last executing test programs: 4.122264796s ago: executing program 2 (id=1526): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li") syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) getpid() r0 = perf_event_open(0x0, 0x0, 0x200000000, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f00003a6000/0x4000)=nil, 0x4000, 0x8000, &(0x7f0000000000)=0x9, 0x8, 0x4) getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000540)={@mcast2}, &(0x7f00000005c0)=0x14) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, '\x00', 0x0, 0x0, 0x2, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x4, 0x1, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r4}, 0x10) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8) timer_create(0xfffffffffffffffc, &(0x7f0000000140)={0x0, 0x12}, &(0x7f0000001400)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400)=0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) timer_settime(r5, 0x0, &(0x7f0000000040)={{}, {0x0, r6+60000000}}, &(0x7f0000000500)) unshare(0x40000000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000040)={0x800}, 0x10) sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c0000005e0001"], 0x1c}}, 0x0) 3.511036436s ago: executing program 2 (id=1533): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f0000000300)={0x80, 0x0, 0x0, 0x400}) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x0, 0xa, 0x4, 0x2, 0x80b}, 0x48) capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000003c0)) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'dvmrp1\x00', {0x2, 0x0, @empty}}) 3.432226032s ago: executing program 2 (id=1534): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) pipe(&(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r4, 0x0, 0x9, 0x0) write(r2, &(0x7f0000001100)="94", 0x1) tee(r1, r4, 0x81, 0x0) write$binfmt_elf64(r4, &(0x7f0000000580)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) 2.297364834s ago: executing program 4 (id=1546): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=@newqdisc={0xffffffffffffff92}, 0x24}}, 0x0) getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0x2}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x34}}, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li") r3 = io_uring_setup(0x48ae, &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0xf, &(0x7f0000000540)={0x1000, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x0, 0x5e}, 0x20) r4 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r6, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'lo\x00'}]}, 0x34}}, 0x0) sendmsg$SMC_PNETID_FLUSH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, r6, 0x9}, 0x14}}, 0x0) 2.234791069s ago: executing program 4 (id=1549): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f00000007c0)='ext4_es_find_extent_range_exit\x00', r0}, 0x10) open(0x0, 0x0, 0x0) pwritev2(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000980)='\x00', 0x1}], 0x1, 0x7bff, 0x0, 0x3) r1 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') r3 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0) sendfile(r3, r2, 0x0, 0x100800001) r4 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x100000001) 2.176784714s ago: executing program 4 (id=1551): r0 = socket(0x10, 0x3, 0x4) unshare(0x2000400) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) getsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180), &(0x7f00000001c0)=0x4) close(0xffffffffffffffff) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) quotactl$Q_GETNEXTQUOTA(0x0, 0x0, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000540)=0x400, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000002c0)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @initr0, @exit, @alu={0x7, 0x0, 0xb, 0x0, 0xa}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) r3 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) socket$can_bcm(0x1d, 0x2, 0x2) sendto$inet6(r3, &(0x7f0000000080)="02", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e21, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) shutdown(r3, 0x1) r4 = dup(r3) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_CREATE(r5, &(0x7f0000000580)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000540)={&(0x7f0000000180)={0x2c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x3}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0xd}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x40001) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r4, 0x84, 0x23, &(0x7f00000005c0), 0x8) r6 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r6, &(0x7f00000025c0)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="c5", 0x1}], 0x1}}, {{&(0x7f0000000500)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000140)='i', 0x1}, {&(0x7f0000000600)="6b56bc0037813cb98b9ab000174c6047acecaa3b73becc61d084b638bcfc86ab1587f94b6007f3189443cb6111b7eda14fc1c5a942f3df481a89d4f00c96bf965c9a01c3062b3bc869a91f9a6de01d06695ac28982f0e9d13d1e6adb418fedf1c9dbcc34977098cea032926a83e028481d3a64560a355a0e7e5e66d9da9db2863e80873aaa9c5be42f09ec999e788b157956afb19e0b1ad845b774c29618265a5cd56a88", 0xa4}], 0x2}}], 0x2, 0x0) shutdown(r6, 0x1) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x90) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r8 = dup(r7) write$P9_RLERRORu(r8, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) 1.759836558s ago: executing program 4 (id=1553): syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000340), 0x10) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") open(&(0x7f0000000180)='./bus\x00', 0x10b67e, 0x0) r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) ftruncate(r2, 0x2007ffb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r2, 0x0) r3 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r3, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00) 1.665898565s ago: executing program 3 (id=1555): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'lo\x00'}]}, 0x34}}, 0x0) sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, r2, 0x9}, 0x14}}, 0x0) 1.664195735s ago: executing program 3 (id=1556): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810314, &(0x7f0000000080)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@data_err_ignore}, {@norecovery}, {@resuid}, {@prjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@usrjquota}, {@resgid}, {@nodiscard}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ftruncate(r0, 0xc17a) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000640)=ANY=[@ANYBLOB="180063269349dfded16d06c35dc1761fbb3b64af65ba627abf72a1c2d0087db5774d3206ce6b9d67ed63c27e01b8373540bc2a40e5681a1874f16d77116a4d0cba487bf0db3143fcebc7e19d196d8cfc75a36ab61b0fc86b49e9d1f4ee259c3471321687e71c4b3326f585a2ab944928f4a0771c1fe775bf930e54e34c33097305195b9ae5c454955be89c6226f5c0f499918af2dd82c74e2b31665765a01c334bf7697f29089b9fd5348d21bb193782ab5d4908ae111c10fdcafe8e286cfb6021f730e2363562e1da2e4dbaa3b2c6ab150d26be6f074c7a0d3ed78b64b2092b0d0a55a1bd25c635bbf02c19dc01162bba729449b231cc23b5a9ba5c1808b1b32ca73b70611e33475404cd2a024f2be38937856526b5a7d4e4ce013f703f6fddcb4ff62c2c302850d3795407e3ad3cf283c5c4e2677fd3ff9a"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000140), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000400)=@gcm_128={{0x303, 0x38}, "006852ec2c00", "00000c704a3a000000000000ffff00", "e469d337", "df02000000000ece"}, 0x28) setsockopt$inet6_tcp_int(r2, 0x6, 0x3, &(0x7f0000000100), 0x4) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r3 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li") r4 = socket$inet_dccp(0x2, 0x6, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r5, &(0x7f00000002c0)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r5, 0x0) getsockopt$inet_int(r4, 0x10d, 0xa7, 0x0, &(0x7f0000000040)) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000c00)=@delchain={0x854, 0x65, 0x200, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff1, 0xe}, {0x0, 0xf}, {0x6, 0xa}}, [@filter_kind_options=@f_route={{0xa}, {0x824, 0x2, [@TCA_ROUTE4_POLICE={0x408, 0x5, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x2, 0x401, 0xbc09, 0x401, 0x6, 0x45ab, 0x10000, 0x1ff, 0xc, 0x6, 0x1, 0xfff, 0x3, 0x6, 0x800, 0xe, 0x29e, 0x0, 0x6, 0xc, 0x3, 0x6, 0x7, 0x7, 0x8000, 0x5, 0xffffffff, 0x7, 0x49, 0x9, 0x9a, 0x8, 0x1000, 0x1ff, 0x6, 0x3, 0x4, 0x4, 0xa1e4, 0x786c, 0x5, 0xd, 0x84, 0x6, 0xb5, 0x0, 0x100, 0x6, 0x80000000, 0x7, 0xffffffff, 0x3, 0xa, 0x3, 0x6, 0xffffff2f, 0x8, 0x8000, 0x800, 0x6, 0x3, 0x3, 0x1ff, 0x3ff, 0x9, 0x400, 0x6, 0x10, 0x0, 0x1, 0x3, 0x4, 0x3, 0xfa, 0x2, 0xe0000000, 0x7, 0x8d9, 0x1, 0x240, 0xaaf, 0xf, 0x0, 0x1000, 0xffffaec5, 0x3, 0xe31, 0x401, 0x101, 0x7, 0xa490, 0x400, 0x3ff, 0x0, 0xffffffff, 0x9, 0x7259, 0x7, 0xd, 0x800, 0x9a0, 0xf, 0x80000000, 0xf, 0x43, 0x9, 0x80000000, 0x5, 0x5, 0x1, 0x8, 0x2, 0x9, 0xffffffff, 0x1, 0x800, 0x3, 0x6a2, 0x9, 0xbe, 0x8, 0x80000001, 0x6, 0x0, 0x5c, 0x5, 0xcf04, 0x4, 0xe, 0x8, 0xe, 0x3, 0x4, 0x38000, 0x100, 0xc9e, 0xc20, 0x5b, 0x5, 0x2, 0x6, 0xf31, 0xfffffff7, 0x8, 0x200, 0x3, 0x9, 0x5, 0xf04d, 0xa20b, 0xc0, 0x2, 0x75, 0x706, 0x7, 0x2, 0x5, 0x27, 0x7fffffff, 0xfffff001, 0x80000001, 0x5, 0x9, 0xe, 0x2, 0x3f7, 0x5, 0x0, 0x2, 0x101, 0xffffffff, 0xe2, 0x8, 0x3, 0x0, 0x9, 0x6, 0x1000, 0x2, 0x400, 0x1, 0x2, 0x92c3, 0x4, 0x6, 0x4, 0x2, 0x18, 0xc, 0x2, 0x2, 0x24, 0xd, 0x6, 0x3, 0x835b, 0x4, 0x2, 0xff, 0x87, 0x2, 0xd31, 0x9, 0x5, 0x7, 0x9, 0x3, 0x6, 0x80000000, 0x7fff, 0x4, 0x2, 0x4, 0x4, 0x156, 0x568, 0xf197, 0xaa49, 0x401, 0x80, 0x3, 0xffff7fff, 0x7f, 0xf, 0x3, 0x6, 0x12, 0x81, 0xfffffff8, 0x8001, 0x5, 0x8000, 0x8, 0x1, 0x9, 0x9, 0x7, 0x5, 0x9d4, 0x80000001, 0xbe, 0x4, 0x388d736e, 0x8, 0x7, 0x3, 0x1, 0xd, 0x7c6, 0x80000000, 0x8425, 0xa, 0x1, 0x3, 0xda9b]}]}, @TCA_ROUTE4_TO={0x8, 0x2, 0xcd}, @TCA_ROUTE4_POLICE={0x410, 0x5, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x800}, @TCA_POLICE_RATE={0x404, 0x2, [0x486fa825, 0x80000000, 0x80000, 0x7fffffff, 0x6, 0x10000, 0x52ed6a2f, 0x0, 0x723a0031, 0xfffffffb, 0x4, 0x4, 0x910, 0x6, 0x0, 0x2, 0x80000000, 0x8, 0x7, 0x2, 0x35223638, 0x7, 0x7ff, 0x1, 0x6, 0x7, 0x1, 0x4, 0xffff, 0x0, 0x9, 0x9, 0xffff33da, 0x82, 0x7fffffff, 0xa, 0x40, 0x800, 0xfc10, 0x100, 0x3, 0x8, 0xfffffffc, 0x1, 0x4, 0x401, 0x7, 0xf59, 0x80000000, 0x0, 0x6, 0x5, 0xe, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2, 0x0, 0x9, 0xffff2bdb, 0x7, 0x40, 0x8, 0x5, 0xdf959483, 0x3, 0x8, 0x9, 0x1, 0x4, 0x7, 0x4, 0xd, 0x55, 0x5, 0x1, 0x0, 0x3, 0x5, 0x0, 0xfffffffb, 0x6, 0x4, 0xa1, 0x4, 0x3, 0x4, 0x3, 0xa0, 0x5af1, 0xffff, 0x9a9, 0x472, 0x30, 0x80000000, 0x8, 0xffff5a0f, 0x1, 0x4, 0x8, 0x4, 0x6, 0xfdf7, 0x2, 0x7ff, 0x8001, 0x1a, 0x7f, 0x1, 0x2, 0x3, 0x7f, 0xee, 0x7, 0x5, 0x3, 0x101, 0x8, 0x6, 0x80, 0x3, 0x8, 0x9, 0x5, 0x8, 0x207b, 0xe, 0x0, 0x7, 0x7, 0x6, 0x7f, 0x1, 0x800, 0x1, 0x3, 0x7fffffff, 0x7, 0x6, 0x4, 0xffffffff, 0x9, 0x1d70980a, 0x1, 0xa5e, 0x9, 0x3, 0x9, 0x9a7f, 0x5, 0x3, 0x8, 0x0, 0x7fffffff, 0x1ff, 0x2, 0x80000000, 0x80, 0x8, 0x3, 0x9, 0xda6a, 0x4, 0x2, 0x5, 0x2, 0x3, 0xce4e, 0xc, 0xca, 0x5, 0x200, 0x80000001, 0x4, 0x817, 0x0, 0x9, 0xea, 0x3bb, 0x680c, 0x5, 0x7ac, 0x9, 0x6, 0x6, 0xf0, 0x6, 0x6a2, 0xd46f, 0x6, 0x5, 0x50c00027, 0x9, 0x5, 0x2, 0x101, 0x5, 0x9, 0x2, 0x0, 0x101, 0x2, 0x4, 0x3ff, 0xf, 0x0, 0x3, 0x7, 0xafd, 0x7, 0x9, 0x4, 0x2, 0x1, 0x0, 0x7, 0x6, 0xaf9, 0x1ff, 0xcf, 0x1ff, 0x9c19, 0x8, 0x8000, 0xe730, 0x2, 0x200, 0x1, 0x6, 0x54de, 0x1, 0x8, 0x4b8, 0x8, 0x1, 0xd, 0xfffffffb, 0x7, 0x10001, 0x1, 0x2, 0x5, 0x4, 0x50b3, 0xd, 0x1f0, 0x101, 0x0, 0x9, 0x3ff, 0x1, 0x7, 0x4, 0xffff0001]}]}]}}]}, 0x854}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000800)={0x2, 0x0, @dev}, 0x10) 1.563945854s ago: executing program 1 (id=1557): syz_io_uring_setup(0x68c2, &(0x7f0000000480)={0x0, 0x1ce9, 0x20, 0x1, 0x356}, &(0x7f0000000140), 0x0) mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) munmap(&(0x7f00007c2000/0x2000)=nil, 0x2000) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000006540000000c0a01010000000000000000010000000900020073797a32000000002800038024000080090026400000000018000b80140001800a0001006c696d697400000004fe02800900010073797a30"], 0xd8}}, 0x0) syz_io_uring_setup(0x60f2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x3}, 0x0, 0x0) futex(&(0x7f0000000300), 0x3, 0x1, &(0x7f0000000340)={0x77359400}, &(0x7f0000000380), 0x0) munmap(&(0x7f0000b04000/0x4000)=nil, 0x4000) mremap(&(0x7f0000e3b000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000fe1000/0x4000)=nil) mremap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000, 0x7, &(0x7f0000c51000/0x2000)=nil) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x91, 0x8, 0x0, 0x0, 0x0, 0x2, 0x50422, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x5094}, 0x11d620, 0x0, 0x0, 0x7, 0x4, 0x4, 0x0, 0x0, 0x2, 0x0, 0x10000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM_MAP(0x4, 0x3, 0x0, 0xffffff66) mremap(&(0x7f0000519000/0x4000)=nil, 0x4000, 0x3000, 0x0, &(0x7f0000595000/0x3000)=nil) mremap(&(0x7f000062b000/0x2000)=nil, 0x1d5000, 0x40000000, 0x3, &(0x7f00009f6000/0x3000)=nil) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x9}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) lgetxattr(&(0x7f0000000600)='./file0/file0\x00', 0x0, 0x0, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) socket$rds(0x15, 0x5, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) socket(0x10, 0x803, 0x0) r3 = socket(0x200000100000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'gretap0\x00'}) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=ANY=[@ANYBLOB="400000001400b59500000000000000000a000000", @ANYRES16, @ANYRES8, @ANYRESOCT], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44000051) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="4800000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c0002800500010000000000100005"], 0x48}}, 0x0) 1.502299588s ago: executing program 1 (id=1558): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000100)='./file2\x00', 0x20005e, &(0x7f0000000280)={[{@jqfmt_vfsold}, {@errors_continue}, {@abort}, {@errors_remount}, {@norecovery}, {@minixdf}, {@nolazytime}, {@noquota}, {@norecovery}, {@usrquota}, {@user_xattr}]}, 0x1, 0x476, &(0x7f0000000700)="$eJzs3MtvVNUfAPDvvX3w4/XriPjgoVTRSDS2tKCycAFGExeamOgCl7UtBCnU0JoIIVpc4NKQuDcuTfwLXOnGqCsTt7o3JMSwAV1dc2fu7WM6MxmGgWmZzye59Jz7yDnfnntmzj2H2wD61mj+TxKxIyL+iIiRWnbtCaO1H7dvXp7+5+bl6SSy7N2/k+p5t25eni5PLa/bXmaWavl9DcpduHjp7NTc3OyFIj++eO6j8YWLl148c27q9Ozp2fOTx44dPTLxysuTLzWvfNJ+nHmdbu39dH7/njffv/b29MlrH/zyXVLGXxdHl4w22DdQJp7tcmG9tnNVOhksEgM9qgxty5sob66hav8fiYEYXD42Em983tPKAfdUlmXZlmYHk1jKgAdYEr2uAdAb5Vd9/vxbbvdt8LEB3DhRewDK475dbLUjg5EW5wzVPd92U/60dXLp36/zLe7NPAQAwBo/nKj9XD/+S+PRVecdL9aGKhHxUETsioiHI2J3RDwSUT33sYh4fOWSrJ3lmfpFkvXjn/R6h6G1JR//vVqsba0d/5Wjv6gMFLmd1fiHklNn5mYPR8T/I+JQDG3J8xMtyvjx9d+/bHZsNCIrx3/5lpdfjgWLeqT118xMLU51HvFaN65E7B1sFH+yvBKQt+OeiNh7oLMyzjz/7f5mx0ZXjX8bx9/CYGf1WS37JuK5WvsvRV38paT1+uT4/2Ju9vB4eVes9+tvV99pVv5dxd8Feftva3j/L8dfSVav1y5U9627J1u5+ucXDZ9phtqKP70+WDdBnd//w8l71fRwse+TqcXFCxMRw8lbxf7jK/snV64t8+X5efyHDjbu/7ti5TexLyLym/iJiHgyIg4UdX8qIp6OiIMt4v/5tWc+bHZsI7T/zB21/50nBs7+9P2aQist4k+iQfsfraYOFXva+fxrXp2VOY88rE5/bwAAALCZpBGxI5J0bDmdpmNjtf8vvzu2pXPzC4svnJr/+PxM7R2BSgyl5UzXyKr50IlixqDMTxaP+WX+SDFv/NXA1mp+bHp+bqbXwUOf296k/+f+8v4GPPi6sI4GbFKd9v8syz7rclWA+8z3P/Qv/R/6V4P+v7Uu3/RvBACbW6Pvfw/20B+M/6F/6f/Qv/R/6F/6P/Slu3mvv0hcafGyfXuJ/PPnrqtxHxNZ1qPSh3sf+3Ii0g1RjXuViMpGqEald6X3+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgO/4LAAD//wYf47Q=") (fail_nth: 8) 1.208223042s ago: executing program 1 (id=1560): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f00000007c0)='ext4_es_find_extent_range_exit\x00', r0}, 0x10) open(0x0, 0x0, 0x0) pwritev2(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000980)='\x00', 0x1}], 0x1, 0x7bff, 0x0, 0x3) r1 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') r3 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0) sendfile(r3, r2, 0x0, 0x100800001) r4 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0) sendfile(r1, r4, 0x0, 0x100000001) 1.093451162s ago: executing program 1 (id=1561): semctl$SEM_STAT_ANY(0x0, 0x0, 0x14, 0x0) r0 = semget(0x3, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000b40000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='xprtrdma_cb_setup\x00', r2}, 0x10) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000800)={'ipvlan1\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001400230300000000000000000a000000", @ANYRES32=r5, @ANYBLOB="080008000004000014000100ff05"], 0x34}}, 0x0) r6 = socket(0x2, 0x6, 0x0) getsockopt$WPAN_SECURITY_LEVEL(r6, 0x0, 0x19, &(0x7f0000000000), &(0x7f00000000c0)=0x1) r7 = socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYRES16=r0, @ANYRES32=0x0, @ANYBLOB="0000000000000000140003006970766c616e3100000000000000000008000a00", @ANYRES8=r0], 0x3c}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000100001000000000074df00000000000a64000000060a09040000001000000000020000000900010073797a30000000000900020073797a320000000038000480340001800b00010065787468647200002400028008000640000000110800034000000000080007"], 0x8c}}, 0x0) 959.274453ms ago: executing program 1 (id=1562): socket$xdp(0x2c, 0x3, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000001c0)=0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x7, 0x1, 0xfd, 0x0, 0x0, 0x2, 0x4802, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x5}, 0x0, 0x1000, 0x0, 0x3, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, r0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) getpid() sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5) socket$netlink(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x0, 0x1c7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080)) socket(0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0x2, 0x4, 0x400, 0x0, 0x108, 0x0, 0x318, 0x318, 0x318, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x108, 0x71000000, {0x15b}}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@arp={@rand_addr, @empty, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8, 0x0, {0x1d000000}}, {0x28}}}}, 0x450) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x1, 0x0}}, 0x20) ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, {0x0, @random="0f00a85d4f76"}, 0x1c, {0x2, 0x4e22, @loopback}, 