last executing test programs: 3.615141222s ago: executing program 1 (id=1018): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'syz_tun\x00', 0x0}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='rxrpc_peer\x00'}, 0x18) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="44000000100003052bbd7000249d020000000000", @ANYRES32=0x0, @ANYBLOB="15010000ad190800140012800b0001006d61637365630000ff00028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00'], 0x44}}, 0x0) 3.502071932s ago: executing program 1 (id=1022): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000003c0)={0x4, &(0x7f0000000380)=[{0x1, 0x0, 0x4, 0x8}, {0x9, 0xd6, 0x2, 0xfffffe00}, {0xf88c, 0x6, 0x5d, 0x4da0}, {0x461, 0x4, 0x0, 0x6}]}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) socket$nl_generic(0x10, 0x3, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000d91e0e3900"/28], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3}, 0x10) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) sendto$inet6(r4, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e24, 0x800, @loopback, 0x5b5}, 0x1c) socket$inet(0x2, 0x2, 0x1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6, 0x0, 0x0, 0x4}]}, 0x10) 2.58702697s ago: executing program 1 (id=1043): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100", @ANYRES32=0x0], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0, r1}, 0x18) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newtclass={0x454, 0x28, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x2}}, [@tclass_kind_options=@c_netem={0xa}, @tclass_kind_options=@c_cake={0x9}, @TCA_RATE={0x6}, @tclass_kind_options=@c_htb={{0x8}, {0x408, 0x2, [@TCA_HTB_CTAB={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x846e, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ff0b358, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}]}}]}, 0x454}}, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) write$P9_RLERRORu(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) write$RDMA_USER_CM_CMD_BIND_IP(r4, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2}}}, 0x30) write$binfmt_elf64(r4, &(0x7f0000000280)=ANY=[], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) chdir(&(0x7f0000000100)='./file0\x00') open(&(0x7f0000000300)='.\x00', 0xc00, 0x0) 2.566805362s ago: executing program 1 (id=1045): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000100)={[{@jqfmt_vfsv0}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}]}, 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==") fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_setup(0x200, &(0x7f0000000140)=0x0) r2 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x896a, 0x4, 0x6, 0x8, r0, 0x40, '\x00', 0x0, r2, 0x4, 0x5, 0x5, 0x0, @void, @value, @void, @value}, 0x50) write$binfmt_script(r2, &(0x7f0000000080), 0x208e24b) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000001540)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x7, "bc13a9ce552560"}) ioctl$BTRFS_IOC_TREE_SEARCH(r4, 0xd0009411, &(0x7f0000002540)={{0x0, 0x600, 0xde, 0x33f, 0x4, 0x7ff, 0x2967, 0x5, 0xff, 0x8, 0x1, 0x9, 0x3, 0x1a000, 0x1}}) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10) mkdir(&(0x7f0000000240)='./file0\x00', 0x0) creat(&(0x7f0000000280)='./file0/file1\x00', 0x0) unlink(&(0x7f00000003c0)='./file0/file1\x00') ioctl$BTRFS_IOC_INO_LOOKUP_USER(r3, 0xd000943e, &(0x7f0000003540)={r5, r6, "c44a3294998b6f21c400ea10971d70556668fcc18cf4a102326e60557782dd56381a0b3d4141d5689894ce9bbc37fbd0beb33d05b9844b1ee700ce32f68abd0e7b8477998a3b933dd287efb42d92bcb0a8492ecfc70507db7412fa2c627504e0a26da035ac772355f816413e5e0c47c6f1588549dfa72b2aba4fb0d6e39a0b3c0c036d48600e0dc52b265fa609fe14f7558e3f0cf4e17f48a53fa6b6278c845351b0b9862f3452a9f354329211a5e8dfbc5dc2d9c179d9fc636fce7e5ba8a7f78572c47cbf6fa7ded86dd3c5da997cbfd51b315dc311bcfb0f3ee2a6236f48f1d6b49dfea69f3611e1240aedd632972c6f8c2a989698763bfd1963c6c4230f91", "d71932e1bc04c58613c098630e218e7e7e050d975bb104fadbc78bb62bd65fb677926e8767aac99b047ba6bba6ac20df253799ceea9dfd90ce2c357dd1cb7d949fbd4bde61dcf8db265935d0b67dafb044af16596f1ee86d61ae6a47323728cc4df0f359b0b17e14fd5f522aa541690e1b1dadc35d8c72ad3808e6807173bb3df292564873ba35bc986250fbfd9bce18b6731e1c25c89a06cab9f5182149273fdb8ca3e166f7020631ef2511a6b515d83d4a08fcc35010db56afdb9a3054cdfcf3d6d2866955f58facd2e513f094c2da23e117a2cdfbf8c2eeff3f8beadd8c9d62a0c3944b2d55b15bd50c6805058083f32406c3e6bd195da9b09530167a88e755f08f43dc4925ad6f1e21ac18d9c7cbf0ff8e361833391972b37d1ee2ce75c82d3f1cb755fd2d14994939a1a1260a7e57412f37a779e85a6ff0a086bff91faf0525a258334cf974820c9a5f530c700a1632b2bccf67f3bf28bb24ef9501b04449d01e371e6f08f8047f1fbfae9b34e9584191f68c1e11d38b7f3da862bf4ca74f5cf2155cf15a0e6a6f03b63e25b0c1f676de7430738968b322205e76821268a3f2075beeacb84e345c76a6c06a77f607e1947f5679f22e69a7f306b314564b85b56e5ef5da924e3963f7a28b89da16dc9a01fd40b906cc7346dd2120f3010b3a31eeddcdf45b9ecbec1336e1781d999144200c398ad40bd8e85a60b9b5be06b32876afb63af0ac6f4e9874ec743c61a9cec98ca74b17a40917c519328a9e438b5fa76c0e8607fff30b303df4fd00d38b3ffc17c794e0d43809912b7856c40824f7774019cb83d630a187ccf54c24b8459e9cde564dafc039a61c2cf1769f472349136fc195ed0780c11f3210237f2e4a566879e9236ae4bf90354a960d51ab7cc6c9f8a156ba164e323ae454839e72dee92bddb35a81293aa0ecd481bbb9507f42553f50284fafc1e9f3d6dc26325718b94c7679d7191afd9ea4a8dee836c5e6fa3b4531d48df08ebbd198471c2271693279cbea6888ca5720e3681546c6cca832e275b876769e2fc341dabcee0cb87e594e13a567fa2558c105358009b8f926352687043c9105fafefa0016cf8dfc50bb253a00c716465c4ae9c8c8b9702f377b5433e19ddbc376ee2ab6adf564c124a20274670748f5fe33961a1a819b63734fd348451d453caa45719631f8dab82c2bba5efe33292c86c5d19e477d3479a8d5e178277bfb1ede5a533406b9428f47b2802ca2faae5fbbfddf010186ecac6e660ebd771638042df932d670a08ca9edabfe707189b02907efb8fadd7432a49780415e29adce0435d5ff40e0f2c6d08331fe24a744e7786be6d888d88c6a7c2736f16ae682cf1e991c5e534312d28f0678f1c86442a8196fcb64345894c371ce5c48d5bd4577f3395ad7218ec608bc4286a712e941de29c04f22b85ccf57b0aa85b43dc05eb62e82cf67c59ff8ffbfdabbb47c00f66afbacee04ad156c1a13b1bf191a14921650aa53ed7451a3cf4dca397995ece7694e0a53104aaaae009ff31380d069c2a513e2116a7893381a2ca8945b0dd21a281e2404a52a4befff8de0a3da7198eedf987b1e39be1384dfdd48726189c43f1f0436a47485bea4fccdefee1e8eb3a9f9a26beb3ad4ff015a78eb6b7ed65157eb700dbe25ab2d34a9b1a165eb183cf55fe0ca8ebcae46022d7842335f97acd86d07ab5101f1b77f3aea1a97a0bfb9954c67398a19e9ac57bab4d38fb0da8e50668faece66f46195be4e56d070921e1e59f74baaafb9b7f706a25af939fb303f6eb293262e59dd481787ff98c6f73b38f1a012b326fede8f276f6af7fc2e14da78b3cc277745aed6bde6ba1600e5518ee6f9b77d864bca37de83452b8a04829c5c6d708dbc03bb176f787fadae310b628698124b2ecc39b7677ef84227253863e8fed5e746ea814b314161ce1b6049641f231c1e05bbfad9ec504805ddda39af353be364e7027884b317599ca543269f0396f2615a217a2366216ff2638695fc9ff7d5010655559a65cdc8bfb3c4f3979395b57f5556a307ecd6dc5cc3ea4b6521e5a69c2d042c7a7cd54d24ac8713a7f74b62fe8607aaf90f819c9ac442ba67f40765198c1a709804291be14d27f1c6559389e1a5d795ed3fabf95540e21bce4760e703a48d2dea9b9e239b5862a8fe43a48793670f4ba4199ab8fdbc6e3c22b05c86eb3cfe8a490b4ea65b61e2b0e3f911cf2a7abb588066c35fabde6428faa756c51bb2dedf8ea9addf8d014749fa8f96c748af4ac9c3d4b2ff26bf9773ea8c46e734048b9c91671204ad7fe884ee926acd3cace6e2810a0bfc164b1c57b45fcc1120cc1a2814ec9e0f6220f16c50ffdf8fd0d939a548d17e50d232922b90ed0dea03ac05d07ac35a35efc3cc493b1081093f7a998d70c70d6224cd86de1cb5b8995baaa046a394cd79b7cd5cd82bfe9d04e05b40880b58c448afae70c632ab2ef0d68345aca7c6ff70ba2977ecb30960f3a0ed8b1cca11f09499b89f7edc366252ae8cd20c3e9fe011e56d7dd77aaf12efa4b1ea905b62ded28233043b1506eef689841e8e868e333159bc7503888aeae69fd4e85545fddede5636ef331773a8df361fdb5117cebc93cf3dfd8282f2f30074d469d5e63003a618893186b8ac23bcf6a18d93e14bd34ac61efbd0658b9ffa0d32e21ac301d10900db93c3fca15e9145825abd9f68c522fcfc9dab3eae164a986b9652079831c99966a28ec9bd6f6d4cd3945115c1512bff043ef5b128ff5919d0e6bc37f9bb9c5c15fb303139e5685029fce5bfb128dc7e8417eafd3fd1d69e16a47a32f3ddd25791070b0d67e101ece3d4c43c23b161eef2d50fcac99e8f4bf7fe6812c936f1d341be738babdf62f9f643268198d9b0485dab371171ece2a70430d9f9157b3dd4cfb9e2f96056ae1ca8dd650c31b0037e0946ac336168ed7c902f179e072acdf69c76ddf88ff00372ba44815a6f18c02c7e28b588aafc89840db4c991c3c812d4b258ccc9e3d9f7a40202547184539fff7b3130ca5c33b62305ed31ac7b03d106345b1e81c1118a360cbd2b2512a72d6be38c77bc0d71890c01dbda2363c7700060259853947332fc774b24fbb478bfcae1b09c1e5f85b81c969d5826c7c078eb96772881f810345da46c77234afe681b4599eac29b072214360c7df0cbae3f289adbcb4aca51f1a3b93fb966d0033ff348fe570aedf6b2da25881d95ba748493801d65fdd8b3a13b50c8792b6cfe26b4a08afa830cb51edc9384b4ed8ffafd7dce3cc7ecca0b478c484ad36ec68f320a30a8e5e09664360a5d30e9bdd0795fb1efd0795861513f71c13cd7dd9d78e5f66d882ae7588291f0fed70f924b03b278ccfd04ecebfdaa155619f36972d4ad7f5189d37bdbd27da88f925db65056d6d204b64736b952bd3b419473bfdfad5c8e7c38e3a96ba8b15f1f61032904f1fe635a16a3ea64eca7a8e853f3a9e0f797aefee3a78a4694e707664d3254ff5b9148fc676849411b7c59aa2a7fa3f9128696e666dcb420f21d6640bf3079f553fe44af08968c212d4ca46ff4ace6b5edaa3bc54619796114ea5d390b475198999da695d7c7157a5a42866f769edee6e57388d176cf8dfd31cc71210c0072e7085b3cb0d1bb3469750548d8784366166b788194b83a07bea0aa5e30c27dc74c99e6c4123bb64cc2985119df216c0d6f32675186fe9b42f7f09c376f2a4fa0148e4c26b5e114d6c6ba7c87342558a76bfb4b1024030f76d8cda4af45301308e5afa97d39348333d28aef2586f49e8e6753d5e019b0eaa99fa6ce4d6a59327beaada3f8055a3073996e1b6ca3a0bc7242c41d7d8c109e4ee7ee71b45db2e4b771f2cc4907caad8b633d39ea09babfb6a89e5a0c7a2c32c47df73f8246dbd6faa7cb19bbf104e79ec6ab2929246ce5422122bee2d126c5a3fdab394e804a1710ad26ee0b615d99adec931161a95d07fbc957647e5732f5269a3276d924c79c659f5ed00a00faf7c79d318f71de99304a705024a0d69a94573b8b8a3c5556680e145594135c60030458b043649eea284dca8c8c2fc26946a343757376a2fcb72781f3c5e86febfc73f6992cecffe856bb9e3a43edb0af65208be5970f0ce812e8a16878194cebefd982205aecfa199ed99817bad9251e15199808954c5670b26f08c604c4b192094bfade17908a4237cff3cfa411812f4289f62a5f1a43b3320776f53de97a91fd894b9104c7ce501b578b1e721dd3da46885ee1e6c87c67710f0d7f715ec3c162eb173a328116b99bb6a8035995f3d5ad5347770a488b2796e934208619f874112a90a45422a173f4f70745d4ecee09e8e041d49b77afdbb206565ba060e6bf7c3642168c2103a36a967825f5b771ddaf18babb97d0300f12269d6f95d3a96c26b6848830f930013c1dfbbe915a5a75d96419420d7d6fe53bc1e6683222068a7ec1fd86fce2ed40db9d0df57b975e3e78f9a5c30b4df9ff5b3dc4fa76f3be6ce4ce95902d6f874f4e29541aea0dd286f3ad792d7e8bae77e0eb737edccc15db6ad7b2ea22746ec37d21a16f188ac34cd5003b961587bad9e24b5e3ff65af29506084372b2933f9c5a9d02c20561ed8908d657f0414af8e1580006359bab51560e18134e076dbd1bf6d862e25f8b0ead6a0192e5889dda493485634cfc5ef0234847c162e3aee8489ad8ad529d122a96c3f8180158b1d4862a65ead48edbb69b944c1e7bbfa4326e915aa4b1671a8d1984f92e8298d2fcda9e116191e0e7bb597c75c3e3e5bc3d155234485c5166fa6e0f2361bed6b0444812ea43eac9f3b7f323c6f82aa4b7da77e005184be68955fcb119f4746020a98aa67afcdeff7c925605162a3534e9e72a49cb8ee89b4c8e53c31f5a1fcd82c6ef5e627fe82d476dd58b4b5dbd911c75d7c4ab7700ae9f365c7eae4d2560c57125ebff1567588776bfc0cc996783146f10948185a12da70a58b691eedb81be7b5284fb067bdc524ddc628af6b1dc3b6397bbf118c10ec1c9666fa721a99a5edd6f8afe9e67a6111d17f865e0aa7512df12192855085d7e8e32ad3e72207c27611b4f10cdeb3c17a327200e8a1cc82701f0ddb6845cf161b6fc24f32d05433b0ca37d9fda160f2bdcf0049b336003af8c98904715bb27d4bc69acc3eccd2c70e4d3fe8654cf7549db0c999fc7b6e17724383f1a2f17d6b8fca0d4659b93a253928c7d3760b8accd49d133f430809564c414201e9ff2957059416ec0d1c20665f8fa50e73b23bc44b8b40948a78a19fd84030d5a21114288bc473aa48e6b3b0102b098ab13a923b529b51d7b3449074e064cc3f8f491feb6c6eeb96690a4b57d14cb4e597bfc95eb13ee274c221b4a090eca7bd916f188aed9408adcb7753c8bb244822f6ff4"}) bpf$PROG_LOAD(0x5, &(0x7f0000001480)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r8, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r9}, 0x10) syz_emit_ethernet(0x5e, &(0x7f0000000b40)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x28, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev, @dev}}}}}}, 0x0) io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}]) 2.425795214s ago: executing program 4 (id=1048): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)=ANY=[@ANYBLOB="340000001800dd8d00000000000000000200000000000006000000000600150006000000100016800c0002"], 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x8000) 2.372731558s ago: executing program 2 (id=1049): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0xe}, 0x18) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x9) (fail_nth: 12) 2.363021589s ago: executing program 4 (id=1051): syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x10d480) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT") bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0) creat(&(0x7f0000000240)='./bus\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r1, &(0x7f0000004200)='t', 0x1) r2 = open(&(0x7f0000000280)='./bus\x00', 0x10d042, 0x12) sendfile(r1, r2, 0x0, 0x10001) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7f03) socket$inet_mptcp(0x2, 0x1, 0x106) 2.102690601s ago: executing program 4 (id=1053): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000003c0)={0x4, &(0x7f0000000380)=[{0x1, 0x0, 0x4, 0x8}, {0x9, 0xd6, 0x2, 0xfffffe00}, {0xf88c, 0x6, 0x5d, 0x4da0}, {0x461, 0x4, 0x0, 0x6}]}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) socket$nl_generic(0x10, 0x3, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000d91e0e3900"/28], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r3}, 0x10) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) sendto$inet6(r4, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e24, 0x800, @loopback, 0x5b5}, 0x1c) socket$inet(0x2, 0x2, 0x1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000f07000)=[{0x6, 0x0, 0x0, 0x4}]}, 0x10) 2.032405887s ago: executing program 2 (id=1054): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000200000000000000002000"/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r2, &(0x7f000000cf00)=[{{&(0x7f00000084c0)={0xa, 0xfffc, 0x0, @loopback}, 0x1c, &(0x7f0000008900)=[{&(0x7f0000008500)="88", 0xff12}], 0x1}}], 0x1, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4, 0x0, 0xe}, 0x18) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x3000004, 0x4004010, 0xffffffffffffffff, 0x0) r6 = syz_io_uring_complete(r5) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) faccessat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r7, 0x84, 0x6d, &(0x7f0000000300)={0x0, 0x66, "a8d5ab0d2a0e046715321ac8f922c06a72923c2cdbe2de2c379ea9aaf6fba6ef042d22595b80a1d63456558cd6232c149759b55814a4d910e3bb03f47c38ad737d6a4d737bdb42b0be6848dc09a50a9959bd0692be0f2b87dd750382f91b1c7e251259357d98"}, &(0x7f0000000200)=0x6e) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000380)={r8, 0x10, &(0x7f0000000280)=[@in={0x2, 0x4e24, @empty}]}, &(0x7f00000003c0)=0x10) getsockopt$TIPC_SRC_DROPPABLE(r7, 0x10f, 0x80, &(0x7f0000000040), &(0x7f00000001c0)=0x4) 1.856001392s ago: executing program 0 (id=1057): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000b40000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f00000002c0)=[@fadd={0x58, 0x114, 0x6, {{0x4d13535d, 0x8}, 0x0, 0x0, 0x7, 0xa0010000000000, 0xfffffffffffffff3, 0xb, 0x65, 0x100}}], 0x58}, 0x0) 1.720836354s ago: executing program 0 (id=1058): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x5, 0x2, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x800000000}, 0x18) r2 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001) sendmsg(r2, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000780)="a9", 0xfffffdef}], 0x1}, 0x200000000000000) 1.716454504s ago: executing program 0 (id=1060): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c") 1.715546834s ago: executing program 1 (id=1061): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000820000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x49, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000ac0)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='sched_switch\x00', r5}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r6 = getpid() sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f00000004c0)=@abs, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x10}]}, 0x50}}, 0x0) r10 = io_uring_setup(0x26fd, &(0x7f0000000000)={0x0, 0x0, 0x40, 0x2, 0x40}) r11 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r11, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) readv(r2, &(0x7f0000000880)=[{&(0x7f0000000080)=""/5, 0x5}, {&(0x7f00000004c0)=""/217, 0xd9}, {&(0x7f0000000280)=""/35, 0x23}, {&(0x7f00000005c0)=""/216, 0xd8}, {&(0x7f0000000380)=""/170, 0xaa}, {&(0x7f00000002c0)=""/88, 0x58}, {&(0x7f00000006c0)=""/174, 0xae}, {&(0x7f0000000c00)=""/4096, 0x1000}, {&(0x7f0000000780)=""/244, 0xf4}], 0x9) sendmsg$NFT_BATCH(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range(r10, 0xffffffffffffffff, 0x0) 1.599068384s ago: executing program 0 (id=1062): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup(r3) setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x4, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)=ANY=[@ANYBLOB="340000001800dd8d00000000000000000200000000000006000000000600150006000000100016800c0002"], 0x34}, 0x1, 0x0, 0x0, 0x11}, 0x8000) 1.557827777s ago: executing program 0 (id=1064): bpf$MAP_CREATE(0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="163e6cce65ffff0000000008003950323030302e"], 0x15) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, 0xffffffffffffffff}, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) open_tree(r4, &(0x7f0000000400)='./file0\x00', 0x80001) write$P9_RVERSION(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1500000065ffff0180"], 0x15) r5 = dup(r0) write$P9_RLERRORu(r5, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r5, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x30) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000340)='kfree\x00', r7}, 0x10) r8 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$read(0x1d, r8, 0x0, 0x0) add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x2}, 0x0, 