficient options for proto=fd [ 74.591176][ T6208] ALSA: seq fatal error: cannot create timer (-19) [ 74.738572][ T6232] loop2: detected capacity change from 0 to 8192 [ 74.843685][ T6236] siw: device registration error -23 [ 74.851054][ T6236] loop7: detected capacity change from 0 to 16384 [ 74.927741][ T6236] blk_print_req_error: 30 callbacks suppressed [ 74.927759][ T6236] I/O error, dev loop7, sector 8448 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 0 [ 74.947071][ T6242] loop1: detected capacity change from 0 to 512 [ 74.974437][ T6236] I/O error, dev loop7, sector 8704 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0 [ 74.986738][ T6236] I/O error, dev loop7, sector 8448 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 74.996211][ T6236] buffer_io_error: 3322 callbacks suppressed [ 74.996293][ T6236] Buffer I/O error on dev loop7, logical block 1056, async page read [ 75.021165][ T6242] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1073: bg 0: block 248: padding at end of block bitmap is not set [ 75.073345][ T6242] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.1073: Failed to acquire dquot type 1 [ 75.089998][ T6242] EXT4-fs (loop1): 1 truncate cleaned up [ 75.106061][ T6242] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.136000][ T6242] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 75.192765][ T6235] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 75.202578][ T6235] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 75.210959][ T6235] Buffer I/O error on dev loop7, logical block 1, lost async page write [ 75.219315][ T6235] Buffer I/O error on dev loop7, logical block 2, lost async page write [ 75.227662][ T6235] Buffer I/O error on dev loop7, logical block 3, lost async page write [ 75.236143][ T6235] Buffer I/O error on dev loop7, logical block 4, lost async page write [ 75.244508][ T6235] Buffer I/O error on dev loop7, logical block 5, lost async page write [ 75.252943][ T6235] Buffer I/O error on dev loop7, logical block 6, lost async page write [ 75.261347][ T6235] Buffer I/O error on dev loop7, logical block 7, lost async page write [ 75.269758][ T6235] Buffer I/O error on dev loop7, logical block 8, lost async page write [ 75.283408][ T6235] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 75.297968][ T6235] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 75.336960][ T6235] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 75.349777][ T6235] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 75.363752][ T6235] I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 75.377071][ T6235] I/O error, dev loop7, sector 6144 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 75.406151][ T6259] bond1: entered promiscuous mode [ 75.411277][ T6259] bond1: entered allmulticast mode [ 75.417499][ T6259] 8021q: adding VLAN 0 to HW filter on device bond1 [ 75.427643][ T6259] bond1 (unregistering): Released all slaves [ 75.450114][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.730888][ T6283] 9pnet_fd: Insufficient options for proto=fd [ 75.852039][ T6299] bond1: entered promiscuous mode [ 75.857166][ T6299] bond1: entered allmulticast mode [ 75.862381][ T6299] 8021q: adding VLAN 0 to HW filter on device bond1 [ 75.872255][ T6299] bond1 (unregistering): Released all slaves [ 76.003620][ T6314] loop1: detected capacity change from 0 to 512 [ 76.035706][ T6314] FAT-fs (loop1): bogus logical sector size 0 [ 76.041811][ T6314] FAT-fs (loop1): Can't find a valid FAT filesystem [ 76.069054][ T6299] ALSA: seq fatal error: cannot create timer (-19) [ 76.363137][ T6327] loop3: detected capacity change from 0 to 256 [ 76.405365][ T6327] usb usb6: usbfs: process 6327 (syz.3.1108) did not claim interface 0 before use [ 76.695331][ T6328] lo speed is unknown, defaulting to 1000 [ 76.816922][ T6349] bond1: entered promiscuous mode [ 76.822052][ T6349] bond1: entered allmulticast mode [ 76.837976][ T6349] 8021q: adding VLAN 0 to HW filter on device bond1 [ 76.855217][ T6349] bond1 (unregistering): Released all slaves [ 76.926793][ T6349] loop4: detected capacity change from 0 to 512 [ 76.933573][ T6349] FAT-fs (loop4): bogus logical sector size 0 [ 76.939747][ T6349] FAT-fs (loop4): Can't find a valid FAT filesystem [ 76.976636][ T6349] ALSA: seq fatal error: cannot create timer (-19) [ 77.232536][ T6366] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 77.243479][ T6368] 9pnet_fd: Insufficient options for proto=fd [ 77.395213][ T6384] bond1: entered promiscuous mode [ 77.400267][ T6384] bond1: entered allmulticast mode [ 77.405936][ T6384] 8021q: adding VLAN 0 to HW filter on device bond1 [ 77.428201][ T6384] bond1 (unregistering): Released all slaves [ 77.463128][ T6392] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 77.501776][ T6384] loop3: detected capacity change from 0 to 512 [ 77.508857][ T6384] FAT-fs (loop3): bogus logical sector size 0 [ 77.515086][ T6384] FAT-fs (loop3): Can't find a valid FAT filesystem [ 77.543986][ T6397] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 77.551477][ T6384] ALSA: seq fatal error: cannot create timer (-19) [ 77.572000][ T6399] __nla_validate_parse: 6 callbacks suppressed [ 77.572054][ T6399] netlink: 140 bytes leftover after parsing attributes in process `syz.0.1136'. [ 77.720179][ T6420] 9pnet_fd: Insufficient options for proto=fd [ 77.757121][ T6426] netlink: 140 bytes leftover after parsing attributes in process `syz.0.1149'. [ 77.853862][ T6440] FAULT_INJECTION: forcing a failure. [ 77.853862][ T6440] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 77.866979][ T6440] CPU: 0 UID: 0 PID: 6440 Comm: syz.4.1156 Not tainted 6.14.0-rc1-syzkaller #0 [ 77.867037][ T6440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 77.867046][ T6440] Call Trace: [ 77.867051][ T6440] [ 77.867123][ T6440] dump_stack_lvl+0xf2/0x150 [ 77.867145][ T6440] dump_stack+0x15/0x1a [ 77.867212][ T6440] should_fail_ex+0x24a/0x260 [ 77.867239][ T6440] should_fail+0xb/0x10 [ 77.867325][ T6440] should_fail_usercopy+0x1a/0x20 [ 77.867342][ T6440] _copy_to_user+0x20/0xa0 [ 77.867391][ T6440] simple_read_from_buffer+0xa0/0x110 [ 77.867413][ T6440] proc_fail_nth_read+0xf9/0x140 [ 77.867452][ T6440] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 77.867473][ T6440] vfs_read+0x19b/0x6f0 [ 77.867491][ T6440] ? __rcu_read_unlock+0x4e/0x70 [ 77.867508][ T6440] ? __fget_files+0x17c/0x1c0 [ 77.867530][ T6440] ksys_read+0xe8/0x1b0 [ 77.867557][ T6440] __x64_sys_read+0x42/0x50 [ 77.867576][ T6440] x64_sys_call+0x2874/0x2dc0 [ 77.867637][ T6440] do_syscall_64+0xc9/0x1c0 [ 77.867657][ T6440] ? clear_bhb_loop+0x55/0xb0 [ 77.867730][ T6440] ? clear_bhb_loop+0x55/0xb0 [ 77.867751][ T6440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.867822][ T6440] RIP: 0033:0x7f9b4370b7bc [ 77.867835][ T6440] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 77.867851][ T6440] RSP: 002b:00007f9b41d71030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 77.867868][ T6440] RAX: ffffffffffffffda RBX: 00007f9b43925fa0 RCX: 00007f9b4370b7bc [ 77.867880][ T6440] RDX: 000000000000000f RSI: 00007f9b41d710a0 RDI: 0000000000000006 [ 77.867891][ T6440] RBP: 00007f9b41d71090 R08: 0000000000000000 R09: 0000000000000000 [ 77.867901][ T6440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 77.867911][ T6440] R13: 0000000000000000 R14: 00007f9b43925fa0 R15: 00007ffcc6396c38 [ 77.867990][ T6440] [ 78.065497][ T6428] loop3: detected capacity change from 0 to 8192 [ 78.109866][ T6428] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 78.177842][ T6452] siw: device registration error -23 [ 78.198778][ T6456] netlink: 140 bytes leftover after parsing attributes in process `syz.1.1162'. [ 78.235071][ T6452] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1163'. [ 78.249622][ T6452] loop7: detected capacity change from 0 to 16384 [ 78.276904][ T6465] 9pnet_fd: Insufficient options for proto=fd [ 78.312501][ T6467] loop4: detected capacity change from 0 to 512 [ 78.346424][ T6467] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1163: bg 0: block 248: padding at end of block bitmap is not set [ 78.398273][ T29] kauditd_printk_skb: 425 callbacks suppressed [ 78.398286][ T29] audit: type=1326 audit(1738602609.751:3204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.0.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 78.407411][ T6467] Quota error (device loop4): write_blk: dquota write failed [ 78.428091][ T29] audit: type=1326 audit(1738602609.751:3205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.0.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 78.435491][ T6467] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 78.459216][ T29] audit: type=1326 audit(1738602609.751:3206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.0.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 78.492361][ T29] audit: type=1326 audit(1738602609.751:3207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.0.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 78.515789][ T29] audit: type=1326 audit(1738602609.751:3208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.0.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 78.539164][ T29] audit: type=1326 audit(1738602609.751:3209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.0.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 78.541328][ T6473] loop3: detected capacity change from 0 to 8192 [ 78.562648][ T29] audit: type=1326 audit(1738602609.751:3210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.0.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 78.594181][ T6467] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1163: Failed to acquire dquot type 1 [ 78.607978][ T6473] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 78.612814][ T29] audit: type=1326 audit(1738602609.951:3211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6482 comm="syz.0.1174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 78.646889][ T6467] EXT4-fs (loop4): 1 truncate cleaned up [ 78.664015][ T6489] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1177'. [ 78.664619][ T6467] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.696507][ T6467] ext4 filesystem being mounted at /225/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 78.746415][ T6497] 9pnet_fd: Insufficient options for proto=fd [ 78.761756][ T6499] loop1: detected capacity change from 0 to 256 [ 78.796043][ T6503] loop2: detected capacity change from 0 to 512 [ 78.810188][ T6503] EXT4-fs: inline encryption not supported [ 78.816418][ T6499] usb usb6: usbfs: process 6499 (syz.1.1182) did not claim interface 0 before use [ 78.828000][ T6503] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 78.836806][ T6503] EXT4-fs (loop2): bad geometry: block count 589952 exceeds size of device (128 blocks) [ 78.901110][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.922147][ T6511] bond2: entered promiscuous mode [ 78.927234][ T6511] bond2: entered allmulticast mode [ 78.942826][ T6511] 8021q: adding VLAN 0 to HW filter on device bond2 [ 78.956314][ T6511] bond2 (unregistering): Released all slaves [ 79.067588][ T6511] loop2: detected capacity change from 0 to 512 [ 79.075836][ T6511] FAT-fs (loop2): bogus logical sector size 0 [ 79.081923][ T6511] FAT-fs (loop2): Can't find a valid FAT filesystem [ 79.127259][ T6511] ALSA: seq fatal error: cannot create timer (-19) [ 79.210578][ T6523] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 79.228056][ T6530] netlink: 140 bytes leftover after parsing attributes in process `syz.2.1194'. [ 79.347671][ T6535] syzkaller0: entered promiscuous mode [ 79.353174][ T6535] syzkaller0: entered allmulticast mode [ 79.381809][ T6542] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 79.627386][ T6560] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1204'. [ 79.651025][ T6556] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.1204'. [ 79.683627][ T6564] netlink: 140 bytes leftover after parsing attributes in process `syz.3.1207'. [ 79.731336][ T6571] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 79.829417][ T6576] syzkaller0: entered promiscuous mode [ 79.835132][ T6576] syzkaller0: entered allmulticast mode [ 80.064310][ T6591] lo speed is unknown, defaulting to 1000 [ 80.392663][ T6597] netlink: 140 bytes leftover after parsing attributes in process `syz.3.1220'. [ 80.488374][ T6601] bond1: entered promiscuous mode [ 80.493505][ T6601] bond1: entered allmulticast mode [ 80.504178][ T6601] 8021q: adding VLAN 0 to HW filter on device bond1 [ 80.513765][ T6601] bond1 (unregistering): Released all slaves [ 80.529607][ T6606] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 80.619806][ T6617] siw: device registration error -23 [ 80.638862][ T6617] loop7: detected capacity change from 0 to 16384 [ 80.727215][ T6622] loop1: detected capacity change from 0 to 512 [ 80.747259][ T6617] blk_print_req_error: 13 callbacks suppressed [ 80.747274][ T6617] I/O error, dev loop7, sector 11264 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0 [ 80.782377][ T6617] I/O error, dev loop7, sector 11520 op 0x0:(READ) flags 0x80700 phys_seg 20 prio class 0 [ 80.802058][ T6617] I/O error, dev loop7, sector 11264 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 80.811687][ T6617] buffer_io_error: 2008 callbacks suppressed [ 80.811699][ T6617] Buffer I/O error on dev loop7, logical block 1408, async page read [ 80.830793][ T6622] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1229: bg 0: block 248: padding at end of block bitmap is not set [ 80.846102][ T6622] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.1229: Failed to acquire dquot type 1 [ 80.857968][ T6622] EXT4-fs (loop1): 1 truncate cleaned up [ 80.865237][ T6622] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 80.878946][ T6622] ext4 filesystem being mounted at /206/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.946687][ T6616] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 80.956405][ T6616] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 80.964775][ T6616] Buffer I/O error on dev loop7, logical block 1, lost async page write [ 80.973193][ T6616] Buffer I/O error on dev loop7, logical block 2, lost async page write [ 80.981561][ T6616] Buffer I/O error on dev loop7, logical block 3, lost async page write [ 80.989978][ T6616] Buffer I/O error on dev loop7, logical block 4, lost async page write [ 80.998423][ T6616] Buffer I/O error on dev loop7, logical block 5, lost async page write [ 81.006824][ T6616] Buffer I/O error on dev loop7, logical block 6, lost async page write [ 81.015180][ T6616] Buffer I/O error on dev loop7, logical block 7, lost async page write [ 81.023659][ T6616] Buffer I/O error on dev loop7, logical block 8, lost async page write [ 81.036821][ T6616] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 81.050279][ T6616] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 81.064513][ T6616] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 81.077522][ T6616] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 81.090598][ T6616] I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 81.104452][ T6616] I/O error, dev loop7, sector 6144 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 81.157374][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.265601][ T6642] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 81.390034][ T6652] FAULT_INJECTION: forcing a failure. [ 81.390034][ T6652] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.403142][ T6652] CPU: 0 UID: 0 PID: 6652 Comm: syz.2.1242 Not tainted 6.14.0-rc1-syzkaller #0 [ 81.403164][ T6652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 81.403174][ T6652] Call Trace: [ 81.403180][ T6652] [ 81.403187][ T6652] dump_stack_lvl+0xf2/0x150 [ 81.403207][ T6652] dump_stack+0x15/0x1a [ 81.403223][ T6652] should_fail_ex+0x24a/0x260 [ 81.403307][ T6652] should_fail+0xb/0x10 [ 81.403410][ T6652] should_fail_usercopy+0x1a/0x20 [ 81.403464][ T6652] _copy_from_iter+0xd5/0xd00 [ 81.403481][ T6652] ? kmalloc_reserve+0x16e/0x190 [ 81.403503][ T6652] ? __build_skb_around+0x196/0x1f0 [ 81.403584][ T6652] ? __alloc_skb+0x21f/0x310 [ 81.403668][ T6652] ? __virt_addr_valid+0x1ed/0x250 [ 81.403690][ T6652] ? __check_object_size+0x364/0x520 [ 81.403745][ T6652] netlink_sendmsg+0x460/0x6e0 [ 81.403831][ T6652] ? __pfx_netlink_sendmsg+0x10/0x10 [ 81.403888][ T6652] __sock_sendmsg+0x140/0x180 [ 81.403905][ T6652] ____sys_sendmsg+0x312/0x410 [ 81.403981][ T6652] __sys_sendmsg+0x19d/0x230 [ 81.404016][ T6652] __x64_sys_sendmsg+0x46/0x50 [ 81.404041][ T6652] x64_sys_call+0x2734/0x2dc0 [ 81.404064][ T6652] do_syscall_64+0xc9/0x1c0 [ 81.404158][ T6652] ? clear_bhb_loop+0x55/0xb0 [ 81.404263][ T6652] ? clear_bhb_loop+0x55/0xb0 [ 81.404283][ T6652] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.404376][ T6652] RIP: 0033:0x7f804f95cda9 [ 81.404390][ T6652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.404405][ T6652] RSP: 002b:00007f804dfc1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 81.404420][ T6652] RAX: ffffffffffffffda RBX: 00007f804fb75fa0 RCX: 00007f804f95cda9 [ 81.404440][ T6652] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000006 [ 81.404449][ T6652] RBP: 00007f804dfc1090 R08: 0000000000000000 R09: 0000000000000000 [ 81.404459][ T6652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.404469][ T6652] R13: 0000000000000000 R14: 00007f804fb75fa0 R15: 00007ffff025d268 [ 81.404485][ T6652] [ 81.816748][ T6670] FAULT_INJECTION: forcing a failure. [ 81.816748][ T6670] name failslab, interval 1, probability 0, space 0, times 0 [ 81.829480][ T6670] CPU: 1 UID: 0 PID: 6670 Comm: syz.3.1251 Not tainted 6.14.0-rc1-syzkaller #0 [ 81.829500][ T6670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 81.829509][ T6670] Call Trace: [ 81.829515][ T6670] [ 81.829521][ T6670] dump_stack_lvl+0xf2/0x150 [ 81.829546][ T6670] dump_stack+0x15/0x1a [ 81.829590][ T6670] should_fail_ex+0x24a/0x260 [ 81.829615][ T6670] should_failslab+0x8f/0xb0 [ 81.829633][ T6670] __kmalloc_node_track_caller_noprof+0xa8/0x410 [ 81.829662][ T6670] ? sidtab_sid2str_get+0xb8/0x140 [ 81.829715][ T6670] kmemdup_noprof+0x2a/0x60 [ 81.829760][ T6670] sidtab_sid2str_get+0xb8/0x140 [ 81.829780][ T6670] security_sid_to_context_core+0x1eb/0x2f0 [ 81.829906][ T6670] security_sid_to_context+0x27/0x30 [ 81.829941][ T6670] selinux_lsmprop_to_secctx+0x68/0xf0 [ 81.829959][ T6670] security_lsmprop_to_secctx+0x40/0x80 [ 81.829980][ T6670] audit_log_task_context+0x76/0x180 [ 81.830052][ T6670] audit_log_task+0xf9/0x1c0 [ 81.830072][ T6670] audit_seccomp+0x68/0x130 [ 81.830092][ T6670] __seccomp_filter+0x6fa/0x1180 [ 81.830191][ T6670] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 81.830214][ T6670] ? vfs_write+0x644/0x920 [ 81.830237][ T6670] __secure_computing+0x9f/0x1c0 [ 81.830304][ T6670] syscall_trace_enter+0xd1/0x1f0 [ 81.830321][ T6670] ? fpregs_assert_state_consistent+0x83/0xa0 [ 81.830347][ T6670] do_syscall_64+0xaa/0x1c0 [ 81.830368][ T6670] ? clear_bhb_loop+0x55/0xb0 [ 81.830393][ T6670] ? clear_bhb_loop+0x55/0xb0 [ 81.830417][ T6670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.830437][ T6670] RIP: 0033:0x7f0e4dfecda9 [ 81.830449][ T6670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.830464][ T6670] RSP: 002b:00007f0e4c657038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f1 [ 81.830522][ T6670] RAX: ffffffffffffffda RBX: 00007f0e4e205fa0 RCX: 00007f0e4dfecda9 [ 81.830532][ T6670] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 81.830544][ T6670] RBP: 00007f0e4c657090 R08: 0000000000000000 R09: 0000000000000000 [ 81.830555][ T6670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.830567][ T6670] R13: 0000000000000000 R14: 00007f0e4e205fa0 R15: 00007ffcbb22a7c8 [ 81.830582][ T6670] [ 82.100019][ T6670] loop3: detected capacity change from 0 to 2048 [ 82.105736][ T6672] bond2: entered promiscuous mode [ 82.111412][ T6672] bond2: entered allmulticast mode [ 82.135424][ T6672] 8021q: adding VLAN 0 to HW filter on device bond2 [ 82.149733][ T6672] bond2 (unregistering): Released all slaves [ 82.156291][ T6670] loop3: p1 < > p4 [ 82.175739][ T6670] loop3: p4 size 8388608 extends beyond EOD, truncated [ 82.247139][ T3000] loop3: p1 < > p4 [ 82.258238][ T3000] loop3: p4 size 8388608 extends beyond EOD, truncated [ 82.266574][ T6672] loop2: detected capacity change from 0 to 512 [ 82.282909][ T6672] FAT-fs (loop2): bogus logical sector size 0 [ 82.289183][ T6672] FAT-fs (loop2): Can't find a valid FAT filesystem [ 82.350540][ T3599] udevd[3599]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 82.352361][ T3285] udevd[3285]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 82.392823][ T6672] ALSA: seq fatal error: cannot create timer (-19) [ 82.906946][ T6719] bond1: entered promiscuous mode [ 82.912002][ T6719] bond1: entered allmulticast mode [ 82.917398][ T6719] 8021q: adding VLAN 0 to HW filter on device bond1 [ 82.926983][ T6719] bond1 (unregistering): Released all slaves [ 82.941774][ T6722] __nla_validate_parse: 6 callbacks suppressed [ 82.941788][ T6722] netlink: 140 bytes leftover after parsing attributes in process `syz.1.1268'. [ 83.018892][ T6719] loop4: detected capacity change from 0 to 512 [ 83.025874][ T6719] FAT-fs (loop4): bogus logical sector size 0 [ 83.031961][ T6719] FAT-fs (loop4): Can't find a valid FAT filesystem [ 83.051924][ T6719] ALSA: seq fatal error: cannot create timer (-19) [ 83.083832][ T6733] loop4: detected capacity change from 0 to 256 [ 83.114948][ T6733] usb usb6: usbfs: process 6733 (syz.4.1271) did not claim interface 0 before use [ 83.527313][ T6749] loop2: detected capacity change from 0 to 8192 [ 83.541251][ T6749] tbf_change: 1 callbacks suppressed [ 83.541311][ T6749] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 83.596601][ T29] kauditd_printk_skb: 202 callbacks suppressed [ 83.596616][ T29] audit: type=1400 audit(1738602614.951:3411): avc: denied { read } for pid=3038 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1 [ 83.625058][ T29] audit: type=1400 audit(1738602614.951:3412): avc: denied { search } for pid=3038 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 83.646438][ T29] audit: type=1400 audit(1738602614.951:3413): avc: denied { read } for pid=3038 comm="dhcpcd" name="n27" dev="tmpfs" ino=6440 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 83.668197][ T29] audit: type=1400 audit(1738602614.951:3414): avc: denied { open } for pid=3038 comm="dhcpcd" path="/run/udev/data/n27" dev="tmpfs" ino=6440 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 83.691166][ T29] audit: type=1400 audit(1738602614.951:3415): avc: denied { getattr } for pid=3038 comm="dhcpcd" path="/run/udev/data/n27" dev="tmpfs" ino=6440 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 83.730501][ T6754] netlink: 140 bytes leftover after parsing attributes in process `syz.0.1279'. [ 83.768082][ T6758] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1278'. [ 83.852957][ T29] audit: type=1400 audit(1738602615.201:3416): avc: denied { read } for pid=6768 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=416 