'veth0\x00'}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') preadv(r4, &(0x7f0000000040)=[{&(0x7f0000000200)=""/218, 0xda}], 0x1, 0xffff, 0xfffffff5) 906.492677ms ago: executing program 1 (id=1565): bind$inet6(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000140), 0x0, 0x0) (async) syz_io_uring_setup(0x0, &(0x7f0000000140), 0x0, 0x0) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) (async) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil) (async) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) (async) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='mm_page_alloc\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48) (async) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48) r2 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) r3 = socket$inet6(0xa, 0x3, 0x8000000003c) connect$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0xb}, 0x1c) (async) connect$inet6(r3, &(0x7f0000000140)={0xa, 0x0, 0x0, @mcast1, 0xb}, 0x1c) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000880)=ANY=[@ANYRES16=r0], 0x0, 0x6b, 0x0, 0xfffffffd, 0x1}, 0x20) sendmsg(r3, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) (async) sendmsg(r3, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{}, &(0x7f0000000680), &(0x7f00000006c0)='%+9llu \x00'}, 0x20) (async) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000700)={{}, &(0x7f0000000680), &(0x7f00000006c0)='%+9llu \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) splice(r5, 0x0, r4, 0x0, 0x1, 0x0) (async) splice(r5, 0x0, r4, 0x0, 0x1, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRESHEX=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r6, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) (async) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r6, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) syz_emit_ethernet(0x32, &(0x7f0000000040)={@local, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x88, 0x0, @empty}, {0x0, 0x0, 0x8, 0x0, @gue={{0x2}}}}}}}, 0x0) ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) 888.669038ms ago: executing program 3 (id=1566): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'lo\x00'}]}, 0x34}}, 0x0) sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, r2, 0x9}, 0x14}}, 0x0) 832.839753ms ago: executing program 4 (id=1567): syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0xe0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r0, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000180), 0x8) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x40, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x1, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0), 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)) socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x0, &(0x7f0000ffd000/0x1000)=nil) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x0, &(0x7f0000ff5000/0x3000)=nil) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$IEEE802154_ADD_IFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}}, 0x0) 816.376884ms ago: executing program 3 (id=1568): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) fchdir(r1) close(r1) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket(0x10, 0x803, 0x0) sendto(r2, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/69, 0x45}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {0x0}], 0x8, &(0x7f0000000600)=""/191, 0xbf}, 0xfffffd39}], 0x1, 0x40000000, &(0x7f0000003700)={0x77359400}) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo") syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2047, 0x0, 0x7c, 0x0, &(0x7f00000000c0)) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000002040)={0x20, 0xc, &(0x7f0000002180)=ANY=[@ANYRES8, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRES64, @ANYRESDEC, @ANYRES64, @ANYRESOCT=r3, @ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd71, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10) r5 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r5, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x15, 0x0, 0x1, 0xfffffffd}, {}, {0x6, 0x0, 0x0, 0xffffefff}]}, 0x10) 684.883545ms ago: executing program 4 (id=1569): openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) open$dir(&(0x7f0000000340)='./file1\x00', 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000010000008500000086000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) keyctl$KEYCTL_PKEY_SIGN(0x12, &(0x7f0000001580), &(0x7f0000000840)=ANY=[@ANYBLOB='e'], 0x0, 0x0) 529.965117ms ago: executing program 3 (id=1571): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100001e0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024000000000c269b508000140000000000900010073797a300001000054000000060a010400000000000000000100000008000b400000000004802800018008000100666962001c000280080002400000000000000040000000120800034000f41400000000000000010000000000000000000000000af34ab2a50308c8d02c97963f549c2a3337690ca702c6149887ebdeb240d7b68ab715b9789ad31f756df5ddb08a31791a6880bfeabca700490536ca4fc53911951390405f4f3ff3c10ca600ab"], 0xdc}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4) connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) io_setup(0x6, &(0x7f0000000680)=0x0) setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000200)='wg0\x00', 0x4) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xe, &(0x7f0000000300)={[{@jqfmt_vfsv0}, {@nouid32}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@dioread_lock}, {@errors_remount}, {@nobh}]}, 0x0, 0x47b, &(0x7f0000000b00)="$eJzs3MtvG8UfAPDvrh3319cvoZRHH0CgICIeSZMW6IELCCQORUKCQzmGJK1K0wY1QaJVBQGhcoRK3BFHJP4CTnBBwAmJK9xRpQr1QsspaO3dJHXWJnaTGOrPR9pkZh+e+Xp37Nkd7wbQt4azP0nEroj4NSLSRvbWFYYb/25cvzR18/qlqSSpLr3+R1Jf78/rl6aKVYvtduaZkTQi/TiJAyXlzl+4eGZydnbmfJ4fWzj7ztj8hYtPnz47eWrm1My5iWPHjh4Zf+7ZiWeKTapF4vJgbOs0zsGsrvvfnzu475U3r7w6deLKWz9+nRTxN8VRbqjTIofbLXxsaanT1/tX270qnVR7WBE6Uskb1kC9/Q9GZaWZxWC8/FFPKwdsqqVci8WLS8AdLIle1wDojeKLPjv/Laat63303rUXGidAWdw38qmxpFq/FhL5udHuTSp/OCJOLP71RTbFuq5DAADcnm+z/s9TZf2/NO5dtd7/8zGUoYi4KyL2RMTdEbE3Iu6JqK97X0Tcv7aI7e3Kbx4kWdv/Sa92Hdw6ZP2/5/OxrVv7f2ksNhJDlXxcbHc9/oHk5OnZmcP5ezISA9uy/HibMr576ZdPWy1b3f/Lpqz8oi+Y1+NqtWm0a3pyYfL2ol5x7cOI/dWy+JPlkYAkIvZFxP4uyzj9xFcHWy375/ibVUuT3Vr6MmqPN/b/YjTFX0jaj0+O/S9mZw6PFUfFWj/9fPm1VuV3Hv/Gyvb/jtLjfzn+oWT1eO1852Vc/u2Tluc03R7/teSNerqWz3tvcmHh/HhELTneqPTq+RMr2xb5Yv0s/pFD5e1/T6y8EwciIjuIH4iIByPiobzuD0fEIxFxqE38P7z46Nvdx7+5svinO9r/K4laNM8pT1TOfP/NLYUOdRJ/tv+P1lMj+Zz1fP6tp17dHc0AAADw35NGxK5I0tHldJqOjjZ+w783dqSzc/MLT56ce/fcdOMegaEYSIsrXYOrroeOL5/W1yLLT+T5YvmR/Lrx55Xt9fzo1NzsdK+Dhz63s0X7z/xe6XXtgE3nfi3oX9o/9K8W7X9gq+sBbD3f/9C/Stp/2x9tA3eOsu//D3pQD2DrNbV/w37QR5z/Q//S/qF/af/Ql+a3x9p742vru6+/PPHZzvyVszkRcfN4xDofFCCxsYmIjXid4kEQTYsibbNVpeSREcUjJzcv5OKBlr1/5++ARA8/lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbQ3wEAAP//YDXkfw==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901) move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) io_submit(r2, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r1, 0x0, 0x3}]) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0) pipe(&(0x7f0000000080)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x5, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}, {0x2f, 0x28, 0x8, 0x3}, {0x3, 0x8, 0x7, 0x3}, {0x0, 0x6, 0xff, 0xff}, {0x3a7, 0x10, 0x3, 0x10000}]}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$pptp(0x18, 0x1, 0x2) r6 = epoll_create(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000080)={0x40000000}) connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @remote}, 0x10) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x100, 0xffffffffffffffff, 0x2}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f00000004c0)=ANY=[@ANYRES8=r4, @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 426.933356ms ago: executing program 0 (id=1572): socket(0x1e, 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x2, @mcast1, 0xa}, 0x1c) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) ftruncate(0xffffffffffffffff, 0x0) socket(0x2c, 0x80000, 0x0) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x7, &(0x7f00000001c0)=0x6, 0x4) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x6, &(0x7f00000003c0)=[{0x2, 0x0, 0x2, 0x7ffc0001}, {0x5, 0xfd, 0x0, 0x3}, {0x0, 0x4, 0x1, 0x8}, {0x0, 0xfe, 0x4, 0x8}, {0xa8e, 0x40, 0x82, 0x80000001}, {0x1ff, 0xc, 0x0, 0xe6}]}) openat2$dir(0xffffffffffffff9c, &(0x7f0000000380)='.\x00', &(0x7f0000000040)={0x800, 0x1, 0x2c}, 0x18) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080d004fcf0000e8ffff1a8600", "cf0d00", "8657e2b7e43b34e4"}, 0x28) r2 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x44c2, 0x0, 0x0, 0x41000, 0x29, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10) write$binfmt_script(r0, &(0x7f0000001300), 0x8f) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000240)={&(0x7f00001dc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000740)=0x40) writev(r0, &(0x7f00000030c0)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000040)=0x1, 0xfffffffffffffe23) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000180)=0x40) writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0x1}], 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) getpid() 382.181329ms ago: executing program 0 (id=1573): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1) sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[], 0x14}}, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xbc) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x24}, 0x24}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) 381.81423ms ago: executing program 0 (id=1574): capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000003c0)) ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={'dvmrp1\x00', {0x2, 0x0, @empty}}) 337.377853ms ago: executing program 0 (id=1575): socket$xdp(0x2c, 0x3, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000001c0)=0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x7, 0x1, 0xfd, 0x0, 0x0, 0x2, 0x4802, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x5}, 0x0, 0x1000, 0x0, 0x3, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, r0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) getpid() sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5) socket$netlink(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x0, 0x1c7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000080)) socket(0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0x2, 0x4, 0x400, 0x0, 0x108, 0x0, 0x318, 0x318, 0x318, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x108, 0x71000000, {0x15b}}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@arp={@rand_addr, @empty, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'lo\x00', 'ip6tnl0\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}, {{@uncond, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8, 0x0, {0x1d000000}}, {0x28}}}}, 0x450) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x1, 0x0}}, 0x20) ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, {0x0, @random="0f00a85d4f76"}, 0x1c, {0x2, 0x4e22, @loopback}, 'veth0\x00'}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') preadv(r4, &(0x7f0000000040)=[{&(0x7f0000000200)=""/218, 0xda}], 0x1, 0xffff, 0xfffffff5) 336.941843ms ago: executing program 0 (id=1576): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x20, 0x1, 0x1, 0x301, 0x0, 0x0, {}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x2}]}]}, 0x20}}, 0x0) (fail_nth: 8) 280.220077ms ago: executing program 0 (id=1577): syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) sendto$inet(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000340), 0x10) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") open(&(0x7f0000000180)='./bus\x00', 0x10b67e, 0x0) r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) ftruncate(r2, 0x2007ffb) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r2, 0x0) r3 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r3, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff00) 191.259654ms ago: executing program 3 (id=1578): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SMC_PNETID_ADD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r2, 0x0, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'lo\x00'}]}, 0x34}}, 0x0) sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, r2, 0x9}, 0x14}}, 0x0) 139.957649ms ago: executing program 2 (id=1579): socket$netlink(0x10, 0x3, 0x0) r0 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0) sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[], 0x14}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xbc) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000ac0)=@newtfilter={0x48, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0x5}}, [@filter_kind_options=@f_flow={{0x9}, {0x18, 0x2, [@TCA_FLOW_EMATCHES={0x14, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_META={0xc, 0x1}]}]}]}}]}, 0x48}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 89.497193ms ago: executing program 2 (id=1580): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'lo\x00', 0x0}) bind$packet(r2, &(0x7f0000000300)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') preadv(r4, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x4c, 0x0) setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f0000000080)=0x1, 0x4) ioctl$TCFLSH(r0, 0x5608, 0x2) 0s ago: executing program 2 (id=1581): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) fchdir(r1) close(r1) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket(0x10, 0x803, 0x0) sendto(r2, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/69, 0x45}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {0x0}], 0x8, &(0x7f0000000600)=""/191, 0xbf}, 0xfffffd39}], 0x1, 0x40000000, &(0x7f0000003700)={0x77359400}) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo") syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2047, 0x0, 0x7c, 0x0, &(0x7f00000000c0)) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESHEX=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000002040)={0x20, 0xc, &(0x7f0000002180)=ANY=[@ANYRES8, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRES64, @ANYRESDEC, @ANYRES64, @ANYRESOCT=r3, @ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd71, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10) r5 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r5, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r5, 0x7, 0x0, 0x0, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x15, 0x0, 0x1, 0xfffffffd}, {}, {0x6, 0x0, 0x0, 0xffffefff}]}, 0x10) kernel console output (not intermixed with test programs): ]" dev="sockfs" ino=25128 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 119.377843][ T7911] FAULT_INJECTION: forcing a failure. [ 119.377843][ T7911] name failslab, interval 1, probability 0, space 0, times 0 [ 119.390586][ T7911] CPU: 1 UID: 0 PID: 7911 Comm: syz.1.1213 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 119.394415][ T7913] loop3: detected capacity change from 0 to 256 [ 119.401355][ T7911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 119.401372][ T7911] Call Trace: [ 119.401382][ T7911] [ 119.411441][ T7913] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 119.417698][ T7911] dump_stack_lvl+0xf2/0x150 [ 119.440278][ T7911] dump_stack+0x15/0x20 [ 119.444457][ T7911] should_fail_ex+0x229/0x230 [ 119.449151][ T7911] ? __alloc_skb+0x10b/0x310 [ 119.453830][ T7911] should_failslab+0x8f/0xb0 [ 119.458516][ T7911] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 119.464396][ T7911] __alloc_skb+0x10b/0x310 [ 119.468849][ T7911] netlink_ack+0xef/0x4f0 [ 119.473199][ T7911] netlink_rcv_skb+0x19c/0x230 [ 119.477974][ T7911] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 119.483466][ T7911] nfnetlink_rcv+0x16c/0x15b0 [ 119.488155][ T7911] ? kmem_cache_free+0xd8/0x280 [ 119.493061][ T7911] ? nlmon_xmit+0x51/0x60 [ 119.497465][ T7911] ? __kfree_skb+0x102/0x150 [ 119.502073][ T7911] ? consume_skb+0x57/0x180 [ 119.506591][ T7911] ? nlmon_xmit+0x51/0x60 [ 119.510934][ T7911] ? dev_hard_start_xmit+0x3c1/0x3f0 [ 119.516368][ T7911] ? __dev_queue_xmit+0xb86/0x1fe0 [ 119.521487][ T7911] ? ref_tracker_free+0x3a5/0x410 [ 119.526638][ T7911] ? __dev_queue_xmit+0x161/0x1fe0 [ 119.531763][ T7911] ? __netlink_deliver_tap+0x495/0x4c0 [ 119.537312][ T7911] netlink_unicast+0x593/0x670 [ 119.542100][ T7911] netlink_sendmsg+0x5cc/0x6e0 [ 119.546877][ T7911] ? __pfx_netlink_sendmsg+0x10/0x10 [ 119.552191][ T7911] __sock_sendmsg+0x140/0x180 [ 119.556887][ T7911] ____sys_sendmsg+0x312/0x410 [ 119.561701][ T7911] __sys_sendmsg+0x1e9/0x280 [ 119.566383][ T7911] __x64_sys_sendmsg+0x46/0x50 [ 119.571156][ T7911] x64_sys_call+0x26f8/0x2e00 [ 119.575907][ T7911] do_syscall_64+0xc9/0x1c0 [ 119.580425][ T7911] ? clear_bhb_loop+0x55/0xb0 [ 119.585129][ T7911] ? clear_bhb_loop+0x55/0xb0 [ 119.589817][ T7911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.595723][ T7911] RIP: 0033:0x7f7508c073b9 [ 119.600139][ T7911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.619831][ T7911] RSP: 002b:00007f7507887048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 119.628325][ T7911] RAX: ffffffffffffffda RBX: 00007f7508d95f80 RCX: 00007f7508c073b9 [ 119.636329][ T7911] RDX: 0000000000000000 RSI: 0000000020001080 RDI: 0000000000000003 [ 119.644359][ T7911] RBP: 00007f75078870a0 R08: 0000000000000000 R09: 0000000000000000 [ 119.652336][ T7911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 119.660308][ T7911] R13: 000000000000000b R14: 00007f7508d95f80 R15: 00007ffc45179458 [ 119.668285][ T7911] [ 119.690792][ T7913] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 119.724574][ T7919] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7919 comm=syz.0.1214 [ 119.751989][ T29] audit: type=1400 audit(1722374855.889:682): avc: denied { override_creds } for pid=7915 comm="syz.4.1217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 119.778117][ T7916] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1217'. [ 119.808685][ T7916] team_slave_0: entered allmulticast mode [ 119.817271][ T7916] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 119.837160][ T7907] netlink: 'syz.0.1214': attribute type 1 has an invalid length. [ 119.846560][ T7124] udevd[7124]: inotify_add_watch(7, /dev/loop11, 10) failed: No such file or directory [ 119.860208][ T7907] 8021q: adding VLAN 0 to HW filter on device bond8 [ 119.869455][ T7926] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1220'. [ 120.035086][ T7948] loop2: detected capacity change from 0 to 512 [ 120.042141][ T7948] ext4: Bad value for 'init_itable' [ 120.069098][ T7952] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1231'. [ 120.174054][ T7965] loop2: detected capacity change from 0 to 128 [ 120.185823][ T7965] smc: net device lo applied user defined pnetid SYZ2 [ 120.193120][ T7965] smc: net device lo erased user defined pnetid SYZ2 [ 120.242608][ T7970] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7970 comm=syz.1.1238 [ 120.257195][ T7970] loop1: detected capacity change from 0 to 512 [ 120.265087][ T7970] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 120.280210][ T7970] EXT4-fs (loop1): Remounting filesystem read-only [ 120.286897][ T7970] EXT4-fs (loop1): 1 truncate cleaned up [ 120.293100][ T7970] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 120.312885][ T7970] netlink: 'syz.1.1238': attribute type 1 has an invalid length. [ 120.329248][ T7970] 8021q: adding VLAN 0 to HW filter on device bond1 [ 120.335263][ T7976] loop2: detected capacity change from 0 to 1024 [ 120.345256][ T7976] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f05cc01c, mo2=0002] [ 120.353397][ T7976] System zones: 0-1, 3-36 [ 120.382835][ T7981] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1242'. [ 120.420134][ T7983] loop1: detected capacity change from 0 to 2048 [ 120.515020][ T7993] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1247'. [ 120.539711][ T7997] FAULT_INJECTION: forcing a failure. [ 120.539711][ T7997] name failslab, interval 1, probability 0, space 0, times 0 [ 120.552466][ T7997] CPU: 0 UID: 0 PID: 7997 Comm: syz.1.1249 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 120.563160][ T7997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 120.573254][ T7997] Call Trace: [ 120.576603][ T7997] [ 120.579552][ T7997] dump_stack_lvl+0xf2/0x150 [ 120.584166][ T7997] dump_stack+0x15/0x20 [ 120.588338][ T7997] should_fail_ex+0x229/0x230 [ 120.593049][ T7997] ? __alloc_skb+0x10b/0x310 [ 120.597733][ T7997] should_failslab+0x8f/0xb0 [ 120.602427][ T7997] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 120.608249][ T7997] __alloc_skb+0x10b/0x310 [ 120.612759][ T7997] netlink_alloc_large_skb+0xad/0xe0 [ 120.618119][ T7997] netlink_sendmsg+0x3b4/0x6e0 [ 120.622895][ T7997] ? __pfx_netlink_sendmsg+0x10/0x10 [ 120.628191][ T7997] __sock_sendmsg+0x140/0x180 [ 120.632961][ T7997] ____sys_sendmsg+0x312/0x410 [ 120.637781][ T7997] __sys_sendmsg+0x1e9/0x280 [ 120.642393][ T7997] __x64_sys_sendmsg+0x46/0x50 [ 120.647277][ T7997] x64_sys_call+0x26f8/0x2e00 [ 120.651965][ T7997] do_syscall_64+0xc9/0x1c0 [ 120.656530][ T7997] ? clear_bhb_loop+0x55/0xb0 [ 120.661403][ T7997] ? clear_bhb_loop+0x55/0xb0 [ 120.666140][ T7997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.672047][ T7997] RIP: 0033:0x7f7508c073b9 [ 120.676468][ T7997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.696157][ T7997] RSP: 002b:00007f7507887048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 120.704585][ T7997] RAX: ffffffffffffffda RBX: 00007f7508d95f80 RCX: 00007f7508c073b9 [ 120.712611][ T7997] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000005 [ 120.720587][ T7997] RBP: 00007f75078870a0 R08: 0000000000000000 R09: 0000000000000000 [ 120.728619][ T7997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.736599][ T7997] R13: 000000000000000b R14: 00007f7508d95f80 R15: 00007ffc45179458 [ 120.744579][ T7997] [ 120.838203][ T8006] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1253'. [ 120.895525][ T8016] loop2: detected capacity change from 0 to 512 [ 120.918826][ T8017] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1254'. [ 120.931826][ T8019] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1259'. [ 121.034025][ T8027] loop3: detected capacity change from 0 to 512 [ 121.069998][ T8027] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 121.141209][ T8038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1266'. [ 121.257170][ T29] audit: type=1400 audit(1722374857.283:683): avc: denied { read append } for pid=8051 comm="syz.0.1273" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 121.281095][ T29] audit: type=1400 audit(1722374857.283:684): avc: denied { open } for pid=8051 comm="syz.0.1273" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 121.353176][ T8060] FAULT_INJECTION: forcing a failure. [ 121.353176][ T8060] name failslab, interval 1, probability 0, space 0, times 0 [ 121.365886][ T8060] CPU: 0 UID: 0 PID: 8060 Comm: syz.0.1275 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 121.376766][ T8060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 121.386835][ T8060] Call Trace: [ 121.390120][ T8060] [ 121.393305][ T8060] dump_stack_lvl+0xf2/0x150 [ 121.398086][ T8060] dump_stack+0x15/0x20 [ 121.402398][ T8060] should_fail_ex+0x229/0x230 [ 121.407087][ T8060] ? ctnetlink_alloc_filter+0x50/0x530 [ 121.412626][ T8060] should_failslab+0x8f/0xb0 [ 121.417367][ T8060] __kmalloc_cache_noprof+0x4b/0x2a0 [ 121.422754][ T8060] ctnetlink_alloc_filter+0x50/0x530 [ 121.428059][ T8060] ctnetlink_start+0xc0/0x100 [ 121.432748][ T8060] __netlink_dump_start+0x32a/0x510 [ 121.437971][ T8060] ctnetlink_get_conntrack+0x119/0x440 [ 121.443495][ T8060] ? __pfx_ctnetlink_start+0x10/0x10 [ 121.448789][ T8060] ? __pfx_ctnetlink_dump_table+0x10/0x10 [ 121.454588][ T8060] ? __pfx_ctnetlink_done+0x10/0x10 [ 121.459811][ T8060] nfnetlink_rcv_msg+0x4a9/0x570 [ 121.464777][ T8060] netlink_rcv_skb+0x12c/0x230 [ 121.469585][ T8060] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 121.475062][ T8060] nfnetlink_rcv+0x16c/0x15b0 [ 121.479742][ T8060] ? kmem_cache_free+0xd8/0x280 [ 121.484612][ T8060] ? nlmon_xmit+0x51/0x60 [ 121.488969][ T8060] ? __kfree_skb+0x102/0x150 [ 121.493560][ T8060] ? consume_skb+0x57/0x180 [ 121.498130][ T8060] ? nlmon_xmit+0x51/0x60 [ 121.502487][ T8060] ? dev_hard_start_xmit+0x3c1/0x3f0 [ 121.507774][ T8060] ? __dev_queue_xmit+0xb86/0x1fe0 [ 121.512917][ T8060] ? ref_tracker_free+0x3a5/0x410 [ 121.517967][ T8060] ? __dev_queue_xmit+0x161/0x1fe0 [ 121.523086][ T8060] ? __netlink_deliver_tap+0x495/0x4c0 [ 121.528598][ T8060] netlink_unicast+0x593/0x670 [ 121.533374][ T8060] netlink_sendmsg+0x5cc/0x6e0 [ 121.538175][ T8060] ? __pfx_netlink_sendmsg+0x10/0x10 [ 121.543500][ T8060] __sock_sendmsg+0x140/0x180 [ 121.548288][ T8060] ____sys_sendmsg+0x312/0x410 [ 121.553075][ T8060] __sys_sendmsg+0x1e9/0x280 [ 121.557702][ T8060] __x64_sys_sendmsg+0x46/0x50 [ 121.562477][ T8060] x64_sys_call+0x26f8/0x2e00 [ 121.567175][ T8060] do_syscall_64+0xc9/0x1c0 [ 121.571748][ T8060] ? clear_bhb_loop+0x55/0xb0 [ 121.576510][ T8060] ? clear_bhb_loop+0x55/0xb0 [ 121.581259][ T8060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.587243][ T8060] RIP: 0033:0x7efe2d5a73b9 [ 121.591653][ T8060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.611265][ T8060] RSP: 002b:00007efe2c227048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 121.619676][ T8060] RAX: ffffffffffffffda RBX: 00007efe2d735f80 RCX: 00007efe2d5a73b9 [ 121.627735][ T8060] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003 [ 121.635702][ T8060] RBP: 00007efe2c2270a0 R08: 0000000000000000 R09: 0000000000000000 [ 121.643677][ T8060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.651673][ T8060] R13: 000000000000000b R14: 00007efe2d735f80 R15: 00007ffc608e9598 [ 121.659654][ T8060] [ 121.752105][ C1] eth0: bad gso: type: 1, size: 1408 [ 121.770020][ T8066] vlan0: entered allmulticast mode [ 121.775231][ T8066] veth0_vlan: entered allmulticast mode [ 121.930218][ T8080] FAULT_INJECTION: forcing a failure. [ 121.930218][ T8080] name failslab, interval 1, probability 0, space 0, times 0 [ 121.942900][ T8080] CPU: 1 UID: 0 PID: 8080 Comm: syz.1.1285 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 121.953640][ T8080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 121.963713][ T8080] Call Trace: [ 121.967083][ T8080] [ 121.970026][ T8080] dump_stack_lvl+0xf2/0x150 [ 121.974651][ T8080] dump_stack+0x15/0x20 [ 121.978873][ T8080] should_fail_ex+0x229/0x230 [ 121.983598][ T8080] ? __alloc_skb+0x10b/0x310 [ 121.988285][ T8080] should_failslab+0x8f/0xb0 [ 121.992923][ T8080] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 121.998738][ T8080] __alloc_skb+0x10b/0x310 [ 122.003236][ T8080] netlink_ack+0xef/0x4f0 [ 122.007572][ T8080] netlink_rcv_skb+0x19c/0x230 [ 122.012332][ T8080] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 122.017821][ T8080] nfnetlink_rcv+0x16c/0x15b0 [ 122.022562][ T8080] ? kmem_cache_free+0xd8/0x280 [ 122.027423][ T8080] ? nlmon_xmit+0x51/0x60 [ 122.031771][ T8080] ? __kfree_skb+0x102/0x150 [ 122.036388][ T8080] ? consume_skb+0x57/0x180 [ 122.040895][ T8080] ? nlmon_xmit+0x51/0x60 [ 122.045258][ T8080] ? dev_hard_start_xmit+0x3c1/0x3f0 [ 122.050548][ T8080] ? __dev_queue_xmit+0xb86/0x1fe0 [ 122.055801][ T8080] ? ref_tracker_free+0x3a5/0x410 [ 122.060877][ T8080] ? __dev_queue_xmit+0x161/0x1fe0 [ 122.065994][ T8080] ? __netlink_deliver_tap+0x495/0x4c0 [ 122.071467][ T8080] netlink_unicast+0x593/0x670 [ 122.076255][ T8080] netlink_sendmsg+0x5cc/0x6e0 [ 122.081101][ T8080] ? __pfx_netlink_sendmsg+0x10/0x10 [ 122.086414][ T8080] __sock_sendmsg+0x140/0x180 [ 122.091172][ T8080] ____sys_sendmsg+0x312/0x410 [ 122.095969][ T8080] __sys_sendmsg+0x1e9/0x280 [ 122.100619][ T8080] __x64_sys_sendmsg+0x46/0x50 [ 122.105396][ T8080] x64_sys_call+0x26f8/0x2e00 [ 122.110106][ T8080] do_syscall_64+0xc9/0x1c0 [ 122.114687][ T8080] ? clear_bhb_loop+0x55/0xb0 [ 122.119367][ T8080] ? clear_bhb_loop+0x55/0xb0 [ 122.124049][ T8080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.130004][ T8080] RIP: 0033:0x7f7508c073b9 [ 122.134457][ T8080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 122.154067][ T8080] RSP: 002b:00007f7507887048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 122.162494][ T8080] RAX: ffffffffffffffda RBX: 00007f7508d95f80 RCX: 00007f7508c073b9 [ 122.170576][ T8080] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000003 [ 122.178572][ T8080] RBP: 00007f75078870a0 R08: 0000000000000000 R09: 0000000000000000 [ 122.186624][ T8080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 122.194657][ T8080] R13: 000000000000000b R14: 00007f7508d95f80 R15: 00007ffc45179458 [ 122.202669][ T8080] [ 122.285285][ T8088] xt_hashlimit: size too large, truncated to 1048576 [ 122.292099][ T8088] xt_hashlimit: max too large, truncated to 1048576 [ 122.298786][ T8088] xt_hashlimit: overflow, try lower: 0/0 [ 122.305887][ T8090] loop3: detected capacity change from 0 to 512 [ 122.321417][ T8090] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 122.345768][ T29] audit: type=1400 audit(1722374858.280:685): avc: denied { setattr } for pid=8089 comm="syz.3.1287" path="/36/file0/hugetlb.2MB.rsvd.usage_in_bytes" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 122.371094][ T29] audit: type=1400 audit(1722374858.280:686): avc: denied { ioctl } for pid=8089 comm="syz.3.1287" path="/36/file0/hugetlb.2MB.rsvd.usage_in_bytes" dev="loop3" ino=18 ioctlcmd=0x6609 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 122.398919][ T8090] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.1287: corrupted inode contents [ 122.407889][ T8102] loop1: detected capacity change from 0 to 512 [ 122.411257][ T8090] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #19: comm syz.3.1287: mark_inode_dirty error [ 122.434005][ T8102] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 122.435737][ T8090] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #19: comm syz.3.1287: corrupted inode contents [ 122.460760][ C1] eth0: bad gso: type: 1, size: 1408 [ 122.467177][ T8102] EXT4-fs (loop1): invalid journal inode [ 122.472880][ T8102] EXT4-fs (loop1): can't get journal size [ 122.478943][ T8090] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3007: inode #19: comm syz.3.1287: mark_inode_dirty error [ 122.491394][ T8090] EXT4-fs error (device loop3): ext4_xattr_delete_inode:3010: inode #19: comm syz.3.1287: mark inode dirty (error -117) [ 122.505834][ T8102] EXT4-fs (loop1): 1 truncate cleaned up [ 122.527335][ T55] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.546532][ T8090] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117) [ 122.602123][ T29] audit: type=1400 audit(1722374858.520:687): avc: denied { getopt } for pid=8120 comm="syz.3.1296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 122.642510][ T55] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.716666][ T55] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.721626][ T8081] chnl_net:caif_netlink_parms(): no params data found [ 122.787835][ T55] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.794265][ T8140] loop3: detected capacity change from 0 to 512 [ 122.818190][ T8140] EXT4-fs (loop3): inodes count not valid: 1 vs 32 [ 122.834731][ T8081] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.841880][ T8081] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.844554][ T8142] loop1: detected capacity change from 0 to 2048 [ 122.856433][ T8081] bridge_slave_0: entered allmulticast mode [ 122.863946][ T8081] bridge_slave_0: entered promiscuous mode [ 122.895968][ T8081] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.903834][ T8081] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.914536][ T8146] loop3: detected capacity change from 0 to 512 [ 122.924219][ T8081] bridge_slave_1: entered allmulticast mode [ 122.930250][ T8146] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 122.945322][ T8081] bridge_slave_1: entered promiscuous mode [ 122.955535][ T8146] EXT4-fs (loop3): invalid journal inode [ 122.965915][ T8146] EXT4-fs (loop3): can't get journal size [ 122.968876][ T29] audit: type=1400 audit(1722374858.861:688): avc: denied { listen } for pid=8151 comm="syz.1.1307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 122.978178][ T8146] EXT4-fs (loop3): 1 truncate cleaned up [ 123.017431][ T8081] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 123.035758][ T8081] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 123.045616][ T55] bridge_slave_1: left allmulticast mode [ 123.051289][ T55] bridge_slave_1: left promiscuous mode [ 123.051379][ T29] audit: type=1400 audit(1722374858.926:689): avc: denied { accept } for pid=8151 comm="syz.1.1307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 123.057002][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.086897][ T55] bridge_slave_0: left allmulticast mode [ 123.092588][ T55] bridge_slave_0: left promiscuous mode [ 123.098335][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.340005][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 123.350665][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 123.361586][ T55] bond0 (unregistering): Released all slaves [ 123.370578][ T55] bond1 (unregistering): Released all slaves [ 123.379900][ T55] bond2 (unregistering): Released all slaves [ 123.389171][ T55] bond3 (unregistering): Released all slaves [ 123.398705][ T55] bond4 (unregistering): Released all slaves [ 123.407517][ T55] bond5 (unregistering): Released all slaves [ 123.417371][ T55] bond6 (unregistering): Released all slaves [ 123.426719][ T55] bond7 (unregistering): Released all slaves [ 123.435984][ T55] bond8 (unregistering): Released all slaves [ 123.471087][ T8081] team0: Port device team_slave_0 added [ 123.494610][ T8081] team0: Port device team_slave_1 added [ 123.515199][ T8175] loop2: detected capacity change from 0 to 128 [ 123.553095][ T55] hsr_slave_0: left promiscuous mode [ 123.565913][ T55] hsr_slave_1: left promiscuous mode [ 123.580516][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 123.587254][ T29] audit: type=1400 audit(1722374859.433:690): avc: denied { setopt } for pid=8183 comm="syz.4.1313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 123.588067][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 123.610793][ T29] audit: type=1400 audit(1722374859.452:691): avc: denied { shutdown } for pid=8183 comm="syz.4.1313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 123.640152][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 123.647700][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 123.665880][ T55] veth1_macvtap: left promiscuous mode [ 123.671598][ T55] veth0_macvtap: left promiscuous mode [ 123.769701][ T29] audit: type=1400 audit(1722374859.590:692): avc: denied { write } for pid=8199 comm="syz.4.1317" name="event0" dev="devtmpfs" ino=218 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 123.795485][ T55] pim6reg9 (unregistering): left allmulticast mode [ 123.840371][ T55] team0 (unregistering): Port device team_slave_1 removed [ 123.855813][ T55] team0 (unregistering): Port device team_slave_0 removed [ 123.926150][ T55] smc: removing net device lo with user defined pnetid SYZ2 [ 123.927565][ T8204] loop1: detected capacity change from 0 to 512 [ 123.950910][ T8081] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 123.958064][ T8081] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 123.984097][ T8081] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 123.994897][ T8204] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 124.000494][ T8081] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 124.010098][ T8081] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.036216][ T8081] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 124.051310][ T8204] EXT4-fs (loop1): invalid journal inode [ 124.065978][ T8192] smc: net device lo applied user defined pnetid SYZ2 [ 124.070512][ T8204] EXT4-fs (loop1): can't get journal size [ 124.101914][ T8201] smc: net device lo erased user defined pnetid SYZ2 [ 124.112265][ T8081] hsr_slave_0: entered promiscuous mode [ 124.118950][ T8081] hsr_slave_1: entered promiscuous mode [ 124.144495][ T8204] EXT4-fs (loop1): 1 truncate cleaned up [ 124.269231][ T8221] loop1: detected capacity change from 0 to 128 [ 124.313096][ T8221] smc: net device lo erased user defined pnetid SYZ2 [ 124.408305][ T8235] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8235 comm=syz.2.1327 [ 124.441665][ T8235] loop2: detected capacity change from 0 to 512 [ 124.464606][ T8235] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 124.511467][ T8235] EXT4-fs (loop2): Remounting filesystem read-only [ 124.514983][ T8244] loop1: detected capacity change from 0 to 2048 [ 124.544321][ T8235] EXT4-fs (loop2): 1 truncate cleaned up [ 124.568856][ T8235] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 124.627583][ T8235] netlink: 'syz.2.1327': attribute type 1 has an invalid length. [ 124.658438][ T8235] 8021q: adding VLAN 0 to HW filter on device bond1 [ 124.677267][ T8081] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 124.712884][ T8081] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 124.750567][ T8262] __nla_validate_parse: 10 callbacks suppressed [ 124.750586][ T8262] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1331'. [ 124.795944][ T8081] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 124.814482][ T29] audit: type=1400 audit(1722374860.559:693): avc: denied { ioctl } for pid=8271 comm="syz.2.1334" path="socket:[26442]" dev="sockfs" ino=26442 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 124.849181][ T8081] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 124.861296][ T8275] loop3: detected capacity change from 0 to 512 [ 124.883614][ T8275] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 124.899408][ T8276] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1332'. [ 124.924299][ T8284] loop2: detected capacity change from 0 to 2048 [ 124.964783][ T8081] 8021q: adding VLAN 0 to HW filter on device bond0 [ 124.983206][ T8284] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 124.985895][ T8289] loop1: detected capacity change from 0 to 2048 [ 125.004205][ T8081] 8021q: adding VLAN 0 to HW filter on device team0 [ 125.019491][ T983] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.020441][ T8284] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 125.026705][ T983] bridge0: port 1(bridge_slave_0) entered forwarding state [ 125.038878][ T8284] EXT4-fs (loop2): This should not happen!! Data will be lost [ 125.038878][ T8284] [ 125.038895][ T8284] EXT4-fs (loop2): Total free blocks count 0 [ 125.061849][ T8284] EXT4-fs (loop2): Free/Dirty block details [ 125.065488][ T983] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.067772][ T8284] EXT4-fs (loop2): free_blocks=2415919104 [ 125.074829][ T983] bridge0: port 2(bridge_slave_1) entered forwarding state [ 125.080505][ T8284] EXT4-fs (loop2): dirty_blocks=16 [ 125.092984][ T8284] EXT4-fs (loop2): Block reservation details [ 125.099052][ T8284] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 125.209900][ T8081] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 125.364034][ T8081] veth0_vlan: entered promiscuous mode [ 125.372680][ T8081] veth1_vlan: entered promiscuous mode [ 125.404453][ T8081] veth0_macvtap: entered promiscuous mode [ 125.412735][ T8338] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8338 comm=syz.2.1344 [ 125.428234][ T8081] veth1_macvtap: entered promiscuous mode [ 125.437911][ T8338] loop2: detected capacity change from 0 to 512 [ 125.441624][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.454681][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.464561][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.475070][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.485010][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.495473][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.505511][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.515968][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.525929][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.536456][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.546361][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.556859][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.573172][ T8081] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 125.586103][ T8338] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 125.605915][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.616437][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.619274][ T8338] EXT4-fs (loop2): Remounting filesystem read-only [ 125.626349][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.641628][ T8338] EXT4-fs (loop2): 1 truncate cleaned up [ 125.643240][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.657744][ T8338] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 125.658717][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.675823][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.685702][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.696183][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.706126][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.716650][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.726467][ T8081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.736965][ T8081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.757345][ T8081] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 125.769007][ T8081] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.777918][ T8081] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.786690][ T8081] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.795448][ T8081] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.825147][ T8338] netlink: 'syz.2.1344': attribute type 1 has an invalid length. [ 125.846093][ T8365] loop3: detected capacity change from 0 to 512 [ 125.848618][ T8338] 8021q: adding VLAN 0 to HW filter on device bond2 [ 125.866873][ T8365] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 125.876672][ T8365] EXT4-fs (loop3): invalid journal inode [ 125.886810][ T8365] EXT4-fs (loop3): can't get journal size [ 125.895393][ T8368] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1348'. [ 125.895520][ T8365] EXT4-fs (loop3): 1 truncate cleaned up [ 125.991058][ T8380] loop2: detected capacity change from 0 to 2048 [ 126.041683][ T8380] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 126.056827][ T8380] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 126.058557][ T8389] loop3: detected capacity change from 0 to 128 [ 126.069065][ T8380] EXT4-fs (loop2): This should not happen!! Data will be lost [ 126.069065][ T8380] [ 126.069086][ T8380] EXT4-fs (loop2): Total free blocks count 0 [ 126.091166][ T8380] EXT4-fs (loop2): Free/Dirty block details [ 126.097129][ T8380] EXT4-fs (loop2): free_blocks=2415919104 [ 126.102885][ T8380] EXT4-fs (loop2): dirty_blocks=16 [ 126.108088][ T8380] EXT4-fs (loop2): Block reservation details [ 126.114142][ T8380] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 126.154691][ T8397] FAULT_INJECTION: forcing a failure. [ 126.154691][ T8397] name failslab, interval 1, probability 0, space 0, times 0 [ 126.167533][ T8397] CPU: 0 UID: 0 PID: 8397 Comm: syz.3.1358 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 126.178241][ T8397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 126.188352][ T8397] Call Trace: [ 126.191682][ T8397] [ 126.194712][ T8397] dump_stack_lvl+0xf2/0x150 [ 126.199350][ T8397] dump_stack+0x15/0x20 [ 126.203552][ T8397] should_fail_ex+0x229/0x230 [ 126.208241][ T8397] ? __alloc_skb+0x10b/0x310 [ 126.212833][ T8397] should_failslab+0x8f/0xb0 [ 126.217596][ T8397] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 126.223413][ T8397] __alloc_skb+0x10b/0x310 [ 126.227894][ T8397] __ip6_append_data+0x17fd/0x2160 [ 126.233096][ T8397] ? __pfx_raw6_getfrag+0x10/0x10 [ 126.238187][ T8397] ? __kmalloc_node_track_caller_noprof+0x17e/0x380 [ 126.244963][ T8397] ? __rcu_read_unlock+0x4e/0x70 [ 126.249932][ T8397] ? ip6_mtu+0xfb/0x120 [ 126.254125][ T8397] ? __pfx_ip6_mtu+0x10/0x10 [ 126.258799][ T8397] ip6_append_data+0x1bc/0x260 [ 126.263576][ T8397] ? __pfx_raw6_getfrag+0x10/0x10 [ 126.268620][ T8397] rawv6_sendmsg+0xd87/0xf40 [ 126.273225][ T8397] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 126.278338][ T8397] inet_sendmsg+0xc5/0xd0 [ 126.282729][ T8397] __sock_sendmsg+0x102/0x180 [ 126.287443][ T8397] __sys_sendto+0x1e5/0x260 [ 126.292038][ T8397] __x64_sys_sendto+0x78/0x90 [ 126.296734][ T8397] x64_sys_call+0x2bc6/0x2e00 [ 126.301477][ T8397] do_syscall_64+0xc9/0x1c0 [ 126.306002][ T8397] ? clear_bhb_loop+0x55/0xb0 [ 126.310691][ T8397] ? clear_bhb_loop+0x55/0xb0 [ 126.315392][ T8397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.321407][ T8397] RIP: 0033:0x7f7762d373b9 [ 126.325885][ T8397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.345525][ T8397] RSP: 002b:00007f77619b7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 126.353980][ T8397] RAX: ffffffffffffffda RBX: 00007f7762ec5f80 RCX: 00007f7762d373b9 [ 126.361974][ T8397] RDX: 0000000000000008 RSI: 0000000020000180 RDI: 0000000000000003 [ 126.369944][ T8397] RBP: 00007f77619b70a0 R08: 0000000000000000 R09: 0000000000000000 [ 126.378021][ T8397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 126.385997][ T8397] R13: 000000000000000b R14: 00007f7762ec5f80 R15: 00007fff93c60568 [ 126.393971][ T8397] [ 126.439790][ T8407] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1361'. [ 126.483306][ T8413] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 126.534031][ T8420] delete_channel: no stack [ 126.582129][ T8424] loop3: detected capacity change from 0 to 2048 [ 126.700115][ T8439] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 126.709216][ T29] audit: type=1326 audit(1722374862.313:694): auid=4294967295 uid=16832 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8438 comm="syz.1.1374" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7508c073b9 code=0x0 [ 126.752011][ T29] audit: type=1400 audit(1722374862.350:695): avc: denied { ioctl } for pid=8442 comm="syz.3.1376" path="socket:[27759]" dev="sockfs" ino=27759 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 126.752689][ T8443] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1376'. [ 126.791407][ T8443] SELinux: Context Ž is not valid (left unmapped). [ 126.801631][ T29] audit: type=1400 audit(1722374862.405:696): avc: denied { create } for pid=8442 comm="syz.3.1376" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=8E [ 126.878186][ T8453] delete_channel: no stack [ 126.920884][ T8457] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 127.063274][ T8470] FAULT_INJECTION: forcing a failure. [ 127.063274][ T8470] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 127.076453][ T8470] CPU: 0 UID: 0 PID: 8470 Comm: syz.4.1387 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 127.087178][ T8470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 127.096969][ T8473] xt_socket: unknown flags 0x50 [ 127.097350][ T8470] Call Trace: [ 127.097360][ T8470] [ 127.097372][ T8470] dump_stack_lvl+0xf2/0x150 [ 127.097410][ T8470] dump_stack+0x15/0x20 [ 127.117311][ T8470] should_fail_ex+0x229/0x230 [ 127.122086][ T8470] should_fail+0xb/0x10 [ 127.126270][ T8470] should_fail_usercopy+0x1a/0x20 [ 127.131386][ T8470] fpu__restore_sig+0x11a/0xaf0 [ 127.136266][ T8470] ? copy_fpstate_to_sigframe+0x61d/0x720 [ 127.142016][ T8470] restore_sigcontext+0x1b5/0x220 [ 127.147103][ T8470] __do_sys_rt_sigreturn+0xc5/0x150 [ 127.152331][ T8470] x64_sys_call+0x2b44/0x2e00 [ 127.157119][ T8470] do_syscall_64+0xc9/0x1c0 [ 127.161654][ T8470] ? clear_bhb_loop+0x55/0xb0 [ 127.166433][ T8470] ? clear_bhb_loop+0x55/0xb0 [ 127.171136][ T8470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.177055][ T8470] RIP: 0033:0x7f2cd7ba73b9 [ 127.181631][ T8470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.201350][ T8470] RSP: 002b:00007f2cd6827048 EFLAGS: 00000246 [ 127.207437][ T8470] RAX: ffffffffffffffea RBX: 00007f2cd7d35f80 RCX: 00007f2cd7ba73b9 [ 127.215431][ T8470] RDX: 0000000000000090 RSI: 00000000200003c0 RDI: 0000000000000022 [ 127.223502][ T8470] RBP: 00007f2cd68270a0 R08: 0000000000000000 R09: 0000000000000000 [ 127.231493][ T8470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.239571][ T8470] R13: 000000000000000b R14: 00007f2cd7d35f80 R15: 00007ffcef82ce28 [ 127.247708][ T8470] [ 127.284606][ T8475] syzkaller0: entered promiscuous mode [ 127.290211][ T8475] syzkaller0: entered allmulticast mode [ 127.379265][ T8409] syz.2.1362 (8409) used greatest stack depth: 9552 bytes left [ 127.410048][ T8480] FAULT_INJECTION: forcing a failure. [ 127.410048][ T8480] name failslab, interval 1, probability 0, space 0, times 0 [ 127.422750][ T8480] CPU: 0 UID: 0 PID: 8480 Comm: syz.4.1391 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 127.433490][ T8480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 127.443559][ T8480] Call Trace: [ 127.446854][ T8480] [ 127.449858][ T8480] dump_stack_lvl+0xf2/0x150 [ 127.454485][ T8480] dump_stack+0x15/0x20 [ 127.458727][ T8480] should_fail_ex+0x229/0x230 [ 127.463438][ T8480] ? __kvmalloc_node_noprof+0x72/0x170 [ 127.469006][ T8480] should_failslab+0x8f/0xb0 [ 127.473712][ T8480] __kmalloc_node_noprof+0xa8/0x380 [ 127.479094][ T8480] __kvmalloc_node_noprof+0x72/0x170 [ 127.484395][ T8480] alloc_netdev_mqs+0x9d/0x8d0 [ 127.489202][ T8480] ? __pfx_vlan_setup+0x10/0x10 [ 127.494208][ T8480] rtnl_create_link+0x233/0x680 [ 127.499102][ T8480] rtnl_newlink+0xe12/0x1690 [ 127.503821][ T8480] ? security_capable+0x64/0x80 [ 127.508759][ T8480] ? ns_capable+0x7d/0xb0 [ 127.513123][ T8480] ? __pfx_rtnl_newlink+0x10/0x10 [ 127.518170][ T8480] rtnetlink_rcv_msg+0x6aa/0x710 [ 127.523172][ T8480] ? ref_tracker_free+0x3a5/0x410 [ 127.528264][ T8480] ? __dev_queue_xmit+0x161/0x1fe0 [ 127.533434][ T8480] netlink_rcv_skb+0x12c/0x230 [ 127.538276][ T8480] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 127.543826][ T8480] rtnetlink_rcv+0x1c/0x30 [ 127.548268][ T8480] netlink_unicast+0x593/0x670 [ 127.553111][ T8480] netlink_sendmsg+0x5cc/0x6e0 [ 127.557958][ T8480] ? __pfx_netlink_sendmsg+0x10/0x10 [ 127.563321][ T8480] __sock_sendmsg+0x140/0x180 [ 127.568102][ T8480] ____sys_sendmsg+0x312/0x410 [ 127.572941][ T8480] __sys_sendmsg+0x1e9/0x280 [ 127.577560][ T8480] __x64_sys_sendmsg+0x46/0x50 [ 127.582383][ T8480] x64_sys_call+0x26f8/0x2e00 [ 127.587189][ T8480] do_syscall_64+0xc9/0x1c0 [ 127.591733][ T8480] ? clear_bhb_loop+0x55/0xb0 [ 127.596507][ T8480] ? clear_bhb_loop+0x55/0xb0 [ 127.601284][ T8480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.607302][ T8480] RIP: 0033:0x7f2cd7ba73b9 [ 127.611740][ T8480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.631397][ T8480] RSP: 002b:00007f2cd6827048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 127.639904][ T8480] RAX: ffffffffffffffda RBX: 00007f2cd7d35f80 RCX: 00007f2cd7ba73b9 [ 127.647989][ T8480] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 127.656076][ T8480] RBP: 00007f2cd68270a0 R08: 0000000000000000 R09: 0000000000000000 [ 127.664086][ T8480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.672160][ T8480] R13: 000000000000000b R14: 00007f2cd7d35f80 R15: 00007ffcef82ce28 [ 127.680155][ T8480] [ 127.684505][ T8482] smc: net device lo applied user defined pnetid SYZ2 [ 127.694229][ T8483] smc: net device lo erased user defined pnetid SYZ2 [ 127.711125][ T8485] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8485 comm=syz.4.1393 [ 127.729688][ T8485] netlink: 'syz.4.1393': attribute type 1 has an invalid length. [ 127.745712][ T8485] 8021q: adding VLAN 0 to HW filter on device bond1 [ 127.766718][ T8488] loop2: detected capacity change from 0 to 2048 [ 127.844214][ T8498] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1398'. [ 127.877902][ T8502] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1400'. [ 127.899633][ C1] eth0: bad gso: type: 1, size: 1408 [ 127.930862][ T8513] loop1: detected capacity change from 0 to 2048 [ 127.948243][ T8515] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8515 comm=syz.2.1405 [ 127.977300][ T8515] loop2: detected capacity change from 0 to 512 [ 127.996184][ T8515] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 128.011156][ T8513] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1404'. [ 128.026785][ T8515] EXT4-fs (loop2): Remounting filesystem read-only [ 128.043455][ T8526] loop3: detected capacity change from 0 to 2048 [ 128.046234][ T8515] EXT4-fs (loop2): 1 truncate cleaned up [ 128.052363][ T8524] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1408'. [ 128.059967][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 128.060052][ T29] audit: type=1400 audit(1722374863.559:702): avc: denied { create } for pid=8508 comm="syz.1.1404" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=rawip_socket permissive=1 [ 128.076307][ T8524] vlan2: entered allmulticast mode [ 128.095966][ T8524] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 128.096272][ T8515] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 128.113288][ T8528] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 128.127660][ T8528] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(13) [ 128.134360][ T8528] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 128.142090][ T8528] vhci_hcd vhci_hcd.0: Device attached [ 128.150528][ T8533] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8533 comm=syz.4.1410 [ 128.153350][ T29] audit: type=1400 audit(1722374863.642:703): avc: denied { create } for pid=8508 comm="syz.1.1404" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1 [ 128.186933][ T8513] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(15) [ 128.193622][ T8513] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 128.201272][ T8513] vhci_hcd vhci_hcd.0: Device attached [ 128.210780][ T8528] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(18) [ 128.217469][ T8528] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 128.225213][ T8528] vhci_hcd vhci_hcd.0: Device attached [ 128.232577][ T8515] netlink: 'syz.2.1405': attribute type 1 has an invalid length. [ 128.239788][ T29] audit: type=1400 audit(1722374863.698:704): avc: denied { read } for pid=8536 comm="vhci_rx" scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:hugetlbfs_t tclass=unix_stream_socket permissive=1 [ 