0x0, r8) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xc, &(0x7f0000001340)=ANY=[@ANYBLOB="1800000087000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000030000009500000000000000669c58f5e2a7b2907bcfdf5f89145c190ef0353568de804a3d1e0f5f88dfe2d91e4e8f5e0f63e038ed691c2cea4332b510d2e9732e78d87a28c86b3624337c34903ffad4ede0cac933a9b89850df2667ba031317de3b6a81fc9efef40c993dc8070a5751de14bcb71e0784b79e6033f390785ad657310451c0c5aad0d8de0c84a5bd4ebe5e3c76bcc3e0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r10}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{r9}, &(0x7f0000000680), &(0x7f00000006c0)='%+9llu \x00'}, 0x20) lsm_get_self_attr(0x64, &(0x7f00000014c0)={0x0, 0x0, 0x48, 0x28, ""/40}, &(0x7f0000000240)=0x48, 0x0) 1.496283073s ago: executing program 0 (id=1065): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0200000004432244379b125bbb90949bfb148a89f127d5ffd10000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r1 = open(&(0x7f0000000040)='./bus\x00', 0x44842, 0x0) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)='$', 0x3fec00}], 0x2, 0x1400, 0x0, 0x3) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x800000000}, 0x18) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0xcc, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @loopback}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x54, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x7}, @CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}, @CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x200}, @CTA_SEQADJ_OFFSET_AFTER={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x9}, @CTA_SEQADJ_CORRECTION_POS={0x8}]}, @CTA_SEQ_ADJ_REPLY={0x14, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}]}, 0xcc}}, 0x0) r4 = socket$kcm(0x2, 0x200000000000001, 0x106) sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000a094bb2993e2174fb555f36a5df1a2132445d006cb2734667a03baa4d6ee6b312434bd459c5fb218e81e3d7ed6ab228c0d454e711e41841179c9cc4f3e182b516114bf229681529e9ce75f9958fae6fbdbdc9ba3152bde89e315c845256a94b902d8e2fa217b5f83941e65bc2e2d25dbd1e84e2884d76d81b73028641b0c7b78d042f9f2e4dddac587aa1c8038ee41f8620a9407c09f299573c9eb82c58f4d5d141d05abf16632d073caa1ac985d98d39462446ac42ce2f9d74d804fa64080ae43d504e762f811f7929380fcb9cf362dee62de6d07099e5951f0d27664a2a83e726e38a4a02d0a7933bf967202cccad9a3680f9cbba146c58a9e7eb903207c05d088e70ffa2666a73e88d4b99d3fb2a7d665786ef87677f9cc354631a6f0aa663b7b9ac52f62273754de6af1f8d8f360eab7014beeeb43e21d452029d1d3bc5399fa25cbdf106941adb021def4389d00736f22b720a3cbc8436682e055911d6beda81c80424dc8d1c717addbdf39ae3b6ec5a72f7baa891083892ec27c2257829b33bebc84d1800dc13c80a458f6204f54519f8525592840e9ad8ad67cb698acdde89b3f7beee7ac8ba7aae52c9ab79110c8e4d4df70ea9758b6652a94e9035af55dc1f669fcda5636f8d93e11ddf47fe5dc71163f34914bf3506626a575e09c89fcc0f3f0d3dd7c4debd5ec6cf45e4a5f39f89ecfe3558d40f885f3d14d4286a8ec831ee39174f3cbf6fed4dac40291f60d43f847374852fb95cca1e234f02da36577f5a151591079", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004000000e47f00000180000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r8}, 0x10) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r9}, 0x10) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000c80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d78c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb622003b538dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000067d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c972780870014605c83d7d11c3c975d5aec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8e12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5d371c61f550e9d86aabda45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d618cdaaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e2c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c5986aa9200a1306ffa5a71ca69e89a6980612b35fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0db2b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec08647566b1bdd75d6a9a1e600aaf0f42ce94b4725d4c2da80150dc34e5975d6904f061ed9a7608959f2d24ee6ec4f2395d16e02f53c746f74b12013f738d76456c3407188eff97f31ca36e5d79e1f1c7c3b688ee21d37ba5ebf4afc2a61f16"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r10, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff430500001100630377fbac141414e000000162079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r6}, 0x10) r11 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendto$inet(r11, &(0x7f0000000040)="40e4", 0x2, 0x20008840, &(0x7f0000000140)={0x2, 0x0, @empty}, 0x10) sendto$inet(r11, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10) sendmsg(r4, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000780)="a9", 0xfffffdef}], 0x1}, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/profiling', 0x10000, 0x48) 1.459851156s ago: executing program 3 (id=1066): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x5, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xce2}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x4003, &(0x7f00000003c0), 0x2, 0x4e6, &(0x7f0000000840)="$eJzs3MtrHdUfAPDvTJK26eOX/OqzD+3VKgbFpkmfCxdWFLoRBEXqMiZpqU1baSK0JdgoUsGF0r/Ax07wL3ClG1FxobhV3IpQJJtWF3Jl7p0b5/bem1dvctvk84FJzsycmXPOzJzkPO7cANatUvYjidgaEb9ERF91tT5Cqfrr5uz06F+z06NJlMsv/5lU4t2YnR6tRe3Lf2/JzzmQRqTvJbGrSbqTly6fGZmYGL+Qrw9OpXno7Mip8VPj54aPHj14oPfI4eFDbSlnlqcbO98+v3vH8deuvTh64trr332R5b+c7y+Wo6p/iSl0NWwpRan+WhY8vsSz3+m2FcJJd/Yz7VxmWLTsqc1uV0+l/veVc5V9ffHCu7V4GzqZSWBFZJV9Y8PWuf9lM+WiJKkeAKwRiSoN61TtH/2N2aynOj3a2A9uorutTZCOun4sKgXKyn0zX6p7uis92FJ/tW/Us0Lp3xsRJ2b+/jhbouk4BABAe311LGJz3u6oLdU9adxfiPe/fFSoPyL+HxHbI+KevP1yX0Ql7gMR8WDhmKQwJ9RK6Zb1xvbPT715oNhcbZus/fdMPrdV3/6bm7/o78rXtlXK35OcPD0xvj+/JgPRszFbH2o89dyw2tfP//xRq/RLhfZftmTp19qCeT7+6L5lgG5sZGrkdstdc/2dyoW90lj+JLqTWihiR0TsXMb5s2t2+snPd7faX1f+rJwN5f+w9cnb0A8pfxrxRPX+z8Qt5Y983iOpzE+efXNw8tLlp08X5yeHjhwePjS4KSbG9w/WnopG3/949aU82NCNWPj+r6zs/m9u+vzPzVz2J8X52smlp3H11/db9mmW+/xvSF6phGvzUhdHpqYuDEVsSGYatw//d+zFkd66+Fn5B/Y2r//bI/75JD9uV0RkD/FDEfFwROzJ8/5IRDwaEXvnKf+3zz32Rqsu5J1w/8eWdP9bBZ79IaL5rq4z33zZkPAHpUWWP7v/ByuhgXzL2MjUpoXKNV9Oi4HbvoAAAABwF9gTEVsjSfflY5xbI0337YvYMjeCMjn11Mnzb50bq74j0B89aW2kq68wHjqUjw1n69lRw4X1bP+ByrhxuVwu92brWf99Yltniw7r3pYW9T/ze+MrLcBas6R5tFZvtAF3peXPo7f/AxnA6lpDn+cHlkj9h/Vr0fV/pd6CAzqmWf2/EnGzA1kBVlmz+v9qB/IBrD79f1i/1H9YtxZ8mRZYkxb1kvwyAtuPzxMn6V6ZRFsH0qjbkv3Fq/sWgP6IWuTaBxznP+FvaUR7ctjV1pL21t3TtGmcTdGOtCJdME73Er6IYXUD6Z2RjWpgY0Qs8PTOPWxXaoHLK52xSiX4rLN/nQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7fvwEAAP//bDbZlg==") 1.423728909s ago: executing program 3 (id=1067): syz_extract_tcp_res(&(0x7f0000000080)={0x41424344}, 0x7fffffff, 0x793) syz_extract_tcp_res$synack(&(0x7f00000000c0)={0x41424344, 0x41424344}, 0x1, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000e40)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a860900180600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="0000907800100000f6ffffff"], 0x0) syz_emit_ethernet(0x142, &(0x7f0000000300)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, @void, {@ipv6={0x86dd, @tcp={0x4, 0x6, "c4b322", 0x10c, 0x6, 0x0, @private1, @empty, {[@fragment={0x88, 0x0, 0x62, 0x1, 0x0, 0x8, 0x67}, @fragment={0x6, 0x0, 0x2d, 0x1, 0x0, 0x6, 0x68}], {{0x4e21, 0x4e20, r0, r1, 0x0, 0x0, 0x11, 0x80, 0x8000, 0x0, 0x7, {[@generic={0x3, 0x2}, @timestamp={0x8, 0xa, 0x13bcb9bc, 0x4}, @exp_fastopen={0xfe, 0xc, 0xf989, "1b6b281c719ce944"}, @timestamp={0x8, 0xa, 0x10000, 0x7}, @sack={0x5, 0x4, [0xa79, 0x80, 0xff]}]}}, {"4a323bcd8f5e5571de5e8371c9c2e2005213f37e6162009f60de8a0780f4783e12323e4dba6ffff5b54bc39135e2344b946b3a49148c1b29f9d28f796864a1896c4c2aae699ecf8831ea2358f2b7061bc7b94ece87e5426ee0c7babeb80836fd90d108d000db6ab7b8aa26acf32fd7b11f49d17663710b895df657c46135ebc6ff02fc2f8fe5c8bd00c179a9eec5bd0444dd80ab775ce3e9a17fb0cd0b0c5e2c2993c4866cf359929e3a3c567a5b6ee9ffd83b3a0f27c0e5"}}}}}}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f00000006c0)={0xf5f89c70, {{0x2, 0x4e23, @empty}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002"], 0x110) setsockopt$inet_group_source_req(r4, 0x0, 0x2c, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) setsockopt$inet_group_source_req(r4, 0x0, 0x2b, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @private}}}, 0x108) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.234281725s ago: executing program 3 (id=1068): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000b40000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001002010000000000000000000000000a60000000060a090400000000000000000200000034000480300001800e000100696d6d6564696174650000001c000280100002800c000280080001800000000508000140000000000900010073797a30000000020900020073797a3200000000140000001100010000000000000000000000000a86d6b90c49766d251aee2d10bf552dcf71ba620eed341ca8c2ab4559f7016aacf224219609457d97b2c39ed655321383ca71b2d5db5a7a8dc87058098458fb82c3f2383e3fdb813262edf7349eec60fe6965f14ee4066a6f94df4eb913150f2998b20a94e3092ef60d85fd"], 0x88}}, 0x0) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r2, r3, 0x0, 0x20000023896) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) r7 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r7, 0x1, 0x0, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0) sendmsg$SMC_PNETID_DEL(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="270e000000000000000004"], 0x14}, 0x1, 0x40030000000000}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000186df4b1768c36153d42", @ANYRES32, @ANYBLOB="0a3f000000a3f500950004000000010045"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=") r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, @void, @value}, 0x90) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10) 1.099706667s ago: executing program 4 (id=1069): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) (async) r1 = getpgrp(0x0) r2 = syz_pidfd_open(r1, 0x0) r3 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000180)) (async) r4 = gettid() kcmp$KCMP_EPOLL_TFD(r1, r4, 0x7, r2, &(0x7f0000000040)={r3, r2}) (async) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r5}, &(0x7f0000000800), &(0x7f0000000840)=r6}, 0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r7}, 0x10) (async) mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) (async) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r8}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000020000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000600459e850000000400000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0xffffffc2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r9}, 0x10) r10 = getpid() setreuid(0xee00, 0x0) (async) r11 = syz_pidfd_open(r10, 0x0) setns(r11, 0x24020000) (async) syz_clone3(&(0x7f00000008c0)={0x14840000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000880)=[0x0], 0x1}, 0x58) (async) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={&(0x7f0000000300)={0x2, 0x0, @multicast2=0xe0000001}, 0x10, 0x0, 0x0, 0x0, 0x38}, 0x0) r12 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="021eeecd558b31cbf98f7a00005d00000000ff0f00000504000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r13 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r13}, 0x10) (async) bpf$PROG_LOAD(0x5, 0x0, 0x0) 942.94752ms ago: executing program 2 (id=1070): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', 0x0}) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000778600000000001f00000095"], &(0x7f0000000300)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x40, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x35, 0x1, 0x40, 0x0, 0x0, 0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, @perf_config_ext={0x280, 0x100000001}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_dccp(0xa, 0x6, 0x0) socket$inet_udp(0x2, 0x2, 0x0) socket$inet6(0xa, 0x3, 0x8b) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=ANY=[@ANYBLOB="940000001100010026bd7000fcdbdf2500000000", @ANYRES32=r2], 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x80) socket$inet6(0xa, 0x2, 0x3a) 832.246419ms ago: executing program 4 (id=1071): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) openat$thread_pidfd(0xffffff9c, &(0x7f0000000000), 0x80, 0x0) r2 = syz_io_uring_setup(0x335, &(0x7f0000000080)={0x0, 0x0, 0x11900, 0x3}, &(0x7f0000000300)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000003c0)=@IORING_OP_SYMLINKAT={0x26, 0x40, 0x0, 0xffffffffffffffff, &(0x7f0000000340)='\x00', &(0x7f0000000dc0)='./bus\x00'}) io_uring_enter(r2, 0xa05, 0x0, 0x0, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) r7 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r7, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000003c0)=@migrate={0xa0, 0x21, 0x1, 0x0, 0x0, {{@in=@private=0xa010101, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x0, 0x0, 0xfffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}}, [@migrate={0x50, 0x11, [{@in=@dev, @in6=@loopback, @in6=@rand_addr=' \x01\x00', @in6=@private0, 0x25, 0x0, 0x0, 0x0, 0x0, 0x2}]}]}, 0xa0}}, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="b70000b90ac135", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48) r9 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_RATE={0x6}]}, 0x38}}, 0x0) 818.53561ms ago: executing program 4 (id=1072): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x21000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 308.741154ms ago: executing program 3 (id=1073): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c") 220.482981ms ago: executing program 2 (id=1074): r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) (async, rerun: 64) listen(r0, 0x20) (rerun: 64) r1 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r1, 0x10d, 0x92, &(0x7f0000000000), &(0x7f0000000240)=0x4) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000050000000000fd04aabfc286414931fd000c01000000000000305f615f0000000000000000090000000000000000"], 0x0, 0x2c, 0x0, 0x1, 0x1000000, 0x0, @void, @value}, 0x28) 212.553792ms ago: executing program 3 (id=1075): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00\x00\x00\x00\x00\x00'], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f00000000c0)=[{0x61}, {0x6}]}) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000580)='!pu&-\x00\x00\x00|\x93\xeco\xb3.i\xc3\xefT\x91\x8d:\xb7\xc2\x03\xf6\a5ND\x13\xe6\xf9\xac@\"\xae\x86,\x19\x8bI\xa4r\xab\x1dj\x91\xbc\xbd\xc0\x97oZ`V0\xe2\xf7\xfb,1\xec\'c\xad\xee\xc0\x1b\xeb\x18\xf4\x91\xda8\xae\xcdW%\xdd2') mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=@newtclass={0x454, 0x28, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x2}}, [@tclass_kind_options=@c_netem={0xa}, @tclass_kind_options=@c_cake={0x9}, @TCA_RATE={0x6}, @tclass_kind_options=@c_htb={{0x8}, {0x408, 0x2, [@TCA_HTB_CTAB={0x404, 0x3, [0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x846e, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ff0b358, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}]}}]}, 0x454}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300001e880000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) write$P9_RLERRORu(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) write$RDMA_USER_CM_CMD_BIND_IP(r4, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @private2}}}, 0x30) write$binfmt_elf64(r4, &(0x7f0000000280)=ANY=[], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) chdir(&(0x7f0000000100)='./file0\x00') open(&(0x7f0000000300)='.\x00', 0xc00, 0x0) 148.005608ms ago: executing program 2 (id=1076): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18) fstatfs(0xffffffffffffffff, 0x0) 41.629667ms ago: executing program 3 (id=1077): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)={0x40, 0x0, 0x7, 0x401, 0x0, 0x0, {}, [@NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x7}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="2000000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000000000000a8c1ce5d00"/24, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xb, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000685cf6822ccae7a37343901f80dd23503621b8e024d19ed09673a7ce606f5ed35e4d419f2e6ec71c04845318e6ba193f27e47a393d0491953881d0063252b6b15b3cad2db7c4f189d1e1058e9738b01803be54ce3075d9cc756215340d3e4961dfa5de88336e643ec1be3e71852e01f47f03644911fabf0f9679", @ANYRES32=r2, @ANYBLOB="0000000000000000b708000001fcffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r5 = fcntl$dupfd(r4, 0x0, r4) write$P9_RLERRORu(r5, &(0x7f0000000040)={0xd, 0x7, 0x1, {{}, 0x2}}, 0xd) write$sndseq(r5, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick=0x36, {0xff}, {}, @addr={0x1, 0x6}}, {0x0, 0x0, 0x0, 0x20, @time={0x0, 0x4}, {}, {}, @note={0x0, 0x0, 0x2}}], 0x38) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5}, 0x38) ioprio_set$pid(0x1, 0x0, 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10) connect$inet(r6, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) shutdown(r6, 0x1) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10) r8 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCDARP(r8, 0x8953, &(0x7f0000000100)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @remote}, 0x0, {0x2, 0x0, @private}, 'syz_tun\x00'}) io_setup(0x203, &(0x7f0000000040)) 18.412139ms ago: executing program 2 (id=1078): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, 0x0, &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d) r1 = io_uring_setup(0x2a40, &(0x7f0000000240)={0x0, 0x7bb7, 0x400, 0x3, 0x110}) io_uring_enter(r1, 0x7205, 0x78dc, 0x4, &(0x7f00000002c0)={[0x7]}, 0x8) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) write$cgroup_subtree(r3, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22667f2c00dbf6e97158b33d4fec877f1b6d76745b686158bbcfe8875afdef00010000000029"], 0x280) r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), r2) sendmsg$NL802154_CMD_NEW_INTERFACE(r2, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80012010}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x24, r5, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@NL802154_ATTR_IFTYPE={0x8, 0x5, 0x1}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x34048800}, 0x20000000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10) syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) unshare(0x62040200) preadv(0xffffffffffffffff, 0x0, 0x0, 0x20000a, 0xa) syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000000)='./file0/file0\x00', 