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 83.876097][ T29] audit: type=1400 audit(1738602615.201:3417): avc: denied { open } for pid=6768 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=416 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 83.901138][ T29] audit: type=1400 audit(1738602615.201:3418): avc: denied { getattr } for pid=6768 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=416 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 83.934249][ T29] audit: type=1400 audit(1738602615.231:3419): avc: denied { write } for pid=6765 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=415 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 83.957315][ T29] audit: type=1400 audit(1738602615.231:3420): avc: denied { add_name } for pid=6765 comm="dhcpcd-run-hook" name="resolv.conf.sl0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 84.052965][ T6802] loop2: detected capacity change from 0 to 512 [ 84.076316][ T6802] EXT4-fs warning (device loop2): ext4_enable_quotas:7145: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 84.082462][ T6808] 9pnet_fd: Insufficient options for proto=fd [ 84.092216][ T6802] EXT4-fs (loop2): mount failed [ 84.152356][ T6811] FAULT_INJECTION: forcing a failure. [ 84.152356][ T6811] name failslab, interval 1, probability 0, space 0, times 0 [ 84.165113][ T6811] CPU: 0 UID: 0 PID: 6811 Comm: syz.4.1290 Not tainted 6.14.0-rc1-syzkaller #0 [ 84.165211][ T6811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 84.165221][ T6811] Call Trace: [ 84.165226][ T6811] [ 84.165233][ T6811] dump_stack_lvl+0xf2/0x150 [ 84.165258][ T6811] dump_stack+0x15/0x1a [ 84.165313][ T6811] should_fail_ex+0x24a/0x260 [ 84.165366][ T6811] should_failslab+0x8f/0xb0 [ 84.165386][ T6811] kmem_cache_alloc_noprof+0x52/0x320 [ 84.165414][ T6811] ? audit_log_start+0x34c/0x6b0 [ 84.165444][ T6811] audit_log_start+0x34c/0x6b0 [ 84.165552][ T6811] audit_seccomp+0x4b/0x130 [ 84.165575][ T6811] __seccomp_filter+0x6fa/0x1180 [ 84.165594][ T6811] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 84.165623][ T6811] ? vfs_write+0x644/0x920 [ 84.165647][ T6811] __secure_computing+0x9f/0x1c0 [ 84.165668][ T6811] syscall_trace_enter+0xd1/0x1f0 [ 84.165689][ T6811] ? fpregs_assert_state_consistent+0x83/0xa0 [ 84.165798][ T6811] do_syscall_64+0xaa/0x1c0 [ 84.165819][ T6811] ? clear_bhb_loop+0x55/0xb0 [ 84.165839][ T6811] ? clear_bhb_loop+0x55/0xb0 [ 84.165864][ T6811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.165888][ T6811] RIP: 0033:0x7f9b4370cda9 [ 84.165903][ T6811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.165920][ T6811] RSP: 002b:00007f9b41d71038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ba [ 84.165939][ T6811] RAX: ffffffffffffffda RBX: 00007f9b43925fa0 RCX: 00007f9b4370cda9 [ 84.165950][ T6811] RDX: 0000000000001000 RSI: 0000000020000240 RDI: ffffffffffffff9c [ 84.165962][ T6811] RBP: 00007f9b41d71090 R08: 0000000000000020 R09: 0000000000000000 [ 84.165973][ T6811] R10: 0000000020000280 R11: 0000000000000246 R12: 0000000000000001 [ 84.165990][ T6811] R13: 0000000000000000 R14: 00007f9b43925fa0 R15: 00007ffcc6396c38 [ 84.166004][ T6811] [ 84.377178][ T6814] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1291'. [ 84.505483][ T6825] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1288'. [ 84.514535][ T6825] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1288'. [ 84.537822][ T6825] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1288'. [ 84.546900][ T6825] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1288'. [ 84.629496][ T6825] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1288'. [ 84.638543][ T6825] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1288'. [ 84.869406][ T6830] loop3: detected capacity change from 0 to 8192 [ 84.881686][ T6830] vfat: Unknown parameter '†ÅhèŸå;ê¿ ' [ 85.018769][ T6846] 9pnet_fd: Insufficient options for proto=fd [ 85.312183][ T6860] siw: device registration error -23 [ 85.319852][ T6860] loop7: detected capacity change from 0 to 16384 [ 85.381405][ T6860] loop4: detected capacity change from 0 to 512 [ 85.406131][ T6860] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1308: bg 0: block 248: padding at end of block bitmap is not set [ 85.420656][ T6860] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1308: Failed to acquire dquot type 1 [ 85.432668][ T6860] EXT4-fs (loop4): 1 truncate cleaned up [ 85.438583][ T6860] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.451190][ T6860] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 85.540314][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.557217][ T6866] loop4: detected capacity change from 0 to 256 [ 85.594440][ T6866] usb usb6: usbfs: process 6866 (syz.4.1310) did not claim interface 0 before use [ 85.804348][ T6871] FAULT_INJECTION: forcing a failure. [ 85.804348][ T6871] name failslab, interval 1, probability 0, space 0, times 0 [ 85.817031][ T6871] CPU: 0 UID: 0 PID: 6871 Comm: +|[@ Not tainted 6.14.0-rc1-syzkaller #0 [ 85.817064][ T6871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 85.817075][ T6871] Call Trace: [ 85.817081][ T6871] [ 85.817088][ T6871] dump_stack_lvl+0xf2/0x150 [ 85.817112][ T6871] dump_stack+0x15/0x1a [ 85.817130][ T6871] should_fail_ex+0x24a/0x260 [ 85.817185][ T6871] should_failslab+0x8f/0xb0 [ 85.817208][ T6871] __kmalloc_node_noprof+0xad/0x410 [ 85.817349][ T6871] ? __kvmalloc_node_noprof+0x72/0x170 [ 85.817372][ T6871] __kvmalloc_node_noprof+0x72/0x170 [ 85.817393][ T6871] xt_alloc_entry_offsets+0x47/0x50 [ 85.817435][ T6871] translate_table+0xa3/0xf70 [ 85.817453][ T6871] ? __memcg_slab_post_alloc_hook+0x510/0x660 [ 85.817542][ T6871] ? _copy_from_user+0x89/0xa0 [ 85.817563][ T6871] do_ipt_set_ctl+0x7bd/0x8b0 [ 85.817643][ T6871] ? tcp_release_cb+0xfe/0x380 [ 85.817668][ T6871] nf_setsockopt+0x195/0x1b0 [ 85.817696][ T6871] ip_setsockopt+0xea/0x100 [ 85.817717][ T6871] tcp_setsockopt+0x93/0xb0 [ 85.817795][ T6871] sock_common_setsockopt+0x64/0x80 [ 85.817814][ T6871] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 85.817834][ T6871] __sys_setsockopt+0x187/0x200 [ 85.817855][ T6871] __x64_sys_setsockopt+0x66/0x80 [ 85.817902][ T6871] x64_sys_call+0x282e/0x2dc0 [ 85.817924][ T6871] do_syscall_64+0xc9/0x1c0 [ 85.817945][ T6871] ? clear_bhb_loop+0x55/0xb0 [ 85.818006][ T6871] ? clear_bhb_loop+0x55/0xb0 [ 85.818029][ T6871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.818051][ T6871] RIP: 0033:0x7feef203cda9 [ 85.818065][ T6871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.818081][ T6871] RSP: 002b:00007feef06a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 85.818135][ T6871] RAX: ffffffffffffffda RBX: 00007feef2255fa0 RCX: 00007feef203cda9 [ 85.818145][ T6871] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000005 [ 85.818154][ T6871] RBP: 00007feef06a1090 R08: 0000000000000570 R09: 0000000000000000 [ 85.818165][ T6871] R10: 0000000020000900 R11: 0000000000000246 R12: 0000000000000001 [ 85.818175][ T6871] R13: 0000000000000000 R14: 00007feef2255fa0 R15: 00007ffc6c4218e8 [ 85.818190][ T6871] [ 86.153675][ T6893] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 86.332087][ T6900] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 86.378538][ T6905] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 86.396750][ T6905] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 86.480583][ T6918] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 86.760028][ T6930] loop4: detected capacity change from 0 to 512 [ 86.775620][ T6930] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 86.788246][ T6930] ext4 filesystem being mounted at /256/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 86.891387][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.950339][ T6939] FAULT_INJECTION: forcing a failure. [ 86.950339][ T6939] name failslab, interval 1, probability 0, space 0, times 0 [ 86.963094][ T6939] CPU: 0 UID: 0 PID: 6939 Comm: syz.4.1339 Not tainted 6.14.0-rc1-syzkaller #0 [ 86.963179][ T6939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 86.963188][ T6939] Call Trace: [ 86.963193][ T6939] [ 86.963199][ T6939] dump_stack_lvl+0xf2/0x150 [ 86.963220][ T6939] dump_stack+0x15/0x1a [ 86.963235][ T6939] should_fail_ex+0x24a/0x260 [ 86.963281][ T6939] should_failslab+0x8f/0xb0 [ 86.963361][ T6939] kmem_cache_alloc_noprof+0x52/0x320 [ 86.963388][ T6939] ? security_inode_alloc+0x37/0x100 [ 86.963409][ T6939] security_inode_alloc+0x37/0x100 [ 86.963448][ T6939] inode_init_always_gfp+0x4a2/0x4f0 [ 86.963467][ T6939] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 86.963495][ T6939] alloc_inode+0x82/0x160 [ 86.963514][ T6939] new_inode+0x1e/0x100 [ 86.963606][ T6939] shmem_get_inode+0x24e/0x730 [ 86.963645][ T6939] __shmem_file_setup+0x127/0x1f0 [ 86.963665][ T6939] shmem_file_setup+0x3b/0x50 [ 86.963685][ T6939] __se_sys_memfd_create+0x2e1/0x5a0 [ 86.963701][ T6939] __x64_sys_memfd_create+0x31/0x40 [ 86.963715][ T6939] x64_sys_call+0x2d4c/0x2dc0 [ 86.963803][ T6939] do_syscall_64+0xc9/0x1c0 [ 86.963895][ T6939] ? clear_bhb_loop+0x55/0xb0 [ 86.963913][ T6939] ? clear_bhb_loop+0x55/0xb0 [ 86.963932][ T6939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.963999][ T6939] RIP: 0033:0x7f9b4370cda9 [ 86.964082][ T6939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.964100][ T6939] RSP: 002b:00007f9b41d70e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 86.964116][ T6939] RAX: ffffffffffffffda RBX: 0000000000000784 RCX: 00007f9b4370cda9 [ 86.964126][ T6939] RDX: 00007f9b41d70ef0 RSI: 0000000000000000 RDI: 00007f9b4378ec51 [ 86.964135][ T6939] RBP: 00000000200007c0 R08: 00007f9b41d70bb7 R09: 00007f9b41d70e40 [ 86.964144][ T6939] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000240 [ 86.964153][ T6939] R13: 00007f9b41d70ef0 R14: 00007f9b41d70eb0 R15: 0000000020000280 [ 86.964166][ T6939] [ 87.181781][ T6940] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 87.181781][ T6940] program syz.2.1338 not setting count and/or reply_len properly [ 87.241805][ T6951] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 87.296626][ T6957] siw: device registration error -23 [ 87.312009][ T6953] loop4: detected capacity change from 0 to 8192 [ 87.338226][ T6957] loop7: detected capacity change from 0 to 16384 [ 87.349076][ T6953] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 87.398297][ T6957] blk_print_req_error: 20 callbacks suppressed [ 87.398313][ T6957] I/O error, dev loop7, sector 8704 op 0x0:(READ) flags 0x80700 phys_seg 23 prio class 0 [ 87.418911][ T6968] loop2: detected capacity change from 0 to 512 [ 87.434008][ T6957] I/O error, dev loop7, sector 8960 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0 [ 87.449214][ T6957] I/O error, dev loop7, sector 8704 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 87.458742][ T6957] buffer_io_error: 3447 callbacks suppressed [ 87.458753][ T6957] Buffer I/O error on dev loop7, logical block 1088, async page read [ 87.487967][ T6968] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1347: bg 0: block 248: padding at end of block bitmap is not set [ 87.503490][ T6968] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1347: Failed to acquire dquot type 1 [ 87.517518][ T6979] loop3: detected capacity change from 0 to 256 [ 87.528241][ T6968] EXT4-fs (loop2): 1 truncate cleaned up [ 87.537640][ T6968] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.549427][ T6981] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 87.554714][ T6979] usb usb6: usbfs: process 6979 (syz.3.1354) did not claim interface 0 before use [ 87.572952][ T6968] ext4 