128.252317][ T8515] 8021q: adding VLAN 0 to HW filter on device bond3 [ 128.261465][ T8536] vhci_hcd: connection closed [ 128.268821][ T8538] vhci_hcd: connection closed [ 128.269066][ T8530] vhci_hcd: connection closed [ 128.276489][ T3858] vhci_hcd: stop threads [ 128.281556][ T8533] netlink: 'syz.4.1410': attribute type 1 has an invalid length. [ 128.283020][ T3858] vhci_hcd: release socket [ 128.299701][ T3858] vhci_hcd: disconnect device [ 128.304643][ T3858] vhci_hcd: stop threads [ 128.308943][ T3858] vhci_hcd: release socket [ 128.313366][ T3858] vhci_hcd: disconnect device [ 128.321481][ T3858] vhci_hcd: stop threads [ 128.325737][ T3858] vhci_hcd: release socket [ 128.330024][ T8533] 8021q: adding VLAN 0 to HW filter on device bond2 [ 128.330205][ T3858] vhci_hcd: disconnect device [ 128.367208][ T8545] FAULT_INJECTION: forcing a failure. [ 128.367208][ T8545] name failslab, interval 1, probability 0, space 0, times 0 [ 128.380084][ T8545] CPU: 1 UID: 0 PID: 8545 Comm: syz.2.1411 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 128.390802][ T8545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 128.400906][ T8545] Call Trace: [ 128.404179][ T8545] [ 128.407159][ T8545] dump_stack_lvl+0xf2/0x150 [ 128.411837][ T8545] dump_stack+0x15/0x20 [ 128.416115][ T8545] should_fail_ex+0x229/0x230 [ 128.420877][ T8545] ? __alloc_skb+0x10b/0x310 [ 128.421255][ T29] audit: type=1400 audit(1722374863.864:705): avc: denied { write } for pid=8543 comm="syz.3.1412" name="net" dev="proc" ino=27946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 128.425472][ T8545] should_failslab+0x8f/0xb0 [ 128.446951][ T29] audit: type=1400 audit(1722374863.864:706): avc: denied { add_name } for pid=8543 comm="syz.3.1412" name="pfkey" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 128.451403][ T8545] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 128.471403][ T29] audit: type=1400 audit(1722374863.864:707): avc: denied { create } for pid=8543 comm="syz.3.1412" name="pfkey" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1 [ 128.477126][ T8545] ? __rtnl_unlock+0x99/0xb0 [ 128.497001][ T29] audit: type=1400 audit(1722374863.864:708): avc: denied { associate } for pid=8543 comm="syz.3.1412" name="pfkey" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 128.501552][ T8545] __alloc_skb+0x10b/0x310 [ 128.527009][ T8545] netlink_ack+0xef/0x4f0 [ 128.531367][ T8545] ? __dev_queue_xmit+0x161/0x1fe0 [ 128.536503][ T8545] netlink_rcv_skb+0x19c/0x230 [ 128.541264][ T8545] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 128.546762][ T8545] rtnetlink_rcv+0x1c/0x30 [ 128.551183][ T8545] netlink_unicast+0x593/0x670 [ 128.555994][ T8545] netlink_sendmsg+0x5cc/0x6e0 [ 128.560839][ T8545] ? __pfx_netlink_sendmsg+0x10/0x10 [ 128.566372][ T8545] __sock_sendmsg+0x140/0x180 [ 128.571102][ T8545] ____sys_sendmsg+0x312/0x410 [ 128.575871][ T8545] __sys_sendmsg+0x1e9/0x280 [ 128.580548][ T8545] __x64_sys_sendmsg+0x46/0x50 [ 128.585389][ T8545] x64_sys_call+0x26f8/0x2e00 [ 128.590074][ T8545] do_syscall_64+0xc9/0x1c0 [ 128.594661][ T8545] ? clear_bhb_loop+0x55/0xb0 [ 128.599457][ T8545] ? clear_bhb_loop+0x55/0xb0 [ 128.604148][ T8545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.610126][ T8545] RIP: 0033:0x7f0cf0e473b9 [ 128.614589][ T8545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.634231][ T8545] RSP: 002b:00007f0cefac7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 128.642643][ T8545] RAX: ffffffffffffffda RBX: 00007f0cf0fd5f80 RCX: 00007f0cf0e473b9 [ 128.650633][ T8545] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 128.658609][ T8545] RBP: 00007f0cefac70a0 R08: 0000000000000000 R09: 0000000000000000 [ 128.666667][ T8545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 128.674635][ T8545] R13: 000000000000000b R14: 00007f0cf0fd5f80 R15: 00007ffcd4c90488 [ 128.682608][ T8545] [ 128.718791][ T8551] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1414'. [ 128.778717][ T29] audit: type=1400 audit(1722374864.224:709): avc: denied { setopt } for pid=8558 comm="syz.2.1417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 128.803711][ T8557] cgroup: Unknown subsys name 'euid>00000000000000000000' [ 128.812320][ T8557] SELinux: Context system_u:object_r:systemd_passwd_agent_exec_t:s0 is not valid (left unmapped). [ 128.819169][ T29] audit: type=1400 audit(1722374864.224:710): avc: denied { read } for pid=8558 comm="syz.2.1417" lport=5 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 128.843236][ T29] audit: type=1400 audit(1722374864.242:711): avc: denied { remount } for pid=8556 comm="syz.4.1418" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 128.880637][ T8563] delete_channel: no stack [ 128.961899][ T8572] smc: net device lo erased user defined pnetid SYZ2 [ 129.028207][ T8581] FAULT_INJECTION: forcing a failure. [ 129.028207][ T8581] name failslab, interval 1, probability 0, space 0, times 0 [ 129.040890][ T8581] CPU: 0 UID: 0 PID: 8581 Comm: syz.1.1428 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 129.051606][ T8581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 129.061749][ T8581] Call Trace: [ 129.065033][ T8581] [ 129.068014][ T8581] dump_stack_lvl+0xf2/0x150 [ 129.072649][ T8581] dump_stack+0x15/0x20 [ 129.076868][ T8581] should_fail_ex+0x229/0x230 [ 129.081567][ T8581] ? __alloc_skb+0x10b/0x310 [ 129.086167][ T8581] should_failslab+0x8f/0xb0 [ 129.090784][ T8581] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 129.096712][ T8581] ? tcp_chrono_stop+0x194/0x200 [ 129.101700][ T8581] __alloc_skb+0x10b/0x310 [ 129.106126][ T8581] tcp_stream_alloc_skb+0x2f/0x1e0 [ 129.111299][ T8581] tcp_connect+0xca4/0x21f0 [ 129.115868][ T8581] ? __set_cyc2ns_scale+0x111/0x1d0 [ 129.121150][ T8581] tcp_v6_connect+0xb99/0xc60 [ 129.125843][ T8581] ? mod_objcg_state+0x2ea/0x4f0 [ 129.130889][ T8581] __inet_stream_connect+0x162/0x790 [ 129.136229][ T8581] ? should_fail_ex+0xd7/0x230 [ 129.141012][ T8581] ? tcp_sendmsg_fastopen+0x163/0x4f0 [ 129.146421][ T8581] ? should_failslab+0x8f/0xb0 [ 129.151205][ T8581] ? __kmalloc_cache_noprof+0x10b/0x2a0 [ 129.156768][ T8581] tcp_sendmsg_fastopen+0x40e/0x4f0 [ 129.161993][ T8581] ? __pfx_tcp_sendmsg+0x10/0x10 [ 129.167018][ T8581] tcp_sendmsg_locked+0x2445/0x2640 [ 129.172399][ T8581] ? mntput+0x49/0x70 [ 129.176394][ T8581] ? __rcu_read_unlock+0x4e/0x70 [ 129.181341][ T8581] ? avc_has_perm_noaudit+0x1cc/0x210 [ 129.186722][ T8581] ? avc_has_perm+0xd4/0x160 [ 129.191321][ T8581] ? _raw_spin_unlock_bh+0x36/0x40 [ 129.196524][ T8581] ? __pfx_tcp_sendmsg+0x10/0x10 [ 129.201467][ T8581] tcp_sendmsg+0x30/0x50 [ 129.205744][ T8581] inet6_sendmsg+0x77/0xd0 [ 129.210243][ T8581] __sock_sendmsg+0x8b/0x180 [ 129.214853][ T8581] __sys_sendto+0x1e5/0x260 [ 129.219382][ T8581] __x64_sys_sendto+0x78/0x90 [ 129.224071][ T8581] x64_sys_call+0x2bc6/0x2e00 [ 129.228854][ T8581] do_syscall_64+0xc9/0x1c0 [ 129.233454][ T8581] ? clear_bhb_loop+0x55/0xb0 [ 129.238143][ T8581] ? clear_bhb_loop+0x55/0xb0 [ 129.242893][ T8581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.248866][ T8581] RIP: 0033:0x7f7508c073b9 [ 129.253354][ T8581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.273042][ T8581] RSP: 002b:00007f7507887048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 129.281522][ T8581] RAX: ffffffffffffffda RBX: 00007f7508d95f80 RCX: 00007f7508c073b9 [ 129.289498][ T8581] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 129.297518][ T8581] RBP: 00007f75078870a0 R08: 0000000020b63fe4 R09: 000000000000001c [ 129.305507][ T8581] R10: 0000000026044011 R11: 0000000000000246 R12: 0000000000000001 [ 129.313743][ T8581] R13: 000000000000000b R14: 00007f7508d95f80 R15: 00007ffc45179458 [ 129.321723][ T8581] [ 129.365383][ T8585] loop1: detected capacity change from 0 to 512 [ 129.366478][ T8588] random: crng reseeded on system resumption [ 129.407040][ T8585] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 129.413641][ T8588] Unrecognized hibernate image header format! [ 129.422234][ T8588] PM: hibernation: Image mismatch: architecture specific data [ 129.425674][ T8585] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1429: bg 0: block 64: padding at end of block bitmap is not set [ 129.457697][ T8585] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.1429: Failed to acquire dquot type 0 [ 129.472987][ T8585] EXT4-fs (loop1): 1 truncate cleaned up [ 129.479243][ T8585] EXT4-fs mount: 54 callbacks suppressed [ 129.479257][ T8585] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.480875][ T8594] loop3: detected capacity change from 0 to 2048 [ 129.511083][ T8594] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.548741][ T8594] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 129.565544][ T8594] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 129.577846][ T8594] EXT4-fs (loop3): This should not happen!! Data will be lost [ 129.577846][ T8594] [ 129.587722][ T8594] EXT4-fs (loop3): Total free blocks count 0 [ 129.587744][ T8594] EXT4-fs (loop3): Free/Dirty block details [ 129.587759][ T8594] EXT4-fs (loop3): free_blocks=2415919104 [ 129.587775][ T8594] EXT4-fs (loop3): dirty_blocks=16 [ 129.587789][ T8594] EXT4-fs (loop3): Block reservation details [ 129.587800][ T8594] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 129.597475][ T8585] syz.1.1429 (8585) used greatest stack depth: 9392 bytes left [ 129.637101][ T7095] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.649765][ T6932] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.667722][ T8608] delete_channel: no stack [ 129.691556][ T8610] loop3: detected capacity change from 0 to 128 [ 129.722639][ T8610] smc: net device lo applied user defined pnetid SYZ2 [ 129.736487][ T8610] smc: net device lo erased user defined pnetid SYZ2 [ 129.822698][ T8614] loop1: detected capacity change from 0 to 512 [ 129.838052][ T8614] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 129.854992][ T8614] System zones: 0-2, 18-18, 34-35 [ 129.881688][ T8614] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.895226][ T8614] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.108907][ T7095] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.154880][ T8627] loop3: detected capacity change from 0 to 2048 [ 130.191897][ T8627] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.209938][ T8629] loop2: detected capacity change from 0 to 512 [ 130.219546][ T8629] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 130.230789][ T8627] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 130.246005][ T8627] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 130.258270][ T8627] EXT4-fs (loop3): This should not happen!! Data will be lost [ 130.258270][ T8627] [ 130.267957][ T8627] EXT4-fs (loop3): Total free blocks count 0 [ 130.273997][ T8627] EXT4-fs (loop3): Free/Dirty block details [ 130.275075][ T8629] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1446: bg 0: block 64: padding at end of block bitmap is not set [ 130.279975][ T8627] EXT4-fs (loop3): free_blocks=2415919104 [ 130.299922][ T8627] EXT4-fs (loop3): dirty_blocks=16 [ 130.305128][ T8627] EXT4-fs (loop3): Block reservation details [ 130.307306][ T8636] loop1: detected capacity change from 0 to 2048 [ 130.311129][ T8627] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 130.312761][ T8629] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.1446: Failed to acquire dquot type 0 [ 130.331469][ T8636] loop1: detected capacity change from 0 to 256 [ 130.350057][ T8629] EXT4-fs (loop2): 1 truncate cleaned up [ 130.352915][ T6932] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.356227][ T8629] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.453152][ T7036] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.476557][ T8651] loop2: detected capacity change from 0 to 512 [ 130.496164][ T8651] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.508880][ T8651] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.519640][ T8651] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.578495][ T8653] bridge_slave_0: left allmulticast mode [ 130.584269][ T8653] bridge_slave_0: left promiscuous mode [ 130.590005][ T8653] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.601319][ T8653] bridge_slave_1: left allmulticast mode [ 130.607057][ T8653] bridge_slave_1: left promiscuous mode [ 130.612803][ T8653] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.626543][ T8653] bond0: (slave bond_slave_0): Releasing backup interface [ 130.640687][ T8653] bond0: (slave bond_slave_1): Releasing backup interface [ 130.653752][ T8653] team0: Port device team_slave_0 removed [ 130.665024][ T8653] team0: Port device team_slave_1 removed [ 130.675863][ T8653] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 130.683476][ T8653] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 130.693828][ T8653] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 130.701683][ T8653] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 130.731057][ T8666] __nla_validate_parse: 2 callbacks suppressed [ 130.731078][ T8666] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1457'. [ 130.801641][ T8671] loop3: detected capacity change from 0 to 2048 [ 130.817641][ T55] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.834439][ T8671] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 130.855926][ T8671] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 130.871117][ T8671] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 130.883607][ T8671] EXT4-fs (loop3): This should not happen!! Data will be lost [ 130.883607][ T8671] [ 130.893396][ T8671] EXT4-fs (loop3): Total free blocks count 0 [ 130.899435][ T8671] EXT4-fs (loop3): Free/Dirty block details [ 130.905378][ T8671] EXT4-fs (loop3): free_blocks=2415919104 [ 130.911158][ T8671] EXT4-fs (loop3): dirty_blocks=16 [ 130.916316][ T8671] EXT4-fs (loop3): Block reservation details [ 130.922347][ T8671] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 130.944291][ T55] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.958124][ T6932] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.968854][ T8680] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8680 comm=syz.4.1463 [ 130.988157][ T8680] netlink: 'syz.4.1463': attribute type 1 has an invalid length. [ 131.034087][ T8680] 8021q: adding VLAN 0 to HW filter on device bond3 [ 131.046130][ T55] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.061662][ T8692] loop3: detected capacity change from 0 to 512 [ 131.083756][ T8692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 131.098857][ T8692] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 131.109771][ T8692] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.110547][ T55] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.200187][ T8700] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1467'. [ 131.213295][ T8700] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1467'. [ 131.235138][ T55] bridge_slave_1: left allmulticast mode [ 131.240828][ T55] bridge_slave_1: left promiscuous mode [ 131.246743][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.254722][ T55] bridge_slave_0: left allmulticast mode [ 131.260454][ T55] bridge_slave_0: left promiscuous mode [ 131.266362][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.385509][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 131.396686][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 131.407220][ T55] bond0 (unregistering): Released all slaves [ 131.416276][ T55] bond1 (unregistering): Released all slaves [ 131.425101][ T55] bond2 (unregistering): Released all slaves [ 131.434598][ T55] bond3 (unregistering): Released all slaves [ 131.507844][ T8682] chnl_net:caif_netlink_parms(): no params data found [ 131.551173][ T55] hsr_slave_0: left promiscuous mode [ 131.558807][ T55] hsr_slave_1: left promiscuous mode [ 131.564759][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 131.572481][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 131.580751][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 131.588224][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 131.598254][ T55] veth1_macvtap: left promiscuous mode [ 131.603897][ T55] veth0_macvtap: left promiscuous mode [ 131.609509][ T55] veth1_vlan: left promiscuous mode [ 131.615082][ T55] veth0_vlan: left promiscuous mode [ 131.704386][ T55] team0 (unregistering): Port device team_slave_1 removed [ 131.714959][ T55] team0 (unregistering): Port device team_slave_0 removed [ 131.787215][ T8682] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.794411][ T8682] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.802638][ T8682] bridge_slave_0: entered allmulticast mode [ 131.809541][ T8682] bridge_slave_0: entered promiscuous mode [ 131.816745][ T8682] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.823871][ T8682] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.831660][ T8682] bridge_slave_1: entered allmulticast mode [ 131.838167][ T8682] bridge_slave_1: entered promiscuous mode [ 131.887319][ T8682] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 131.910020][ T8682] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 131.961264][ T8682] team0: Port device team_slave_0 added [ 131.968431][ T8682] team0: Port device team_slave_1 added [ 131.987970][ T8682] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 131.994997][ T8682] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.021048][ T8682] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 132.032871][ T8682] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 132.039998][ T8682] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.066049][ T8682] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 132.077728][ T8716] chnl_net:caif_netlink_parms(): no params data found [ 132.143671][ T8682] hsr_slave_0: entered promiscuous mode [ 132.157881][ T8682] hsr_slave_1: entered promiscuous mode [ 132.164301][ T8682] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 132.171868][ T8682] Cannot create hsr debugfs directory [ 132.199741][ T8716] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.206902][ T8716] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.218776][ T8716] bridge_slave_0: entered allmulticast mode [ 132.225620][ T8716] bridge_slave_0: entered promiscuous mode [ 132.246274][ T55] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.259734][ T8716] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.266911][ T8716] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.274332][ T8716] bridge_slave_1: entered allmulticast mode [ 132.280890][ T8716] bridge_slave_1: entered promiscuous mode [ 132.322356][ T55] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.339180][ T8716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 132.369481][ T8716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 132.399996][ T55] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.428535][ T8716] team0: Port device team_slave_0 added [ 132.447152][ T8716] team0: Port device team_slave_1 added [ 132.474030][ T55] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.511775][ T8716] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 132.518918][ T8716] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.544872][ T8716] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 132.559580][ T8716] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 132.566746][ T8716] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 132.592696][ T8716] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 132.627590][ T8716] hsr_slave_0: entered promiscuous mode [ 132.633757][ T8716] hsr_slave_1: entered promiscuous mode [ 132.639804][ T8716] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 132.647409][ T8716] Cannot create hsr debugfs directory [ 132.793669][ T55] bond0 (unregistering): Released all slaves [ 132.901391][ T8682] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 132.912840][ T8682] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 132.921880][ T8682] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 132.930856][ T8682] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 132.942194][ T55] hsr_slave_0: left promiscuous mode [ 132.949541][ T55] hsr_slave_1: left promiscuous mode [ 132.957785][ T55] veth1_macvtap: left promiscuous mode [ 132.963361][ T55] veth0_macvtap: left promiscuous mode [ 132.969038][ T55] veth1_vlan: left promiscuous mode [ 132.974301][ T55] veth0_vlan: left promiscuous mode [ 133.208342][ T8682] 8021q: adding VLAN 0 to HW filter on device bond0 [ 133.237817][ T8682] 8021q: adding VLAN 0 to HW filter on device team0 [ 133.264476][ T3336] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.271687][ T3336] bridge0: port 1(bridge_slave_0) entered forwarding state [ 133.283789][ T3336] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.290978][ T3336] bridge0: port 2(bridge_slave_1) entered forwarding state [ 133.317815][ T8682] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 133.328248][ T8682] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 133.418787][ T8827] chnl_net:caif_netlink_parms(): no params data found [ 133.444452][ T8716] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 133.465560][ T8716] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 133.489729][ T8716] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 133.532822][ T8682] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 133.540411][ T8716] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 133.589414][ T8827] bridge0: port 1(bridge_slave_0) entered blocking state [ 133.596763][ T8827] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.608823][ T8827] bridge_slave_0: entered allmulticast mode [ 133.615317][ T8827] bridge_slave_0: entered promiscuous mode [ 133.622653][ T8827] bridge0: port 2(bridge_slave_1) entered blocking state [ 133.629849][ T8827] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.637259][ T8827] bridge_slave_1: entered allmulticast mode [ 133.643759][ T8827] bridge_slave_1: entered promiscuous mode [ 133.681485][ T8827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.713978][ T55] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.739494][ T8827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.775718][ T8827] team0: Port device team_slave_0 added [ 133.793667][ T55] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.807041][ T8827] team0: Port device team_slave_1 added [ 133.824576][ T8682] veth0_vlan: entered promiscuous mode [ 133.847984][ T8827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 133.854982][ T8827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.880989][ T8827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 133.897311][ T55] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.909751][ T8827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 133.916730][ T8827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 133.942863][ T8827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 133.964342][ T8682] veth1_vlan: entered promiscuous mode [ 133.976718][ T8898] loop1: detected capacity change from 0 to 512 [ 134.003851][ T8898] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.018611][ T8898] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 134.039961][ T55] netdevsim netdevsim4 netdevsim0 (unregistering): left allmulticast mode [ 134.054749][ T55] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.068547][ T8827] hsr_slave_0: entered promiscuous mode [ 134.075300][ T8827] hsr_slave_1: entered promiscuous mode [ 134.082260][ T8827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 134.089836][ T8827] Cannot create hsr debugfs directory [ 134.101830][ T8716] 8021q: adding VLAN 0 to HW filter on device bond0 [ 134.114932][ T8682] veth0_macvtap: entered promiscuous mode [ 134.123284][ T8682] veth1_macvtap: entered promiscuous mode [ 134.142334][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.152843][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.162689][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.173276][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.183173][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.193633][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.203581][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.214041][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.223956][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 134.234534][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.246464][ T8682] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 134.254876][ T8716] 8021q: adding VLAN 0 to HW filter on device team0 [ 134.288873][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.299368][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.309352][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.319832][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.329659][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.340218][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.350140][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.360741][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.370564][ T8682] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 134.381153][ T8682] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 134.391856][ T8682] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 134.409897][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 134.417070][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 134.426912][ T8682] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.435831][ T8682] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.444873][ T8682] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.453664][ T8682] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.477749][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 134.484870][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 134.521679][ T55] bridge_slave_1: left allmulticast mode [ 134.527489][ T55] bridge_slave_1: left promiscuous mode [ 134.533144][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 134.541519][ T55] bridge_slave_0: left allmulticast mode [ 134.547492][ T55] bridge_slave_0: left promiscuous mode [ 134.553329][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 134.617323][ T55] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 134.668036][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 134.680401][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 134.691243][ T55] bond0 (unregistering): Released all slaves [ 134.691457][ T7095] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.700959][ T55] bond1 (unregistering): Released all slaves [ 134.719763][ T55] bond2 (unregistering): Released all slaves [ 134.732809][ T55] bond3 (unregistering): Released all slaves [ 134.776864][ T8716] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 134.819366][ T29] kauditd_printk_skb: 31 callbacks suppressed [ 134.819385][ T29] audit: type=1400 audit(1722374869.789:739): avc: denied { write } for pid=8939 comm="syz.2.1461" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 134.895398][ T8948] openvswitch: netlink: Tunnel attr 16383 out of range max 16 [ 134.961610][ T55] hsr_slave_0: left promiscuous mode [ 134.997858][ T55] hsr_slave_1: left promiscuous mode [ 135.037997][ T8953] loop2: detected capacity change from 0 to 512 [ 135.061513][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 135.069039][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 135.089067][ T8953] EXT4-fs: Ignoring removed nomblk_io_submit option [ 135.095720][ T8953] EXT4-fs: Ignoring removed nomblk_io_submit option [ 135.152326][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 135.159839][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 135.172381][ T8953] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 135.202096][ T8953] EXT4-fs (loop2): 1 orphan inode deleted [ 135.207977][ T8953] EXT4-fs (loop2): 1 truncate cleaned up [ 135.241391][ T8953] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.256502][ T8953] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.265694][ T55] veth1_macvtap: left promiscuous mode [ 135.271195][ T55] veth0_macvtap: left promiscuous mode [ 135.276876][ T55] veth1_vlan: left promiscuous mode [ 135.282131][ T55] veth0_vlan: left promiscuous mode [ 135.384565][ T55] team0 (unregistering): Port device team_slave_1 removed [ 135.394716][ T55] team0 (unregistering): Port device team_slave_0 removed [ 135.485270][ T8968] loop2: detected capacity change from 0 to 2048 [ 135.495932][ T8716] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 135.514562][ T8968] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 135.537373][ T8968] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 135.566194][ T8827] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 135.575097][ T8968] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 135.587491][ T8968] EXT4-fs (loop2): This should not happen!! Data will be lost [ 135.587491][ T8968] [ 135.597187][ T8968] EXT4-fs (loop2): Total free blocks count 0 [ 135.603215][ T8968] EXT4-fs (loop2): Free/Dirty block details [ 135.609192][ T8968] EXT4-fs (loop2): free_blocks=2415919104 [ 135.614931][ T8968] EXT4-fs (loop2): dirty_blocks=16 [ 135.620079][ T8968] EXT4-fs (loop2): Block reservation details [ 135.626129][ T8968] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 135.637311][ T8827] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 135.654228][ T8827] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 135.664129][ T8827] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 135.693292][ T8682] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.721454][ T8716] veth0_vlan: entered promiscuous mode [ 135.747782][ T8716] veth1_vlan: entered promiscuous mode [ 135.755791][ T29] audit: type=1326 audit(1722374870.657:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8993 comm="syz.1.1487" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7508c073b9 code=0x0 [ 135.767829][ T8716] veth0_macvtap: entered promiscuous mode [ 135.799888][ T8716] veth1_macvtap: entered promiscuous mode [ 135.816650][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 135.827197][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.837127][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 135.847739][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.857684][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 135.868295][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.868318][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 135.868337][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.868358][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 135.868371][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.870914][ T8716] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.938282][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.948798][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.958740][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.969216][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.969235][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.969251][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.969283][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.969300][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.969321][ T8716] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 135.969334][ T8716] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 135.971584][ T8716] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 136.057322][ T8827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 136.064155][ T8827] 8021q: adding VLAN 0 to HW filter on device team0 [ 136.080213][ T8716] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.080340][ T8716] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.080378][ T8716] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.080415][ T8716] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.111066][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 136.111110][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 136.112556][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 136.112597][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 136.136677][ T8827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 136.213486][ T9008] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1469'. [ 136.231429][ T8827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 136.355102][ T8827] veth0_vlan: entered promiscuous mode [ 136.363482][ T8827] veth1_vlan: entered promiscuous mode [ 136.380558][ T8827] veth0_macvtap: entered promiscuous mode [ 136.388013][ T8827] veth1_macvtap: entered promiscuous mode [ 136.399376][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.409811][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.419735][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.430251][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.440099][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.450613][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.460464][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.470921][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.480788][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.491306][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.501129][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 136.511627][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.522627][ T8827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 136.533889][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.544393][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.554217][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.564704][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.574551][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.585007][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.594906][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.605366][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.615180][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.625628][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.635544][ T8827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 136.645999][ T8827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 136.658017][ T8827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 136.670162][ T8827] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.678900][ T8827] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.687778][ T8827] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.696663][ T8827] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.781579][ T9026] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1491'. [ 136.821074][ T9035] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1494'. [ 136.831503][ T9035] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1494'. [ 136.844837][ T9035] vlan2: entered promiscuous mode [ 136.920878][ T9045] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 136.931231][ T29] audit: type=1400 audit(1722374871.755:741): avc: denied { getopt } for pid=9047 comm="syz.4.1497" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 136.988132][ T9052] loop1: detected capacity change from 0 to 2048 [ 137.018281][ T9052] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #2: comm syz.1.1498: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 137.052022][ T9052] EXT4-fs (loop1): get root inode failed [ 137.057714][ T9052] EXT4-fs (loop1): mount failed [ 137.079438][ T9052] loop1: detected capacity change from 0 to 512 [ 137.091409][ T9052] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 137.102907][ T9052] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec018, mo2=0002] [ 137.116339][ T9052] System zones: 1-12 [ 137.121055][ T9052] EXT4-fs (loop1): 1 truncate cleaned up [ 137.128894][ T9052] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.136361][ T9036] chnl_net:caif_netlink_parms(): no params data found [ 137.148596][ T29] audit: type=1400 audit(1722374871.949:742): avc: denied { mounton } for pid=9050 comm="syz.1.1498" path="/121/file2/bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 137.201614][ T29] audit: type=1400 audit(1722374872.005:743): avc: denied { unlink } for pid=9050 comm="syz.1.1498" name="file1" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 137.230452][ T29] audit: type=1400 