0x80d0, &(0x7f0000000800)=ANY=[@ANYBLOB='dots,errors=continue,nodots,dmask=00000000000000000077777,nodots,dots,nodots,showexec,dots,sys_immutable,discard,dots,nodots,nodots,dots,nodots,dots,nfs,dots,dots,dots,dots,nodots,nodots,nodots,quiet,dots,nodots,gid=', @ANYRES64, @ANYBLOB="2c616c6c6f775f99787bfc79612f6b137574696d303030303030303030303030304f30303030302c4572726fc8ed8a34ef53c91969643c00"/66, @ANYRES8, @ANYBLOB=',\x00'], 0xfd, 0x1bf, &(0x7f0000000640)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r7 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7) 0s ago: executing program 1 (id=1079): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000400121001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000083850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) mkdir(0x0, 0x0) r2 = syz_io_uring_setup(0xe42, &(0x7f0000000140)={0x0, 0x2119, 0x400}, &(0x7f0000000240)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x18}) io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): loop0): Remounting filesystem read-only [ 68.627190][ T5322] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 68.658602][ T5322] EXT4-fs (loop0): 1 orphan inode deleted [ 68.666033][ T5322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.678266][ T5322] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 68.681478][ T5330] capability: warning: `syz.2.667' uses deprecated v2 capabilities in a way that may be insecure [ 68.686459][ T5322] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.709478][ T29] kauditd_printk_skb: 78 callbacks suppressed [ 68.709536][ T29] audit: type=1326 audit(1728913387.341:2220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 68.741666][ T29] audit: type=1326 audit(1728913387.351:2221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 68.765357][ T29] audit: type=1326 audit(1728913387.351:2222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 68.788903][ T29] audit: type=1326 audit(1728913387.351:2223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 68.812362][ T29] audit: type=1326 audit(1728913387.351:2224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 68.835944][ T29] audit: type=1326 audit(1728913387.351:2225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 68.859423][ T29] audit: type=1326 audit(1728913387.351:2226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 68.882996][ T29] audit: type=1326 audit(1728913387.351:2227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 68.893677][ T5335] FAULT_INJECTION: forcing a failure. [ 68.893677][ T5335] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 68.906721][ T29] audit: type=1326 audit(1728913387.351:2228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 68.919430][ T5335] CPU: 0 UID: 0 PID: 5335 Comm: syz.0.668 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 68.919464][ T5335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 68.942781][ T29] audit: type=1326 audit(1728913387.351:2229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5329 comm="syz.2.667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 68.953340][ T5335] Call Trace: [ 68.953350][ T5335] [ 68.953360][ T5335] dump_stack_lvl+0xf2/0x150 [ 68.953391][ T5335] dump_stack+0x15/0x20 [ 69.001689][ T5335] should_fail_ex+0x223/0x230 [ 69.006454][ T5335] should_fail+0xb/0x10 [ 69.010716][ T5335] should_fail_usercopy+0x1a/0x20 [ 69.015827][ T5335] _copy_to_user+0x1e/0xa0 [ 69.020258][ T5335] simple_read_from_buffer+0xa0/0x110 [ 69.025735][ T5335] proc_fail_nth_read+0xf9/0x140 [ 69.030697][ T5335] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 69.036282][ T5335] vfs_read+0x195/0x720 [ 69.040494][ T5335] ? __rcu_read_unlock+0x4e/0x70 [ 69.045468][ T5335] ? __fget_files+0x1d4/0x210 [ 69.050184][ T5335] ksys_read+0xeb/0x1b0 [ 69.054361][ T5335] __x64_sys_read+0x42/0x50 [ 69.058954][ T5335] x64_sys_call+0x27d3/0x2d60 [ 69.063662][ T5335] do_syscall_64+0xc9/0x1c0 [ 69.068211][ T5335] ? clear_bhb_loop+0x55/0xb0 [ 69.072946][ T5335] ? clear_bhb_loop+0x55/0xb0 [ 69.077715][ T5335] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.083667][ T5335] RIP: 0033:0x7faf68e0ca3c [ 69.088187][ T5335] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 69.107895][ T5335] RSP: 002b:00007faf67a87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 69.116385][ T5335] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0ca3c [ 69.124430][ T5335] RDX: 000000000000000f RSI: 00007faf67a870a0 RDI: 0000000000000007 [ 69.132498][ T5335] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000 [ 69.140478][ T5335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 69.148490][ T5335] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8 [ 69.156478][ T5335] [ 69.163580][ T5336] netlink: 4 bytes leftover after parsing attributes in process `syz.4.662'. [ 69.251637][ T5339] loop0: detected capacity change from 0 to 512 [ 69.275565][ T5339] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities [ 69.292325][ T5346] FAULT_INJECTION: forcing a failure. [ 69.292325][ T5346] name failslab, interval 1, probability 0, space 0, times 0 [ 69.305121][ T5346] CPU: 0 UID: 0 PID: 5346 Comm: syz.3.673 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 69.315747][ T5346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 69.325888][ T5346] Call Trace: [ 69.329272][ T5346] [ 69.332305][ T5346] dump_stack_lvl+0xf2/0x150 [ 69.336988][ T5346] dump_stack+0x15/0x20 [ 69.341171][ T5346] should_fail_ex+0x223/0x230 [ 69.345906][ T5346] ? __d_alloc+0x3d/0x340 [ 69.349611][ T5344] netlink: 12 bytes leftover after parsing attributes in process `syz.1.672'. [ 69.350259][ T5346] should_failslab+0x8f/0xb0 [ 69.363812][ T5346] kmem_cache_alloc_lru_noprof+0x51/0x2a0 [ 69.369614][ T5346] __d_alloc+0x3d/0x340 [ 69.373876][ T5346] d_alloc_parallel+0x54/0xc80 [ 69.378762][ T5346] ? __rcu_read_unlock+0x4e/0x70 [ 69.383768][ T5346] ? __d_lookup+0x342/0x370 [ 69.388399][ T5346] ? inode_permission+0xbf/0x300 [ 69.393463][ T5346] __lookup_slow+0x8d/0x250 [ 69.398074][ T5346] lookup_one_len+0xea/0x1a0 [ 69.403230][ T5346] start_creating+0x139/0x230 [ 69.408073][ T5346] __debugfs_create_file+0x73/0x300 [ 69.413316][ T5346] debugfs_create_file+0x49/0x60 [ 69.418354][ T5346] do_blk_trace_setup+0x2d2/0x4d0 [ 69.423514][ T5346] blk_trace_setup+0xad/0x140 [ 69.428310][ T5346] sg_ioctl+0x6ce/0x1870 [ 69.432651][ T5346] ? __pfx_sg_ioctl+0x10/0x10 [ 69.437409][ T5346] __se_sys_ioctl+0xcd/0x140 [ 69.442041][ T5346] __x64_sys_ioctl+0x43/0x50 [ 69.446708][ T5346] x64_sys_call+0x15cc/0x2d60 [ 69.451594][ T5346] do_syscall_64+0xc9/0x1c0 [ 69.456130][ T5346] ? clear_bhb_loop+0x55/0xb0 [ 69.460883][ T5346] ? clear_bhb_loop+0x55/0xb0 [ 69.461077][ T5352] loop2: detected capacity change from 0 to 512 [ 69.465585][ T5346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.477780][ T5346] RIP: 0033:0x7f20fc95dff9 [ 69.482246][ T5346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.501983][ T5346] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 69.510483][ T5346] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 69.518462][ T5346] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000007 [ 69.526444][ T5346] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000 [ 69.534769][ T5346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 69.542824][ T5346] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 69.550889][ T5346] [ 69.583590][ T5339] netlink: 8 bytes leftover after parsing attributes in process `syz.0.670'. [ 69.753699][ T5352] EXT4-fs error (device loop2): __ext4_iget:4952: inode #3: block 127754: comm syz.2.676: invalid block [ 69.758339][ T5365] FAULT_INJECTION: forcing a failure. [ 69.758339][ T5365] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 69.778098][ T5365] CPU: 1 UID: 0 PID: 5365 Comm: syz.0.678 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 69.788730][ T5365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 69.799239][ T5365] Call Trace: [ 69.802532][ T5365] [ 69.805481][ T5365] dump_stack_lvl+0xf2/0x150 [ 69.810116][ T5365] dump_stack+0x15/0x20 [ 69.814366][ T5365] should_fail_ex+0x223/0x230 [ 69.819117][ T5365] should_fail+0xb/0x10 [ 69.823327][ T5365] should_fail_usercopy+0x1a/0x20 [ 69.828497][ T5365] _copy_from_iter+0xd3/0xd20 [ 69.833288][ T5365] ? kmalloc_reserve+0x16e/0x190 [ 69.838393][ T5365] ? __build_skb_around+0x196/0x1f0 [ 69.843713][ T5365] ? __alloc_skb+0x21f/0x310 [ 69.848411][ T5365] ? __virt_addr_valid+0x1ed/0x250 [ 69.853548][ T5365] ? __check_object_size+0x364/0x520 [ 69.858942][ T5365] netlink_sendmsg+0x460/0x6e0 [ 69.863825][ T5365] ? __pfx_netlink_sendmsg+0x10/0x10 [ 69.869190][ T5365] __sock_sendmsg+0x140/0x180 [ 69.873915][ T5365] ____sys_sendmsg+0x312/0x410 [ 69.878775][ T5365] __sys_sendmsg+0x1d9/0x270 [ 69.883481][ T5365] __x64_sys_sendmsg+0x46/0x50 [ 69.888357][ T5365] x64_sys_call+0x2689/0x2d60 [ 69.893138][ T5365] do_syscall_64+0xc9/0x1c0 [ 69.897734][ T5365] ? clear_bhb_loop+0x55/0xb0 [ 69.902462][ T5365] ? clear_bhb_loop+0x55/0xb0 [ 69.907176][ T5365] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.913106][ T5365] RIP: 0033:0x7faf68e0dff9 [ 69.917546][ T5365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.937385][ T5365] RSP: 002b:00007faf67a66038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 69.938599][ T5352] EXT4-fs (loop2): Remounting filesystem read-only [ 69.945854][ T5365] RAX: ffffffffffffffda RBX: 00007faf68fc6058 RCX: 00007faf68e0dff9 [ 69.945873][ T5365] RDX: 0000000000008080 RSI: 0000000020000040 RDI: 0000000000000004 [ 69.945889][ T5365] RBP: 00007faf67a66090 R08: 0000000000000000 R09: 0000000000000000 [ 69.945906][ T5365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 69.952431][ T5352] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 69.960371][ T5365] R13: 0000000000000000 R14: 00007faf68fc6058 R15: 00007ffcf7ce12b8 [ 69.990671][ T5352] EXT4-fs (loop2): mount failed [ 69.998882][ T5365] [ 70.099691][ T5375] netlink: 'syz.2.684': attribute type 32 has an invalid length. [ 70.315695][ T5373] loop4: detected capacity change from 0 to 128 [ 70.583027][ T5387] netlink: 8 bytes leftover after parsing attributes in process `syz.1.689'. [ 70.617036][ T5390] loop4: detected capacity change from 0 to 1024 [ 70.664721][ T5390] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 70.674621][ T5390] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 70.695506][ T5390] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 70.712359][ T5398] netlink: 8 bytes leftover after parsing attributes in process `syz.3.695'. [ 70.714160][ T5390] EXT4-fs error (device loop4): ext4_get_journal_inode:5762: inode #5: comm syz.4.691: unexpected bad inode w/o EXT4_IGET_BAD [ 70.721281][ T5398] netlink: 24 bytes leftover after parsing attributes in process `syz.3.695'. [ 70.749184][ T5390] EXT4-fs (loop4): no journal found [ 70.754514][ T5390] EXT4-fs (loop4): can't get journal size [ 70.781138][ T5390] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 70.839149][ T5390] netlink: 24 bytes leftover after parsing attributes in process `syz.4.691'. [ 70.890366][ T5405] team0: Device ipvlan2 is already an upper device of the team interface [ 70.942397][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.991954][ T5418] FAULT_INJECTION: forcing a failure. [ 70.991954][ T5418] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 71.005318][ T5418] CPU: 1 UID: 0 PID: 5418 Comm: syz.4.698 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 71.016011][ T5418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 71.026175][ T5418] Call Trace: [ 71.029485][ T5418] [ 71.032435][ T5418] dump_stack_lvl+0xf2/0x150 [ 71.037059][ T5418] dump_stack+0x15/0x20 [ 71.041398][ T5418] should_fail_ex+0x223/0x230 [ 71.046190][ T5418] should_fail_alloc_page+0xfd/0x110 [ 71.051580][ T5418] __alloc_pages_noprof+0x109/0x340 [ 71.056816][ T5418] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 71.062292][ T5418] alloc_pages_noprof+0xe1/0x100 [ 71.067349][ T5418] pte_alloc_one+0x32/0xf0 [ 71.071790][ T5418] __pte_alloc+0x33/0x270 [ 71.076145][ T5418] handle_mm_fault+0x1b05/0x2a80 [ 71.081130][ T5418] exc_page_fault+0x3b9/0x650 [ 71.085856][ T5418] asm_exc_page_fault+0x26/0x30 [ 71.090849][ T5418] RIP: 0033:0x7f098d5718b6 [ 71.095283][ T5418] Code: f0 72 6e 48 63 cd 48 01 c1 49 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 <47> 0f b6 0c 08 45 84 c9 74 08 45 88 0c 00 49 8b 47 10 48 83 c0 01 [ 71.114958][ T5418] RSP: 002b:00007f098c3263f0 EFLAGS: 00010206 [ 71.121040][ T5418] RAX: 00000000000f9001 RBX: 00007f098c326490 RCX: 000000000000004c [ 71.129123][ T5418] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007f098c326530 [ 71.137193][ T5418] RBP: 0000000000000102 R08: 00007f0983f07000 R09: 00000000000f9000 [ 71.145175][ T5418] R10: 0000000000000000 R11: 00007f098c3264a0 R12: 0000000000000001 [ 71.153157][ T5418] R13: 00007f098d734a40 R14: 0000000000000000 R15: 00007f098c326530 [ 71.161149][ T5418] [ 71.164403][ T5418] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 71.177947][ T5418] loop4: detected capacity change from 0 to 2048 [ 71.210410][ T5380] syz.2.686 (5380) used greatest stack depth: 7416 bytes left [ 71.230091][ T5423] loop0: detected capacity change from 0 to 512 [ 71.234005][ T5418] loop4: p1 < > p4 [ 71.240502][ T5423] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 71.240997][ T5418] loop4: p4 size 8388608 extends beyond EOD, [ 71.253671][ T5423] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 71.269620][ T5418] truncated [ 71.277403][ T5423] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec01c, mo2=0002] [ 71.290432][ T5423] System zones: 1-12 [ 71.294818][ T5423] EXT4-fs (loop0): 1 truncate cleaned up [ 71.300851][ T5423] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.377496][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.457113][ T5428] loop2: detected capacity change from 0 to 512 [ 71.470321][ T5428] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 71.510130][ T5432] FAULT_INJECTION: forcing a failure. [ 71.510130][ T5432] name failslab, interval 1, probability 0, space 0, times 0 [ 71.522891][ T5432] CPU: 1 UID: 0 PID: 5432 Comm: syz.4.705 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 71.533524][ T5432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 71.543698][ T5432] Call Trace: [ 71.546993][ T5432] [ 71.550028][ T5432] dump_stack_lvl+0xf2/0x150 [ 71.554726][ T5432] dump_stack+0x15/0x20 [ 71.558899][ T5432] should_fail_ex+0x223/0x230 [ 71.563646][ T5432] ? __alloc_skb+0x10b/0x310 [ 71.568324][ T5432] should_failslab+0x8f/0xb0 [ 71.572994][ T5432] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 71.579282][ T5432] __alloc_skb+0x10b/0x310 [ 71.583725][ T5432] alloc_skb_with_frags+0x80/0x450 [ 71.588867][ T5432] ? memcg_list_lru_alloc+0xd2/0x740 [ 71.594177][ T5432] ? mod_objcg_state+0x3b1/0x4f0 [ 71.599154][ T5432] sock_alloc_send_pskb+0x435/0x4f0 [ 71.604393][ T5432] ? __rcu_read_unlock+0x4e/0x70 [ 71.609400][ T5432] packet_sendmsg+0x2401/0x34f0 [ 71.614319][ T5432] ? avc_has_perm+0xd4/0x160 [ 71.618961][ T5432] ? selinux_socket_sendmsg+0x19c/0x1d0 [ 71.624559][ T5432] ? __pfx_packet_sendmsg+0x10/0x10 [ 71.629828][ T5432] __sock_sendmsg+0x140/0x180 [ 71.634566][ T5432] ____sys_sendmsg+0x312/0x410 [ 71.639364][ T5432] __sys_sendmsg+0x1d9/0x270 [ 71.644049][ T5432] __x64_sys_sendmsg+0x46/0x50 [ 71.648839][ T5432] x64_sys_call+0x2689/0x2d60 [ 71.653624][ T5432] do_syscall_64+0xc9/0x1c0 [ 71.658233][ T5432] ? clear_bhb_loop+0x55/0xb0 [ 71.662967][ T5432] ? clear_bhb_loop+0x55/0xb0 [ 71.667685][ T5432] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.673700][ T5432] RIP: 0033:0x7f098d6adff9 [ 71.678127][ T5432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.697812][ T5432] RSP: 002b:00007f098c327038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 71.706327][ T5432] RAX: ffffffffffffffda RBX: 00007f098d865f80 RCX: 00007f098d6adff9 [ 71.714325][ T5432] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003 [ 71.722317][ T5432] RBP: 00007f098c327090 R08: 0000000000000000 R09: 0000000000000000 [ 71.730309][ T5432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 71.738352][ T5432] R13: 0000000000000000 R14: 00007f098d865f80 R15: 00007ffeddaf64c8 [ 71.746382][ T5432] [ 71.796732][ T5444] loop2: detected capacity change from 0 to 512 [ 71.805321][ T5444] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -13 [ 71.814074][ T5444] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945729 > max in inode 13 [ 71.828064][ T5444] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945730 > max in inode 13 [ 71.850145][ T5454] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 71.858844][ T5444] EXT4-fs (loop2): 1 truncate cleaned up [ 71.866274][ T5444] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.883795][ T5444] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 71.891263][ T5444] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 71.912078][ T5444] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 71.919689][ T5444] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 71.947748][ T24] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4 [ 71.955652][ T24] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2 [ 71.965026][ T24] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x3 [ 71.974291][ T24] hid-generic 0000:3000000:0000.0002: hidraw0: HID v0.00 Device [sy] on syz0 [ 71.990571][ T5456] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 72.028982][ T5473] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 72.028982][ T5473] program syz.4.717 not setting count and/or reply_len properly [ 72.050234][ T5467] FAULT_INJECTION: forcing a failure. [ 72.050234][ T5467] name failslab, interval 1, probability 0, space 0, times 0 [ 72.062933][ T5467] CPU: 1 UID: 0 PID: 5467 Comm: syz.3.712 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 72.063304][ T5475] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.709: corrupted in-inode xattr: overlapping e_value [ 72.073619][ T5467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 72.073639][ T5467] Call Trace: [ 72.073647][ T5467] [ 72.073656][ T5467] dump_stack_lvl+0xf2/0x150 [ 72.108692][ T5467] dump_stack+0x15/0x20 [ 72.112894][ T5467] should_fail_ex+0x223/0x230 [ 72.117614][ T5467] ? kobject_uevent_env+0x1a4/0x550 [ 72.122846][ T5467] should_failslab+0x8f/0xb0 [ 72.127520][ T5467] __kmalloc_cache_noprof+0x4b/0x2a0 [ 72.132905][ T5467] ? __pfx_dev_uevent_name+0x10/0x10 [ 72.138204][ T5467] kobject_uevent_env+0x1a4/0x550 [ 72.143295][ T5467] ? kobject_put+0x10a/0x180 [ 72.147930][ T5467] kobject_uevent+0x1c/0x30 [ 72.152499][ T5467] device_release_driver_internal+0x478/0x4f0 [ 72.158644][ T5467] device_release_driver+0x19/0x20 [ 72.163855][ T5467] bus_remove_device+0x26f/0x290 [ 72.168806][ T5467] device_del+0x370/0x780 [ 72.173222][ T5467] ? enable_work+0x116/0x1b0 [ 72.178023][ T5467] hid_destroy_device+0x52/0xc0 [ 72.183004][ T5467] uhid_dev_destroy+0x6a/0xb0 [ 72.187750][ T5467] uhid_char_write+0x512/0x5b0 [ 72.192590][ T5467] ? __pfx_uhid_char_write+0x10/0x10 [ 72.197920][ T5467] vfs_write+0x26c/0x910 [ 72.202187][ T5467] ? __rcu_read_unlock+0x4e/0x70 [ 72.207221][ T5467] ? __fget_files+0x1d4/0x210 [ 72.211947][ T5467] ksys_write+0xeb/0x1b0 [ 72.216253][ T5467] __x64_sys_write+0x42/0x50 [ 72.220869][ T5467] x64_sys_call+0x27dd/0x2d60 [ 72.225752][ T5467] do_syscall_64+0xc9/0x1c0 [ 72.230337][ T5467] ? clear_bhb_loop+0x55/0xb0 [ 72.235049][ T5467] ? clear_bhb_loop+0x55/0xb0 [ 72.239821][ T5467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.245819][ T5467] RIP: 0033:0x7f20fc95dff9 [ 72.250242][ T5467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.269920][ T5467] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 72.278349][ T5467] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 72.286559][ T5467] RDX: 0000000000000004 RSI: 0000000020000340 RDI: 0000000000000003 [ 72.294542][ T5467] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000 [ 72.302526][ T5467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 72.310647][ T5467] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 72.318638][ T5467] [ 72.404455][ T5479] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 72.420452][ T5479] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 72.431987][ T5479] bond0 (unregistering): Released all slaves [ 72.505974][ T5483] __nla_validate_parse: 6 callbacks suppressed [ 72.505989][ T5483] netlink: 8 bytes leftover after parsing attributes in process `syz.1.719'. [ 72.705855][ T5127] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.734983][ T5491] FAULT_INJECTION: forcing a failure. [ 72.734983][ T5491] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 72.748222][ T5491] CPU: 1 UID: 0 PID: 5491 Comm: syz.3.722 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 72.758902][ T5491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 72.769047][ T5491] Call Trace: [ 72.772346][ T5491] [ 72.775295][ T5491] dump_stack_lvl+0xf2/0x150 [ 72.780055][ T5491] dump_stack+0x15/0x20 [ 72.784278][ T5491] should_fail_ex+0x223/0x230 [ 72.788992][ T5491] should_fail+0xb/0x10 [ 72.793186][ T5491] should_fail_usercopy+0x1a/0x20 [ 72.798236][ T5491] _copy_from_user+0x1e/0xd0 [ 72.802839][ T5491] __sys_bpf+0x14e/0x7a0 [ 72.807166][ T5491] __x64_sys_bpf+0x43/0x50 [ 72.811676][ T5491] x64_sys_call+0x2625/0x2d60 [ 72.816403][ T5491] do_syscall_64+0xc9/0x1c0 [ 72.820941][ T5491] ? clear_bhb_loop+0x55/0xb0 [ 72.825643][ T5491] ? clear_bhb_loop+0x55/0xb0 [ 72.830608][ T5491] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.836804][ T5491] RIP: 0033:0x7f20fc95dff9 [ 72.841316][ T5491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.860937][ T5491] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 72.869598][ T5491] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 72.877606][ T5491] RDX: 0000000000000050 RSI: 0000000020000000 RDI: 000000000000000a [ 72.885689][ T5491] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000 [ 72.893688][ T5491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 72.901750][ T5491] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 72.909783][ T5491] [ 72.999885][ T5500] netlink: 4 bytes leftover after parsing attributes in process `syz.4.718'. [ 73.083665][ T5508] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 73.083665][ T5508] program syz.1.729 not setting count and/or reply_len properly [ 73.201293][ T5502] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 73.779557][ T5535] FAULT_INJECTION: forcing a failure. [ 73.779557][ T5535] name failslab, interval 1, probability 0, space 0, times 0 [ 73.792363][ T5535] CPU: 0 UID: 0 PID: 5535 Comm: +}[@ Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 73.802622][ T5535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 73.812705][ T5535] Call Trace: [ 73.815991][ T5535] [ 73.818936][ T5535] dump_stack_lvl+0xf2/0x150 [ 73.823561][ T5535] dump_stack+0x15/0x20 [ 73.827846][ T5535] should_fail_ex+0x223/0x230 [ 73.832813][ T5535] ? audit_log_start+0x34c/0x6b0 [ 73.837869][ T5535] should_failslab+0x8f/0xb0 [ 73.842558][ T5535] kmem_cache_alloc_noprof+0x4c/0x290 [ 73.848131][ T5535] audit_log_start+0x34c/0x6b0 [ 73.852926][ T5535] ? kmem_cache_free+0xdc/0x2d0 [ 73.857820][ T5535] audit_seccomp+0x4b/0x130 [ 73.862357][ T5535] __seccomp_filter+0x6fa/0x1180 [ 73.867340][ T5535] ? __perf_event_task_sched_out+0x111/0xfe0 [ 73.873391][ T5535] ? __dequeue_entity+0x22/0x310 [ 73.878378][ T5535] ? tracing_record_taskinfo_sched_switch+0x6f/0x270 [ 73.885109][ T5535] __secure_computing+0x9f/0x1c0 [ 73.890253][ T5535] syscall_trace_enter+0xd1/0x1f0 [ 73.891762][ T5537] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 73.891762][ T5537] program syz.1.738 not setting count and/or reply_len properly [ 73.895300][ T5535] do_syscall_64+0xaa/0x1c0 [ 73.916326][ T5535] ? clear_bhb_loop+0x55/0xb0 [ 73.921112][ T5535] ? clear_bhb_loop+0x55/0xb0 [ 73.925916][ T5535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.931856][ T5535] RIP: 0033:0x7fd6eb48ca3c [ 73.936302][ T5535] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 73.956032][ T5535] RSP: 002b:00007fd6ea101030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 73.964642][ T5535] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48ca3c [ 73.972704][ T5535] RDX: 000000000000000f RSI: 00007fd6ea1010a0 RDI: 0000000000000005 [ 73.980711][ T5535] RBP: 00007fd6ea101090 R08: 0000000000000000 R09: 0000000000000000 [ 73.988925][ T5535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 73.996946][ T5535] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018 [ 74.004935][ T5535] [ 74.008021][ T5535] audit_log_lost: 159 callbacks suppressed [ 74.008211][ T5535] audit: audit_lost=6 audit_rate_limit=0 audit_backlog_limit=64 [ 74.010605][ T5543] netlink: 'syz.3.736': attribute type 8 has an invalid length. [ 74.014099][ T5535] audit: out of memory in audit_log_start [ 74.035397][ T5543] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 74.079848][ T29] audit: type=1326 audit(1728913392.537:2389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd6eb48cadf code=0x7ffc0000 [ 74.102666][ T29] audit: type=1326 audit(1728913392.537:2390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd6eb48cc8a code=0x7ffc0000 [ 74.104316][ T5546] netlink: 8 bytes leftover after parsing attributes in process `syz.0.742'. [ 74.125676][ T29] audit: type=1326 audit(1728913392.537:2391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 74.134557][ T5546] netlink: 24 bytes leftover after parsing attributes in process `syz.0.742'. [ 74.156074][ T5549] FAULT_INJECTION: forcing a failure. [ 74.156074][ T5549] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 74.157730][ T29] audit: type=1326 audit(1728913392.537:2392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5534 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 74.166543][ T5549] CPU: 0 UID: 0 PID: 5549 Comm: syz.0.743 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 74.166619][ T5549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 74.166634][ T5549] Call Trace: [ 74.166641][ T5549] [ 74.166649][ T5549] dump_stack_lvl+0xf2/0x150 [ 74.166680][ T5549] dump_stack+0x15/0x20 [ 74.166703][ T5549] should_fail_ex+0x223/0x230 [ 74.166795][ T5549] should_fail+0xb/0x10 [ 74.166832][ T5549] should_fail_usercopy+0x1a/0x20 [ 74.183523][ T5547] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 74.183523][ T5547] program syz.2.741 not setting count and/or reply_len properly [ 74.202706][ T5549] _copy_from_user+0x1e/0xd0 [ 74.202744][ T5549] sctp_getsockopt_scheduler+0x71/0x340 [ 74.202800][ T5549] sctp_getsockopt+0xa1e/0xab0 [ 74.284226][ T5549] sock_common_getsockopt+0x5b/0x70 [ 74.289533][ T5549] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 74.295504][ T5549] do_sock_getsockopt+0x1ca/0x260 [ 74.300566][ T5549] __sys_getsockopt+0x18a/0x200 [ 74.305520][ T5549] __x64_sys_getsockopt+0x66/0x80 [ 74.310647][ T5549] x64_sys_call+0x11cd/0x2d60 [ 74.315341][ T5549] do_syscall_64+0xc9/0x1c0 [ 74.319867][ T5549] ? clear_bhb_loop+0x55/0xb0 [ 74.324640][ T5549] ? clear_bhb_loop+0x55/0xb0 [ 74.329340][ T5549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.335256][ T5549] RIP: 0033:0x7faf68e0dff9 [ 74.339752][ T5549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.359380][ T5549] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 74.367854][ T5549] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9 [ 74.375834][ T5549] RDX: 000000000000007b RSI: 0000000000000084 RDI: 0000000000000004 [ 74.383815][ T5549] RBP: 00007faf67a87090 R08: 00000000200000c0 R09: 0000000000000000 [ 74.391884][ T5549] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 74.399932][ T5549] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8 [ 74.407936][ T5549] [ 74.475858][ T29] audit: type=1326 audit(1728913392.925:2393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 74.510462][ T29] audit: type=1326 audit(1728913392.925:2394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 74.527112][ T5562] ÿÿÿÿÿÿ: renamed from vlan1 (while UP) [ 74.534031][ T29] audit: type=1326 audit(1728913392.925:2395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 74.562944][ T29] audit: type=1326 audit(1728913392.925:2396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5561 comm="syz.2.749" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 74.589654][ T5568] 9pnet_fd: Insufficient options for proto=fd [ 74.715704][ T5570] netlink: 12 bytes leftover after parsing attributes in process `syz.3.751'. [ 74.769184][ T5581] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 74.769184][ T5581] program syz.3.756 not setting count and/or reply_len properly [ 74.779069][ T5580] loop2: detected capacity change from 0 to 2048 [ 74.888471][ T5586] netlink: 4 bytes leftover after parsing attributes in process `syz.4.750'. [ 74.923806][ T5590] netlink: 12 bytes leftover after parsing attributes in process `syz.3.759'. [ 75.013126][ T5600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 75.048017][ T5600] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 75.094664][ T5602] pimreg: entered allmulticast mode [ 75.110053][ T5602] pimreg: left allmulticast mode [ 75.202131][ T5604] FAULT_INJECTION: forcing a failure. [ 75.202131][ T5604] name failslab, interval 1, probability 0, space 0, times 0 [ 75.214820][ T5604] CPU: 0 UID: 0 PID: 5604 Comm: syz.3.764 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 75.225464][ T5604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 75.235546][ T5604] Call Trace: [ 75.238871][ T5604] [ 75.241915][ T5604] dump_stack_lvl+0xf2/0x150 [ 75.246557][ T5604] dump_stack+0x15/0x20 [ 75.250856][ T5604] should_fail_ex+0x223/0x230 [ 75.255592][ T5604] ? p9_client_prepare_req+0xf9/0x870 [ 75.261000][ T5604] should_failslab+0x8f/0xb0 [ 75.265681][ T5604] kmem_cache_alloc_noprof+0x4c/0x290 [ 75.271087][ T5604] p9_client_prepare_req+0xf9/0x870 [ 75.276359][ T5604] ? xas_load+0x3ae/0x3d0 [ 75.280785][ T5604] ? xas_load+0x3ae/0x3d0 [ 75.285221][ T5604] ? __rcu_read_unlock+0x4e/0x70 [ 75.290200][ T5604] ? xa_load+0xb9/0xe0 [ 75.294360][ T5604] ? delete_node+0x40b/0x450 [ 75.299165][ T5604] p9_client_rpc+0xf0/0x710 [ 75.303766][ T5604] ? radix_tree_iter_tag_clear+0x109/0x180 [ 75.309794][ T5604] p9_client_walk+0xfb/0x4e0 [ 75.314414][ T5604] v9fs_file_open+0x163/0x530 [ 75.319188][ T5604] ? __pfx_v9fs_file_open+0x10/0x10 [ 75.324415][ T5604] do_dentry_open+0x621/0xa20 [ 75.329169][ T5604] vfs_open+0x38/0x1f0 [ 75.333274][ T5604] path_openat+0x1ac2/0x1fa0 [ 75.337894][ T5604] ? _parse_integer_limit+0x167/0x180 [ 75.343308][ T5604] ? _parse_integer+0x27/0x30 [ 75.348081][ T5604] ? kstrtoull+0x110/0x140 [ 75.352530][ T5604] do_filp_open+0xf7/0x200 [ 75.357111][ T5604] do_sys_openat2+0xab/0x120 [ 75.361861][ T5604] __x64_sys_open+0xe6/0x110 [ 75.366542][ T5604] x64_sys_call+0x1321/0x2d60 [ 75.371321][ T5604] do_syscall_64+0xc9/0x1c0 [ 75.375904][ T5604] ? clear_bhb_loop+0x55/0xb0 [ 75.380622][ T5604] ? clear_bhb_loop+0x55/0xb0 [ 75.385457][ T5604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 75.391462][ T5604] RIP: 0033:0x7f20fc95dff9 [ 75.395905][ T5604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 75.415532][ T5604] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 75.424071][ T5604] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 75.432506][ T5604] RDX: 0000000000000000 RSI: 0000000000000c00 RDI: 0000000020000300 [ 75.440547][ T5604] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000 [ 75.448610][ T5604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 75.456605][ T5604] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 75.464673][ T5604] [ 75.543958][ T5606] netlink: 19 bytes leftover after parsing attributes in process `syz.3.765'. [ 75.655663][ T5614] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 75.655663][ T5614] program syz.3.769 not setting count and/or reply_len properly [ 75.677885][ T5618] loop0: detected capacity change from 0 to 128 [ 75.684897][ T5618] vfat: Unknown parameter 'ÿÿÿÿ0x0000000000000004' [ 75.698527][ T5618] loop0: detected capacity change from 0 to 512 [ 75.745288][ T5618] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 75.756848][ T5629] loop2: detected capacity change from 0 to 512 [ 75.763217][ T5618] System zones: 0-2, 18-18, 34-34 [ 75.769586][ T5631] FAULT_INJECTION: forcing a failure. [ 75.769586][ T5631] name failslab, interval 1, probability 0, space 0, times 0 [ 75.782443][ T5631] CPU: 0 UID: 0 PID: 5631 Comm: syz.3.774 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 75.793107][ T5631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 75.803329][ T5631] Call Trace: [ 75.806627][ T5631] [ 75.809612][ T5631] dump_stack_lvl+0xf2/0x150 [ 75.814244][ T5631] dump_stack+0x15/0x20 [ 75.818436][ T5631] should_fail_ex+0x223/0x230 [ 75.823140][ T5631] ? tcp_sendmsg_fastopen+0x163/0x4f0 [ 75.828607][ T5631] should_failslab+0x8f/0xb0 [ 75.833232][ T5631] __kmalloc_cache_noprof+0x4b/0x2a0 [ 75.838569][ T5631] tcp_sendmsg_fastopen+0x163/0x4f0 [ 75.843796][ T5631] tcp_sendmsg_locked+0x2513/0x2700 [ 75.844767][ T5618] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.771: bg 0: block 248: padding at end of block bitmap is not set [ 75.849006][ T5631] ? mntput+0x49/0x70 [ 75.864546][ T5618] EXT4-fs error (device loop0): ext4_acquire_dquot:6879: comm syz.0.771: Failed to acquire dquot type 1 [ 75.867171][ T5631] ? __rcu_read_unlock+0x4e/0x70 [ 75.883220][ T5631] ? avc_has_perm_noaudit+0x1cc/0x210 [ 75.883306][ T5631] ? avc_has_perm+0xd4/0x160 [ 75.890378][ T5618] EXT4-fs (loop0): 1 truncate cleaned up [ 75.893234][ T5631] ? _raw_spin_unlock_bh+0x36/0x40 [ 75.899405][ T5618] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.903965][ T5631] ? __pfx_tcp_sendmsg+0x10/0x10 [ 75.903995][ T5631] tcp_sendmsg+0x30/0x50 [ 75.904034][ T5631] inet6_sendmsg+0x77/0xd0 [ 75.917658][ T5618] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 75.921336][ T5631] __sock_sendmsg+0x8b/0x180 [ 75.937604][ T5629] EXT4-fs error (device loop2): ext4_orphan_get:1388: inode #15: comm syz.2.773: casefold flag without casefold feature [ 75.940379][ T5631] __sys_sendto+0x1d6/0x260 [ 75.945338][ T5629] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.773: couldn't read orphan inode 15 (err -117) [ 75.957469][ T5631] __x64_sys_sendto+0x78/0x90 [ 75.957543][ T5631] x64_sys_call+0x2959/0x2d60 [ 75.963529][ T5629] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.973733][ T5631] do_syscall_64+0xc9/0x1c0 [ 75.973783][ T5631] ? clear_bhb_loop+0x55/0xb0 [ 75.973820][ T5631] ? clear_bhb_loop+0x55/0xb0 [ 75.973850][ T5631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.015545][ T5631] RIP: 0033:0x7f20fc95dff9 [ 76.019968][ T5631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.039640][ T5631] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 76.048068][ T5631] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 76.056107][ T5631] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006 [ 76.064229][ T5631] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000 [ 76.072211][ T5631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.080228][ T5631] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 76.088219][ T5631] [ 76.122063][ T5618] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.128027][ T5636] FAULT_INJECTION: forcing a failure. [ 76.128027][ T5636] name failslab, interval 1, probability 0, space 0, times 0 [ 76.143781][ T5636] CPU: 0 UID: 0 PID: 5636 Comm: syz.3.776 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 76.154579][ T5636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 76.164681][ T5636] Call Trace: [ 76.167983][ T5636] [ 76.170919][ T5636] dump_stack_lvl+0xf2/0x150 [ 76.175620][ T5636] dump_stack+0x15/0x20 [ 76.179808][ T5636] should_fail_ex+0x223/0x230 [ 76.184498][ T5636] ? __alloc_skb+0x10b/0x310 [ 76.189127][ T5636] should_failslab+0x8f/0xb0 [ 76.193732][ T5636] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 76.199581][ T5636] __alloc_skb+0x10b/0x310 [ 76.204171][ T5636] netlink_ack+0xef/0x4f0 [ 76.208630][ T5636] netlink_rcv_skb+0x19c/0x230 [ 76.213439][ T5636] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 76.218953][ T5636] nfnetlink_rcv+0x16c/0x15c0 [ 76.223649][ T5636] ? kmem_cache_free+0xdc/0x2d0 [ 76.228682][ T5636] ? nlmon_xmit+0x51/0x60 [ 76.233060][ T5636] ? __kfree_skb+0x102/0x150 [ 76.237680][ T5636] ? consume_skb+0x49/0x160 [ 76.242206][ T5636] ? nlmon_xmit+0x51/0x60 [ 76.246597][ T5636] ? dev_hard_start_xmit+0x3c1/0x3f0 [ 76.251920][ T5636] ? __dev_queue_xmit+0xb4c/0x2040 [ 76.257074][ T5636] ? ref_tracker_free+0x3a5/0x410 [ 76.262165][ T5636] ? __dev_queue_xmit+0x161/0x2040 [ 76.267455][ T5636] ? ref_tracker_alloc+0x1f5/0x2f0 [ 76.272752][ T5636] ? __netlink_deliver_tap+0x495/0x4c0 [ 76.278260][ T5636] netlink_unicast+0x599/0x670 [ 76.283150][ T5636] netlink_sendmsg+0x5cc/0x6e0 [ 76.287963][ T5636] ? __pfx_netlink_sendmsg+0x10/0x10 [ 76.293335][ T5636] __sock_sendmsg+0x140/0x180 [ 76.298043][ T5636] ____sys_sendmsg+0x312/0x410 [ 76.302900][ T5636] __sys_sendmsg+0x1d9/0x270 [ 76.307517][ T5636] __x64_sys_sendmsg+0x46/0x50 [ 76.312452][ T5636] x64_sys_call+0x2689/0x2d60 [ 76.317353][ T5636] do_syscall_64+0xc9/0x1c0 [ 76.322002][ T5636] ? clear_bhb_loop+0x55/0xb0 [ 76.326846][ T5636] ? clear_bhb_loop+0x55/0xb0 [ 76.331646][ T5636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.337584][ T5636] RIP: 0033:0x7f20fc95dff9 [ 76.342036][ T5636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.361751][ T5636] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 76.370179][ T5636] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 76.378164][ T5636] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 76.386440][ T5636] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000 [ 76.394417][ T5636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.402390][ T5636] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 76.410390][ T5636] [ 76.415571][ T5127] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.444101][ T5644] loop2: detected capacity change from 0 to 512 [ 76.453772][ T5644] EXT4-fs: Ignoring removed oldalloc option [ 76.482357][ T5644] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.777: Parent and EA inode have the same ino 15 [ 76.495693][ T5644] EXT4-fs (loop2): Remounting filesystem read-only [ 76.502286][ T5644] EXT4-fs warning (device loop2): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 76.513299][ T5644] EXT4-fs (loop2): 1 orphan inode deleted [ 76.519371][ T5644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.532418][ T5644] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 76.539943][ T5644] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.574416][ T5651] loop2: detected capacity change from 0 to 512 [ 76.584274][ T5651] netlink: 20 bytes leftover after parsing attributes in process `syz.2.780'. [ 76.698433][ T5666] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 76.699566][ T5661] netlink: 4 bytes leftover after parsing attributes in process `syz.0.778'. [ 76.717071][ T5666] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 76.917379][ T5682] loop4: detected capacity change from 0 to 512 [ 76.924948][ T5682] EXT4-fs: Ignoring removed oldalloc option [ 76.933146][ T5682] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.791: Parent and EA inode have the same ino 15 [ 76.945571][ T5682] EXT4-fs (loop4): Remounting filesystem read-only [ 76.952177][ T5682] EXT4-fs warning (device loop4): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 76.963186][ T5682] EXT4-fs (loop4): 1 orphan inode deleted [ 76.969289][ T5682] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.981349][ T5682] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 76.989348][ T5682] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.021003][ T5686] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 77.021003][ T5686] program syz.4.792 not setting count and/or reply_len properly [ 77.217820][ T5702] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 77.270164][ T5704] netlink: 'syz.1.801': attribute type 10 has an invalid length. [ 77.284766][ T5704] team0: Failed to send options change via netlink (err -105) [ 77.292391][ T5704] team0: Port device netdevsim1 added [ 77.315184][ T5704] netlink: 'syz.1.801': attribute type 10 has an invalid length. [ 77.330690][ T5704] team0: Failed to send port change of device netdevsim1 via netlink (err -105) [ 77.381252][ T5704] team0: Failed to send options change via netlink (err -105) [ 77.405518][ T5712] loop4: detected capacity change from 0 to 512 [ 77.436583][ T5704] team0: Failed to send port change of device netdevsim1 via netlink (err -105) [ 77.448473][ T5704] team0: Port device netdevsim1 removed [ 77.458849][ T5712] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #15: comm syz.4.803: casefold flag without casefold feature [ 77.478097][ T5714] loop0: detected capacity change from 0 to 1024 [ 77.498370][ T5712] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.803: couldn't read orphan inode 15 (err -117) [ 77.513471][ T5708] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 77.526862][ T5712] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.542226][ T5714] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.570577][ T5714] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 77.605538][ T5721] bpf: Bad value for 'uid' [ 77.618172][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.636000][ T5723] FAULT_INJECTION: forcing a failure. [ 77.636000][ T5723] name failslab, interval 1, probability 0, space 0, times 0 [ 77.648784][ T5723] CPU: 0 UID: 0 PID: 5723 Comm: syz.2.808 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 77.659405][ T5723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 77.669492][ T5723] Call Trace: [ 77.672873][ T5723] [ 77.675884][ T5723] dump_stack_lvl+0xf2/0x150 [ 77.680584][ T5723] dump_stack+0x15/0x20 [ 77.684775][ T5723] should_fail_ex+0x223/0x230 [ 77.689631][ T5723] ? sidtab_sid2str_get+0xb8/0x140 [ 77.694856][ T5723] should_failslab+0x8f/0xb0 [ 77.699570][ T5723] __kmalloc_node_track_caller_noprof+0xa6/0x380 [ 77.706012][ T5723] ? vsnprintf+0xdd8/0xe30 [ 77.710472][ T5723] kmemdup_noprof+0x2a/0x60 [ 77.715064][ T5723] sidtab_sid2str_get+0xb8/0x140 [ 77.720075][ T5723] security_sid_to_context_core+0x1eb/0x2f0 [ 77.726074][ T5723] security_sid_to_context+0x27/0x30 [ 77.731408][ T5723] selinux_secid_to_secctx+0x22/0x30 [ 77.736818][ T5723] security_secid_to_secctx+0x48/0x90 [ 77.742328][ T5723] audit_log_task_context+0x8c/0x1b0 [ 77.747662][ T5723] audit_log_task+0xfb/0x180 [ 77.752328][ T5723] audit_seccomp+0x68/0x130 [ 77.756862][ T5723] __seccomp_filter+0x6fa/0x1180 [ 77.761877][ T5723] ? xfd_validate_state+0x46/0xf0 [ 77.767024][ T5723] ? save_fpregs_to_fpstate+0x102/0x160 [ 77.772697][ T5723] __secure_computing+0x9f/0x1c0 [ 77.777696][ T5723] syscall_trace_enter+0xd1/0x1f0 [ 77.782806][ T5723] do_syscall_64+0xaa/0x1c0 [ 77.787323][ T5723] ? clear_bhb_loop+0x55/0xb0 [ 77.792030][ T5723] ? clear_bhb_loop+0x55/0xb0 [ 77.796870][ T5723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.802821][ T5723] RIP: 0033:0x7fd6eb48ca3c [ 77.807348][ T5723] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 77.827019][ T5723] RSP: 002b:00007fd6ea101030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 77.835495][ T5723] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48ca3c [ 77.843646][ T5723] RDX: 000000000000000f RSI: 00007fd6ea1010a0 RDI: 0000000000000003 [ 77.851625][ T5723] RBP: 00007fd6ea101090 R08: 0000000000000000 R09: 0000000000000000 [ 77.859630][ T5723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 77.867611][ T5723] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018 [ 77.875597][ T5723] [ 77.904774][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.054081][ T5737] loop4: detected capacity change from 0 to 1024 [ 78.063343][ T5737] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 78.079972][ T5737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 78.153294][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.165893][ T5748] x_tables: ip6_tables: sctp match: only valid for protocol 132 [ 78.233561][ T5760] FAULT_INJECTION: forcing a failure. [ 78.233561][ T5760] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.246800][ T5760] CPU: 0 UID: 0 PID: 5760 Comm: syz.3.823 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 78.257482][ T5760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 78.267566][ T5760] Call Trace: [ 78.267720][ T5765] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 78.267720][ T5765] program syz.1.825 not setting count and/or reply_len properly [ 78.270851][ T5760] [ 78.270862][ T5760] dump_stack_lvl+0xf2/0x150 [ 78.270893][ T5760] dump_stack+0x15/0x20 [ 78.270950][ T5760] should_fail_ex+0x223/0x230 [ 78.303841][ T5760] should_fail+0xb/0x10 [ 78.308092][ T5760] should_fail_usercopy+0x1a/0x20 [ 78.313148][ T5760] _copy_to_iter+0xd3/0xd20 [ 78.317736][ T5760] ? filemap_map_pages+0x8c6/0xb30 [ 78.323070][ T5760] copy_page_to_iter+0x171/0x2b0 [ 78.328124][ T5760] shmem_file_read_iter+0x408/0x550 [ 78.333352][ T5760] aio_read+0x1e0/0x2e0 [ 78.337535][ T5760] io_submit_one+0xade/0x1230 [ 78.342263][ T5760] __se_sys_io_submit+0xf5/0x280 [ 78.347266][ T5760] __x64_sys_io_submit+0x43/0x50 [ 78.352248][ T5760] x64_sys_call+0x1ebc/0x2d60 [ 78.357021][ T5760] do_syscall_64+0xc9/0x1c0 [ 78.361534][ T5760] ? clear_bhb_loop+0x55/0xb0 [ 78.366255][ T5760] ? clear_bhb_loop+0x55/0xb0 [ 78.371047][ T5760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.376969][ T5760] RIP: 0033:0x7f20fc95dff9 [ 78.381428][ T5760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.401092][ T5760] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 78.409569][ T5760] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 78.417566][ T5760] RDX: 0000000020001d00 RSI: 0000000000000002 RDI: 00007f20fcaef000 [ 78.425550][ T5760] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000 [ 78.433549][ T5760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 78.441530][ T5760] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 78.449720][ T5760] [ 78.509611][ T5771] __nla_validate_parse: 1 callbacks suppressed [ 78.509628][ T5771] netlink: 8 bytes leftover after parsing attributes in process `syz.0.826'. [ 78.559934][ T5777] netlink: 132 bytes leftover after parsing attributes in process `syz.0.830'. [ 78.570445][ T5773] netlink: 8 bytes leftover after parsing attributes in process `syz.1.828'. [ 78.579606][ T5777] netlink: 'syz.0.830': attribute type 10 has an invalid length. [ 78.598018][ T5777] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 78.608393][ T5781] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 78.608393][ T5781] program syz.1.832 not setting count and/or reply_len properly [ 78.645643][ T5786] loop0: detected capacity change from 0 to 128 [ 78.660178][ T5786] syz.0.834: attempt to access beyond end of device [ 78.660178][ T5786] loop0: rw=0, sector=121, nr_sectors = 119 limit=128 [ 78.671372][ T5789] netlink: 4 bytes leftover after parsing attributes in process `syz.3.836'. [ 78.748341][ T5795] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 78.748341][ T5795] program syz.3.838 not setting count and/or reply_len properly [ 78.832500][ T5798] loop0: detected capacity change from 0 to 129 [ 78.942987][ T5811] loop2: detected capacity change from 0 to 512 [ 78.949928][ T5811] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 78.962237][ T5811] netlink: 8 bytes leftover after parsing attributes in process `syz.2.843'. [ 78.977330][ T5819] FAULT_INJECTION: forcing a failure. [ 78.977330][ T5819] name failslab, interval 1, probability 0, space 0, times 0 [ 78.990067][ T5819] CPU: 1 UID: 0 PID: 5819 Comm: syz.0.846 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 78.994621][ T5821] loop2: detected capacity change from 0 to 512 [ 79.000751][ T5819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 79.000771][ T5819] Call Trace: [ 79.020345][ T5819] [ 79.023285][ T5819] dump_stack_lvl+0xf2/0x150 [ 79.027917][ T5819] dump_stack+0x15/0x20 [ 79.032087][ T5819] should_fail_ex+0x223/0x230 [ 79.036853][ T5819] ? getname_flags+0x81/0x3b0 [ 79.041544][ T5819] should_failslab+0x8f/0xb0 [ 79.046174][ T5819] kmem_cache_alloc_noprof+0x4c/0x290 [ 79.051573][ T5819] getname_flags+0x81/0x3b0 [ 79.056090][ T5819] getname+0x17/0x20 [ 79.060018][ T5819] do_sys_openat2+0x67/0x120 [ 79.064622][ T5819] __x64_sys_openat+0xf3/0x120 [ 79.069482][ T5819] x64_sys_call+0x1025/0x2d60 [ 79.074249][ T5819] do_syscall_64+0xc9/0x1c0 [ 79.078780][ T5819] ? clear_bhb_loop+0x55/0xb0 [ 79.083518][ T5819] ? clear_bhb_loop+0x55/0xb0 [ 79.088285][ T5819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.094199][ T5819] RIP: 0033:0x7faf68e0dff9 [ 79.098663][ T5819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.118396][ T5819] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 79.126819][ T5819] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9 [ 79.134863][ T5819] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 79.142845][ T5819] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000 [ 79.150889][ T5819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 79.158874][ T5819] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8 [ 79.166945][ T5819] [ 79.189922][ T5823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.848'. [ 79.215754][ T5829] FAULT_INJECTION: forcing a failure. [ 79.215754][ T5829] name failslab, interval 1, probability 0, space 0, times 0 [ 79.228546][ T5829] CPU: 0 UID: 0 PID: 5829 Comm: syz.0.850 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 79.239161][ T5829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 79.249242][ T5829] Call Trace: [ 79.252574][ T5829] [ 79.255642][ T5829] dump_stack_lvl+0xf2/0x150 [ 79.260270][ T5829] dump_stack+0x15/0x20 [ 79.264451][ T5829] should_fail_ex+0x223/0x230 [ 79.269246][ T5829] ? __kvmalloc_node_noprof+0x72/0x170 [ 79.274781][ T5829] should_failslab+0x8f/0xb0 [ 79.279404][ T5829] __kmalloc_node_noprof+0xa8/0x380 [ 79.284651][ T5829] ? should_failslab+0x8f/0xb0 [ 79.289505][ T5829] __kvmalloc_node_noprof+0x72/0x170 [ 79.292523][ T5825] syz.4.849[5825] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 79.294813][ T5829] page_pool_create_percpu+0x24d/0x650 [ 79.294903][ T5825] syz.4.849[5825] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 79.306125][ T5829] page_pool_create+0x1a/0x20 [ 79.306193][ T5829] bpf_test_run_xdp_live+0x138/0x1010 [ 79.311747][ T5825] syz.4.849[5825] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 79.322866][ T5829] ? __pfx_autoremove_wake_function+0x10/0x10 [ 79.322989][ T5829] ? 0xffffffffa00038c0 [ 79.323006][ T5829] ? synchronize_rcu+0x46/0x320 [ 79.359595][ T5829] ? 0xffffffffa00038c0 [ 79.363834][ T5829] ? bpf_dispatcher_change_prog+0x73c/0x830 [ 79.369827][ T5829] ? 0xffffffffa00038c0 [ 79.374034][ T5829] ? 0xffffffffa0000958 [ 79.378201][ T5829] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 79.384173][ T5829] bpf_prog_test_run_xdp+0x51d/0x8b0 [ 79.389545][ T5829] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 79.395440][ T5829] bpf_prog_test_run+0x20f/0x3a0 [ 79.400405][ T5829] __sys_bpf+0x400/0x7a0 [ 79.404758][ T5829] __x64_sys_bpf+0x43/0x50 [ 79.409292][ T5829] x64_sys_call+0x2625/0x2d60 [ 79.413989][ T5829] do_syscall_64+0xc9/0x1c0 [ 79.418525][ T5829] ? clear_bhb_loop+0x55/0xb0 [ 79.423250][ T5829] ? clear_bhb_loop+0x55/0xb0 [ 79.427954][ T5829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.433887][ T5829] RIP: 0033:0x7faf68e0dff9 [ 79.438310][ T5829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.457934][ T5829] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 79.466516][ T5829] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9 [ 79.474532][ T5829] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a [ 79.482521][ T5829] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000 [ 79.490597][ T5829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 79.498586][ T5829] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8 [ 79.506581][ T5829] [ 79.509938][ T5829] page_pool_create_percpu() gave up with errno -12 [ 79.518303][ T5825] loop4: detected capacity change from 0 to 512 [ 79.526475][ T29] kauditd_printk_skb: 291 callbacks suppressed [ 79.526497][ T29] audit: type=1326 audit(1728913397.568:2685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000 [ 79.556106][ T29] audit: type=1326 audit(1728913397.568:2686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000 [ 79.579726][ T29] audit: type=1326 audit(1728913397.568:2687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000 [ 79.603149][ T29] audit: type=1326 audit(1728913397.568:2688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000 [ 79.604087][ T5821] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.626677][ T29] audit: type=1326 audit(1728913397.568:2689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000 [ 79.639914][ T5821] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 79.662475][ T29] audit: type=1326 audit(1728913397.568:2690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f098d6adff9 code=0x7ffc0000 [ 79.696034][ T29] audit: type=1326 audit(1728913397.568:2691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f098d6ae033 code=0x7ffc0000 [ 79.719292][ T29] audit: type=1326 audit(1728913397.568:2692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f098d6acadf code=0x7ffc0000 [ 79.742519][ T29] audit: type=1326 audit(1728913397.568:2693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f098d6ae087 code=0x7ffc0000 [ 79.765793][ T29] audit: type=1326 audit(1728913397.568:2694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5824 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f098d6ac990 code=0x7ffc0000 [ 79.823432][ T5825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.836076][ T5825] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 79.857937][ T5848] netlink: 52 bytes leftover after parsing attributes in process `syz.3.856'. [ 79.886323][ T5848] netlink: 52 bytes leftover after parsing attributes in process `syz.3.856'. [ 79.896235][ T5127] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.912367][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.930395][ T5848] netlink: 52 bytes leftover after parsing attributes in process `syz.3.856'. [ 79.960581][ T5859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.857'. [ 79.975831][ T5859] syz_tun: entered promiscuous mode [ 79.981251][ T5859] macsec1: entered promiscuous mode [ 79.993741][ T5856] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 80.003073][ T5862] geneve0: entered allmulticast mode [ 80.033481][ T5867] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 80.033481][ T5867] program syz.4.861 not setting count and/or reply_len properly [ 80.468736][ T5901] FAULT_INJECTION: forcing a failure. [ 80.468736][ T5901] name failslab, interval 1, probability 0, space 0, times 0 [ 80.481600][ T5901] CPU: 0 UID: 0 PID: 5901 Comm: syz.4.875 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 80.492473][ T5901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 80.502564][ T5901] Call Trace: [ 80.505866][ T5901] [ 80.508852][ T5901] dump_stack_lvl+0xf2/0x150 [ 80.513538][ T5901] dump_stack+0x15/0x20 [ 80.517723][ T5901] should_fail_ex+0x223/0x230 [ 80.522440][ T5901] ? vmemdup_user+0x42/0x1b0 [ 80.527154][ T5901] should_failslab+0x8f/0xb0 [ 80.531802][ T5901] __kmalloc_node_noprof+0xa8/0x380 [ 80.537048][ T5901] ? should_fail_usercopy+0x1a/0x20 [ 80.542372][ T5901] vmemdup_user+0x42/0x1b0 [ 80.546832][ T5901] __se_sys_fsetxattr+0x1af/0x360 [ 80.552010][ T5901] ? proc_fail_nth_write+0x12a/0x150 [ 80.557430][ T5901] __x64_sys_fsetxattr+0x67/0x80 [ 80.562491][ T5901] x64_sys_call+0x16a5/0x2d60 [ 80.567224][ T5901] do_syscall_64+0xc9/0x1c0 [ 80.571755][ T5901] ? clear_bhb_loop+0x55/0xb0 [ 80.576505][ T5901] ? clear_bhb_loop+0x55/0xb0 [ 80.581382][ T5901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.581579][ T5887] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 80.587342][ T5901] RIP: 0033:0x7f098d6adff9 [ 80.587371][ T5901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.619791][ T5901] RSP: 002b:00007f098c327038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 80.628346][ T5901] RAX: ffffffffffffffda RBX: 00007f098d865f80 RCX: 00007f098d6adff9 [ 80.636439][ T5901] RDX: 0000000020000040 RSI: 00000000200000c0 RDI: 0000000000000004 [ 80.644513][ T5901] RBP: 00007f098c327090 R08: 0000000000000000 R09: 0000000000000000 [ 80.652626][ T5901] R10: 000000000000001e R11: 0000000000000246 R12: 0000000000000001 [ 80.660663][ T5901] R13: 0000000000000000 R14: 00007f098d865f80 R15: 00007ffeddaf64c8 [ 80.668662][ T5901] [ 80.673184][ T5887] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 80.768085][ T5915] loop0: detected capacity change from 0 to 512 [ 80.784213][ T5915] EXT4-fs: Ignoring removed oldalloc option [ 80.806372][ T5915] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.880: Parent and EA inode have the same ino 15 [ 80.823166][ T5915] EXT4-fs (loop0): Remounting filesystem read-only [ 80.829776][ T5915] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 80.840339][ T5915] EXT4-fs (loop0): 1 orphan inode deleted [ 80.847496][ T5915] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.859785][ T5915] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 80.869657][ T5915] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.949015][ T5927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 80.959321][ T5927] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 80.979349][ T5927] FAULT_INJECTION: forcing a failure. [ 80.979349][ T5927] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 80.992908][ T5927] CPU: 0 UID: 0 PID: 5927 Comm: syz.3.886 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 81.003543][ T5927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 81.013613][ T5927] Call Trace: [ 81.016991][ T5927] [ 81.019932][ T5927] dump_stack_lvl+0xf2/0x150 [ 81.024631][ T5927] dump_stack+0x15/0x20 [ 81.028802][ T5927] should_fail_ex+0x223/0x230 [ 81.033604][ T5927] should_fail+0xb/0x10 [ 81.037861][ T5927] should_fail_usercopy+0x1a/0x20 [ 81.042913][ T5927] _copy_from_user+0x1e/0xd0 [ 81.047524][ T5927] input_event_from_user+0x126/0x1e0 [ 81.052914][ T5927] evdev_write+0x29d/0x440 [ 81.057357][ T5927] ? __pfx_evdev_write+0x10/0x10 [ 81.062542][ T5927] vfs_write+0x26c/0x910 [ 81.066824][ T5927] ? __rcu_read_unlock+0x4e/0x70 [ 81.071856][ T5927] ? __fget_files+0x1d4/0x210 [ 81.076712][ T5927] ksys_write+0xeb/0x1b0 [ 81.080983][ T5927] __x64_sys_write+0x42/0x50 [ 81.085626][ T5927] x64_sys_call+0x27dd/0x2d60 [ 81.090323][ T5927] do_syscall_64+0xc9/0x1c0 [ 81.094868][ T5927] ? clear_bhb_loop+0x55/0xb0 [ 81.099640][ T5927] ? clear_bhb_loop+0x55/0xb0 [ 81.104410][ T5927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.110354][ T5927] RIP: 0033:0x7f20fc95dff9 [ 81.114799][ T5927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.134428][ T5927] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 81.143003][ T5927] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 81.150986][ T5927] RDX: 0000000000002250 RSI: 0000000020000040 RDI: 000000000000000c [ 81.158974][ T5927] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000 [ 81.166996][ T5927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 81.174977][ T5927] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 81.183029][ T5927] [ 81.243962][ T5951] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 81.261280][ T5951] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 81.314929][ T5962] loop4: detected capacity change from 0 to 2048 [ 81.329577][ T5962] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.377634][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.400414][ T5975] loop4: detected capacity change from 0 to 256 [ 81.469297][ T5982] FAULT_INJECTION: forcing a failure. [ 81.469297][ T5982] name failslab, interval 1, probability 0, space 0, times 0 [ 81.482114][ T5982] CPU: 1 UID: 0 PID: 5982 Comm: syz.4.904 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 81.492790][ T5982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 81.502869][ T5982] Call Trace: [ 81.506214][ T5982] [ 81.509170][ T5982] dump_stack_lvl+0xf2/0x150 [ 81.513779][ T5982] dump_stack+0x15/0x20 [ 81.517944][ T5982] should_fail_ex+0x223/0x230 [ 81.522824][ T5982] ? mas_alloc_nodes+0x1d3/0x4a0 [ 81.527779][ T5982] should_failslab+0x8f/0xb0 [ 81.532384][ T5982] kmem_cache_alloc_noprof+0x4c/0x290 [ 81.537785][ T5982] mas_alloc_nodes+0x1d3/0x4a0 [ 81.542593][ T5982] mas_preallocate+0x449/0x650 [ 81.547448][ T5982] __split_vma+0x244/0x6a0 [ 81.551966][ T5982] vms_gather_munmap_vmas+0x2a9/0x7a0 [ 81.557439][ T5982] mmap_region+0x385/0x16e0 [ 81.562159][ T5982] do_mmap+0x718/0xb60 [ 81.566250][ T5982] vm_mmap_pgoff+0x133/0x290 [ 81.570940][ T5982] ksys_mmap_pgoff+0x286/0x330 [ 81.575723][ T5982] x64_sys_call+0x1884/0x2d60 [ 81.580478][ T5982] do_syscall_64+0xc9/0x1c0 [ 81.585079][ T5982] ? clear_bhb_loop+0x55/0xb0 [ 81.589932][ T5982] ? clear_bhb_loop+0x55/0xb0 [ 81.594706][ T5982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 81.600724][ T5982] RIP: 0033:0x7f098d6adff9 [ 81.605220][ T5982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 81.625090][ T5982] RSP: 002b:00007f098c327038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 81.633570][ T5982] RAX: ffffffffffffffda RBX: 00007f098d865f80 RCX: 00007f098d6adff9 [ 81.641577][ T5982] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000020ffd000 [ 81.649571][ T5982] RBP: 00007f098c327090 R08: 0000000000000003 R09: 0000000000000000 [ 81.657706][ T5982] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001 [ 81.665738][ T5982] R13: 0000000000000000 R14: 00007f098d865f80 R15: 00007ffeddaf64c8 [ 81.673725][ T5982] [ 81.683479][ T5980] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 81.749524][ T5990] loop4: detected capacity change from 0 to 4096 [ 81.774206][ T5990] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.811277][ T5997] loop2: detected capacity change from 0 to 512 [ 81.839522][ T5997] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.854243][ T5997] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 81.885262][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.915072][ T5127] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.957395][ T6012] FAULT_INJECTION: forcing a failure. [ 81.957395][ T6012] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.970543][ T6012] CPU: 1 UID: 0 PID: 6012 Comm: syz.3.915 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 81.981158][ T6012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 81.991310][ T6012] Call Trace: [ 81.994596][ T6012] [ 81.997534][ T6012] dump_stack_lvl+0xf2/0x150 [ 82.002223][ T6012] dump_stack+0x15/0x20 [ 82.006395][ T6012] should_fail_ex+0x223/0x230 [ 82.011165][ T6012] should_fail+0xb/0x10 [ 82.015341][ T6012] should_fail_usercopy+0x1a/0x20 [ 82.020453][ T6012] _copy_to_iter+0x246/0xd20 [ 82.025146][ T6012] ? __skb_try_recv_from_queue+0x3b5/0x420 [ 82.031004][ T6012] ? __virt_addr_valid+0x1ed/0x250 [ 82.036246][ T6012] ? __check_object_size+0x364/0x520 [ 82.041614][ T6012] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 82.047286][ T6012] __skb_datagram_iter+0xc8/0x610 [ 82.052509][ T6012] skb_copy_datagram_iter+0x41/0x130 [ 82.057896][ T6012] netlink_recvmsg+0x1a4/0x780 [ 82.062784][ T6012] ? __pfx_netlink_recvmsg+0x10/0x10 [ 82.068090][ T6012] sock_recvmsg+0x13f/0x170 [ 82.072607][ T6012] ____sys_recvmsg+0xf9/0x280 [ 82.077395][ T6012] do_recvmmsg+0x2dc/0x740 [ 82.081833][ T6012] __x64_sys_recvmmsg+0xf9/0x170 [ 82.086783][ T6012] x64_sys_call+0x26e3/0x2d60 [ 82.091628][ T6012] do_syscall_64+0xc9/0x1c0 [ 82.096190][ T6012] ? clear_bhb_loop+0x55/0xb0 [ 82.100896][ T6012] ? clear_bhb_loop+0x55/0xb0 [ 82.105650][ T6012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.111570][ T6012] RIP: 0033:0x7f20fc95dff9 [ 82.115997][ T6012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.135772][ T6012] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 82.144303][ T6012] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 82.152285][ T6012] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003 [ 82.160339][ T6012] RBP: 00007f20fb5d7090 R08: 0000000020003700 R09: 0000000000000000 [ 82.168424][ T6012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.176493][ T6012] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 82.184508][ T6012] [ 82.196565][ T6010] FAULT_INJECTION: forcing a failure. [ 82.196565][ T6010] name failslab, interval 1, probability 0, space 0, times 0 [ 82.209352][ T6010] CPU: 0 UID: 0 PID: 6010 Comm: syz.2.913 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 82.219969][ T6010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 82.230051][ T6010] Call Trace: [ 82.233379][ T6010] [ 82.236360][ T6010] dump_stack_lvl+0xf2/0x150 [ 82.240999][ T6010] dump_stack+0x15/0x20 [ 82.245214][ T6010] should_fail_ex+0x223/0x230 [ 82.250376][ T6010] ? io_ring_ctx_alloc+0x38/0xd90 [ 82.251012][ T6014] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 82.251012][ T6014] program syz.0.916 not setting count and/or reply_len properly [ 82.255418][ T6010] should_failslab+0x8f/0xb0 [ 82.255452][ T6010] __kmalloc_cache_noprof+0x4b/0x2a0 [ 82.282003][ T6010] io_ring_ctx_alloc+0x38/0xd90 [ 82.286893][ T6010] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 82.292575][ T6010] io_uring_create+0x1cf/0x940 [ 82.297400][ T6010] __se_sys_io_uring_setup+0x1d2/0x1e0 [ 82.302940][ T6010] __x64_sys_io_uring_setup+0x31/0x40 [ 82.308339][ T6010] x64_sys_call+0x1f7e/0x2d60 [ 82.313117][ T6010] do_syscall_64+0xc9/0x1c0 [ 82.317653][ T6010] ? clear_bhb_loop+0x55/0xb0 [ 82.322377][ T6010] ? clear_bhb_loop+0x55/0xb0 [ 82.327149][ T6010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.333084][ T6010] RIP: 0033:0x7fd6eb48dff9 [ 82.337513][ T6010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.353219][ T6006] loop4: detected capacity change from 0 to 512 [ 82.357160][ T6010] RSP: 002b:00007fd6ea100fc8 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 82.357188][ T6010] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48dff9 [ 82.357205][ T6010] RDX: 00000000200007c0 RSI: 0000000020000580 RDI: 00000000000070f0 [ 82.357221][ T6010] RBP: 0000000020000580 R08: 0000000000000000 R09: 00000000200007c0 [ 82.357237][ T6010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.368321][ T6006] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 82.371904][ T6010] R13: 0000000020000780 R14: 00000000000070f0 R15: 00000000200007c0 [ 82.371932][ T6010] [ 82.456275][ T6021] loop0: detected capacity change from 0 to 512 [ 82.465940][ T6021] FAULT_INJECTION: forcing a failure. [ 82.465940][ T6021] name failslab, interval 1, probability 0, space 0, times 0 [ 82.478627][ T6021] CPU: 1 UID: 0 PID: 6021 Comm: syz.0.918 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 82.489274][ T6021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 82.499433][ T6021] Call Trace: [ 82.502846][ T6021] [ 82.505808][ T6021] dump_stack_lvl+0xf2/0x150 [ 82.510469][ T6021] dump_stack+0x15/0x20 [ 82.514657][ T6021] should_fail_ex+0x223/0x230 [ 82.519459][ T6021] ? getname_flags+0x81/0x3b0 [ 82.524178][ T6021] should_failslab+0x8f/0xb0 [ 82.528788][ T6021] kmem_cache_alloc_noprof+0x4c/0x290 [ 82.534296][ T6021] getname_flags+0x81/0x3b0 [ 82.538929][ T6021] user_path_at+0x26/0x110 [ 82.543428][ T6021] __se_sys_move_mount+0x13c/0x730 [ 82.548671][ T6021] __x64_sys_move_mount+0x67/0x80 [ 82.553771][ T6021] x64_sys_call+0x1b80/0x2d60 [ 82.558538][ T6021] do_syscall_64+0xc9/0x1c0 [ 82.563081][ T6021] ? clear_bhb_loop+0x55/0xb0 [ 82.567790][ T6021] ? clear_bhb_loop+0x55/0xb0 [ 82.572498][ T6021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.578462][ T6021] RIP: 0033:0x7faf68e0dff9 [ 82.582901][ T6021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.602543][ T6021] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad [ 82.610992][ T6021] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9 [ 82.619016][ T6021] RDX: ffffffffffffff9c RSI: 0000000020000140 RDI: 0000000000000005 [ 82.627007][ T6021] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000 [ 82.635003][ T6021] R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000001 [ 82.643082][ T6021] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8 [ 82.651119][ T6021] [ 82.743036][ T6038] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 82.764354][ T6038] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 82.786494][ T6044] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 82.786494][ T6044] program syz.0.928 not setting count and/or reply_len properly [ 82.852040][ T6046] loop4: detected capacity change from 0 to 8192 [ 82.898392][ T6063] FAULT_INJECTION: forcing a failure. [ 82.898392][ T6063] name failslab, interval 1, probability 0, space 0, times 0 [ 82.911203][ T6063] CPU: 1 UID: 0 PID: 6063 Comm: syz.0.934 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 82.921817][ T6063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 82.931900][ T6063] Call Trace: [ 82.935242][ T6063] [ 82.938176][ T6063] dump_stack_lvl+0xf2/0x150 [ 82.942782][ T6063] dump_stack+0x15/0x20 [ 82.947015][ T6063] should_fail_ex+0x223/0x230 [ 82.951729][ T6063] ? page_pool_create_percpu+0x4d/0x650 [ 82.957383][ T6063] should_failslab+0x8f/0xb0 [ 82.961997][ T6063] __kmalloc_cache_node_noprof+0x50/0x2b0 [ 82.967744][ T6063] page_pool_create_percpu+0x4d/0x650 [ 82.973156][ T6063] page_pool_create+0x1a/0x20 [ 82.977933][ T6063] bpf_test_run_xdp_live+0x138/0x1010 [ 82.983372][ T6063] ? bpf_dispatcher_xdp_func+0x20/0x30 [ 82.988857][ T6063] ? cpus_read_unlock+0x7b/0xc0 [ 82.993794][ T6063] ? __static_call_update+0x362/0x3a0 [ 82.999184][ T6063] ? 0xffffffffa00038c0 [ 83.003348][ T6063] ? synchronize_rcu+0x46/0x320 [ 83.008393][ T6063] ? 0xffffffffa00038c0 [ 83.012714][ T6063] ? bpf_dispatcher_change_prog+0x73c/0x830 [ 83.018639][ T6063] ? 0xffffffffa00038c0 [ 83.022860][ T6063] ? 0xffffffffa00006c8 [ 83.027100][ T6063] ? __pfx_xdp_test_run_init_page+0x10/0x10 [ 83.033039][ T6063] bpf_prog_test_run_xdp+0x51d/0x8b0 [ 83.038371][ T6063] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 83.044315][ T6063] bpf_prog_test_run+0x20f/0x3a0 [ 83.049282][ T6063] __sys_bpf+0x400/0x7a0 [ 83.053531][ T6063] __x64_sys_bpf+0x43/0x50 [ 83.058077][ T6063] x64_sys_call+0x2625/0x2d60 [ 83.062780][ T6063] do_syscall_64+0xc9/0x1c0 [ 83.067318][ T6063] ? clear_bhb_loop+0x55/0xb0 [ 83.072059][ T6063] ? clear_bhb_loop+0x55/0xb0 [ 83.076756][ T6063] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.082672][ T6063] RIP: 0033:0x7faf68e0dff9 [ 83.087169][ T6063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.106989][ T6063] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 83.115418][ T6063] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9 [ 83.123390][ T6063] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a [ 83.131362][ T6063] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000 [ 83.139352][ T6063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.147442][ T6063] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8 [ 83.155428][ T6063] [ 83.209783][ T6067] loop4: detected capacity change from 0 to 1024 [ 83.245136][ T6072] FAULT_INJECTION: forcing a failure. [ 83.245136][ T6072] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.258408][ T6072] CPU: 1 UID: 0 PID: 6072 Comm: syz.4.937 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 83.269031][ T6072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 83.279102][ T6072] Call Trace: [ 83.282613][ T6072] [ 83.285553][ T6072] dump_stack_lvl+0xf2/0x150 [ 83.290378][ T6072] dump_stack+0x15/0x20 [ 83.294546][ T6072] should_fail_ex+0x223/0x230 [ 83.299379][ T6072] should_fail+0xb/0x10 [ 83.303557][ T6072] should_fail_usercopy+0x1a/0x20 [ 83.308634][ T6072] _copy_from_user+0x1e/0xd0 [ 83.313274][ T6072] __se_sys_mount+0x119/0x2d0 [ 83.318008][ T6072] __x64_sys_mount+0x67/0x80 [ 83.322631][ T6072] x64_sys_call+0x203e/0x2d60 [ 83.327347][ T6072] do_syscall_64+0xc9/0x1c0 [ 83.331918][ T6072] ? clear_bhb_loop+0x55/0xb0 [ 83.336653][ T6072] ? clear_bhb_loop+0x55/0xb0 [ 83.341356][ T6072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.347397][ T6072] RIP: 0033:0x7f098d6adff9 [ 83.351832][ T6072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.373201][ T6072] RSP: 002b:00007f098c327038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 83.381698][ T6072] RAX: ffffffffffffffda RBX: 00007f098d865f80 RCX: 00007f098d6adff9 [ 83.389773][ T6072] RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000 [ 83.397753][ T6072] RBP: 00007f098c327090 R08: 00000000200002c0 R09: 0000000000000000 [ 83.405754][ T6072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.413735][ T6072] R13: 0000000000000000 R14: 00007f098d865f80 R15: 00007ffeddaf64c8 [ 83.421742][ T6072] [ 83.462698][ T6075] FAULT_INJECTION: forcing a failure. [ 83.462698][ T6075] name failslab, interval 1, probability 0, space 0, times 0 [ 83.475628][ T6075] CPU: 1 UID: 0 PID: 6075 Comm: +}[@ Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 83.485959][ T6075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 83.485977][ T6075] Call Trace: [ 83.485985][ T6075] [ 83.485995][ T6075] dump_stack_lvl+0xf2/0x150 [ 83.486028][ T6075] dump_stack+0x15/0x20 [ 83.486050][ T6075] should_fail_ex+0x223/0x230 [ 83.486126][ T6075] ? key_alloc+0x2a6/0xa40 [ 83.486162][ T6075] should_failslab+0x8f/0xb0 [ 83.525049][ T6075] kmem_cache_alloc_noprof+0x4c/0x290 [ 83.530453][ T6075] key_alloc+0x2a6/0xa40 [ 83.534755][ T6075] ? sprintf+0x89/0xb0 [ 83.538849][ T6075] ? request_key_auth_new+0x351/0x510 [ 83.544451][ T6075] request_key_auth_new+0x3a6/0x510 [ 83.549686][ T6075] ? refcount_dec_and_lock+0xdb/0x180 [ 83.555275][ T6075] request_key_and_link+0x835/0xcf0 [ 83.560497][ T6075] ? __pfx_key_default_cmp+0x10/0x10 [ 83.565842][ T6075] ? __pfx_keyring_search_iterator+0x10/0x10 [ 83.571876][ T6075] __se_sys_request_key+0x1d7/0x290 [ 83.577160][ T6075] ? fput+0x14e/0x190 [ 83.581217][ T6075] __x64_sys_request_key+0x55/0x70 [ 83.586472][ T6075] x64_sys_call+0x2643/0x2d60 [ 83.591364][ T6075] do_syscall_64+0xc9/0x1c0 [ 83.595907][ T6075] ? clear_bhb_loop+0x55/0xb0 [ 83.600613][ T6075] ? clear_bhb_loop+0x55/0xb0 [ 83.605312][ T6075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.611227][ T6075] RIP: 0033:0x7f20fc95dff9 [ 83.615754][ T6075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.635501][ T6075] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9 [ 83.643954][ T6075] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 83.651935][ T6075] RDX: 0000000020000140 RSI: 0000000020000000 RDI: 0000000020000040 [ 83.659950][ T6075] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000 [ 83.667935][ T6075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 83.676072][ T6075] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 83.684076][ T6075] [ 83.734124][ T6087] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 83.734124][ T6087] program syz.3.944 not setting count and/or reply_len properly [ 83.808522][ T6097] loop2: detected capacity change from 0 to 256 [ 83.886030][ T6101] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 83.894171][ T6097] FAT-fs (loop2): codepage cp874 not found [ 83.943373][ T6108] __nla_validate_parse: 12 callbacks suppressed [ 83.943392][ T6108] netlink: 8 bytes leftover after parsing attributes in process `syz.0.951'. [ 83.959078][ T6108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.951'. [ 83.975047][ T6108] FAULT_INJECTION: forcing a failure. [ 83.975047][ T6108] name failslab, interval 1, probability 0, space 0, times 0 [ 83.987776][ T6108] CPU: 1 UID: 0 PID: 6108 Comm: syz.0.951 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 83.998394][ T6108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 84.008469][ T6108] Call Trace: [ 84.011768][ T6108] [ 84.014768][ T6108] dump_stack_lvl+0xf2/0x150 [ 84.019461][ T6108] dump_stack+0x15/0x20 [ 84.023658][ T6108] should_fail_ex+0x223/0x230 [ 84.028400][ T6108] ? __request_module+0x1ba/0x3e0 [ 84.033642][ T6108] should_failslab+0x8f/0xb0 [ 84.038295][ T6108] __kmalloc_cache_noprof+0x4b/0x2a0 [ 84.043604][ T6108] ? rtnl_newlink+0x7d5/0x1690 [ 84.048411][ T6108] __request_module+0x1ba/0x3e0 [ 84.053341][ T6108] ? __nla_parse+0x40/0x60 [ 84.057765][ T6108] rtnl_newlink+0x7d5/0x1690 [ 84.062383][ T6108] ? rtnl_newlink+0x821/0x1690 [ 84.067266][ T6108] ? selinux_capable+0x1f2/0x260 [ 84.072244][ T6108] ? __list_del_entry_valid_or_report+0x5f/0xf0 [ 84.078557][ T6108] ? _raw_spin_unlock+0x26/0x50 [ 84.083524][ T6108] ? __mutex_lock+0x221/0x8e0 [ 84.088228][ T6108] ? __pfx_rtnl_newlink+0x10/0x10 [ 84.093349][ T6108] rtnetlink_rcv_msg+0x6aa/0x710 [ 84.098412][ T6108] ? ref_tracker_free+0x3a5/0x410 [ 84.103453][ T6108] ? __dev_queue_xmit+0x161/0x2040 [ 84.108727][ T6108] ? ref_tracker_alloc+0x1f5/0x2f0 [ 84.113884][ T6108] netlink_rcv_skb+0x12c/0x230 [ 84.118668][ T6108] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 84.124289][ T6108] rtnetlink_rcv+0x1c/0x30 [ 84.128735][ T6108] netlink_unicast+0x599/0x670 [ 84.133575][ T6108] netlink_sendmsg+0x5cc/0x6e0 [ 84.138404][ T6108] ? __pfx_netlink_sendmsg+0x10/0x10 [ 84.143770][ T6108] __sock_sendmsg+0x140/0x180 [ 84.148467][ T6108] ____sys_sendmsg+0x312/0x410 [ 84.153289][ T6108] __sys_sendmsg+0x1d9/0x270 [ 84.157943][ T6108] __x64_sys_sendmsg+0x46/0x50 [ 84.162935][ T6108] x64_sys_call+0x2689/0x2d60 [ 84.167672][ T6108] do_syscall_64+0xc9/0x1c0 [ 84.172207][ T6108] ? clear_bhb_loop+0x55/0xb0 [ 84.176911][ T6108] ? clear_bhb_loop+0x55/0xb0 [ 84.181711][ T6108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.187629][ T6108] RIP: 0033:0x7faf68e0dff9 [ 84.192057][ T6108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.211864][ T6108] RSP: 002b:00007faf67a87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 84.220323][ T6108] RAX: ffffffffffffffda RBX: 00007faf68fc5f80 RCX: 00007faf68e0dff9 [ 84.228346][ T6108] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000006 [ 84.236384][ T6108] RBP: 00007faf67a87090 R08: 0000000000000000 R09: 0000000000000000 [ 84.244366][ T6108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.252393][ T6108] R13: 0000000000000000 R14: 00007faf68fc5f80 R15: 00007ffcf7ce12b8 [ 84.260393][ T6108] [ 84.290969][ T6115] loop0: detected capacity change from 0 to 1024 [ 84.309194][ T6118] FAULT_INJECTION: forcing a failure. [ 84.309194][ T6118] name failslab, interval 1, probability 0, space 0, times 0 [ 84.315075][ T6115] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.321921][ T6118] CPU: 1 UID: 0 PID: 6118 Comm: syz.2.956 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 84.345009][ T6118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 84.355104][ T6118] Call Trace: [ 84.358399][ T6118] [ 84.361330][ T6118] dump_stack_lvl+0xf2/0x150 [ 84.365930][ T6118] dump_stack+0x15/0x20 [ 84.370211][ T6118] should_fail_ex+0x223/0x230 [ 84.375045][ T6118] ? skb_clone+0x154/0x1f0 [ 84.379515][ T6118] should_failslab+0x8f/0xb0 [ 84.384195][ T6118] kmem_cache_alloc_noprof+0x4c/0x290 [ 84.389644][ T6118] skb_clone+0x154/0x1f0 [ 84.393977][ T6118] __netlink_deliver_tap+0x2bd/0x4c0 [ 84.399313][ T6118] netlink_unicast+0x64a/0x670 [ 84.404151][ T6118] netlink_sendmsg+0x5cc/0x6e0 [ 84.408943][ T6118] ? __pfx_netlink_sendmsg+0x10/0x10 [ 84.414270][ T6118] __sock_sendmsg+0x140/0x180 [ 84.418967][ T6118] ____sys_sendmsg+0x312/0x410 [ 84.423785][ T6118] __sys_sendmsg+0x1d9/0x270 [ 84.428434][ T6118] __x64_sys_sendmsg+0x46/0x50 [ 84.433223][ T6118] x64_sys_call+0x2689/0x2d60 [ 84.437922][ T6118] do_syscall_64+0xc9/0x1c0 [ 84.442447][ T6118] ? clear_bhb_loop+0x55/0xb0 [ 84.447148][ T6118] ? clear_bhb_loop+0x55/0xb0 [ 84.451976][ T6118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.458001][ T6118] RIP: 0033:0x7fd6eb48dff9 [ 84.462505][ T6118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.482150][ T6118] RSP: 002b:00007fd6ea101038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 84.490748][ T6118] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48dff9 [ 84.499028][ T6118] RDX: 0000000000000000 RSI: 0000000020000380 RDI: 0000000000000005 [ 84.507032][ T6118] RBP: 00007fd6ea101090 R08: 0000000000000000 R09: 0000000000000000 [ 84.515037][ T6118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.523017][ T6118] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018 [ 84.531042][ T6118] [ 84.536497][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.587556][ T6125] loop0: detected capacity change from 0 to 512 [ 84.606492][ T6125] EXT4-fs: Ignoring removed oldalloc option [ 84.628050][ T6125] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.957: Parent and EA inode have the same ino 15 [ 84.648302][ T6125] EXT4-fs (loop0): Remounting filesystem read-only [ 84.654932][ T6125] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 84.666469][ T6125] EXT4-fs (loop0): 1 orphan inode deleted [ 84.668082][ T6127] netlink: 12 bytes leftover after parsing attributes in process `syz.3.959'. [ 84.672796][ T6125] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 84.693840][ T6125] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 84.702500][ T6125] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.751174][ T6134] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 84.798333][ T6141] loop0: detected capacity change from 0 to 4096 [ 84.812557][ T6141] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 84.855192][ T6148] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 84.855192][ T6148] program syz.1.968 not setting count and/or reply_len properly [ 84.857185][ T6141] +}[@[6141] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.872619][ T6141] +}[@[6141] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.886296][ T6141] +}[@[6141] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 84.906305][ T6151] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.952120][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 84.976797][ T6161] netlink: 40 bytes leftover after parsing attributes in process `syz.0.970'. [ 84.991211][ T6161] netlink: 8 bytes leftover after parsing attributes in process `syz.0.970'. [ 84.991784][ T6151] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.022288][ T6161] loop0: detected capacity change from 0 to 4096 [ 85.030123][ T6161] EXT4-fs: Ignoring removed nomblk_io_submit option [ 85.049872][ T6161] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 85.067429][ T6161] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.970: corrupted inode contents [ 85.082278][ T6151] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.093974][ T6161] EXT4-fs error (device loop0): ext4_dirty_inode:5984: inode #15: comm syz.0.970: mark_inode_dirty error [ 85.106222][ T6161] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.970: corrupted inode contents [ 85.118416][ T6161] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #15: comm syz.0.970: mark_inode_dirty error [ 85.131638][ T6161] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.970: corrupted inode contents [ 85.145698][ T6161] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #15: comm syz.0.970: mark_inode_dirty error [ 85.146958][ T6151] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.164164][ T6161] EXT4-fs error (device loop0): ext4_do_update_inode:5121: inode #15: comm syz.0.970: corrupted inode contents [ 85.179548][ T6161] EXT4-fs error (device loop0): ext4_truncate:4208: inode #15: comm syz.0.970: mark_inode_dirty error [ 85.190781][ T6161] EXT4-fs error (device loop0) in ext4_setattr:5523: Corrupt filesystem [ 85.213008][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 85.229038][ T6151] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.240600][ T6151] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.252877][ T6151] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.266271][ T6151] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.274638][ T29] kauditd_printk_skb: 378 callbacks suppressed [ 85.274655][ T29] audit: type=1326 audit(1728913402.884:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000 [ 85.304601][ T29] audit: type=1326 audit(1728913402.884:3072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000 [ 85.328155][ T29] audit: type=1326 audit(1728913402.884:3073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000 [ 85.351693][ T29] audit: type=1326 audit(1728913402.884:3074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000 [ 85.375034][ T29] audit: type=1326 audit(1728913402.884:3075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000 [ 85.398473][ T29] audit: type=1326 audit(1728913402.884:3076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000 [ 85.421867][ T29] audit: type=1326 audit(1728913402.893:3077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000 [ 85.445343][ T29] audit: type=1326 audit(1728913402.893:3078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000 [ 85.468765][ T29] audit: type=1326 audit(1728913402.893:3079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000 [ 85.492097][ T29] audit: type=1326 audit(1728913402.893:3080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6169 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf68e0dff9 code=0x7ffc0000 [ 85.534058][ T6173] FAULT_INJECTION: forcing a failure. [ 85.534058][ T6173] name failslab, interval 1, probability 0, space 0, times 0 [ 85.546870][ T6173] CPU: 0 UID: 0 PID: 6173 Comm: syz.2.974 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 85.557500][ T6173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 85.567583][ T6173] Call Trace: [ 85.570875][ T6173] [ 85.573813][ T6173] dump_stack_lvl+0xf2/0x150 [ 85.578424][ T6173] dump_stack+0x15/0x20 [ 85.582619][ T6173] should_fail_ex+0x223/0x230 [ 85.587325][ T6173] ? audit_log_start+0x34c/0x6b0 [ 85.592339][ T6173] should_failslab+0x8f/0xb0 [ 85.596943][ T6173] kmem_cache_alloc_noprof+0x4c/0x290 [ 85.602346][ T6173] audit_log_start+0x34c/0x6b0 [ 85.607136][ T6173] audit_seccomp+0x4b/0x130 [ 85.611649][ T6173] __seccomp_filter+0x6fa/0x1180 [ 85.616677][ T6173] ? proc_fail_nth_write+0x12a/0x150 [ 85.622013][ T6173] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 85.627738][ T6173] ? vfs_write+0x580/0x910 [ 85.632176][ T6173] ? __fget_files+0x1d4/0x210 [ 85.636880][ T6173] __secure_computing+0x9f/0x1c0 [ 85.641913][ T6173] syscall_trace_enter+0xd1/0x1f0 [ 85.646959][ T6173] ? fpregs_assert_state_consistent+0x83/0xa0 [ 85.653133][ T6173] do_syscall_64+0xaa/0x1c0 [ 85.657663][ T6173] ? clear_bhb_loop+0x55/0xb0 [ 85.662495][ T6173] ? clear_bhb_loop+0x55/0xb0 [ 85.667199][ T6173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.673181][ T6173] RIP: 0033:0x7fd6eb48dff9 [ 85.677601][ T6173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.697326][ T6173] RSP: 002b:00007fd6ea101038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e1 [ 85.705751][ T6173] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48dff9 [ 85.713731][ T6173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 85.721716][ T6173] RBP: 00007fd6ea101090 R08: 0000000000000000 R09: 0000000000000000 [ 85.729863][ T6173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 85.737846][ T6173] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018 [ 85.745841][ T6173] [ 85.755612][ T6175] netlink: 12 bytes leftover after parsing attributes in process `syz.0.975'. [ 85.825229][ T6179] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 85.835688][ T6188] 9pnet_fd: Insufficient options for proto=fd [ 85.868929][ T6190] netlink: 8 bytes leftover after parsing attributes in process `syz.4.979'. [ 85.948332][ T6206] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 85.957822][ T6206] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 86.038830][ T6204] netlink: 12 bytes leftover after parsing attributes in process `syz.1.988'. [ 86.554902][ T6221] FAULT_INJECTION: forcing a failure. [ 86.554902][ T6221] name failslab, interval 1, probability 0, space 0, times 0 [ 86.567635][ T6221] CPU: 1 UID: 0 PID: 6221 Comm: syz.2.992 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 86.578402][ T6221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 86.588482][ T6221] Call Trace: [ 86.591779][ T6221] [ 86.594735][ T6221] dump_stack_lvl+0xf2/0x150 [ 86.599393][ T6221] dump_stack+0x15/0x20 [ 86.603645][ T6221] should_fail_ex+0x223/0x230 [ 86.608512][ T6221] ? skb_clone+0x154/0x1f0 [ 86.612990][ T6221] should_failslab+0x8f/0xb0 [ 86.617652][ T6221] kmem_cache_alloc_noprof+0x4c/0x290 [ 86.623053][ T6221] skb_clone+0x154/0x1f0 [ 86.627354][ T6221] __netlink_deliver_tap+0x2bd/0x4c0 [ 86.632692][ T6221] netlink_unicast+0x64a/0x670 [ 86.637545][ T6221] netlink_sendmsg+0x5cc/0x6e0 [ 86.642360][ T6221] ? __pfx_netlink_sendmsg+0x10/0x10 [ 86.647847][ T6221] __sock_sendmsg+0x140/0x180 [ 86.652555][ T6221] ____sys_sendmsg+0x312/0x410 [ 86.657422][ T6221] __sys_sendmsg+0x1d9/0x270 [ 86.662067][ T6221] __x64_sys_sendmsg+0x46/0x50 [ 86.667048][ T6221] x64_sys_call+0x2689/0x2d60 [ 86.671833][ T6221] do_syscall_64+0xc9/0x1c0 [ 86.676355][ T6221] ? clear_bhb_loop+0x55/0xb0 [ 86.681250][ T6221] ? clear_bhb_loop+0x55/0xb0 [ 86.685985][ T6221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.691974][ T6221] RIP: 0033:0x7fd6eb48dff9 [ 86.696555][ T6221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.716339][ T6221] RSP: 002b:00007fd6ea101038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 86.724799][ T6221] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48dff9 [ 86.732838][ T6221] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000005 [ 86.740909][ T6221] RBP: 00007fd6ea101090 R08: 0000000000000000 R09: 0000000000000000 [ 86.748934][ T6221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.757011][ T6221] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018 [ 86.765003][ T6221] [ 86.777626][ T6221] tipc: Started in network mode [ 86.782569][ T6221] tipc: Node identity ac1414aa, cluster identity 4711 [ 86.809863][ T6221] tipc: New replicast peer: 100.1.1.1 [ 86.815443][ T6221] tipc: Enabled bearer , priority 10 [ 86.881559][ T6224] netlink: 8 bytes leftover after parsing attributes in process `syz.4.993'. [ 87.039241][ T6227] bridge0: port 3(vlan0) entered blocking state [ 87.045724][ T6227] bridge0: port 3(vlan0) entered disabled state [ 87.056432][ T6227] vlan0: entered allmulticast mode [ 87.066299][ T6227] vlan0: left allmulticast mode [ 87.078838][ T6233] loop0: detected capacity change from 0 to 512 [ 87.108179][ T6238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.998'. [ 87.134517][ T6233] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 87.148148][ T6233] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 87.213443][ T3271] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 87.313187][ T6258] loop2: detected capacity change from 0 to 128 [ 87.461673][ T6269] smc: net device bond0 applied user defined pnetid SYZ0 [ 87.475986][ T6269] smc: net device