filesystem being mounted at /268/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.582397][ T6983] bond1: entered promiscuous mode [ 87.588632][ T6983] bond1: entered allmulticast mode [ 87.590845][ T6956] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 87.600806][ T6983] 8021q: adding VLAN 0 to HW filter on device bond1 [ 87.603543][ T6956] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 87.618555][ T6956] Buffer I/O error on dev loop7, logical block 1, lost async page write [ 87.627006][ T6956] Buffer I/O error on dev loop7, logical block 2, lost async page write [ 87.635467][ T6956] Buffer I/O error on dev loop7, logical block 3, lost async page write [ 87.643891][ T6956] Buffer I/O error on dev loop7, logical block 4, lost async page write [ 87.652266][ T6956] Buffer I/O error on dev loop7, logical block 5, lost async page write [ 87.660700][ T6956] Buffer I/O error on dev loop7, logical block 6, lost async page write [ 87.669064][ T6956] Buffer I/O error on dev loop7, logical block 7, lost async page write [ 87.677549][ T6956] Buffer I/O error on dev loop7, logical block 8, lost async page write [ 87.690530][ T6983] bond1 (unregistering): Released all slaves [ 87.697446][ T6956] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 87.729208][ T6956] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 87.756774][ T6956] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 87.783329][ T6956] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 87.804946][ T6956] I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 87.828366][ T6956] I/O error, dev loop7, sector 6144 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 87.895748][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.908074][ T6988] loop1: detected capacity change from 0 to 512 [ 87.923385][ T6988] FAT-fs (loop1): bogus logical sector size 0 [ 87.929560][ T6988] FAT-fs (loop1): Can't find a valid FAT filesystem [ 88.050670][ T6983] ALSA: seq fatal error: cannot create timer (-19) [ 88.107334][ T7003] __nla_validate_parse: 6 callbacks suppressed [ 88.107348][ T7003] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1361'. [ 88.293028][ T7006] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 88.329954][ T7014] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 88.378475][ T7021] bond1: entered promiscuous mode [ 88.383531][ T7021] bond1: entered allmulticast mode [ 88.388924][ T7021] 8021q: adding VLAN 0 to HW filter on device bond1 [ 88.397100][ T7021] bond1 (unregistering): Released all slaves [ 88.468377][ T7021] loop3: detected capacity change from 0 to 512 [ 88.475078][ T7021] FAT-fs (loop3): bogus logical sector size 0 [ 88.481143][ T7021] FAT-fs (loop3): Can't find a valid FAT filesystem [ 88.495868][ T7021] ALSA: seq fatal error: cannot create timer (-19) [ 88.959672][ T7042] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 88.972200][ T7040] loop2: detected capacity change from 0 to 8192 [ 88.986062][ T7040] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 89.013438][ T7044] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 89.042207][ T29] kauditd_printk_skb: 279 callbacks suppressed [ 89.042222][ T29] audit: type=1326 audit(1738602620.391:3693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 89.077580][ T29] audit: type=1326 audit(1738602620.421:3694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 89.101178][ T29] audit: type=1326 audit(1738602620.431:3695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 89.105593][ T7050] 9pnet: Could not find request transport: r [ 89.124809][ T29] audit: type=1326 audit(1738602620.431:3696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 89.154026][ T29] audit: type=1326 audit(1738602620.431:3697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 89.177472][ T29] audit: type=1326 audit(1738602620.431:3698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 89.200884][ T29] audit: type=1326 audit(1738602620.431:3699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 89.224313][ T29] audit: type=1400 audit(1738602620.431:3700): avc: denied { sqpoll } for pid=7049 comm="syz.2.1379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 89.243649][ T29] audit: type=1326 audit(1738602620.431:3701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f804f95cde3 code=0x7ffc0000 [ 89.267027][ T29] audit: type=1326 audit(1738602620.431:3702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7049 comm="syz.2.1379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f804f95cde3 code=0x7ffc0000 [ 89.396722][ T7075] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 89.405821][ T7071] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 89.417024][ T7077] FAULT_INJECTION: forcing a failure. [ 89.417024][ T7077] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 89.430161][ T7077] CPU: 0 UID: 0 PID: 7077 Comm: syz.2.1392 Not tainted 6.14.0-rc1-syzkaller #0 [ 89.430182][ T7077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 89.430193][ T7077] Call Trace: [ 89.430200][ T7077] [ 89.430207][ T7077] dump_stack_lvl+0xf2/0x150 [ 89.430231][ T7077] dump_stack+0x15/0x1a [ 89.430248][ T7077] should_fail_ex+0x24a/0x260 [ 89.430300][ T7077] should_fail+0xb/0x10 [ 89.430331][ T7077] should_fail_usercopy+0x1a/0x20 [ 89.430399][ T7077] _copy_to_user+0x20/0xa0 [ 89.430453][ T7077] simple_read_from_buffer+0xa0/0x110 [ 89.430474][ T7077] proc_fail_nth_read+0xf9/0x140 [ 89.430557][ T7077] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 89.430575][ T7077] vfs_read+0x19b/0x6f0 [ 89.430590][ T7077] ? __rcu_read_unlock+0x4e/0x70 [ 89.430607][ T7077] ? __fget_files+0x17c/0x1c0 [ 89.430657][ T7077] ksys_read+0xe8/0x1b0 [ 89.430674][ T7077] __x64_sys_read+0x42/0x50 [ 89.430750][ T7077] x64_sys_call+0x2874/0x2dc0 [ 89.430769][ T7077] do_syscall_64+0xc9/0x1c0 [ 89.430830][ T7077] ? clear_bhb_loop+0x55/0xb0 [ 89.430852][ T7077] ? clear_bhb_loop+0x55/0xb0 [ 89.430894][ T7077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.430985][ T7077] RIP: 0033:0x7f804f95b7bc [ 89.430999][ T7077] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 89.431017][ T7077] RSP: 002b:00007f804dfc1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 89.431035][ T7077] RAX: ffffffffffffffda RBX: 00007f804fb75fa0 RCX: 00007f804f95b7bc [ 89.431047][ T7077] RDX: 000000000000000f RSI: 00007f804dfc10a0 RDI: 0000000000000004 [ 89.431064][ T7077] RBP: 00007f804dfc1090 R08: 0000000000000000 R09: 0000000000000000 [ 89.431076][ T7077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.431088][ T7077] R13: 0000000000000000 R14: 00007f804fb75fa0 R15: 00007ffff025d268 [ 89.431168][ T7077] [ 89.657928][ T7090] loop1: detected capacity change from 0 to 256 [ 89.676480][ T7092] bond2: entered promiscuous mode [ 89.681584][ T7092] bond2: entered allmulticast mode [ 89.687888][ T7092] 8021q: adding VLAN 0 to HW filter on device bond2 [ 89.699333][ T7092] bond2 (unregistering): Released all slaves [ 89.714414][ T7090] usb usb6: usbfs: process 7090 (syz.1.1405) did not claim interface 0 before use [ 89.853091][ T7092] loop2: detected capacity change from 0 to 512 [ 89.881797][ T7092] FAT-fs (loop2): bogus logical sector size 0 [ 89.888110][ T7092] FAT-fs (loop2): Can't find a valid FAT filesystem [ 89.948825][ T7113] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 89.965908][ T7109] lo speed is unknown, defaulting to 1000 [ 89.994723][ T7092] ALSA: seq fatal error: cannot create timer (-19) [ 90.040128][ T7119] loop2: detected capacity change from 0 to 512 [ 90.055517][ T7119] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 90.066964][ T7115] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 90.067493][ T7119] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 90.087537][ T7119] EXT4-fs (loop2): 1 truncate cleaned up [ 90.093715][ T7119] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.148862][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.260135][ T7131] syzkaller0: entered promiscuous mode [ 90.265746][ T7131] syzkaller0: entered allmulticast mode [ 90.399322][ T7139] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 90.419346][ T7141] siw: device registration error -23 [ 90.436922][ T7141] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1416'. [ 90.446766][ T7141] loop7: detected capacity change from 0 to 16384 [ 90.504928][ T7145] FAULT_INJECTION: forcing a failure. [ 90.504928][ T7145] name failslab, interval 1, probability 0, space 0, times 0 [ 90.517638][ T7145] CPU: 1 UID: 0 PID: 7145 Comm: syz.3.1417 Not tainted 6.14.0-rc1-syzkaller #0 [ 90.517660][ T7145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 90.517670][ T7145] Call Trace: [ 90.517676][ T7145] [ 90.517683][ T7145] dump_stack_lvl+0xf2/0x150 [ 90.517708][ T7145] dump_stack+0x15/0x1a [ 90.517726][ T7145] should_fail_ex+0x24a/0x260 [ 90.517753][ T7145] should_failslab+0x8f/0xb0 [ 90.517775][ T7145] kmem_cache_alloc_noprof+0x52/0x320 [ 90.517801][ T7145] ? vm_area_dup+0x2c/0x130 [ 90.517820][ T7145] ? mntput_no_expire+0x70/0x3d0 [ 90.517838][ T7145] vm_area_dup+0x2c/0x130 [ 90.517856][ T7145] __split_vma+0xf7/0x6a0 [ 90.517881][ T7145] ? mntput+0x49/0x70 [ 90.517896][ T7145] ? terminate_walk+0x260/0x280 [ 90.517921][ T7145] vma_modify+0xd3/0x1e0 [ 90.517941][ T7145] vma_modify_flags+0xf1/0x120 [ 90.517964][ T7145] mlock_fixup+0x113/0x450 [ 90.517988][ T7145] apply_vma_lock_flags+0x194/0x240 [ 90.518007][ T7145] do_mlock+0x3f4/0x570 [ 90.518024][ T7145] ? ksys_write+0x176/0x1b0 [ 90.518044][ T7145] __x64_sys_mlock+0x36/0x40 [ 90.518059][ T7145] x64_sys_call+0x26b2/0x2dc0 [ 90.518078][ T7145] do_syscall_64+0xc9/0x1c0 [ 90.518096][ T7145] ? clear_bhb_loop+0x55/0xb0 [ 90.518115][ T7145] ? clear_bhb_loop+0x55/0xb0 [ 90.518134][ T7145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.518154][ T7145] RIP: 0033:0x7f0e4dfecda9 [ 90.518167][ T7145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.518183][ T7145] RSP: 002b:00007f0e4c657038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 90.518200][ T7145] RAX: ffffffffffffffda RBX: 00007f0e4e205fa0 RCX: 00007f0e4dfecda9 [ 90.518211][ T7145] RDX: 0000000000000000 RSI: 0000000000004000 RDI: 0000000020ffb000 [ 90.518222][ T7145] RBP: 00007f0e4c657090 R08: 0000000000000000 R09: 0000000000000000 [ 90.518233][ T7145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 90.518244][ T7145] R13: 0000000000000000 R14: 00007f0e4e205fa0 R15: 00007ffcbb22a7c8 [ 90.518258][ T7145] [ 90.521637][ T7146] loop2: detected capacity change from 0 to 512 [ 90.530934][ T7145] loop3: detected capacity change from 0 to 512 [ 90.598920][ T7148] loop1: detected capacity change from 0 to 8192 [ 90.628178][ T7145] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.642855][ T7146] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1416: bg 0: block 248: padding at end of block bitmap is not set [ 90.644563][ T7145] ext4 filesystem being mounted at /270/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.650204][ T7146] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1416: Failed to acquire dquot type 1 [ 90.720325][ T7154] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 90.728266][ T7146] EXT4-fs (loop2): 1 truncate cleaned up [ 90.730665][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.736879][ T7146] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.826252][ T7156] syz.3.1419 (7156): /proc/7155/oom_adj is deprecated, please use /proc/7155/oom_score_adj instead. [ 90.832122][ T7146] ext4 filesystem being mounted at /287/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.847968][ T7156] macvlan0: entered allmulticast mode [ 90.904154][ T7156] macvlan0: left allmulticast mode [ 90.923870][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.947749][ T7166] bond2: entered promiscuous mode [ 90.952947][ T7166] bond2: entered allmulticast mode [ 90.958325][ T7166] 8021q: adding VLAN 0 to HW filter on device bond2 [ 90.969019][ T7166] bond2 (unregistering): Released all slaves [ 90.988845][ T7169] syzkaller0: entered promiscuous mode [ 90.994389][ T7169] syzkaller0: entered allmulticast mode [ 91.078543][ T7179] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 91.109773][ T7182] 9pnet_fd: Insufficient options for proto=fd [ 91.124411][ T7166] loop2: detected capacity change from 0 to 512 [ 91.137874][ T7166] FAT-fs (loop2): bogus logical sector size 0 [ 91.144042][ T7166] FAT-fs (loop2): Can't find a valid FAT filesystem [ 91.161315][ T7166] ALSA: seq fatal error: cannot create timer (-19) [ 91.185333][ T7194] siw: device registration error -23 [ 91.197247][ T7197] loop3: detected capacity change from 0 to 256 [ 91.234578][ T7197] usb usb6: usbfs: process 7197 (syz.3.1433) did not claim interface 0 before use [ 91.256330][ T7198] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1432'. [ 91.266338][ T7198] loop7: detected capacity change from 0 to 16384 [ 91.328202][ T7202] loop2: detected capacity change from 0 to 512 [ 91.347324][ T7202] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1432: bg 0: block 248: padding at end of block bitmap is not set [ 91.362596][ T7202] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1432: Failed to acquire dquot type 1 [ 91.394646][ T7202] EXT4-fs (loop2): 1 truncate cleaned up [ 91.400681][ T7202] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.415175][ T7202] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.845390][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.118764][ T7236] siw: device registration error -23 [ 92.176847][ T7237] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1445'. [ 92.200983][ T7237] loop7: detected capacity change from 0 to 16384 [ 92.262003][ T7242] loop4: detected capacity change from 0 to 512 [ 92.278262][ T7242] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1445: bg 0: block 248: padding at end of block bitmap is not set [ 92.298196][ T7242] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1445: Failed to acquire dquot type 1 [ 92.310164][ T7242] EXT4-fs (loop4): 1 truncate cleaned up [ 92.317308][ T7242] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.330377][ T7242] ext4 filesystem being mounted at /274/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.490999][ T7249] netlink: 4 bytes leftover after parsing attributes in process `+|[@'. [ 92.499481][ T7249] bridge_slave_1: left allmulticast mode [ 92.505206][ T7249] bridge_slave_1: left promiscuous mode [ 92.510811][ T7249] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.518688][ T7249] bridge_slave_0: left allmulticast mode [ 92.524352][ T7249] bridge_slave_0: left promiscuous mode [ 92.530216][ T7249] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.542133][ T7250] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1449'. [ 92.551736][ T7250] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1449'. [ 92.966025][ T7234] blk_print_req_error: 32 callbacks suppressed [ 92.966040][ T7234] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 92.981905][ T7234] buffer_io_error: 3706 callbacks suppressed [ 92.981916][ T7234] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 92.996287][ T7234] Buffer I/O error on dev loop7, logical block 1, lost async page write [ 93.004652][ T7234] Buffer I/O error on dev loop7, logical block 2, lost async page write [ 93.013002][ T7234] Buffer I/O error on dev loop7, logical block 3, lost async page write [ 93.021448][ T7234] Buffer I/O error on dev loop7, logical block 4, lost async page write [ 93.029830][ T7234] Buffer I/O error on dev loop7, logical block 5, lost async page write [ 93.038191][ T7234] Buffer I/O error on dev loop7, logical block 6, lost async page write [ 93.046566][ T7234] Buffer I/O error on dev loop7, logical block 7, lost async page write [ 93.054970][ T7234] Buffer I/O error on dev loop7, logical block 8, lost async page write [ 93.063358][ T7234] Buffer I/O error on dev loop7, logical block 9, lost async page write [ 93.074223][ T7234] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 93.087320][ T7234] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 93.100378][ T7234] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 93.113558][ T7234] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 93.130487][ T7234] I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 93.147201][ T7234] I/O error, dev loop7, sector 6144 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 93.162241][ T7234] I/O error, dev loop7, sector 7168 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 93.178421][ T7234] I/O error, dev loop7, sector 8192 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 93.198496][ T7234] I/O error, dev loop7, sector 9216 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 93.293416][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.400977][ T7317] bond1: entered promiscuous mode [ 93.406074][ T7317] bond1: entered allmulticast mode [ 93.413399][ T7317] 8021q: adding VLAN 0 to HW filter on device bond1 [ 93.423005][ T7317] bond1 (unregistering): Released all slaves [ 93.509469][ T7317] loop4: detected capacity change from 0 to 512 [ 93.524330][ T7317] FAT-fs (loop4): bogus logical sector size 0 [ 93.530432][ T7317] FAT-fs (loop4): Can't find a valid FAT filesystem [ 93.550475][ T7317] ALSA: seq fatal error: cannot create timer (-19) [ 93.594494][ T7327] loop4: detected capacity change from 0 to 256 [ 93.644513][ T7327] usb usb6: usbfs: process 7327 (syz.4.1480) did not claim interface 0 before use [ 94.114869][ T7339] loop3: detected capacity change from 0 to 512 [ 94.139788][ T29] kauditd_printk_skb: 279 callbacks suppressed [ 94.139801][ T29] audit: type=1400 audit(1738602625.491:3976): avc: denied { ioctl } for pid=7338 comm="syz.3.1484" path="socket:[15242]" dev="sockfs" ino=15242 ioctlcmd=0x8904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 94.218053][ T7343] siw: device registration error -23 [ 94.227132][ T7343] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1486'. [ 94.237869][ T7343] loop7: detected capacity change from 0 to 16384 [ 94.306839][ T7343] loop3: detected capacity change from 0 to 512 [ 94.327746][ T7343] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1486: bg 0: block 248: padding at end of block bitmap is not set [ 94.342292][ T7343] Quota error (device loop3): write_blk: dquota write failed [ 94.349700][ T7343] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 94.360032][ T7343] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.1486: Failed to acquire dquot type 1 [ 94.375433][ T7343] EXT4-fs (loop3): 1 truncate cleaned up [ 94.381889][ T7343] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 94.394937][ T7343] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 94.481922][ T7354] bond2: entered promiscuous mode [ 94.487050][ T7354] bond2: entered allmulticast mode [ 94.507850][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 94.515958][ T7354] 8021q: adding VLAN 0 to HW filter on device bond2 [ 94.526941][ T7354] bond2 (unregistering): Released all slaves [ 94.555478][ T7360] FAULT_INJECTION: forcing a failure. [ 94.555478][ T7360] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.568658][ T7360] CPU: 0 UID: 0 PID: 7360 Comm: syz.4.1492 Not tainted 6.14.0-rc1-syzkaller #0 [ 94.568681][ T7360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 94.568692][ T7360] Call Trace: [ 94.568698][ T7360] [ 94.568705][ T7360] dump_stack_lvl+0xf2/0x150 [ 94.568731][ T7360] dump_stack+0x15/0x1a [ 94.568777][ T7360] should_fail_ex+0x24a/0x260 [ 94.568806][ T7360] should_fail+0xb/0x10 [ 94.568831][ T7360] should_fail_usercopy+0x1a/0x20 [ 94.568847][ T7360] _copy_from_iter+0xd5/0xd00 [ 94.568921][ T7360] ? kmalloc_reserve+0x16e/0x190 [ 94.568943][ T7360] ? __build_skb_around+0x196/0x1f0 [ 94.568962][ T7360] ? __alloc_skb+0x21f/0x310 [ 94.568980][ T7360] ? __virt_addr_valid+0x1ed/0x250 [ 94.569074][ T7360] ? __check_object_size+0x364/0x520 [ 94.569101][ T7360] netlink_sendmsg+0x460/0x6e0 [ 94.569182][ T7360] ? __pfx_netlink_sendmsg+0x10/0x10 [ 94.569206][ T7360] __sock_sendmsg+0x140/0x180 [ 94.569221][ T7360] ____sys_sendmsg+0x312/0x410 [ 94.569282][ T7360] __sys_sendmsg+0x19d/0x230 [ 94.569379][ T7360] __x64_sys_sendmsg+0x46/0x50 [ 94.569401][ T7360] x64_sys_call+0x2734/0x2dc0 [ 94.569476][ T7360] do_syscall_64+0xc9/0x1c0 [ 94.569496][ T7360] ? clear_bhb_loop+0x55/0xb0 [ 94.569518][ T7360] ? clear_bhb_loop+0x55/0xb0 [ 94.569542][ T7360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.569563][ T7360] RIP: 0033:0x7f9b4370cda9 [ 94.569640][ T7360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.569658][ T7360] RSP: 002b:00007f9b41d71038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 94.569737][ T7360] RAX: ffffffffffffffda RBX: 00007f9b43925fa0 RCX: 00007f9b4370cda9 [ 94.569747][ T7360] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 94.569756][ T7360] RBP: 00007f9b41d71090 R08: 0000000000000000 R09: 0000000000000000 [ 94.569766][ T7360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.569775][ T7360] R13: 0000000000000000 R14: 00007f9b43925fa0 R15: 00007ffcc6396c38 [ 94.569789][ T7360] [ 94.807687][ T7370] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 94.807687][ T7370] program syz.3.1495 not setting count and/or reply_len properly [ 94.899660][ T7354] loop2: detected capacity change from 0 to 512 [ 94.924453][ T7354] FAT-fs (loop2): bogus logical sector size 0 [ 94.930601][ T7354] FAT-fs (loop2): Can't find a valid FAT filesystem [ 94.948569][ T29] audit: type=1326 audit(1738602626.301:3977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7353 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 95.007815][ T7354] ALSA: seq fatal error: cannot create timer (-19) [ 95.033846][ T29] audit: type=1326 audit(1738602626.341:3978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7353 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 95.057316][ T29] audit: type=1326 audit(1738602626.341:3979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7353 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 95.080921][ T29] audit: type=1326 audit(1738602626.341:3980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7353 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 95.104504][ T29] audit: type=1326 audit(1738602626.351:3981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7353 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 95.128131][ T29] audit: type=1326 audit(1738602626.351:3982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7353 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 95.151560][ T29] audit: type=1326 audit(1738602626.351:3983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7353 comm="syz.2.