audit(1722374872.023:744): avc: denied { create } for pid=9050 comm="syz.1.1498" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 137.256765][ T9077] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1505'. [ 137.267998][ T9036] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.275122][ T9036] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.284392][ T9036] bridge_slave_0: entered allmulticast mode [ 137.292999][ T9036] bridge_slave_0: entered promiscuous mode [ 137.295552][ T9079] loop3: detected capacity change from 0 to 2048 [ 137.302733][ T9036] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.312402][ T9036] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.319736][ T9036] bridge_slave_1: entered allmulticast mode [ 137.326547][ T9036] bridge_slave_1: entered promiscuous mode [ 137.330570][ T9079] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.348566][ T9082] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9082 comm=syz.1.1498 [ 137.374906][ T9082] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1498'. [ 137.383907][ T9082] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1498'. [ 137.405761][ T9036] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 137.420968][ T9036] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 137.435567][ T9079] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 137.444029][ T7095] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /121/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 137.451450][ T9079] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 137.484915][ T9079] EXT4-fs (loop3): This should not happen!! Data will be lost [ 137.484915][ T9079] [ 137.487538][ T7095] EXT4-fs error (device loop1): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 137.494646][ T9079] EXT4-fs (loop3): Total free blocks count 0 [ 137.516926][ T7095] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /121/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 137.520253][ T9079] EXT4-fs (loop3): Free/Dirty block details [ 137.544306][ T7095] EXT4-fs error (device loop1): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 137.547641][ T9079] EXT4-fs (loop3): free_blocks=2415919104 [ 137.573064][ T9079] EXT4-fs (loop3): dirty_blocks=16 [ 137.578234][ T9079] EXT4-fs (loop3): Block reservation details [ 137.584422][ T9079] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 137.585997][ T7095] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /121/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 137.612591][ T7095] EXT4-fs error (device loop1): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 137.614160][ T9036] team0: Port device team_slave_0 added [ 137.638405][ T7095] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /121/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 137.661101][ T7095] EXT4-fs error (device loop1): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 137.661754][ T8716] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.682932][ T7095] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /121/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 137.712643][ T7095] EXT4-fs error (device loop1): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 137.733760][ T9036] team0: Port device team_slave_1 added [ 137.768911][ T9036] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 137.776094][ T9036] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 137.802169][ T9036] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 137.823719][ T9036] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 137.830881][ T9036] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 137.856936][ T9036] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 137.911949][ T9036] hsr_slave_0: entered promiscuous mode [ 137.918667][ T9036] hsr_slave_1: entered promiscuous mode [ 137.930224][ T9036] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 137.940077][ T9036] Cannot create hsr debugfs directory [ 137.954095][ T9097] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1515'. [ 138.027203][ T9102] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9102 comm=syz.4.1517 [ 138.041569][ T9036] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.055385][ T9102] netlink: 'syz.4.1517': attribute type 1 has an invalid length. [ 138.139126][ T9036] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.189009][ T7095] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.202403][ T55] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.223911][ T9036] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.253582][ T55] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.308836][ T9036] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.343878][ T55] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.422488][ T9115] chnl_net:caif_netlink_parms(): no params data found [ 138.434741][ T9036] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 138.446502][ T9036] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 138.463265][ T55] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 138.474429][ T9036] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 138.485155][ T9036] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 138.510807][ T9115] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.517977][ T9115] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.525295][ T9115] bridge_slave_0: entered allmulticast mode [ 138.531907][ T9115] bridge_slave_0: entered promiscuous mode [ 138.539362][ T9115] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.546526][ T9115] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.554054][ T9115] bridge_slave_1: entered allmulticast mode [ 138.560843][ T9115] bridge_slave_1: entered promiscuous mode [ 138.588473][ T9115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 138.600156][ T9115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.636968][ T9115] team0: Port device team_slave_0 added [ 138.645319][ T9115] team0: Port device team_slave_1 added [ 138.657004][ T55] bridge_slave_1: left allmulticast mode [ 138.662690][ T55] bridge_slave_1: left promiscuous mode [ 138.668433][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.676540][ T55] bridge_slave_0: left allmulticast mode [ 138.682264][ T55] bridge_slave_0: left promiscuous mode [ 138.687947][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.807892][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 138.818662][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 138.828897][ T55] bond0 (unregistering): Released all slaves [ 138.838630][ T55] bond1 (unregistering): Released all slaves [ 138.865706][ T9115] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.872783][ T9115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.898738][ T9115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.910857][ T9115] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 138.917865][ T9115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.943901][ T9115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 138.984233][ T9130] FAULT_INJECTION: forcing a failure. [ 138.984233][ T9130] name failslab, interval 1, probability 0, space 0, times 0 [ 138.988610][ T9115] hsr_slave_0: entered promiscuous mode [ 138.996915][ T9130] CPU: 1 UID: 0 PID: 9130 Comm: syz.3.1524 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 139.013119][ T9130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 139.023242][ T9130] Call Trace: [ 139.026520][ T9130] [ 139.029460][ T9130] dump_stack_lvl+0xf2/0x150 [ 139.034110][ T9130] dump_stack+0x15/0x20 [ 139.038318][ T9130] should_fail_ex+0x229/0x230 [ 139.043007][ T9130] ? build_skb+0x33/0x210 [ 139.047349][ T9130] should_failslab+0x8f/0xb0 [ 139.051952][ T9130] kmem_cache_alloc_noprof+0x4c/0x290 [ 139.057397][ T9130] ? alloc_pages_mpol_noprof+0xd5/0x1e0 [ 139.062984][ T9130] build_skb+0x33/0x210 [ 139.067255][ T9130] __tun_build_skb+0x2b/0x1b0 [ 139.071933][ T9130] ? tun_get_user+0x1474/0x24b0 [ 139.076792][ T9130] tun_get_user+0x1494/0x24b0 [ 139.081518][ T9130] ? kstrtoull+0x110/0x140 [ 139.085936][ T9130] ? ref_tracker_alloc+0x1f5/0x2f0 [ 139.091156][ T9130] tun_chr_write_iter+0x18e/0x240 [ 139.096184][ T9130] vfs_write+0x78f/0x900 [ 139.100551][ T9130] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 139.106106][ T9130] ksys_write+0xeb/0x1b0 [ 139.110384][ T9130] __x64_sys_write+0x42/0x50 [ 139.115030][ T9130] x64_sys_call+0x2a40/0x2e00 [ 139.119750][ T9130] do_syscall_64+0xc9/0x1c0 [ 139.124360][ T9130] ? clear_bhb_loop+0x55/0xb0 [ 139.129119][ T9130] ? clear_bhb_loop+0x55/0xb0 [ 139.133805][ T9130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.139749][ T9130] RIP: 0033:0x7f5b9e9b5e9f [ 139.144213][ T9130] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48 [ 139.163884][ T9130] RSP: 002b:00007f5b9d637010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 139.172326][ T9130] RAX: ffffffffffffffda RBX: 00007f5b9eb45f80 RCX: 00007f5b9e9b5e9f [ 139.180313][ T9130] RDX: 000000000000009e RSI: 0000000020003680 RDI: 00000000000000c8 [ 139.188354][ T9130] RBP: 00007f5b9d6370a0 R08: 0000000000000000 R09: 0000000000000000 [ 139.196336][ T9130] R10: 000000000000009e R11: 0000000000000293 R12: 0000000000000001 [ 139.204390][ T9130] R13: 000000000000000b R14: 00007f5b9eb45f80 R15: 00007ffec8d0d468 [ 139.212377][ T9130] [ 139.223872][ T9115] hsr_slave_1: entered promiscuous mode [ 139.239721][ T9115] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 139.258529][ T9136] loop2: detected capacity change from 0 to 128 [ 139.259388][ T9115] Cannot create hsr debugfs directory [ 139.275640][ T55] hsr_slave_0: left promiscuous mode [ 139.284232][ T55] hsr_slave_1: left promiscuous mode [ 139.292968][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 139.293699][ T9135] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1527'. [ 139.300442][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 139.319115][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 139.326682][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 139.337167][ T55] veth1_macvtap: left promiscuous mode [ 139.342892][ T55] veth0_macvtap: left promiscuous mode [ 139.348541][ T55] veth1_vlan: left promiscuous mode [ 139.353902][ T55] veth0_vlan: left allmulticast mode [ 139.359206][ T55] veth0_vlan: left promiscuous mode [ 139.462477][ T55] team0 (unregistering): Port device team_slave_1 removed [ 139.472997][ T55] team0 (unregistering): Port device team_slave_0 removed [ 139.525444][ T9141] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1525'. [ 139.588828][ T9036] 8021q: adding VLAN 0 to HW filter on device bond0 [ 139.623635][ T9154] FAULT_INJECTION: forcing a failure. [ 139.623635][ T9154] name failslab, interval 1, probability 0, space 0, times 0 [ 139.636528][ T9154] CPU: 0 UID: 0 PID: 9154 Comm: syz.3.1531 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 139.647307][ T9154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 139.657390][ T9154] Call Trace: [ 139.660748][ T9154] [ 139.663694][ T9154] dump_stack_lvl+0xf2/0x150 [ 139.668319][ T9154] dump_stack+0x15/0x20 [ 139.672514][ T9154] should_fail_ex+0x229/0x230 [ 139.677277][ T9154] ? nfnetlink_rcv+0x994/0x15b0 [ 139.682195][ T9154] should_failslab+0x8f/0xb0 [ 139.686844][ T9154] __kmalloc_cache_noprof+0x4b/0x2a0 [ 139.692322][ T9154] nfnetlink_rcv+0x994/0x15b0 [ 139.697044][ T9154] netlink_unicast+0x593/0x670 [ 139.701857][ T9154] netlink_sendmsg+0x5cc/0x6e0 [ 139.706673][ T9154] ? __pfx_netlink_sendmsg+0x10/0x10 [ 139.711987][ T9154] __sock_sendmsg+0x140/0x180 [ 139.716710][ T9154] ____sys_sendmsg+0x312/0x410 [ 139.721502][ T9154] __sys_sendmsg+0x1e9/0x280 [ 139.726117][ T9154] __x64_sys_sendmsg+0x46/0x50 [ 139.730884][ T9154] x64_sys_call+0x26f8/0x2e00 [ 139.735636][ T9154] do_syscall_64+0xc9/0x1c0 [ 139.740165][ T9154] ? clear_bhb_loop+0x55/0xb0 [ 139.744923][ T9154] ? clear_bhb_loop+0x55/0xb0 [ 139.749677][ T9154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.755649][ T9154] RIP: 0033:0x7f5b9e9b73b9 [ 139.760067][ T9154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.779770][ T9154] RSP: 002b:00007f5b9d637048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 139.788213][ T9154] RAX: ffffffffffffffda RBX: 00007f5b9eb45f80 RCX: 00007f5b9e9b73b9 [ 139.796184][ T9154] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 139.804183][ T9154] RBP: 00007f5b9d6370a0 R08: 0000000000000000 R09: 0000000000000000 [ 139.812157][ T9154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.820148][ T9154] R13: 000000000000000b R14: 00007f5b9eb45f80 R15: 00007ffec8d0d468 [ 139.828193][ T9154] [ 139.865186][ T9168] loop3: detected capacity change from 0 to 128 [ 139.885159][ T9168] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 139.901535][ T9168] ext4 filesystem being mounted at /12/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 139.907286][ T9036] 8021q: adding VLAN 0 to HW filter on device team0 [ 139.964271][ T29] audit: type=1400 audit(1722374874.552:745): avc: denied { bind } for pid=9167 comm="syz.3.1532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 139.990209][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.997343][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.021610][ T753] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.028941][ T753] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.029096][ T8716] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 140.110253][ T9178] loop3: detected capacity change from 0 to 512 [ 140.155435][ T9178] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 140.174672][ T9178] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.233129][ T9036] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 140.241167][ T9115] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 140.252003][ T9115] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 140.261456][ T9115] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 140.272469][ T9115] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 140.374455][ T9115] 8021q: adding VLAN 0 to HW filter on device bond0 [ 140.409501][ T9115] 8021q: adding VLAN 0 to HW filter on device team0 [ 140.439774][ T7355] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.446914][ T7355] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.465319][ T3338] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.472432][ T3338] bridge0: port 2(bridge_slave_1) entered forwarding state [ 140.520111][ T9036] veth0_vlan: entered promiscuous mode [ 140.527315][ T9225] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9225 comm=syz.4.1541 [ 140.551952][ T9036] veth1_vlan: entered promiscuous mode [ 140.561149][ T9225] netlink: 'syz.4.1541': attribute type 1 has an invalid length. [ 140.586932][ T9036] veth0_macvtap: entered promiscuous mode [ 140.598544][ T9036] veth1_macvtap: entered promiscuous mode [ 140.610638][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.621372][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.631278][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.641874][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.651806][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.662357][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.672645][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.683154][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.693095][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.703721][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.713641][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.724196][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.745074][ T9036] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 140.769255][ T9115] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 140.777105][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.787739][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.797664][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.803520][ T29] audit: type=1400 audit(1722374875.318:746): avc: denied { connect } for pid=9251 comm="syz.4.1543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 140.808175][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.837474][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.848110][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.858131][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.868563][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.878378][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.888901][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.898866][ T9036] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.909382][ T9036] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.923136][ T9036] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 140.936090][ T9036] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.944919][ T9036] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.953819][ T9036] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.962542][ T9036] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.018461][ T8716] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 141.122761][ T9115] veth0_vlan: entered promiscuous mode [ 141.132640][ T9115] veth1_vlan: entered promiscuous mode [ 141.174793][ T9115] veth0_macvtap: entered promiscuous mode [ 141.184880][ T9115] veth1_macvtap: entered promiscuous mode [ 141.218692][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.229336][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.239314][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.249798][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.259654][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.270114][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.278181][ T9282] loop3: detected capacity change from 0 to 512 [ 141.280187][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.296972][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.306801][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.317322][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.327169][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.327773][ T9282] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, [ 