bond0 erased user defined pnetid SYZ0 [ 87.484922][ T6269] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 87.493354][ T6269] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 87.733536][ T6279] loop2: detected capacity change from 0 to 1024 [ 87.749597][ T6279] EXT4-fs: Ignoring removed i_version option [ 87.786579][ T6279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 87.904322][ T1017] tipc: Node number set to 2886997162 [ 88.293442][ T5127] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.366634][ T6306] geneve2: entered promiscuous mode [ 88.372201][ T6306] geneve2: entered allmulticast mode [ 88.637839][ T6340] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 88.664033][ T6345] loop0: detected capacity change from 0 to 512 [ 88.664159][ T6347] loop4: detected capacity change from 0 to 512 [ 88.670890][ T6345] EXT4-fs: Ignoring removed oldalloc option [ 88.684233][ T6345] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1032: Parent and EA inode have the same ino 15 [ 88.697087][ T6345] EXT4-fs (loop0): Remounting filesystem read-only [ 88.703711][ T6345] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 88.708155][ T6347] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 88.714670][ T6345] EXT4-fs (loop0): 1 orphan inode deleted [ 88.733348][ T6345] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.734773][ T6347] ext4 filesystem being mounted at /196/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 88.756027][ T6345] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 88.763776][ T6345] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.826642][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 88.853527][ T6355] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 88.865907][ T6355] loop4: detected capacity change from 0 to 1024 [ 88.978927][ T6355] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 88.993382][ T6357] SELinux: Context system_u:object_r:auditd_initrc_exec_t:s0 is not valid (left unmapped). [ 89.033912][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.232091][ T6370] loop4: detected capacity change from 0 to 512 [ 89.240273][ T6370] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=f040e01c, mo2=0002] [ 89.248384][ T6370] System zones: 1-12 [ 89.253648][ T6370] EXT4-fs error (device loop4): __ext4_iget:4952: inode #11: block 1: comm syz.4.1042: invalid block [ 89.264838][ T6370] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1042: couldn't read orphan inode 11 (err -117) [ 89.278160][ T6370] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.293262][ C0] hrtimer: interrupt took 27439 ns [ 89.343121][ T3272] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.375596][ T6378] loop2: detected capacity change from 0 to 512 [ 89.382604][ T6378] EXT4-fs: Ignoring removed oldalloc option [ 89.390964][ T6375] sch_tbf: peakrate 6 is lower than or equals to rate 705765376 ! [ 89.404545][ T6378] EXT4-fs error (device loop2): ext4_xattr_inode_iget:436: comm syz.2.1046: Parent and EA inode have the same ino 15 [ 89.432855][ T6378] EXT4-fs (loop2): Remounting filesystem read-only [ 89.439450][ T6378] EXT4-fs warning (device loop2): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 89.449904][ T6384] A link change request failed with some changes committed already. Interface veth1_to_batadv may have been left with an inconsistent configuration, please check. [ 89.449903][ T6378] EXT4-fs (loop2): 1 orphan inode deleted [ 89.473057][ T6378] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 89.485307][ T6378] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 89.496558][ T6378] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.512349][ T6386] __nla_validate_parse: 11 callbacks suppressed [ 89.512368][ T6386] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1048'. [ 89.563148][ T6391] FAULT_INJECTION: forcing a failure. [ 89.563148][ T6391] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 89.576560][ T6391] CPU: 1 UID: 0 PID: 6391 Comm: syz.2.1049 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 89.587379][ T6391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 89.597528][ T6391] Call Trace: [ 89.600825][ T6391] [ 89.603771][ T6391] dump_stack_lvl+0xf2/0x150 [ 89.608397][ T6391] dump_stack+0x15/0x20 [ 89.612612][ T6391] should_fail_ex+0x223/0x230 [ 89.617363][ T6391] should_fail_alloc_page+0xfd/0x110 [ 89.622733][ T6391] __alloc_pages_noprof+0x109/0x340 [ 89.627953][ T6391] probe_event_enable+0x4fa/0x790 [ 89.633070][ T6391] ? __pfx_uprobe_perf_filter+0x10/0x10 [ 89.638649][ T6391] trace_uprobe_register+0x8e/0x3c0 [ 89.643911][ T6391] perf_trace_event_init+0x360/0x7c0 [ 89.644848][ T6393] loop4: detected capacity change from 0 to 128 [ 89.649398][ T6391] perf_uprobe_init+0xf9/0x140 [ 89.660559][ T6391] perf_uprobe_event_init+0xe2/0x140 [ 89.665917][ T6391] perf_try_init_event+0xcb/0x4f0 [ 89.670987][ T6391] ? perf_event_alloc+0xabf/0x1750 [ 89.676158][ T6391] perf_event_alloc+0xaca/0x1750 [ 89.681216][ T6391] __se_sys_perf_event_open+0x5e8/0x21f0 [ 89.686938][ T6391] ? proc_fail_nth_write+0x12a/0x150 [ 89.692391][ T6391] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 89.698245][ T6391] ? __fget_files+0x1d4/0x210 [ 89.702978][ T6391] __x64_sys_perf_event_open+0x67/0x80 [ 89.708477][ T6391] x64_sys_call+0x18d7/0x2d60 [ 89.713175][ T6391] do_syscall_64+0xc9/0x1c0 [ 89.717698][ T6391] ? clear_bhb_loop+0x55/0xb0 [ 89.722492][ T6391] ? clear_bhb_loop+0x55/0xb0 [ 89.727255][ T6391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.733174][ T6391] RIP: 0033:0x7fd6eb48dff9 [ 89.737642][ T6391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.757285][ T6391] RSP: 002b:00007fd6ea101038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 89.765867][ T6391] RAX: ffffffffffffffda RBX: 00007fd6eb645f80 RCX: 00007fd6eb48dff9 [ 89.773848][ T6391] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000140 [ 89.781883][ T6391] RBP: 00007fd6ea101090 R08: 0000000000000009 R09: 0000000000000000 [ 89.789871][ T6391] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000002 [ 89.797848][ T6391] R13: 0000000000000000 R14: 00007fd6eb645f80 R15: 00007fff98092018 [ 89.805903][ T6391] [ 89.878406][ T6401] FAULT_INJECTION: forcing a failure. [ 89.878406][ T6401] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 89.891552][ T6401] CPU: 0 UID: 0 PID: 6401 Comm: syz.3.1055 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 89.902369][ T6401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 89.912438][ T6401] Call Trace: [ 89.915813][ T6401] [ 89.918829][ T6401] dump_stack_lvl+0xf2/0x150 [ 89.923560][ T6401] dump_stack+0x15/0x20 [ 89.927747][ T6401] should_fail_ex+0x223/0x230 [ 89.932488][ T6401] should_fail+0xb/0x10 [ 89.936735][ T6401] should_fail_usercopy+0x1a/0x20 [ 89.941784][ T6401] _copy_from_iter+0xd3/0xd20 [ 89.947146][ T6401] ? kmalloc_reserve+0x16e/0x190 [ 89.952107][ T6401] ? __virt_addr_valid+0x1ed/0x250 [ 89.957317][ T6401] ? __check_object_size+0x364/0x520 [ 89.962653][ T6401] skb_copy_datagram_from_iter+0xb3/0x460 [ 89.968435][ T6401] ? skb_put+0xba/0x100 [ 89.969393][ T6404] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 89.969393][ T6404] program syz.0.1056 not setting count and/or reply_len properly [ 89.972615][ T6401] tcp_send_rcvq+0x193/0x2c0 [ 89.994056][ T6401] tcp_sendmsg_locked+0x2626/0x2700 [ 89.999271][ T6401] ? number+0x729/0xa90 [ 90.003494][ T6401] ? __rcu_read_unlock+0x4e/0x70 [ 90.008467][ T6401] ? avc_has_perm_noaudit+0x1cc/0x210 [ 90.013871][ T6401] ? avc_has_perm+0xd4/0x160 [ 90.018517][ T6401] ? _raw_spin_unlock_bh+0x36/0x40 [ 90.023742][ T6401] ? __pfx_tcp_sendmsg+0x10/0x10 [ 90.028789][ T6401] tcp_sendmsg+0x30/0x50 [ 90.033057][ T6401] inet_sendmsg+0x77/0xd0 [ 90.037512][ T6401] __sock_sendmsg+0x102/0x180 [ 90.042195][ T6401] ____sys_sendmsg+0x312/0x410 [ 90.046982][ T6401] __sys_sendmmsg+0x259/0x500 [ 90.051748][ T6401] __x64_sys_sendmmsg+0x57/0x70 [ 90.056752][ T6401] x64_sys_call+0xa49/0x2d60 [ 90.061381][ T6401] do_syscall_64+0xc9/0x1c0 [ 90.065921][ T6401] ? clear_bhb_loop+0x55/0xb0 [ 90.070700][ T6401] ? clear_bhb_loop+0x55/0xb0 [ 90.075437][ T6401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.081367][ T6401] RIP: 0033:0x7f20fc95dff9 [ 90.085885][ T6401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.105560][ T6401] RSP: 002b:00007f20fb5d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 90.114032][ T6401] RAX: ffffffffffffffda RBX: 00007f20fcb15f80 RCX: 00007f20fc95dff9 [ 90.122075][ T6401] RDX: 0000000000000002 RSI: 0000000020000500 RDI: 0000000000000003 [ 90.130089][ T6401] RBP: 00007f20fb5d7090 R08: 0000000000000000 R09: 0000000000000000 [ 90.138099][ T6401] R10: 0000000004004441 R11: 0000000000000246 R12: 0000000000000001 [ 90.146102][ T6401] R13: 0000000000000000 R14: 00007f20fcb15f80 R15: 00007ffdfacf8ac8 [ 90.154237][ T6401] [ 90.209884][ T6412] loop0: detected capacity change from 0 to 512 [ 90.218084][ T6412] EXT4-fs: Ignoring removed oldalloc option [ 90.236376][ T6412] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1060: Parent and EA inode have the same ino 15 [ 90.249709][ T6412] EXT4-fs (loop0): Remounting filesystem read-only [ 90.256537][ T6412] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5) [ 90.267910][ T6412] EXT4-fs (loop0): 1 orphan inode deleted [ 90.274075][ T6412] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.286971][ T6412] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 90.295240][ T6412] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.330016][ T6420] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1062'. [ 90.607570][ T6434] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1061'. [ 90.851472][ T6439] smc: net device bond0 applied user defined pnetid SYZ0 [ 90.881935][ T29] kauditd_printk_skb: 394 callbacks suppressed [ 90.881977][ T29] audit: type=1400 audit(1728913408.062:3473): avc: denied { create } for pid=6440 comm="syz.4.1069" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1 [ 90.908288][ T29] audit: type=1400 audit(1728913408.062:3474): avc: denied { sys_admin } for pid=6440 comm="syz.4.1069" capability=21 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 90.942895][ T6436] smc: net device bond0 erased user defined pnetid SYZ0 [ 91.002093][ T6446] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1070'. [ 91.138634][ T6425] syz.0.1065 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 91.149808][ T6425] CPU: 1 UID: 0 PID: 6425 Comm: syz.0.1065 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 91.160524][ T6425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 91.170704][ T6425] Call Trace: [ 91.173997][ T6425] [ 91.176996][ T6425] dump_stack_lvl+0xf2/0x150 [ 91.181635][ T6425] dump_stack+0x15/0x20 [ 91.185810][ T6425] dump_header+0x83/0x2d0 [ 91.190312][ T6425] oom_kill_process+0x341/0x4c0 [ 91.195213][ T6425] out_of_memory+0x9af/0xbe0 [ 91.199879][ T6425] ? css_next_descendant_pre+0x11c/0x140 [ 91.205578][ T6425] mem_cgroup_out_of_memory+0x13e/0x190 [ 91.211195][ T6425] try_charge_memcg+0x51b/0x810 [ 91.216162][ T6425] charge_memcg+0x50/0xc0 [ 91.220545][ T6425] mem_cgroup_swapin_charge_folio+0xd0/0x150 [ 91.226575][ T6425] __read_swap_cache_async+0x236/0x480 [ 91.232061][ T6425] swap_cluster_readahead+0x276/0x3f0 [ 91.237585][ T6425] swapin_readahead+0xe4/0x6f0 [ 91.242464][ T6425] ? __filemap_get_folio+0x420/0x5b0 [ 91.247783][ T6425] ? __lruvec_stat_mod_folio+0xdb/0x120 [ 91.253407][ T6425] ? swap_cache_get_folio+0x77/0x210 [ 91.258746][ T6425] do_swap_page+0x2af/0x23e0 [ 91.263785][ T6425] ? __rcu_read_lock+0x36/0x50 [ 91.268642][ T6425] ? pte_offset_map_nolock+0x124/0x1d0 [ 91.274129][ T6425] handle_mm_fault+0x8c5/0x2a80 [ 91.279081][ T6425] exc_page_fault+0x3b9/0x650 [ 91.283884][ T6425] asm_exc_page_fault+0x26/0x30 [ 91.288925][ T6425] RIP: 0033:0x7faf68ce1ab8 [ 91.293540][ T6425] Code: 31 d2 48 f7 f1 48 01 d8 49 39 c4 4c 0f 42 e0 83 3d e8 5f 2e 00 00 0f 8e 99 fd ff ff e8 51 e4 fe ff 49 39 c4 72 64 0f 1f 40 00 <69> 3d d6 3b e1 00 e8 03 00 00 48 8d 1d b7 44 2e 00 e8 82 c4 12 00 [ 91.313236][ T6425] RSP: 002b:00007ffcf7ce1420 EFLAGS: 00010202 [ 91.319364][ T6425] RAX: 0000000000015dc2 RBX: 00007faf68fc7a80 RCX: 0000000000015ba8 [ 91.327469][ T6425] RDX: 000000000000021a RSI: 00007ffcf7ce1400 RDI: 0000000000000001 [ 91.335458][ T6425] RBP: 00007faf68fc7a80 R08: 000000002012ffef R09: 7fffffffffffffff [ 91.343537][ T6425] R10: 00007faf69b060b8 R11: 00007faf69b06080 R12: 0000000000015ebd [ 91.351783][ T6425] R13: 00007ffcf7ce1520 R14: 0000000000000032 R15: ffffffffffffffff [ 91.359890][ T6425] [ 91.363026][ T6425] memory: usage 307200kB, limit 307200kB, failcnt 10459 [ 91.369990][ T6425] memory+swap: usage 301256kB, limit 9007199254740988kB, failcnt 0 [ 91.378289][ T6425] kmem: usage 294060kB, limit 9007199254740988kB, failcnt 0 [ 91.385740][ T6425] Memory cgroup stats for /syz0: [ 91.388617][ T6425] cache 442368 [ 91.397529][ T6425] rss 4096 [ 91.400566][ T6425] shmem 0 [ 91.403607][ T6425] mapped_file 442368 [ 91.407613][ T6425] dirty 442368 [ 91.410996][ T6425] writeback 4096 [ 91.414620][ T6425] workingset_refault_anon 2 [ 91.419161][ T6425] workingset_refault_file 0 [ 91.423673][ T6425] swap 4562944 [ 91.427167][ T6425] swapcached 8192 [ 91.430969][ T6425] pgpgin 71331 [ 91.434383][ T6425] pgpgout 71221 [ 91.437978][ T6425] pgfault 74390 [ 91.441527][ T6425] pgmajfault 10 [ 91.445012][ T6425] inactive_anon 0 [ 91.448694][ T6425] active_anon 8192 [ 91.452420][ T6425] inactive_file 0 [ 91.456070][ T6425] active_file 442368 [ 91.460068][ T6425] unevictable 0 [ 91.463534][ T6425] hierarchical_memory_limit 314572800 [ 91.469493][ T6425] hierarchical_memsw_limit 9223372036854771712 [ 91.475672][ T6425] total_cache 442368 [ 91.479614][ T6425] total_rss 4096 [ 91.483166][ T6425] total_shmem 0 [ 91.486688][ T6425] total_mapped_file 442368 [ 91.491153][ T6425] total_dirty 442368 [ 91.495272][ T6425] total_writeback 4096 [ 91.499449][ T6425] total_workingset_refault_anon 2 [ 91.504539][ T6425] total_workingset_refault_file 0 [ 91.509576][ T6425] total_swap 4562944 [ 91.513515][ T6425] total_swapcached 8192 [ 91.517758][ T6425] total_pgpgin 71331 [ 91.521662][ T6425] total_pgpgout 71221 [ 91.525689][ T6425] total_pgfault 74390 [ 91.529681][ T6425] total_pgmajfault 10 [ 91.533680][ T6425] total_inactive_anon 0 [ 91.537863][ T6425] total_active_anon 8192 [ 91.542195][ T6425] total_inactive_file 0 [ 91.546385][ T6425] total_active_file 442368 [ 91.551059][ T6425] total_unevictable 0 [ 91.555094][ T6425] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1065,pid=6425,uid=0 [ 91.569817][ T6425] Memory cgroup out of memory: Killed process 6425 (syz.0.1065) total-vm:87116kB, anon-rss:612kB, file-rss:16164kB, shmem-rss:0kB, UID:0 pgtables:108kB oom_score_adj:1000 [ 91.662168][ T29] audit: type=1400 audit(1728913408.782:3475): avc: denied { listen } for pid=6454 comm="syz.2.1074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 91.681822][ T29] audit: type=1400 audit(1728913408.782:3476): avc: denied { getopt } for pid=6454 comm="syz.2.1074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 91.703366][ T29] audit: type=1400 audit(1728913408.791:3477): avc: denied { bind } for pid=6454 comm="syz.2.1074" lport=37015 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 91.723888][ T29] audit: type=1400 audit(1728913408.791:3478): avc: denied { name_bind } for pid=6454 comm="syz.2.1074" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 91.744745][ T29] audit: type=1400 audit(1728913408.791:3479): avc: denied { node_bind } for pid=6454 comm="syz.2.1074" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 91.773734][ T29] audit: type=1326 audit(1728913408.893:3480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 91.798017][ T29] audit: type=1326 audit(1728913408.893:3481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 91.821557][ T29] audit: type=1326 audit(1728913408.893:3482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6460 comm="syz.2.1076" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd6eb48dff9 code=0x7ffc0000 [ 91.943142][ T6468] sg_write: data in/out 18/14 bytes for SCSI command 0x4-- guessing data in; [ 91.943142][ T6468] program syz.3.1077 not setting count and/or reply_len properly [ 92.001006][ T6466] ================================================================== [ 92.009153][ T6466] BUG: KCSAN: data-race in __d_lookup_rcu / __dentry_kill [ 92.016309][ T6466] [ 92.018647][ T6466] read to 0xffff888113d9e3d0 of 8 bytes by task 6465 on cpu 1: [ 92.026209][ T6466] __d_lookup_rcu+0x105/0x2a0 [ 92.030924][ T6466] lookup_fast+0x8e/0x2a0 [ 92.035275][ T6466] path_openat+0x41e/0x1fa0 [ 92.039809][ T6466] do_filp_open+0xf7/0x200 [ 92.044259][ T6466] io_openat2+0x280/0x3a0 [ 92.048628][ T6466] io_issue_sqe+0x181/0xcc0 [ 92.053170][ T6466] io_submit_sqes+0x6c3/0x1090 [ 92.057955][ T6466] __se_sys_io_uring_enter+0x1ce/0x17b0 [ 92.063519][ T6466] __x64_sys_io_uring_enter+0x78/0x90 [ 92.068921][ T6466] x64_sys_call+0x2567/0x2d60 [ 92.073638][ T6466] do_syscall_64+0xc9/0x1c0 [ 92.078165][ T6466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.084097][ T6466] [ 92.086443][ T6466] write to 0xffff888113d9e3d0 of 8 bytes by task 6466 on cpu 0: [ 92.094217][ T6466] __dentry_kill+0x13e/0x4c0 [ 92.098848][ T6466] dput+0x5c/0xd0 [ 92.102507][ T6466] step_into+0x21a/0x810 [ 92.106814][ T6466] path_openat+0x1234/0x1fa0 [ 92.111431][ T6466] do_filp_open+0xf7/0x200 [ 92.115922][ T6466] io_openat2+0x280/0x3a0 [ 92.120349][ T6466] io_issue_sqe+0x181/0xcc0 [ 92.124862][ T6466] io_wq_submit_work+0x474/0x5f0 [ 92.129806][ T6466] io_worker_handle_work+0x486/0x9d0 [ 92.135115][ T6466] io_wq_worker+0x286/0x820 [ 92.139638][ T6466] ret_from_fork+0x4b/0x60 [ 92.144074][ T6466] ret_from_fork_asm+0x1a/0x30 [ 92.148855][ T6466] [ 92.151183][ T6466] Reported by Kernel Concurrency Sanitizer on: [ 92.157335][ T6466] CPU: 0 UID: 0 PID: 6466 Comm: iou-wrk-6465 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0 [ 92.168198][ T6466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 92.178261][ T6466] ================================================================== [ 92.198625][ T6463] loop2: detected capacity change from 0 to 256