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 95.185857][ T7394] loop3: detected capacity change from 0 to 256 [ 95.254536][ T7394] usb usb6: usbfs: process 7394 (syz.3.1502) did not claim interface 0 before use [ 95.435192][ T7400] lo speed is unknown, defaulting to 1000 [ 96.112756][ T7415] FAULT_INJECTION: forcing a failure. [ 96.112756][ T7415] name failslab, interval 1, probability 0, space 0, times 0 [ 96.125449][ T7415] CPU: 1 UID: 0 PID: 7415 Comm: syz.1.1510 Not tainted 6.14.0-rc1-syzkaller #0 [ 96.125468][ T7415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 96.125478][ T7415] Call Trace: [ 96.125482][ T7415] [ 96.125488][ T7415] dump_stack_lvl+0xf2/0x150 [ 96.125584][ T7415] dump_stack+0x15/0x1a [ 96.125661][ T7415] should_fail_ex+0x24a/0x260 [ 96.125687][ T7415] should_failslab+0x8f/0xb0 [ 96.125711][ T7415] __kmalloc_node_noprof+0xad/0x410 [ 96.125808][ T7415] ? kstrtouint+0x77/0xc0 [ 96.125830][ T7415] ? __kvmalloc_node_noprof+0x72/0x170 [ 96.125855][ T7415] __kvmalloc_node_noprof+0x72/0x170 [ 96.125875][ T7415] file_tty_write+0x1a9/0x680 [ 96.125896][ T7415] tty_write+0x28/0x30 [ 96.125987][ T7415] vfs_write+0x77b/0x920 [ 96.126004][ T7415] ? __pfx_tty_write+0x10/0x10 [ 96.126028][ T7415] ksys_write+0xe8/0x1b0 [ 96.126064][ T7415] __x64_sys_write+0x42/0x50 [ 96.126083][ T7415] x64_sys_call+0x287e/0x2dc0 [ 96.126159][ T7415] do_syscall_64+0xc9/0x1c0 [ 96.126177][ T7415] ? clear_bhb_loop+0x55/0xb0 [ 96.126198][ T7415] ? clear_bhb_loop+0x55/0xb0 [ 96.126278][ T7415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.126298][ T7415] RIP: 0033:0x7feef203cda9 [ 96.126312][ T7415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 96.126382][ T7415] RSP: 002b:00007feef06a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 96.126401][ T7415] RAX: ffffffffffffffda RBX: 00007feef2255fa0 RCX: 00007feef203cda9 [ 96.126413][ T7415] RDX: 0000000000001006 RSI: 0000000020000300 RDI: 0000000000000009 [ 96.126426][ T7415] RBP: 00007feef06a1090 R08: 0000000000000000 R09: 0000000000000000 [ 96.126437][ T7415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 96.126449][ T7415] R13: 0000000000000000 R14: 00007feef2255fa0 R15: 00007ffc6c4218e8 [ 96.126464][ T7415] [ 96.491117][ T7431] loop1: detected capacity change from 0 to 2048 [ 96.545425][ T7431] loop1: p1 < > p4 [ 96.549846][ T7431] loop1: p4 size 8388608 extends beyond EOD, truncated [ 96.707009][ T7441] loop2: detected capacity change from 0 to 8192 [ 96.733330][ T3000] loop1: p1 < > p4 [ 96.745536][ T3000] loop1: p4 size 8388608 extends beyond EOD, truncated [ 96.764686][ T7441] tbf_change: 4 callbacks suppressed [ 96.764699][ T7441] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 96.819797][ T3599] udevd[3599]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 96.822927][ T3808] udevd[3808]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 96.873209][ T7455] devtmpfs: Unknown parameter 'posixacl' [ 96.893201][ T7457] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 97.094538][ T7473] loop2: detected capacity change from 0 to 8192 [ 97.113154][ T7473] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 97.184934][ T7487] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 97.503827][ T7514] netlink: 'syz.1.1553': attribute type 10 has an invalid length. [ 97.516469][ T7514] team0: Device hsr_slave_0 failed to register rx_handler [ 97.528143][ T7516] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 97.773391][ T7548] lo speed is unknown, defaulting to 1000 [ 97.858144][ T7561] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 98.036292][ T7578] loop1: detected capacity change from 0 to 2048 [ 98.200295][ T7578] loop1: p1 < > p4 [ 98.204757][ T7578] loop1: p4 size 8388608 extends beyond EOD, truncated [ 98.438462][ T3000] loop1: p1 < > p4 [ 98.464236][ T3000] loop1: p4 size 8388608 extends beyond EOD, truncated [ 98.516765][ T3808] udevd[3808]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 98.518557][ T3599] udevd[3599]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 98.569989][ T7596] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 98.895733][ T7618] loop1: detected capacity change from 0 to 2048 [ 98.964699][ T7618] loop1: p1 < > p4 [ 98.969071][ T7618] loop1: p4 size 8388608 extends beyond EOD, truncated [ 99.029429][ T3808] udevd[3808]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 99.041197][ T3599] udevd[3599]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 99.250231][ T7632] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 99.253585][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 99.253599][ T29] audit: type=1326 audit(1738602630.541:4022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7622 comm="syz.2.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 99.287188][ T29] audit: type=1326 audit(1738602630.541:4023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7622 comm="syz.2.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 99.302754][ T7633] lo speed is unknown, defaulting to 1000 [ 99.310499][ T29] audit: type=1326 audit(1738602630.541:4024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7622 comm="syz.2.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 99.310524][ T29] audit: type=1326 audit(1738602630.551:4025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7622 comm="syz.2.1596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f804f95cda9 code=0x7ffc0000 [ 99.367853][ T7639] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1601'. [ 99.453746][ T7645] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 99.453746][ T7645] program syz.2.1606 not setting count and/or reply_len properly [ 99.458583][ T7650] bond1: entered promiscuous mode [ 99.476006][ T7650] bond1: entered allmulticast mode [ 99.486035][ T7650] 8021q: adding VLAN 0 to HW filter on device bond1 [ 99.507334][ T29] audit: type=1326 audit(1738602630.861:4026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7655 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4dfecda9 code=0x7ffc0000 [ 99.532555][ T29] audit: type=1326 audit(1738602630.861:4027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7655 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f0e4dfecda9 code=0x7ffc0000 [ 99.556001][ T29] audit: type=1326 audit(1738602630.861:4028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7655 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4dfecda9 code=0x7ffc0000 [ 99.582407][ T29] audit: type=1326 audit(1738602630.931:4029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7655 comm="syz.3.1610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e4dfecda9 code=0x7ffc0000 [ 99.616538][ T7650] bond1 (unregistering): Released all slaves [ 99.649758][ T7661] loop2: detected capacity change from 0 to 256 [ 99.706120][ T7670] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 99.706120][ T7670] program syz.4.1616 not setting count and/or reply_len properly [ 99.736956][ T7668] loop1: detected capacity change from 0 to 512 [ 99.763069][ T7668] FAT-fs (loop1): bogus logical sector size 0 [ 99.769235][ T7668] FAT-fs (loop1): Can't find a valid FAT filesystem [ 99.786774][ T7661] usb usb6: usbfs: process 7661 (syz.2.1612) did not claim interface 0 before use [ 99.796756][ T29] audit: type=1326 audit(1738602631.141:4030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7648 comm="syz.1.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feef203cda9 code=0x7ffc0000 [ 99.802212][ T7668] ALSA: seq fatal error: cannot create timer (-19) [ 99.820251][ T29] audit: type=1326 audit(1738602631.141:4031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7648 comm="syz.1.1608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7feef203cda9 code=0x7ffc0000 [ 100.021878][ T7687] lo speed is unknown, defaulting to 1000 [ 100.357314][ T7722] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 100.357314][ T7722] program syz.1.1634 not setting count and/or reply_len properly [ 100.621011][ T7752] syzkaller0: entered promiscuous mode [ 100.626550][ T7752] syzkaller0: entered allmulticast mode [ 100.775465][ T7756] syzkaller0: entered promiscuous mode [ 100.781052][ T7756] syzkaller0: entered allmulticast mode [ 100.913630][ T7783] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1662'. [ 100.922763][ T7783] netlink: 'syz.2.1662': attribute type 2 has an invalid length. [ 100.930522][ T7783] netlink: 'syz.2.1662': attribute type 1 has an invalid length. [ 100.938271][ T7783] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1662'. [ 100.960559][ T7783] wireguard0: entered promiscuous mode [ 100.966145][ T7783] wireguard0: entered allmulticast mode [ 100.982288][ T7789] loop4: detected capacity change from 0 to 2048 [ 101.025474][ T7789] loop4: p1 < > p4 [ 101.030269][ T7789] loop4: p4 size 8388608 extends beyond EOD, truncated [ 101.149186][ T3000] loop4: p1 < > p4 [ 101.153816][ T3000] loop4: p4 size 8388608 extends beyond EOD, truncated [ 101.319079][ T7826] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1671'. [ 101.361271][ T7816] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1671'. [ 101.372070][ T7825] loop4: detected capacity change from 0 to 8192 [ 101.399614][ T7825] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 101.472260][ T7830] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1680'. [ 101.491632][ T7830] bridge0: port 3(batadv1) entered blocking state [ 101.498135][ T7830] bridge0: port 3(batadv1) entered disabled state [ 101.504996][ T7830] batadv1: entered allmulticast mode [ 101.510791][ T7830] batadv1: entered promiscuous mode [ 101.581573][ T7841] loop4: detected capacity change from 0 to 2048 [ 101.635146][ T7841] loop4: p1 < > p4 [ 101.639562][ T7841] loop4: p4 size 8388608 extends beyond EOD, truncated [ 101.697168][ T3000] loop4: p1 < > p4 [ 101.701643][ T3000] loop4: p4 size 8388608 extends beyond EOD, truncated [ 101.995407][ T11] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 102.004695][ T11] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 102.168142][ T7875] loop1: detected capacity change from 0 to 512 [ 102.199477][ T7879] siw: device registration error -23 [ 102.235296][ T7875] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.248231][ T7879] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1698'. [ 102.264911][ T7879] loop7: detected capacity change from 0 to 16384 [ 102.271832][ T7875] ext4 filesystem being mounted at /306/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.340418][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.350055][ T7879] blk_print_req_error: 51 callbacks suppressed [ 102.350069][ T7879] I/O error, dev loop7, sector 6912 op 0x0:(READ) flags 0x80700 phys_seg 12 prio class 0 [ 102.391508][ T7879] I/O error, dev loop7, sector 7168 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 0 [ 102.403583][ T7886] loop4: detected capacity change from 0 to 512 [ 102.434263][ T7879] I/O error, dev loop7, sector 6912 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 102.443703][ T7879] buffer_io_error: 3063 callbacks suppressed [ 102.443714][ T7879] Buffer I/O error on dev loop7, logical block 864, async page read [ 102.474505][ T7886] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1698: bg 0: block 248: padding at end of block bitmap is not set [ 102.497782][ T7886] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1698: Failed to acquire dquot type 1 [ 102.540423][ T7886] EXT4-fs (loop4): 1 truncate cleaned up [ 102.558427][ T7886] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 102.586479][ T7886] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.630476][ T7878] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 102.640343][ T7878] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 102.648741][ T7878] Buffer I/O error on dev loop7, logical block 1, lost async page write [ 102.657106][ T7878] Buffer I/O error on dev loop7, logical block 2, lost async page write [ 102.665513][ T7878] Buffer I/O error on dev loop7, logical block 3, lost async page write [ 102.673835][ T7878] Buffer I/O