141.337641][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.337666][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 141.337680][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.340334][ T9115] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 141.346022][ T9282] block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters [ 141.362971][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.402553][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.412389][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.422942][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.432915][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.443461][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.453704][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.464240][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.474070][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.484582][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.494471][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.504947][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.514772][ T9115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 141.525286][ T9115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 141.526092][ T9282] EXT4-fs (loop3): Remounting filesystem read-only [ 141.544648][ T9282] EXT4-fs (loop3): 1 truncate cleaned up [ 141.550823][ T9282] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.553709][ T9115] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 141.566139][ T9282] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 141.576109][ T9115] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.580406][ T9282] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.585686][ T9115] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.585756][ T9115] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.585793][ T9115] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.721615][ T9296] loop3: detected capacity change from 0 to 512 [ 141.730562][ T9296] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #12: comm syz.3.1556: corrupted in-inode xattr: invalid ea_ino [ 141.744228][ T9296] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1556: couldn't read orphan inode 12 (err -117) [ 141.757414][ T9296] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.776667][ T9299] __nla_validate_parse: 3 callbacks suppressed [ 141.776684][ T9299] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1557'. [ 141.782415][ T9296] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.1556: Directory hole found for htree leaf block 0 [ 141.811777][ T29] audit: type=1400 audit(1722374876.250:747): avc: denied { tracepoint } for pid=9298 comm="syz.1.1557" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 141.835490][ T9299] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1557'. [ 141.877513][ T9303] FAULT_INJECTION: forcing a failure. [ 141.877513][ T9303] name failslab, interval 1, probability 0, space 0, times 0 [ 141.890307][ T9303] CPU: 1 UID: 0 PID: 9303 Comm: syz.1.1558 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 [ 141.901063][ T9303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 141.911148][ T9303] Call Trace: [ 141.914459][ T9303] [ 141.917406][ T9303] dump_stack_lvl+0xf2/0x150 [ 141.922068][ T9303] dump_stack+0x15/0x20 [ 141.926303][ T9303] should_fail_ex+0x229/0x230 [ 141.931104][ T9303] ? vm_area_alloc+0x2c/0x130 [ 141.935922][ T9303] should_failslab+0x8f/0xb0 [ 141.940611][ T9303] kmem_cache_alloc_noprof+0x4c/0x290 [ 141.946052][ T9303] vm_area_alloc+0x2c/0x130 [ 141.950628][ T9303] mmap_region+0x88b/0x1620 [ 141.955155][ T9303] ? security_mmap_addr+0x4c/0x70 [ 141.960291][ T9303] ? __get_unmapped_area+0x2d1/0x300 [ 141.965768][ T9303] do_mmap+0x72a/0xb70 [ 141.969925][ T9303] ? security_mmap_file+0x128/0x150 [ 141.975243][ T9303] vm_mmap_pgoff+0x133/0x290 [ 141.979918][ T9303] ksys_mmap_pgoff+0xd0/0x340 [ 141.984014][ T9296] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #2: comm syz.3.1556: Directory hole found for htree leaf block 0 [ 141.984633][ T9303] ? fpregs_assert_state_consistent+0x83/0xa0 [ 142.003604][ T9303] x64_sys_call+0x1940/0x2e00 [ 142.008315][ T9303] do_syscall_64+0xc9/0x1c0 [ 142.012855][ T9303] ? clear_bhb_loop+0x55/0xb0 [ 142.017574][ T9303] ? clear_bhb_loop+0x55/0xb0 [ 142.019778][ T9296] bridge_slave_0: left allmulticast mode [ 142.022350][ T9303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.022390][ T9303] RIP: 0033:0x7ffbebb873f3 [ 142.022407][ T9303] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7 [ 142.022427][ T9303] RSP: 002b:00007ffbea806e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 142.028078][ T9296] bridge_slave_0: left promiscuous mode [ 142.033947][ T9303] RAX: ffffffffffffffda RBX: 0000000000000474 RCX: 00007ffbebb873f3 [ 142.033967][ T9303] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000 [ 142.033986][ T9303] RBP: 0000000020000702 R08: 00000000ffffffff R09: 0000000000000000 [ 142.034003][ T9303] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004 [ 142.038533][ T9296] bridge0: port 1(bridge_slave_0) entered disabled state [ 142.057989][ T9303] R13: 00007ffbea806f00 R14: 00007ffbea806ec0 R15: 0000000020000280 [ 142.058022][ T9303] [ 142.132284][ T9296] bridge_slave_1: left allmulticast mode [ 142.137992][ T9296] bridge_slave_1: left promiscuous mode [ 142.142550][ T9314] loop1: detected capacity change from 0 to 2048 [ 142.144144][ T9296] bridge0: port 2(bridge_slave_1) entered disabled state [ 142.163725][ T9296] bond0: (slave bond_slave_0): Releasing backup interface [ 142.169970][ T9314] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 142.188272][ T9314] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 142.193223][ T9296] bond0: (slave bond_slave_1): Releasing backup interface [ 142.203465][ T9314] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 142.222702][ T9314] EXT4-fs (loop1): This should not happen!! Data will be lost [ 142.222702][ T9314] [ 142.232453][ T9314] EXT4-fs (loop1): Total free blocks count 0 [ 142.238539][ T9314] EXT4-fs (loop1): Free/Dirty block details [ 142.244469][ T9314] EXT4-fs (loop1): free_blocks=2415919104 [ 142.250306][ T9314] EXT4-fs (loop1): dirty_blocks=16 [ 142.255524][ T9314] EXT4-fs (loop1): Block reservation details [ 142.261607][ T9314] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 142.281434][ T9115] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.300436][ T9296] team0: Port device team_slave_0 removed [ 142.324091][ T9296] team0: Port device team_slave_1 removed [ 142.331066][ T9296] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 142.338615][ T9296] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 142.348292][ T9296] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 142.355772][ T9296] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 142.385508][ T9318] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1559'. [ 142.484110][ T8716] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 142.520688][ T9334] IPv6: Can't replace route, no match found [ 142.581487][ T29] audit: type=1400 audit(1722374876.961:748): avc: denied { execute } for pid=9328 comm="syz.0.1564" path=2F6D656D66643A59FFFF202864656C6574656429 dev="hugetlbfs" ino=31719 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1 [ 142.619112][ T29] audit: type=1400 audit(1722374876.970:749): avc: denied { mount } for pid=9328 comm="syz.0.1564" name="/" dev="hugetlbfs" ino=31721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 142.654765][ T9339] loop3: detected capacity change from 0 to 512 [ 142.693360][ T9339] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.717213][ T9339] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.749101][ T9339] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.765448][ T29] audit: type=1400 audit(1722374877.127:750): avc: denied { unmount } for pid=9036 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1 [ 142.801783][ T9345] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9345 comm=syz.0.1570 [ 142.868252][ T9345] netlink: 'syz.0.1570': attribute type 1 has an invalid length. [ 142.971644][ T9352] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1573'. [ 143.189144][ T55] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.252633][ T55] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.319776][ T55] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.349365][ T9372] loop2: detected capacity change from 0 to 512 [ 143.379185][ T9372] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.391945][ T9372] ext4 filesystem being mounted at /file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 143.399782][ T55] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.416467][ T9372] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.429099][ T9372] ================================================================== [ 143.437229][ T9372] BUG: KCSAN: data-race in folios_put_refs / need_mlock_drain [ 143.444735][ T9372] [ 143.447062][ T9372] write to 0xffff888237c2b370 of 1 bytes by task 9331 on cpu 0: [ 143.454708][ T9372] folios_put_refs+0x266/0x2b0 [ 143.459507][ T9372] mlock_folio_batch+0x319d/0x31d0 [ 143.464651][ T9372] mlock_new_folio+0x1a3/0x200 [ 143.469437][ T9372] folio_add_lru_vma+0x5d/0x60 [ 143.474230][ T9372] handle_mm_fault+0x2372/0x2940 [ 143.479193][ T9372] __get_user_pages+0x499/0x10d0 [ 143.484156][ T9372] __mm_populate+0x25b/0x3b0 [ 143.488772][ T9372] __se_sys_mremap+0x960/0xf20 [ 143.493545][ T9372] __x64_sys_mremap+0x67/0x80 [ 143.498234][ T9372] x64_sys_call+0x29c8/0x2e00 [ 143.502928][ T9372] do_syscall_64+0xc9/0x1c0 [ 143.507458][ T9372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.513380][ T9372] [ 143.515716][ T9372] read to 0xffff888237c2b370 of 1 bytes by task 9372 on cpu 1: [ 143.523274][ T9372] need_mlock_drain+0x30/0x50 [ 143.527976][ T9372] __lru_add_drain_all+0x235/0x410 [ 143.533118][ T9372] lru_add_drain_all+0x10/0x20 [ 143.537905][ T9372] invalidate_bdev+0x47/0x70 [ 143.542512][ T9372] ext4_put_super+0x571/0x840 [ 143.547215][ T9372] generic_shutdown_super+0xde/0x210 [ 143.552523][ T9372] kill_block_super+0x2a/0x70 [ 143.557241][ T9372] ext4_kill_sb+0x44/0x80 [ 143.561583][ T9372] deactivate_locked_super+0x7d/0x1c0 [ 143.566993][ T9372] deactivate_super+0x9f/0xb0 [ 143.571691][ T9372] cleanup_mnt+0x268/0x2e0 [ 143.576131][ T9372] __cleanup_mnt+0x19/0x20 [ 143.580567][ T9372] task_work_run+0x13a/0x1a0 [ 143.585180][ T9372] syscall_exit_to_user_mode+0xbe/0x130 [ 143.590742][ T9372] do_syscall_64+0xd6/0x1c0 [ 143.595274][ T9372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.601196][ T9372] [ 143.603527][ T9372] value changed: 0x1f -> 0x02 [ 143.608209][ T9372] [ 143.610535][ T9372] Reported by Kernel Concurrency Sanitizer on: [ 143.616684][ T9372] CPU: 1 UID: 0 PID: 9372 Comm: syz.2.1581 Not tainted 6.11.0-rc1-syzkaller-00044-g22f546873149 #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 143.627460][ T9372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 143.637530][ T9372] ================================================================== [ 143.654576][ T29] audit: type=1400 audit(1722374877.949:751): avc: denied { write } for pid=3245 comm="syz-executor" path="pipe:[624]" dev="pipefs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 143.693365][ T29] audit: type=1400 audit(1722374877.986:752): avc: denied { search } for pid=2943 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 143.974545][ T55] bond0 (unregistering): Released all slaves [ 144.171316][ T55] hsr_slave_0: left promiscuous mode [ 144.177041][ T55] hsr_slave_1: left promiscuous mode [ 144.185359][ T55] veth1_macvtap: left promiscuous mode [ 144.190975][ T55] veth0_macvtap: left promiscuous mode [ 144.196613][ T55] veth1_vlan: left promiscuous mode [ 144.202023][ T55] veth0_vlan: left promiscuous mode [ 144.746154][ T55] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.799894][ T55] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.842983][ T55] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.931256][ T55] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 144.994785][ T55] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.038177][ T55] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.081190][ T55] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.156878][ T55] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.253890][ T55] bridge_slave_1: left allmulticast mode [ 145.259581][ T55] bridge_slave_1: left promiscuous mode [ 145.265404][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.273898][ T55] bridge_slave_0: left allmulticast mode [ 145.279574][ T55] bridge_slave_0: left promiscuous mode [ 145.285324][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.293458][ T55] bridge_slave_1: left allmulticast mode [ 145.299151][ T55] bridge_slave_1: left promiscuous mode [ 145.304933][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 145.312657][ T55] bridge_slave_0: left allmulticast mode [ 145.318330][ T55] bridge_slave_0: left promiscuous mode [ 145.323939][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 145.524592][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 145.535032][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 145.545513][ T55] bond0 (unregistering): Released all slaves [ 145.555219][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 145.566039][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 145.576395][ T55] bond0 (unregistering): Released all slaves [ 145.764417][ T55] hsr_slave_0: left promiscuous mode [ 145.770068][ T55] hsr_slave_1: left promiscuous mode [ 145.775922][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 145.783450][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 145.791178][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 145.798741][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 145.809916][ T55] hsr_slave_0: left promiscuous mode [ 145.815866][ T55] hsr_slave_1: left promiscuous mode [ 145.821604][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 145.829045][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 145.836637][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 145.844110][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 145.855209][ T55] veth1_macvtap: left promiscuous mode [ 145.860716][ T55] veth0_macvtap: left promiscuous mode [ 145.866213][ T55] veth1_vlan: left promiscuous mode [ 145.871554][ T55] veth0_vlan: left promiscuous mode [ 145.877913][ T55] veth1_macvtap: left promiscuous mode [ 145.883945][ T55] veth0_macvtap: left promiscuous mode [ 145.889465][ T55] veth1_vlan: left promiscuous mode [ 145.894705][ T55] veth0_vlan: left promiscuous mode [ 146.030473][ T55] team0 (unregistering): Port device team_slave_1 removed [ 146.040901][ T55] team0 (unregistering): Port device team_slave_0 removed [ 146.110727][ T55] team0 (unregistering): Port device team_slave_1 removed [ 146.120930][ T55] team0 (unregistering): Port device team_slave_0 removed [ 146.666743][ T55] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.717785][ T55] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.814696][ T55] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.869462][ T55] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.961478][ T55] bridge_slave_1: left allmulticast mode [ 146.967220][ T55] bridge_slave_1: left promiscuous mode [ 146.972908][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 146.980835][ T55] bridge_slave_0: left allmulticast mode [ 146.986709][ T55] bridge_slave_0: left promiscuous mode [ 146.992580][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 147.106240][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 147.116619][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 147.126819][ T55] bond0 (unregistering): Released all slaves [ 147.236175][ T55] hsr_slave_0: left promiscuous mode [ 147.242091][ T55] hsr_slave_1: left promiscuous mode [ 147.247970][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 147.255711][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 147.263310][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 147.270829][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 147.280023][ T55] veth1_macvtap: left promiscuous mode [ 147.285520][ T55] veth0_macvtap: left promiscuous mode [ 147.291116][ T55] veth1_vlan: left promiscuous mode [ 147.296335][ T55] veth0_vlan: left promiscuous mode [ 147.379431][ T55] team0 (unregistering): Port device team_slave_1 removed [ 147.390109][ T55] team0 (unregistering): Port device team_slave_0 removed [ 148.195211][ T55] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.234264][ T55] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.289347][ T55] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.352921][ T55] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 148.420568][ T55] bridge_slave_1: left allmulticast mode [ 148.426314][ T55] bridge_slave_1: left promiscuous mode [ 148.432158][ T55] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.443484][ T55] bridge_slave_0: left allmulticast mode [ 148.449243][ T55] bridge_slave_0: left promiscuous mode [ 148.454987][ T55] bridge0: port 1(bridge_slave_0) entered disabled state [ 148.546877][ T55] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 148.557073][ T55] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 148.567527][ T55] bond0 (unregistering): Released all slaves [ 148.666089][ T55] hsr_slave_0: left promiscuous mode [ 148.673434][ T55] hsr_slave_1: left promiscuous mode [ 148.680107][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 148.687697][ T55] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 148.695241][ T55] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 148.702747][ T55] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 148.712016][ T55] veth1_macvtap: left promiscuous mode [ 148.717530][ T55] veth0_macvtap: left promiscuous mode [ 148.723140][ T55] veth1_vlan: left promiscuous mode [ 148.728439][ T55] veth0_vlan: left promiscuous mode [ 148.809019][ T55] team0 (unregistering): Port device team_slave_1 removed [ 148.819114][ T55] team0 (unregistering): Port device team_slave_0 removed