error on dev loop7, logical block 4, lost async page write [ 102.682177][ T7878] Buffer I/O error on dev loop7, logical block 5, lost async page write [ 102.690535][ T7878] Buffer I/O error on dev loop7, logical block 6, lost async page write [ 102.698894][ T7878] Buffer I/O error on dev loop7, logical block 7, lost async page write [ 102.707362][ T7878] Buffer I/O error on dev loop7, logical block 8, lost async page write [ 102.725299][ T7878] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 102.742025][ T7878] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 102.765180][ T7878] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 102.789019][ T7878] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 102.805379][ T7878] I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 102.832025][ T7878] I/O error, dev loop7, sector 6144 op 0x1:(WRITE) flags 0x800 phys_seg 96 prio class 0 [ 102.877997][ T7910] capability: warning: `syz.3.1707' uses deprecated v2 capabilities in a way that may be insecure [ 102.937351][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.000141][ T7927] loop4: detected capacity change from 0 to 256 [ 103.035645][ T7927] usb usb6: usbfs: process 7927 (syz.4.1714) did not claim interface 0 before use [ 103.495454][ T7944] loop1: detected capacity change from 0 to 512 [ 103.527563][ T7944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 103.541535][ T7944] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 103.563876][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 103.747044][ T7951] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1720'. [ 103.757174][ T7950] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1720'. [ 103.846247][ T7953] siw: device registration error -23 [ 103.896225][ T7963] SELinux: Context Ü is not valid (left unmapped). [ 103.914926][ T7953] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1721'. [ 103.941918][ T7953] loop7: detected capacity change from 0 to 16384 [ 104.014317][ T7980] loop2: detected capacity change from 0 to 512 [ 104.037164][ T7980] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1721: bg 0: block 248: padding at end of block bitmap is not set [ 104.052676][ T7980] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1721: Failed to acquire dquot type 1 [ 104.069200][ T7980] EXT4-fs (loop2): 1 truncate cleaned up [ 104.069845][ T7985] bond1: entered promiscuous mode [ 104.080057][ T7985] bond1: entered allmulticast mode [ 104.084603][ T7980] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 104.086609][ T7985] 8021q: adding VLAN 0 to HW filter on device bond1 [ 104.105547][ T7980] ext4 filesystem being mounted at /343/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 104.165421][ T7985] bond1 (unregistering): Released all slaves [ 104.260593][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 104.285802][ T29] kauditd_printk_skb: 171 callbacks suppressed [ 104.285814][ T29] audit: type=1326 audit(1738602635.641:4199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7984 comm="syz.0.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 104.315481][ T29] audit: type=1326 audit(1738602635.641:4200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7984 comm="syz.0.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 104.338918][ T29] audit: type=1326 audit(1738602635.641:4201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7984 comm="syz.0.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 104.363881][ T29] audit: type=1326 audit(1738602635.711:4202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7984 comm="syz.0.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 104.412685][ T29] audit: type=1326 audit(1738602635.761:4203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7984 comm="syz.0.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 104.436149][ T29] audit: type=1326 audit(1738602635.761:4204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7984 comm="syz.0.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 104.547898][ T8002] loop2: detected capacity change from 0 to 8192 [ 104.567595][ T29] audit: type=1326 audit(1738602635.811:4205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7984 comm="syz.0.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 104.591018][ T29] audit: type=1326 audit(1738602635.811:4206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7984 comm="syz.0.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 104.614419][ T29] audit: type=1326 audit(1738602635.811:4207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7984 comm="syz.0.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 104.637765][ T29] audit: type=1326 audit(1738602635.811:4208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7984 comm="syz.0.1730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 104.669430][ T8002] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 104.814343][ T8020] siw: device registration error -23 [ 104.886248][ T8023] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1742'. [ 104.896932][ T8023] loop7: detected capacity change from 0 to 16384 [ 104.966147][ T8026] loop4: detected capacity change from 0 to 512 [ 105.006234][ T8026] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1742: bg 0: block 248: padding at end of block bitmap is not set [ 105.034378][ T8026] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1742: Failed to acquire dquot type 1 [ 105.051111][ T8032] loop2: detected capacity change from 0 to 2048 [ 105.058130][ T8026] EXT4-fs (loop4): 1 truncate cleaned up [ 105.064118][ T8026] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.076948][ T8026] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.135568][ T3808] loop2: p1 < > p4 [ 105.152292][ T3808] loop2: p4 size 8388608 extends beyond EOD, truncated [ 105.172069][ T8034] syzkaller0: entered promiscuous mode [ 105.177647][ T8034] syzkaller0: entered allmulticast mode [ 105.194027][ T8032] loop2: p1 < > p4 [ 105.206109][ T8032] loop2: p4 size 8388608 extends beyond EOD, truncated [ 105.224973][ T8028] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 105.251494][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.325961][ T8041] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 105.325961][ T8041] program syz.4.1748 not setting count and/or reply_len properly [ 105.384117][ T3000] loop2: p1 < > p4 [ 105.391103][ T3000] loop2: p4 size 8388608 extends beyond EOD, truncated [ 105.399040][ T8053] loop4: detected capacity change from 0 to 512 [ 105.427843][ T8053] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.449374][ T8053] ext4 filesystem being mounted at /318/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.471545][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.494417][ T8067] bond1: entered promiscuous mode [ 105.499496][ T8067] bond1: entered allmulticast mode [ 105.506486][ T8067] 8021q: adding VLAN 0 to HW filter on device bond1 [ 105.516819][ T8067] bond1 (unregistering): Released all slaves [ 105.537639][ T8073] siw: device registration error -23 [ 105.595919][ T8075] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1759'. [ 105.614845][ T8075] loop7: detected capacity change from 0 to 16384 [ 105.680383][ T8080] loop4: detected capacity change from 0 to 512 [ 105.706960][ T8080] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1759: bg 0: block 248: padding at end of block bitmap is not set [ 105.754187][ T8080] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.1759: Failed to acquire dquot type 1 [ 105.775862][ T8080] EXT4-fs (loop4): 1 truncate cleaned up [ 105.781778][ T8080] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.794307][ T8080] ext4 filesystem being mounted at /320/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.827011][ T8089] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1761'. [ 105.855240][ T8088] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1761'. [ 106.209642][ T8103] loop1: detected capacity change from 0 to 512 [ 106.247734][ T8103] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.266377][ T3808] udevd[3808]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 106.271581][ T8103] ext4 filesystem being mounted at /315/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 106.302852][ T3599] udevd[3599]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 106.324363][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.432953][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.434557][ T8114] bond1: entered promiscuous mode [ 106.447054][ T8114] bond1: entered allmulticast mode [ 106.453155][ T8114] 8021q: adding VLAN 0 to HW filter on device bond1 [ 106.463512][ T8114] bond1 (unregistering): Released all slaves [ 106.492977][ T8115] loop2: detected capacity change from 0 to 256 [ 106.534468][ T8115] usb usb6: usbfs: process 8115 (syz.2.1773) did not claim interface 0 before use [ 106.599250][ T8122] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 106.599250][ T8122] program syz.4.1775 not setting count and/or reply_len properly [ 106.643514][ T8114] loop1: detected capacity change from 0 to 512 [ 106.677437][ T8114] FAT-fs (loop1): bogus logical sector size 0 [ 106.683555][ T8114] FAT-fs (loop1): Can't find a valid FAT filesystem [ 106.786794][ T8114] ALSA: seq fatal error: cannot create timer (-19) [ 107.088751][ T8165] bond1: entered promiscuous mode [ 107.093876][ T8165] bond1: entered allmulticast mode [ 107.099264][ T8165] 8021q: adding VLAN 0 to HW filter on device bond1 [ 107.114020][ T8165] bond1 (unregistering): Released all slaves [ 107.314911][ T8184] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 107.314911][ T8184] program syz.2.1797 not setting count and/or reply_len properly [ 107.451442][ T8190] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1798'. [ 107.461187][ T8189] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1798'. [ 107.701316][ T8192] syzkaller0: entered promiscuous mode [ 107.707208][ T8192] syzkaller0: entered allmulticast mode [ 107.741076][ T8196] loop4: detected capacity change from 0 to 8192 [ 107.752415][ T8196] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 108.001955][ T8206] loop3: detected capacity change from 0 to 256 [ 108.064483][ T8206] usb usb6: usbfs: process 8206 (syz.3.1805) did not claim interface 0 before use [ 108.084858][ T8214] siw: device registration error -23 [ 108.092643][ T8214] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1808'. [ 108.104027][ T8214] loop7: detected capacity change from 0 to 16384 [ 108.166878][ T8216] loop1: detected capacity change from 0 to 512 [ 108.187284][ T8214] blk_print_req_error: 30 callbacks suppressed [ 108.187300][ T8214] I/O error, dev loop7, sector 12288 op 0x0:(READ) flags 0x80700 phys_seg 9 prio class 0 [ 108.227322][ T8214] I/O error, dev loop7, sector 12544 op 0x0:(READ) flags 0x80700 phys_seg 20 prio class 0 [ 108.244467][ T8214] I/O error, dev loop7, sector 12288 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 108.253964][ T8214] buffer_io_error: 3386 callbacks suppressed [ 108.253976][ T8214] Buffer I/O error on dev loop7, logical block 1536, async page read [ 108.289957][ T8216] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1808: bg 0: block 248: padding at end of block bitmap is not set [ 108.360536][ T8225] loop2: detected capacity change from 0 to 8192 [ 108.369004][ T8216] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.1808: Failed to acquire dquot type 1 [ 108.410811][ T8216] EXT4-fs (loop1): 1 truncate cleaned up [ 108.412719][ T8219] lo speed is unknown, defaulting to 1000 [ 108.418044][ T8216] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.443542][ T8225] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 108.450992][ T8216] ext4 filesystem being mounted at /327/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 108.473747][ T8213] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 108.483492][ T8213] Buffer I/O error on dev loop7, logical block 0, lost async page write [ 108.491933][ T8213] Buffer I/O error on dev loop7, logical block 1, lost async page write [ 108.500297][ T8213] Buffer I/O error on dev loop7, logical block 2, lost async page write [ 108.508695][ T8213] Buffer I/O error on dev loop7, logical block 3, lost async page write [ 108.517110][ T8213] Buffer I/O error on dev loop7, logical block 4, lost async page write [ 108.525557][ T8213] Buffer I/O error on dev loop7, logical block 5, lost async page write [ 108.533907][ T8213] Buffer I/O error on dev loop7, logical block 6, lost async page write [ 108.542272][ T8213] Buffer I/O error on dev loop7, logical block 7, lost async page write [ 108.550742][ T8213] Buffer I/O error on dev loop7, logical block 8, lost async page write [ 108.561691][ T8213] I/O error, dev loop7, sector 1024 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 108.574395][ T8213] I/O error, dev loop7, sector 2048 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 108.595862][ T8213] I/O error, dev loop7, sector 3072 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 108.625642][ T8213] I/O error, dev loop7, sector 4096 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 108.649592][ T8213] I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 108.662904][ T8213] I/O error, dev loop7, sector 6144 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0 [ 108.741426][ T8248] bond1: entered promiscuous mode [ 108.746537][ T8248] bond1: entered allmulticast mode [ 108.753113][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.776711][ T8248] 8021q: adding VLAN 0 to HW filter on device bond1 [ 108.786447][ T8248] bond1 (unregistering): Released all slaves [ 108.845307][ T8248] loop4: detected capacity change from 0 to 512 [ 108.857172][ T8248] FAT-fs (loop4): bogus logical sector size 0 [ 108.863369][ T8248] FAT-fs (loop4): Can't find a valid FAT filesystem [ 108.877121][ T8256] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1821'. [ 108.888764][ T8255] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1821'. [ 108.905719][ T8248] ALSA: seq fatal error: cannot create timer (-19) [ 109.023906][ T8280] loop2: detected capacity change from 0 to 256 [ 109.045065][ T8282] loop4: detected capacity change from 0 to 256 [ 109.054730][ T8280] usb usb6: usbfs: process 8280 (syz.2.1831) did not claim interface 0 before use [ 109.064144][ T8282] usb usb6: usbfs: process 8282 (syz.4.1832) did not claim interface 0 before use [ 109.317248][ T29] kauditd_printk_skb: 315 callbacks suppressed [ 109.317262][ T29] audit: type=1326 audit(1738602640.671:4518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.0.1835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 109.348150][ T29] audit: type=1326 audit(1738602640.671:4519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.0.1835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 109.371762][ T29] audit: type=1326 audit(1738602640.671:4520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.0.1835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 109.395319][ T29] audit: type=1326 audit(1738602640.671:4521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.0.1835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 109.418660][ T29] audit: type=1326 audit(1738602640.671:4522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.0.1835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 109.442763][ T29] audit: type=1326 audit(1738602640.671:4523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.0.1835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 109.466186][ T29] audit: type=1326 audit(1738602640.671:4524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.0.1835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 109.489945][ T29] audit: type=1326 audit(1738602640.671:4525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.0.1835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 109.513418][ T29] audit: type=1326 audit(1738602640.671:4526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.0.1835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 109.536832][ T29] audit: type=1326 audit(1738602640.671:4527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8291 comm="syz.0.1835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb99ceecda9 code=0x7ffc0000 [ 109.768739][ T8314] loop1: detected capacity change from 0 to 2048 [ 109.796977][ T8317] loop3: detected capacity change from 0 to 512 [ 109.816658][ T8317] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.829311][ T8317] ext4 filesystem being mounted at /362/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 109.841613][ T8314] loop1: p1 < > p4 [ 109.846292][ T8314] loop1: p4 size 8388608 extends beyond EOD, truncated [ 109.894035][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.005155][ T8334] loop1: detected capacity change from 0 to 512 [ 110.016653][ T8334] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.029517][ T8334] ext4 filesystem being mounted at /333/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.049560][ T3297] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.054626][ T8342] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1851'. [ 110.068595][ T8337] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1851'. [ 110.105543][ T8347] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 110.105543][ T8347] program syz.1.1858 not setting count and/or reply_len properly [ 110.136003][ T8349] loop1: detected capacity change from 0 to 256 [ 110.184659][ T8349] usb usb6: usbfs: process 8349 (syz.1.1859) did not claim interface 0 before use [ 110.726372][ T8365] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 110.761619][ T8371] netlink: 268 bytes leftover after parsing attributes in process `syz.4.1869'. [ 110.770765][ T8371] unsupported nla_type 65024 [ 110.837939][ T8382] loop2: detected capacity change from 0 to 512 [ 110.872628][ T8382] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.909628][ T8382] ext4 filesystem being mounted at /367/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 110.990395][ T8399] loop4: detected capacity change from 0 to 512 [ 111.005257][ T8382] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1871'. [ 111.026312][ T8399] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 111.040144][ T8399] ext4 filesystem being mounted at /345/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.065871][ T3301] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.077745][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.105086][ T8412] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 111.105086][ T8412] program syz.4.1886 not setting count and/or reply_len properly [ 111.123005][ T8417] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1882'. [ 111.152557][ T8408] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1882'. [ 111.176004][ T8421] loop2: detected capacity change from 0 to 2048 [ 111.194854][ T8421] loop2: p1 < > p4 [ 111.199442][ T8421] loop2: p4 size 8388608 extends beyond EOD, truncated [ 111.276040][ T8428] loop4: detected capacity change from 0 to 256 [ 111.323424][ T8428] usb usb6: usbfs: process 8428 (syz.4.1893) did not claim interface 0 before use [ 111.333869][ T8434] program syz.2.1896 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 111.351074][ T8434] loop2: detected capacity change from 0 to 512 [ 112.266628][ T8468] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 112.266628][ T8468] program syz.3.1904 not setting count and/or reply_len properly [ 112.332862][ T8474] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in; [ 112.332862][ T8474] program syz.3.1908 not setting count and/or reply_len properly [ 112.414543][ T8487] loop3: detected capacity change from 0 to 256 [ 112.442004][ T8487] usb usb6: usbfs: process 8487 (syz.3.1913) did not claim interface 0 before use [ 112.513787][ T8490] siw: device registration error -23 [ 112.542426][ T8490] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1915'. [ 112.559984][ T8490] loop7: detected capacity change from 0 to 16384 [ 112.626332][ T8490] loop2: detected capacity change from 0 to 512 [ 112.665724][ T8490] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1915: bg 0: block 248: padding at end of block bitmap is not set [ 112.690500][ T8490] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.1915: Failed to acquire dquot type 1 [ 112.715163][ T8490] EXT4-fs (loop2): 1 truncate cleaned up [ 112.721335][ T8490] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.760319][ T8490] ext4 filesystem being mounted at /377/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.802237][ T8514] loop1: detected capacity change from 0 to 2048 [ 112.822297][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.864905][ T8514] loop1: p1 < > p4 [ 112.866110][ T8519] loop2: detected capacity change from 0 to 2048 [ 112.875607][ T8514] loop1: p4 size 8388608 extends beyond EOD, truncated [ 112.906344][ T8521] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1925'. [ 112.915929][ T8519] loop2: p1 < > p4 [ 112.927344][ T8519] loop2: p4 size 8388608 extends beyond EOD, truncated [ 112.935606][ T8519] ================================================================== [ 112.943697][ T8519] BUG: KCSAN: data-race in fsnotify_detach_mark / fsnotify_handle_inode_event [ 112.952565][ T8519] [ 112.954878][ T8519] write to 0xffff888104b8ec24 of 4 bytes by task 3599 on cpu 1: [ 112.962491][ T8519] fsnotify_detach_mark+0xba/0x160 [ 112.967596][ T8519] fsnotify_destroy_mark+0x6e/0x140 [ 112.972781][ T8519] __se_sys_inotify_rm_watch+0xea/0x170 [ 112.978318][ T8519] __x64_sys_inotify_rm_watch+0x31/0x40 [ 112.983855][ T8519] x64_sys_call+0x25e0/0x2dc0 [ 112.988529][ T8519] do_syscall_64+0xc9/0x1c0 [ 112.993104][ T8519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.998989][ T8519] [ 113.001297][ T8519] read to 0xffff888104b8ec24 of 4 bytes by task 8519 on cpu 0: [ 113.008824][ T8519] fsnotify_handle_inode_event+0x126/0x220 [ 113.014628][ T8519] fsnotify+0x1187/0x1260 [ 113.018953][ T8519] __fsnotify_parent+0x2f5/0x340 [ 113.023888][ T8519] __fput+0x1e7/0x640 [ 113.027862][ T8519] __fput_sync+0x96/0xc0 [ 113.032100][ T8519] __x64_sys_close+0x55/0xe0 [ 113.036779][ T8519] x64_sys_call+0x266c/0x2dc0 [ 113.041447][ T8519] do_syscall_64+0xc9/0x1c0 [ 113.045939][ T8519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.051824][ T8519] [ 113.054164][ T8519] value changed: 0x00000003 -> 0x00000000 [ 113.059861][ T8519] [ 113.062168][ T8519] Reported by Kernel Concurrency Sanitizer on: [ 113.068298][ T8519] CPU: 0 UID: 0 PID: 8519 Comm: syz.2.1924 Not tainted 6.14.0-rc1-syzkaller #0 [ 113.077217][ T8519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 113.087257][ T8519] ================================================================== [ 113.160825][ T3599] udevd[3599]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 113.170904][ T3808] udevd[3808]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 113.189248][ T3808] udevd[3808]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 113.210552][ T3599] udevd[3599]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory