last executing test programs: 7.835731595s ago: executing program 4 (id=6166): perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20) 7.506512111s ago: executing program 4 (id=6170): perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={&(0x7f0000000340), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) modify_ldt$read(0x0, &(0x7f00000002c0)=""/127, 0x7f) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)=ANY=[@ANYBLOB="dc01c6ba1cdcc12519250000000000007f007101001300000000000000000000000000000000000000000000000000000000000000dce600000000000000", @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000020000000032000000fe8000000000000000000000000000bb000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x1dc}}, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}}, 0x9c) r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd_index}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 7.445043096s ago: executing program 4 (id=6172): r0 = socket$inet6(0xa, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0xfffc}]}) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78209788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798"], &(0x7f0000000100)='GPL\x00'}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003400)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbf"], &(0x7f0000000100)='GPL\x00'}, 0x48) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r2, r2, 0x2f, 0x20, 0x0, @prog_fd}, 0x20) bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000e00)={@cgroup=r1, r2, 0x2f, 0x14, 0x4, @link_id}, 0x20) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000040)={0x2, 'batadv_slave_0\x00', {0x7}, 0x9}) sendmsg$NL80211_CMD_GET_COALESCE(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2}, 0x48) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="85000000a0000000dd0000000000000085000000080000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0xa0, &(0x7f0000000180)=""/153}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r4, 0x0, 0xe, 0x2000000, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x12c4}, 0x28) r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r3) sendmsg$NLBL_MGMT_C_ADD(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14010100", @ANYRES16=r5, @ANYBLOB="cd3e0000000000000000010000000800020005000000ce00010043ecf8a077157cd8bc73e1b93314cdcbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f175dd5d0f0a8ebd26792040000006f64e62cd3404917f3be657330adc6bf2f2ab6286f917412935536f4406edcdc8a3779814659bebb63d2c301a5e2568cb3696d7ed256da47bd6246c86e86ac9cfbdae22622b43a13e9096385b4cb17bf6d8436e77f709e436462ad3ba28f73bf36e8e358673326e220d60a9d3d7e3c932faf89062b965db52beeff385e442adbb8d87480d48f4b3d4530e85283000014000500fe80000000000000000000000000004014000600fc0200"/270], 0x114}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.empty_time\x00', 0x275a, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00'}, 0x11) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x0, 0x4, 0x9}, 0x48) bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0) socket$packet(0x11, 0x0, 0x300) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0) socket$nl_route(0x10, 0x3, 0x0) 7.361355772s ago: executing program 4 (id=6175): syz_open_dev$tty1(0xc, 0x4, 0x1) dup(0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x4052, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x65a4, &(0x7f00000007c0), &(0x7f0000000000), &(0x7f00000000c0)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x13, 0x2000ac0a, r1) r2 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) ioctl$TUNSETNOCSUM(r3, 0xc0189436, 0x1ffffffe) 7.343522894s ago: executing program 4 (id=6177): perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000340)='\b', 0x1, 0x4008041, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan1\x00'}) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_MSG_GETOBJ_RESET(0xffffffffffffffff, 0xfffffffffffffffc, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e) r3 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r3, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e) close_range(r1, r2, 0x0) connect$pppoe(r3, &(0x7f0000000040)={0x18, 0x0, {0x0, @dev, 'rose0\x00'}}, 0x1e) r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r4, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"]) ioctl$USBDEVFS_CONTROL(r4, 0x80045503, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4) bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c) listen(r5, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa80efde713e1e1fc39eaaaaaaaa86dd601391e900140600fe80000000000000000000000000002cfe80000000000000100000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="56c2000090780000"], 0x0) syz_emit_ethernet(0x8a, &(0x7f00000001c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6010104000540600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="54c2000090780000220503c0ab030300fe06e2d4c3d90402000a8bfbd54ae56dd076080a000000000000000013127232407c800650dd7615774fdbb46eb86cc80007111fad2ea7000000313238ca20973cdf9739c041e904b29230c7aa"], 0x0) recvfrom$inet(r0, &(0x7f0000000440)=""/30, 0x1e, 0x10120, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) 6.197311983s ago: executing program 4 (id=6193): unshare(0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_settings={0x4, 0x0, @te1=0x0}}) ioctl$sock_netdev_private(r0, 0x89f0, &(0x7f0000000000)) socket$inet6(0xa, 0x80002, 0x88) (async) r1 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0) setsockopt$sock_int(r1, 0x1, 0x1d, &(0x7f0000000040)=0x8004, 0x4) syz_emit_ethernet(0x83, &(0x7f0000000080)=ANY=[], 0x0) recvmmsg(r1, &(0x7f0000000bc0), 0x0, 0x40012121, 0x0) (async) recvmmsg(r1, &(0x7f0000000bc0), 0x0, 0x40012121, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r2, &(0x7f0000001800)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) (async) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r3, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li") openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000500)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) (async) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000500)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) write$binfmt_aout(r4, &(0x7f00000006c0)=ANY=[@ANYRESDEC, @ANYRES32], 0xc1) (async) write$binfmt_aout(r4, &(0x7f00000006c0)=ANY=[@ANYRESDEC, @ANYRES32], 0xc1) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffffff6a) (async) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000), 0xffffff6a) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) fallocate(r6, 0x0, 0x0, 0x2c2) (async) fallocate(r6, 0x0, 0x0, 0x2c2) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r4, 0x0) (async) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r4, 0x0) r7 = socket$kcm(0x2, 0xa, 0x2) socket$kcm(0x2, 0xa, 0x2) (async) socket$kcm(0x2, 0xa, 0x2) close(r7) r8 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r8, 0x10d, 0xaf, 0x0, &(0x7f00000000c0)) setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4) 4.651477095s ago: executing program 0 (id=6212): r0 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000080), 0x4) bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)=@o_path={&(0x7f0000000040)='./file1\x00', 0x0, 0x4010, r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8200, &(0x7f0000000000), 0x83, 0x61b, &(0x7f0000000c40)="$eJzs3c9rHNcdAPDvzGplyVZruRRTmxYLerChVD9cU7c92b7UB0MNNbSUHiwsyRVe2cKSoXYNlqGHFloopT2W4kv+gdyDyTW3EEhyyznghOCQS4I3zOysvFntyhtZuytpPh+Y3TdvRvveV6M382ZGbyeA0prKXtKIExFxPYk42rJsIhoLp4r1nn/28EY2JVGv//bTJJIir7n+i+L9SPaSRIxFxLuXIr5X2Vru2v0Ht+Zr9YZHETPrK6sza/cfjCyvzN9cvLl4e+7sL86dn/3l3Lm5XYmzGdflK7/54T//+qefL71X+2kSF+Ja9S8L7XHslqmYihdFiK35IxFxPkt0+L3sN80QkiHXg52pFH+P1Yg4Hkejks81HI3lfwy1ckBf1SsRdaCkkqL9nwp7AiiXZj+geW7fj/PgvezZxcYJ0Nb4RxrXRmIsPzc6/DxpOTNqnO9O7kL5WRlfPTz5v2yKLtchRnahnG42HkfEDzrFn+R1m8yv4mTxp5G2/FyWno2I0eJ3ke6w/Km2+UH//X2b+Fu3QxbvheI9y7+0w/KHHT8A5fT0YnEg38jmXh7/sp5hs/8THfo/Ex2OXTsx7ONf9/5f83g/ll8jT9v6YVmf52rnj6y2Z3z098v/7lZ+a/8vm7Lym33BQXj2OOJkW/x/yztzyeb2Tzps/2yV6z2W8ev3P7ncbdmw468/iTjd8fzn5R2tLDWzvrLazGu7PzmztFxbnG28xqEOZbz1zh/f6Fb+sOPPtn90iX+77Z/lrfZYxptXn6x0WzbxyvjTj0eTa3lqtMj58/z6+t25iNHkSrFKS/7Z7evSXKf5GVn8Z37cuf1vE3+2x2zsMnuw+vtbz7st63n7b9mr5F7Ue6xDN1n8Czvc/v/qsYwv/nDvR21Z483EdvGPv2ZsAAAAAAAAUDZpfg82Sac302k6Pd0Yw/v9OJzW7qyt/2Tpzr3bCxFn8v+HrKaNO92NMbWTUU2y+bni/2Gb82fb5n8WEcci4j+V8Xx++sad2sKwgwcAAAAAAAAAAAAAAAAAAIA94kgx/r/5nOrPK43x/z1ZP97n2gF9188HzAF7m/YP5ZW3/50+wRXY1xz/oby0fygv7R/KS/uH8tL+oby0fygv7R/KS/sHAAAAgAPp2KmnHyYRsfGr8XzKjBbLqkOtGdBv2jiUV2XYFQCGZvPWv+H/UDrb9/+LLwV8VLwPrFbAICWdMvPOQX37xv+0408CAAAAAAAAAAAAAH1w+oTx/1BWabzd45r/NQAIDpjXGP/vqwNgn/PV/1Ber3GOv7Gb9QCG51Wj+Me6LTD+HwAAAAAAAAAAAAAGZiKfknS6eAToRKTp9HTEdyJiMqrJ0nJtcTYivhsRH1Sqh7L5uWFXGgAAAAAAAAAAAAAAAAAAAA6YtfsPbs3Xaot3WxNfbsk52InmU1D3Sn1aE5EMvtDxiNgLsfcnMbKZ87tIisdY9rgtCn2rYf8+edtE5ZtxpXliOPsjAAAAAAAAAAAAAAAAAAAos5axx52d/P+AawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg/fy+f87TySv+JxhxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7E9fBwAA//92Qje1") ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'veth1_virt_wifi\x00', 0x0}) r2 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x1, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x0, 0x8}]}, 0x10) syz_emit_ethernet(0x49, &(0x7f0000000340)=ANY=[@ANYBLOB="bbbbbbbbbbbbffffffffffff8100000086dd60840757000f0600fc01000000000000000000000000000000000000000000000000ffffffffffff20000000000f9078a9bc0f3c244bae0910fcb97cbe61d504dae26774771c1e2b7d0ccb3c1f24a99054200b785601752fab565fd990d1a8944f68f0716048a64481ceeb142508eea9d09c2734d0f85ab82c734ffb3af26720941b0081f84b29be6c175edabe2f2bc3aa5e02cc53ff551df559d3ce"], 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, &(0x7f0000000000)=0x3, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000300)=ANY=[@ANYRESHEX=r2], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3c, '\x00', 0x0, 0x2}, 0x90) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0xf85, 0x4) bind$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) sendto$packet(0xffffffffffffffff, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) r4 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8) setsockopt$MRT_DEL_VIF(0xffffffffffffffff, 0x0, 0xcb, &(0x7f00000000c0)={0xfffe, 0x4, 0x65, 0xffffffff, @vifc_lcl_ifindex=r1, @multicast1}, 0x10) connect$inet6(r4, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0xfffffd3d) sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000) recvmsg(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x2000) memfd_create(&(0x7f0000000080)='\xf3e\t\xa9\xff\vty\x01senux\x00', 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) r5 = creat(&(0x7f0000000040)='./file0\x00', 0xecf86c37d53048c3) r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x6, 0x1, 0x0, r6}, @generic={0x66, 0x0, 0x0, 0xfffc}, @initr0, @exit, @printk={@s, {0x3, 0x0, 0x6}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00'}, 0x90) write$binfmt_elf64(r5, &(0x7f0000000380)=ANY=[], 0x78) 4.227340028s ago: executing program 0 (id=6214): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002304e80000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r1, &(0x7f0000000380)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3e, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x1}, [{0x3}]}, 0x78) close(r1) write$P9_RLOPEN(r1, &(0x7f0000000400)={0x18, 0xd, 0x2, {{0x4c, 0x4}, 0xbc}}, 0x18) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="44010000100001000000000000000000ac1414aa000000000000000000000000ac141400"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff020000000000000000000000000001000000006c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200"/167, @ANYRES32=0x0, @ANYBLOB="00000000480003006465666c617465"], 0x144}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_FLUSH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000010000002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b00736970000600010002000000080005"], 0xc4}}, 0x0) 4.021408395s ago: executing program 0 (id=6216): r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2) r3 = socket$kcm(0x29, 0x2, 0x0) sendmmsg(r3, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d0", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000280)='T', 0x1}], 0x1}}], 0x2, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) dup3(r4, r3, 0x400000000000000) 4.020158325s ago: executing program 0 (id=6217): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="9000090010000305000000000000000000000700", @ANYBLOB="996e06004d4c0700540012800800010068737200480002"], 0x90}}, 0x0) 4.005873255s ago: executing program 0 (id=6218): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async) write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7) (async) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0x12, &(0x7f0000000080)={0x0, 0x2}, 0x8}, 0x0) (async) r0 = socket$netlink(0x10, 0x3, 0x0) (async) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x6b) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32, @ANYBLOB="03000016010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0) (async) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB="50000000100039040000000000000000000003e4", @ANYRES32=r1, @ANYBLOB="00000000000000003000128008000100736974002400028008000300e00000000000000000000f0006001000ff0100000800140005000000b0381370f96ad8e756aba7ccdd9568b6aec95372ab0399241ab4fcc9b0d65029ed262f51230ecd941fbf8f7e98c8685f9c7df1f53c4ac5d8d68da5080b764fb74a63b69e3cb2306f862549c253b2d9ee06432ee9c3d371d584be07e00b7603f6a63e503a38816ef37d23354186c5c1106b9a0000"], 0x50}}, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000500)=[@in={0x2, 0x0, @private=0xa010102}]}, &(0x7f0000000140)=0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0) (async) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000240000/0x1000)=nil, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f0000000ec0), 0xffffffffffffffff) (async) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) (async) r3 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) r5 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r5, &(0x7f0000000080)={0x1d, r4}, 0x18) (async) sendmsg$can_j1939(r5, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, 0x0, 0x0, {0x1}}, 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1}}, 0x80fa) (async) r6 = socket$nl_route(0x10, 0x3, 0x0) (async) dup2(r3, r5) r7 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000f00)=@newtfilter={0x24, 0x11, 0x0, 0x0, 0x0, {0x0, 0x0, 0x74, r8}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x4000) 3.988783897s ago: executing program 0 (id=6219): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000f841b35af2e300"/3601], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="600000000806010300000000000000000000000005000400000000000900020073797a31000000000500010007"], 0x60}}, 0x0) (fail_nth: 5) 3.113589575s ago: executing program 3 (id=6224): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W") syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="6e6f646f74732c646f74732c646f74732c6e6f646f74732c6e66732c6e6f646f74732c646f74732c6e6f646f74732c756d61736b3d30303030303030303030303030303030303030343236332c666c7573682c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c646f74732c646f74732c756d61736b3d30303030303030303030303030303030303037373737372c6e6f646f74732c646f74732c747a3d5554432c6e6f646f74732c74696d655f6f66667365743d3078666666666666666666666666666336652c73686f77657865632c6e6f646f74732c6e6f646f74732c00d774a58681bb9f730b115db514452b8e94326c"], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff, 0x1b) 3.036818371s ago: executing program 2 (id=6226): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002304e80000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) write$binfmt_elf64(r1, &(0x7f0000000380)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3e, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x1}, [{0x3}]}, 0x78) close(r1) write$P9_RLOPEN(r1, &(0x7f0000000400)={0x18, 0xd, 0x2, {{0x4c, 0x4}, 0xbc}}, 0x18) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="44010000100001000000000000000000ac1414aa000000000000000000000000ac141400"/64, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ff020000000000000000000000000001000000006c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200"/167, @ANYRES32=0x0, @ANYBLOB="00000000480003006465666c617465"], 0x144}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_FLUSH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000010000002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b00736970000600010002000000080005"], 0xc4}}, 0x0) 3.027804712s ago: executing program 3 (id=6227): socket$netlink(0x10, 0x3, 0x0) setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x0, &(0x7f0000000440), 0x4) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0) listen(r0, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000280)={@local, @broadcast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0xf401, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x11}}}}}}, 0x0) 2.885279083s ago: executing program 2 (id=6228): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(0xffffffffffffffff, 0x114, 0x7, 0x0, 0x0) r2 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r4) ioctl$BTRFS_IOC_FS_INFO(r3, 0x8400941f, &(0x7f0000000740)) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10) bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r6, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$bt_hci(r6, 0x84, 0x71, &(0x7f0000001f00)=""/4062, &(0x7f00000004c0)=0x744) bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x20, &(0x7f0000000000), 0x4) r7 = socket$netlink(0x10, 0x3, 0x0) open(0x0, 0x0, 0x0) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14}}}}]}, 0x48}}, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) personality(0x0) r8 = socket$inet6_udplite(0xa, 0x2, 0x88) fsetxattr$security_selinux(r3, &(0x7f00000001c0), &(0x7f00000002c0)='system_u:object_r:dbusd_etc_t:s0\x00', 0x21, 0x0) syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[@ANYBLOB="00694ba7e2ae8959c3a1a1006a809454d1b9e49ca9bcfc4fc4988c654d24bf47f27cf5182a66907790f63da0382e7e8b6fa7bc01215b438ad0a0c54300383d371f98a51969e94000800000d1a09c066c83c90eb1659f642d9740b323fc7da8f03a2e547ee2dd62af8c0b51da0e3b75a1ccf23bb04d83fa977502819dcc5fbe622c4c35880cfe115f8743ddf5255ed6532d8ce9391e704bb6c64bf7bd3c353b218ccf99b00749bc4d22cdc096d92b7eaf583df7f136a59dade8dafa14bcefad343a259d07d5b6e7152b1031acbba628c1f5310e53cd87b92cdfd51281dba68af9b738f0a097f69b277ef9a9bd361570f431b43d9a107367e5ed6f27bd9ef071148bc60b4845accf826763066baf9b092754602e7fe53fbd347a39262850be890a0300863518f5cd8e1d6d388c66123eac43a65f0b3a585c80576666c4ee5d579c349d415741bd3de7fd5af2fa9b50f63bbd192fa1ee4eb9d2eb2b4afffa5dd5a32f292bffcecbcc18071375b13a01e4643601001601b7a1eca9816df0137b589441fca8b569993caed53c6d9deae2183ebdb1d37c31837dd8"], 0x1, 0x249, &(0x7f00000001c0)="$eJzs3c9LFGEYB/BH3fzRZSWCIIIWIui0qNDdiAJJKpIljJDWXENcERKEPKidgk5dOnb0ZgR16Fb/Q9ClS3SJjnnrEE7oxLrmWhq5E+7nc9mHmee7884s+87uYd+9c2pmemJ2bnJt7XN0d7dFbvDeepK0RW+0R0eklgMAOEy+JUl8TVJZjwUAaA73fwBoPXu8/19v4pAAgAP299//n46++ViuDJ7fQ2vSVSs/jO1/jADAvzUyeuvK+tuzPUPx6knEzKP50nwpfUz3X5iMqahGJfoiH98jkpq0vjw0fKmvsKEnojSz9DO/NF/q2J7vj3z0Rty8ujPfX0htzx+Jo/X5gcjH8cbHH2iY74xzZ+ryxcjHu7sxG9WY2PhIUpdf7C8ULl4b/iXftdkXKx2Zvj4AAAAAAAAAAAAAAAAAAAAAABxOxUJNb6P1e4rF3fan+b2vD7S1Ps/jzXwuTubiYbZnDwAAAAAAAAAAAAAAAAAAAP+HuQcL0+VqtXK/VozfmDq2fcufirb9NCsWpjcu/AEe4nREHPRZvFytvF8Zuz2S/cVsYtH4qr7IfGDjv+lpj4jN4sSzwfLrxU9fdvbEct17OZfOC+Vqg8mi0OTJCQAAAAAAAAAAAAAAAAAAWszWz4B360iaOyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyMDW///vu+isbVntSZ9sl+Z05/NMzxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNb2IwAA///U1qw1") r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(r9, &(0x7f0000000600)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000005c0)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="1c010000", @ANYRES16=0x0, @ANYBLOB="010025bd7000ffdbdf250c000000d4000380c900040019e8d5d8e9ed7b5a56917878a03469903f29dc678039896cccce52b94f25c53f9cae283a2f911a4a73afd722bbf42a4e35a9167d475f30bb2119516e769585b55d39727f942cfaf61b875608f762e5249a70c4410195650475eb16b4eeb8849e2bb1b650914a17efeaf514e8be11b23f94d7d0aaf9269046b52b642584b9301489d8f201380d0e097254b59400db3dfcca91108c63d6529b68b8ddee1c8f3c4cc2db5a88f2298d91c427c979e80e2698952463e9cd710e17b753511773f43dac8b1d3a210e000000040001003400018008000300020000000800030002000000080003000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="e24176f5810834f3f7ebb74f0abcc37394afc2a5cb16c89bcaf377bc2d3827dabde6a24d"], 0x11c}, 0x1, 0x0, 0x0, 0x24048404}, 0x44040) pwrite64(r9, &(0x7f0000000100)='i', 0x1, 0x11) sendmmsg$inet6(r8, &(0x7f0000000300)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @dev}, 0x1c, 0x0}}], 0x1, 0x0) 2.885102743s ago: executing program 3 (id=6229): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W") syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="6e6f646f74732c646f74732c646f74732c6e6f646f74732c6e66732c6e6f646f74732c646f74732c6e6f646f74732c756d61736b3d30303030303030303030303030303030303030343236332c666c7573682c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c646f74732c646f74732c756d61736b3d30303030303030303030303030303030303037373737372c6e6f646f74732c646f74732c747a3d5554432c6e6f646f74732c74696d655f6f66667365743d3078666666666666666666666666666336652c73686f77657865632c6e6f646f74732c6e6f646f74732c00d774a58681bb9f730b115db514452b8e94326c"], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa") fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 4) 2.16838586s ago: executing program 3 (id=6230): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) getdents64(r2, &(0x7f0000000040)=""/42, 0x2a) io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f0000000480)={0x2, 0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=""/106, 0x6a}, {&(0x7f0000000540)=""/71, 0x47}], &(0x7f0000000380)=[0x5]}, 0x20) r3 = dup2(r0, r1) sendmmsg$inet(r3, &(0x7f0000000dc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000a40)="0036d551863e1902129da79f5986e05288f50e5398660c1a29b0f45c0cc36902e0251c8d34197b357b32b161f9ad72d55a0eab976aae24ed805271b43f0ce2c93497d9ae41ebc6099d95fea5e764494873e0d82a172b3bb54f35039c7d81e9ab07f2fb4dad61bd50c4b2c861c74a12e4569e47b69a95f92c6380af2bd003fa56f06a23bbd1c76d7756bf4fcaff0c23374ec7c4aadbb8b985f14893a91d0200000050685e0f4f079d2d8e79be174ef9355b70739c712c5d3f739f01dfbf5eb2772052b215d2", 0xc5}], 0x1}}], 0x1, 0x0) sendmsg$NFT_MSG_GETSETELEM(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[], 0x24}}, 0x400a0c5) syz_genetlink_get_family_id$wireguard(&(0x7f00000004c0), r1) getsockopt$inet_sctp_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0xe) r4 = syz_io_uring_setup(0x3665, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000000440)=0x0) syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) r7 = inotify_init1(0x800) r8 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000500)='./file0\x00', 0x80000000) inotify_rm_watch(r7, r8) syz_emit_ethernet(0x4e, &(0x7f0000002340)=ANY=[@ANYRES64=r8, @ANYRES32=0x41424344, @ANYRESDEC=r7], 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="18060000000000f6ffffffff6700000095", @ANYRES64=r7, @ANYRES64=r8], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x2}, 0x90) inotify_rm_watch(r3, r8) io_uring_enter(r4, 0xa3d, 0x0, 0x0, 0x0, 0xff39) 1.897532321s ago: executing program 2 (id=6232): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r0, &(0x7f0000000180)="1e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x700, 0x0, @remote, 0xffffffff}, 0x1c) 1.868495293s ago: executing program 2 (id=6233): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) syz_open_dev$vcsu(&(0x7f0000000040), 0x60, 0x2101) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f00000000c0)=[{0x16}]}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r3, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) 1.01008724s ago: executing program 3 (id=6234): socket(0x0, 0x3, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$IPSET_CMD_TEST(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000040)={&(0x7f00000002c0)={0xd4, 0xb, 0x6, 0x101, 0x0, 0x0, {0x3, 0x0, 0x6}, [@IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz0\x00'}}]}, @IPSET_ATTR_ADT={0x5c, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010102}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}}, {0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty}}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}}]}, @IPSET_ATTR_ADT={0x50, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x34}}, {0x1c, 0x7, 0x0, 0x1, @IPSET_ATTR_IP2_TO={0x18, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @empty}}}, {0xc, 0x7, 0x0, 0x1, @IPSET_ATTR_PROTO={0x5, 0x7, 0x1d}}, {0x18, 0x7, 0x0, 0x1, @IPSET_ATTR_IFACE={0x14, 0x17, 'wg1\x00'}}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x4040801}, 0x44040) r3 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0xffffffffffffffbc) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000640)=@newtfilter={0x24, 0x2a, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0x0, 0xffe0}, {0x0, 0xfff5}}}, 0x24}}, 0x0) 873.069441ms ago: executing program 2 (id=6236): setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x9}, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x10, 0xffffffffffffffff, 0x2) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x3, &(0x7f0000003200)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec06000000000000002176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f3cc2b0da31fa21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bca84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e03564f7f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf05003f6cded6a2f8550b973b818184ebad0485fbaa816e3b26199d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c10a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d02000000a3ff4f8a4cf796b07a6ff61c5d52417fd703f7f14d8b78ac02ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c9ad943e392955f4f979ea13201bafe4f0f6ea5080000000cdcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12289ee34463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b0030000000000ea8809820000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f55e550fafa4cedd763ada3104f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2a81425ef1b71c1d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efc794874eac73381e6f523d9c8c21578fe3245097c280abe51427b9f6cd72b51b7689969c72fb632d1c072492d9da6d0252803c66730cd5eac907f09b9695906313f88735fce513974a24eee239baa91322608c6fc01e1b9e16587bb5f721303e6b89000000fa08ad0731c4b839688b22c4da2a6bc4cf45dbeea042f9b33393f85a0417854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296ac2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692baffffffff5c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b042d84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf53928867d596987024952b698d4a01c08aca45ea8727be6c8bc8fdcdff1917db98f152625b8465b9a01abe539192e76c79f4ab393541a6d9cabc4de71c5a65d228e4cb483cca06858dc6727c7a2322c9580d9afc33f6fcf87518ecca6dd027cb995f1eb4e98e4b500b5843d4ee1"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/181, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x9}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140)}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bc000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000140)={0x16f, @time}) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000900), 0x408000, 0x0) sendmsg$key(r3, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={&(0x7f0000000d80)={0x2, 0x13, 0x9, 0x7, 0x1b, 0x0, 0x70bd2a, 0x25dfdbfb, [@sadb_x_kmaddress={0x5, 0x19, 0x0, @in={0x2, 0x4e21, @rand_addr=0x64010100}, @in={0x2, 0x4e20, @multicast2}}, @sadb_x_filter={0x5, 0x1a, @in=@empty, @in=@empty, 0xb, 0x4, 0x14}, @sadb_spirange={0x2, 0x10, 0x4d2, 0x4d2}, @sadb_lifetime={0x4, 0x3, 0xfffeffff, 0x9, 0x80000000, 0x28}, @sadb_x_sa2={0x2, 0x13, 0x3, 0x0, 0x0, 0x70bd2c, 0x34ff}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in6={0xa, 0x4e21, 0x3, @loopback, 0x6}, @in={0x2, 0x4e24, @private=0xa010100}}]}, 0xd8}}, 0x80) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r5, 0x0, r4, 0x0, 0x6, 0x0) write$P9_RWRITE(r6, &(0x7f0000000040)={0xb}, 0x11000) read(r5, &(0x7f0000019440)=""/102391, 0xffa) ioctl$BTRFS_IOC_DEFRAG_RANGE(0xffffffffffffffff, 0x40309410, &(0x7f0000000180)={0x9, 0x5, 0x2, 0x2, 0x1, [0xe, 0x9a8, 0xf9, 0x9]}) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ALL_SLAVES_ACTIVE={0x5, 0x11, 0x1f}]}}}]}, 0x3c}}, 0x0) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r5) sendmsg$TIPC_NL_BEARER_ADD(r6, &(0x7f00000008c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000880)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c050000", @ANYRES16=r8, @ANYBLOB="00082cbd7000fbdbdf25150000004400038008000300000000000800010009000000080001000300000008000100c90c0000080002000500000008000200020000000800010003000000080003000a0000009400028008000200b2f4ffff1c000380080002000180000008000100080000000800020000000000080001000e000000080002000300000008000100a30100005415b165ce000100060000000800010009000000080002000900000008000200fd05000008000200090000000800020007000000080002000500000008000100cb0f000008000200ffff000008000200010000001c0003800800010001000000080001000900000008000100f8ffffff1c0004800900010073797a30000000000900010073797a300000000040000180080003000400000034000280080003000f000000080002000900000008000200fc0a00000800030008000000080002003666c41308000400ff0f00006802068004000200040005009f000300718b981ef8a55e610c56ce0bc3e2425496b30099cba93a68a923e13bd1727032575807fa066a2d619af34d6f9f8fafb211a804095f57e6deeae37f6e14536bdf9b6c3ba77507b52b267543382a0e753f89eaf642d66a3f81d80dc1f77e14adb16b62808cf45eeadb4f14381a482b29ce72964f112da6730ff6204949f575bcd51a87a960b0cce6fea48dd813d27424227b7d7e951a0bb10b8bffd600d6000300565fd16424a75e9e0c13e55fade44a1c4ed104ec5fa1c9275e6e144e823bc870106992f5fbfe5b3920e11538bbf9ba01260440d800604fbb91af153f7083a144a8366a02bf72bd92dc077b3a74a0f82d61792b10006d9d64269f63801d79adcefe4cfd7a7f29cf8cd13b6080bd35ce714dc99d2aa7a4bc3f720f744d23e31f2d3f64128f65928f427ad04e4ebe210610a5e10a2a58b16ae2308b671a90b8bd588ae39b85da89479d0a010d210aef5b3e4a574c0377665f3614839e56d747bbeba76784fc7398f0f65d1ac93749096f5114550000e400030080f32009a1036aa6004c5fa3903322846c7b460b7a9580fd0f73c16cc70c6d07cd481db537c853f911ac105be3c1e8551ec56ce6a3c9765530d1b4c25dd25b401fa733187a5babf724610c9d0153091dff57d47807d38661e740d217a98b67e8b3dfda424211ee0107958f05ddbd9da5dc188e2a01c20724f25e78d392c50d7914fa746f34f8313b84746e5f9dc788a73db165ac0f3543e88c9ab4ec87e4d12a77a3d3a6d1a396a4d648b156f3023c233b0ef6a13c93eef49e8d6ce7ac4a80969fb995bd4a955c72361aeb70d03f27ed65c52bcb33a5b8f6fdf5c2785cd551a93800018008000300030000002c0004001400010002004e206401010000000000000000001400020002004e22e00000020000000000000000ec00048044000780080004008cf5ffff080003000000000008000200010000000800030008000000080001002000000008000200030000000800030081000000080001001a0000000900010073797a30000000001c0007800800010012000000080004000008000008000400020000000c00078008000100120000003c0007800800030000002000080004000800000008000400030000000800020008000000080003000905000008000400ae9e000008000300ffffff7f3400078008000100080000000800010000000000080004000700000008000200ff7f00000800030007000000080003003616e013280002801400038008000200800000000000000000000009040004000c00038008000100878700003400038008000200080000000800020001000080080002000600000008000300ac9cd44b08000100420000000800020000000000"], 0x54c}, 0x1, 0x0, 0x0, 0x4}, 0x8000) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400e, &(0x7f00000001c0)={[{@i_version}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@quota}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") 872.827891ms ago: executing program 3 (id=6237): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='illinois\x00', 0x9) kexec_load(0x0, 0x2, &(0x7f00000002c0)=[{0x0, 0x0, 0x0, 0x10000}, {0x0, 0x0, 0x3e0000}], 0x0) sendfile(r0, r0, 0x0, 0x7fff) r1 = dup2(r0, r0) r2 = openat$cgroup_ro(r1, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r5) r6 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCSMASK(r6, 0x40104593, &(0x7f0000000000)={0x0, 0x3, 0x0}) r7 = memfd_create(&(0x7f0000000080)='\xf3e\t\xa9\xff\vty\x01senux\x00', 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r7, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000800000000000000000018010000786c6c2500000000002020207b0af8ff00000000bfa100000000000007010000f6ff40ffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000300)='GPL\x00', 0x5, 0xff8, &(0x7f0000001e00)=""/4088}, 0x90) write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d) sendfile(r0, r2, 0x0, 0x8000002b) 593.278923ms ago: executing program 2 (id=6240): socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000000c0)={0x0, 0x0, 0x0, 'queue1\x00'}) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0x402c5342, &(0x7f00000007c0)={0x0, 0xa1708c7, 0xb, {0x0, 0x9}}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r2}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0x0) sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x24, 0x1407, 0x400, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz0\x00'}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x40000) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)=@generic={&(0x7f0000000000)='./file0\x00', r2}, 0x18) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000900)=@newsa={0x228, 0x10, 0x713, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@private}, {@in=@dev={0xac, 0x14, 0x14, 0x28}, 0x0, 0x32}, @in6=@ipv4={'\x00', '\xff\xff', @empty}, {0x0, 0xfffffffffffffffc}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x104, 0x2, {{'ecb(cipher_null)\x00'}, 0x5e0, "34551b79419eece62b0635978b742b278d723786740886ad8f218b4a68f8ee169422d0556a9fe6a91587f34f2a7a341d68bd825a1cb5ffffdb6f02803d63785b195044566139e454d576b3646f875b6a505a69ca8e15fab8f5953ea211cdf83e9ecc44d6834723faf2c8509e8ae48518e1036f73073ebb581106a6121f369f78c88aff2d25ccd96806470fbaeab7bcd30e28c1f6fd46e0be58d8872842806be4e12a4f352d315ab5a9c015e2bd98999d7d5b3dd29f8721d4190157dc"}}, @replay_val={0x10}, @lifetime_val={0x24, 0x9, {0x0, 0x0, 0x0, 0x2000000000000000}}]}, 0x228}}, 0x0) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x16c, 0x10, 0x713, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@multicast2}, {@in=@empty, 0x0, 0x32}, @in6=@ipv4={'\x00', '\xff\xff', @empty}, {}, {}, {0x0, 0x0, 0x100}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @replay_val={0x10}, @lifetime_val={0x24, 0x9, {0x0, 0x0, 0x0, 0x7ff}}]}, 0x16c}}, 0x850) sendfile(r3, r4, &(0x7f0000000200)=0x20, 0xfffffffffffffff8) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r5, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r5, &(0x7f00000000c0)="044aac2f202c5feda71e039a57a93088fdcce4afe28aac61837792741a190670ccbe1a2b00aa77a87d56a3f12c7920ad02928a5d1014e5b896f000fcf6521928480be9af82613a5c661f4110adba358afd8b5b4ef1702051e393ede2698112a1f1bdf1d0f568546ed322ab4c53545bd2cd6e48522f0c154cb3c6864dc30ae921db100f1ee97a234503338f8fdf356472da0c7ab62f274f34", 0xadf29f33fb903ae1, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) recvmsg(r5, &(0x7f00000008c0)={0x0, 0x4, &(0x7f0000000840)=[{&(0x7f0000000040)=""/50, 0xfffffe72}, {&(0x7f0000000240)=""/52, 0x34}, {&(0x7f0000000780)=""/129, 0x80}, {&(0x7f0000000300)=""/68, 0x44}, {&(0x7f0000000380)=""/121, 0x79}, {&(0x7f0000000400)=""/183, 0xb7}], 0x6}, 0x40000110) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000bc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x90) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'syz_tun\x00'}) bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x10) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@bridge_dellink={0x2c, 0x11, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r8}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4, 0x5}}]}]}, 0x2c}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000600)={'syztnl0\x00', &(0x7f0000000c00)={'syztnl2\x00', r8, 0x4, 0xff, 0x3, 0x9, 0x0, @empty, @local, 0x40, 0x8000, 0x4, 0x1}}) sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="14000000100001000000000000000000008488adb5000000000a03000000004000000000000000000900010073797a30000000002c000000030a010200000000000000000100000009000b0073797a31000000000900010073797a3000000000140000001000010000000000000000000000000000000001eebc9c1a099d98e61d874a7acb068f442b8195cc19c74a39b9a9dc7a55f8cc4326c8cd0cea72ee8378ac5a36991c038a67664917fbec32b1d1089398dbc32c0c91de72bffe001883d8b31d40dbdd77e2bfe4dc365cc3acac149d5f338ad728a6b217cb36838a58a27b2e361535defb9a"], 0x74}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan1\x00'}) 539.814147ms ago: executing program 1 (id=6241): perf_event_open(&(0x7f00000003c0)={0x0, 0x80, 0xc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000001c0)) r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000051ec0)={0x0, ""/256, 0x0, 0x0}) r5 = socket$netlink(0x10, 0x3, 0x2) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r5, 0x8901, &(0x7f0000000000)={0x1, 'vlan1\x00', {}, 0xfe01}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r1, 0xd000943d, &(0x7f00000520c0)={0xffffffffffffffff, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2, r4}, {}, {}, {r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r3}], 0x20, "737b383178b698"}) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0xc080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 380.47205ms ago: executing program 1 (id=6242): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockname$packet(r1, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="2000000037000900000000000000000004000000e8ff8900080001"], 0x20}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r2, @ANYBLOB="03000016010000001800120008000100736974000c00020008000300", @ANYRES32], 0x38}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c000000100039040000000000000000000003e4", @ANYRES32=r3, @ANYBLOB="0000000000efc4b48400128008000100735474002000028008000300e000000214000b00fe8000"/52], 0x4c}}, 0x0) 197.448834ms ago: executing program 1 (id=6243): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x4c, &(0x7f000002eff0)={0x20000000000003da, &(0x7f0000000000)=[{}]}, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000001440), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000040)={'wpan0\x00', 0x0}) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r4, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000001a40)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002000000008000300", @ANYRES32=r3], 0x40}}, 0x0) write$binfmt_script(r0, 0x0, 0x0) writev(r0, &(0x7f0000006840)=[{&(0x7f00000053c0)='+', 0xfdef}], 0x1) sigaltstack(0x0, 0x0) semctl$GETZCNT(0x0, 0x4, 0xf, 0x0) 197.251584ms ago: executing program 1 (id=6244): openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1}, 0x48) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000080)=@udp}, 0x20) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r2}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000280)={[{@i_version}, {@nobh}, {@data_err_ignore}, {@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000240)={0x200}) fstatfs(r3, &(0x7f0000000440)=""/169) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r2}, 0x20) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000540), &(0x7f0000000580)='%pS \x00'}, 0x20) 93.695682ms ago: executing program 1 (id=6245): perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r1, 0x1, 0x0, 0x0, {{}, {0x0, 0xb}, {0x3, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x0) 0s ago: executing program 1 (id=6246): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x10, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}]}, @NFTA_IMMEDIATE_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) syz_open_dev$vcsu(&(0x7f0000000040), 0x60, 0x2101) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f00000000c0)=[{0x16}]}) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r3, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) kernel console output (not intermixed with test programs): 53f49e4fd #0 [ 566.775943][T25867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 566.785985][T25867] Call Trace: [ 566.789247][T25867] [ 566.792228][T25867] dump_stack_lvl+0xf2/0x150 [ 566.796821][T25867] dump_stack+0x15/0x20 [ 566.801095][T25867] should_fail_ex+0x229/0x230 [ 566.805766][T25867] ? kvmalloc_node_noprof+0x72/0x170 [ 566.811131][T25867] __should_failslab+0x92/0xa0 [ 566.815944][T25867] should_failslab+0x9/0x20 [ 566.820542][T25867] __kmalloc_node_noprof+0xa8/0x380 [ 566.825833][T25867] kvmalloc_node_noprof+0x72/0x170 [ 566.831020][T25867] rhashtable_init_noprof+0x312/0x450 [ 566.836388][T25867] rhltable_init_noprof+0x1e/0x40 [ 566.841456][T25867] nf_tables_newtable+0x54d/0xec0 [ 566.846505][T25867] nfnetlink_rcv+0xb1d/0x15b0 [ 566.851239][T25867] netlink_unicast+0x58d/0x660 [ 566.856049][T25867] netlink_sendmsg+0x5ca/0x6e0 [ 566.860887][T25867] ? __pfx_netlink_sendmsg+0x10/0x10 [ 566.866166][T25867] __sock_sendmsg+0x140/0x180 [ 566.870890][T25867] ____sys_sendmsg+0x312/0x410 [ 566.875678][T25867] __sys_sendmsg+0x1e9/0x280 [ 566.880270][T25867] __x64_sys_sendmsg+0x46/0x50 [ 566.885104][T25867] x64_sys_call+0xb25/0x2d70 [ 566.889754][T25867] do_syscall_64+0xc9/0x1c0 [ 566.894509][T25867] ? clear_bhb_loop+0x55/0xb0 [ 566.899236][T25867] ? clear_bhb_loop+0x55/0xb0 [ 566.903901][T25867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.909794][T25867] RIP: 0033:0x7f28ae61fbd9 [ 566.914290][T25867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 566.933914][T25867] RSP: 002b:00007f28ad8a1048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 566.942321][T25867] RAX: ffffffffffffffda RBX: 00007f28ae7adf60 RCX: 00007f28ae61fbd9 [ 566.950287][T25867] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000005 [ 566.958261][T25867] RBP: 00007f28ad8a10a0 R08: 0000000000000000 R09: 0000000000000000 [ 566.966272][T25867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 566.974236][T25867] R13: 000000000000000b R14: 00007f28ae7adf60 R15: 00007ffe1e0f6b88 [ 566.982244][T25867] [ 567.213520][T25883] dccp_invalid_packet: P.Data Offset(0) too small [ 567.328257][T25886] loop1: detected capacity change from 0 to 128 [ 567.373995][T25886] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 567.667695][T25918] bond0: (slave team0): Releasing backup interface [ 567.686444][T25927] loop1: detected capacity change from 0 to 256 [ 567.709445][T25918] team0 (unregistering): Port device team_slave_0 removed [ 567.736059][T25918] team0 (unregistering): Port device team_slave_1 removed [ 567.774982][T25918] team0 (unregistering): Port device vlan0 removed [ 567.807211][T25952] loop4: detected capacity change from 0 to 512 [ 567.848627][T25976] loop2: detected capacity change from 0 to 512 [ 567.868029][T25976] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 567.901388][T25976] EXT4-fs (loop2): 1 truncate cleaned up [ 567.924463][T25976] EXT4-fs error (device loop2): ext4_generic_delete_entry:2676: inode #2: block 13: comm syz.2.5785: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 567.979810][T25976] EXT4-fs error (device loop2) in ext4_delete_entry:2747: Corrupt filesystem [ 567.997522][T25976] EXT4-fs warning (device loop2): ext4_rename_delete:3738: inode #2: comm syz.2.5785: Deleting old file: nlink 4, error=-117 [ 568.032976][T25994] loop4: detected capacity change from 0 to 512 [ 568.152622][T26019] loop1: detected capacity change from 0 to 164 [ 568.159335][T26019] Unable to read rock-ridge attributes [ 568.165973][T26019] isofs_fill_super: root inode is not a directory. Corrupted media? [ 568.189846][T26022] loop2: detected capacity change from 0 to 512 [ 568.190327][T26023] loop0: detected capacity change from 0 to 128 [ 568.198620][T26022] EXT4-fs: Ignoring removed bh option [ 568.208027][T26022] ext4: Unknown parameter 'i_version.barrier' [ 568.214344][T26023] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 568.227283][T26019] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 568.937754][T26043] loop3: detected capacity change from 0 to 164 [ 568.945942][T26043] iso9660: Unknown parameter '€' [ 569.328032][T26056] FAULT_INJECTION: forcing a failure. [ 569.328032][T26056] name failslab, interval 1, probability 0, space 0, times 0 [ 569.340800][T26056] CPU: 1 PID: 26056 Comm: syz.2.5802 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 569.351036][T26056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 569.361170][T26056] Call Trace: [ 569.364436][T26056] [ 569.367451][T26056] dump_stack_lvl+0xf2/0x150 [ 569.372037][T26056] dump_stack+0x15/0x20 [ 569.376186][T26056] should_fail_ex+0x229/0x230 [ 569.380877][T26056] ? mas_alloc_nodes+0x1d3/0x4a0 [ 569.385844][T26056] __should_failslab+0x92/0xa0 [ 569.390595][T26056] should_failslab+0x9/0x20 [ 569.395128][T26056] kmem_cache_alloc_noprof+0x4c/0x290 [ 569.400509][T26056] mas_alloc_nodes+0x1d3/0x4a0 [ 569.405342][T26056] ? __rcu_read_unlock+0x4e/0x70 [ 569.410279][T26056] mas_preallocate+0x773/0xc30 [ 569.415045][T26056] ? __percpu_counter_init_many+0x3e/0x1f0 [ 569.421001][T26056] ? pcpu_alloc_noprof+0xb92/0x10c0 [ 569.426250][T26056] vma_link+0x8f/0x370 [ 569.430318][T26056] insert_vm_struct+0x17b/0x210 [ 569.435286][T26056] alloc_bprm+0x373/0x5e0 [ 569.439609][T26056] do_execveat_common+0x138/0x7d0 [ 569.444686][T26056] ? getname_flags+0x166/0x360 [ 569.449557][T26056] __x64_sys_execve+0x5a/0x70 [ 569.454283][T26056] x64_sys_call+0x1378/0x2d70 [ 569.459018][T26056] do_syscall_64+0xc9/0x1c0 [ 569.463574][T26056] ? clear_bhb_loop+0x55/0xb0 [ 569.468274][T26056] ? clear_bhb_loop+0x55/0xb0 [ 569.472944][T26056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.478899][T26056] RIP: 0033:0x7f28ae61fbd9 [ 569.483340][T26056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 569.502935][T26056] RSP: 002b:00007f28ad8a1048 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 569.511395][T26056] RAX: ffffffffffffffda RBX: 00007f28ae7adf60 RCX: 00007f28ae61fbd9 [ 569.519354][T26056] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180 [ 569.527392][T26056] RBP: 00007f28ad8a10a0 R08: 0000000000000000 R09: 0000000000000000 [ 569.535438][T26056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 569.543395][T26056] R13: 000000000000000b R14: 00007f28ae7adf60 R15: 00007ffe1e0f6b88 [ 569.551408][T26056] [ 569.678882][T26065] xt_CT: You must specify a L4 protocol and not use inversions on it [ 569.912051][T26080] FAULT_INJECTION: forcing a failure. [ 569.912051][T26080] name failslab, interval 1, probability 0, space 0, times 0 [ 569.924774][T26080] CPU: 1 PID: 26080 Comm: syz.0.5809 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 569.935012][T26080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 569.945097][T26080] Call Trace: [ 569.948382][T26080] [ 569.951313][T26080] dump_stack_lvl+0xf2/0x150 [ 569.956001][T26080] dump_stack+0x15/0x20 [ 569.960169][T26080] should_fail_ex+0x229/0x230 [ 569.964859][T26080] ? mas_alloc_nodes+0x1d3/0x4a0 [ 569.969948][T26080] __should_failslab+0x92/0xa0 [ 569.974734][T26080] should_failslab+0x9/0x20 [ 569.979261][T26080] kmem_cache_alloc_noprof+0x4c/0x290 [ 569.984632][T26080] mas_alloc_nodes+0x1d3/0x4a0 [ 569.989438][T26080] mas_preallocate+0x773/0xc30 [ 569.994322][T26080] mmap_region+0xf05/0x1620 [ 569.998820][T26080] ? security_mmap_addr+0x4c/0x70 [ 570.003873][T26080] ? __get_unmapped_area+0x2d1/0x300 [ 570.009171][T26080] do_mmap+0x6f9/0xb10 [ 570.013233][T26080] ? security_mmap_file+0x128/0x150 [ 570.018453][T26080] vm_mmap_pgoff+0x133/0x290 [ 570.023199][T26080] ksys_mmap_pgoff+0xd0/0x340 [ 570.027986][T26080] ? fpregs_assert_state_consistent+0x83/0xa0 [ 570.034137][T26080] x64_sys_call+0x1835/0x2d70 [ 570.038805][T26080] do_syscall_64+0xc9/0x1c0 [ 570.043353][T26080] ? clear_bhb_loop+0x55/0xb0 [ 570.048050][T26080] ? clear_bhb_loop+0x55/0xb0 [ 570.052717][T26080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.058598][T26080] RIP: 0033:0x7f5d21b31c13 [ 570.063068][T26080] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7 [ 570.082715][T26080] RSP: 002b:00007f5d20d91e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 570.091114][T26080] RAX: ffffffffffffffda RBX: 00000000000004a8 RCX: 00007f5d21b31c13 [ 570.099131][T26080] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000 [ 570.107092][T26080] RBP: 0000000020000742 R08: 00000000ffffffff R09: 0000000000000000 [ 570.115054][T26080] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000008 [ 570.123076][T26080] R13: 00007f5d20d91f00 R14: 00007f5d20d91ec0 R15: 0000000020000440 [ 570.131562][T26080] [ 570.160065][T26088] dccp_invalid_packet: P.Data Offset(0) too small [ 570.167697][T26086] __nla_validate_parse: 8 callbacks suppressed [ 570.167764][T26086] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5811'. [ 570.182831][T26086] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5811'. [ 570.201991][T26086] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5811'. [ 570.225856][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.233335][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.240823][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.248245][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.255756][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.267768][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.275189][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.282642][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.290036][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.297447][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.304849][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.312250][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.319715][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.327278][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.334684][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.340744][T26088] loop2: detected capacity change from 0 to 128 [ 570.342064][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.342086][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.342105][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.342124][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.350906][T26088] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535) [ 570.355712][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.394901][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.402385][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.409815][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.417247][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.424645][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.432126][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.439539][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.446960][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.454351][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.459655][T26106] loop1: detected capacity change from 0 to 2048 [ 570.461736][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.475478][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.483007][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.490411][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.497814][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.505203][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.512706][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.520100][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.527493][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.532047][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 570.532058][ T29] audit: type=1400 audit(2000000248.382:3044): avc: denied { mount } for pid=26099 comm="syz.3.5813" name="/" dev="gadgetfs" ino=89284 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 570.534878][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.534939][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.534980][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.535002][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.593524][ T3156] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 570.604328][ T3156] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz0] on syz0 [ 570.621043][T26106] loop1: p1 p2 p3 [ 570.625980][T26106] loop1: p3 size 2164260864 extends beyond EOD, truncated [ 571.018393][ T29] audit: type=1326 audit(2000000248.834:3045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26153 comm="syz.4.5826" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9453899bd9 code=0x0 [ 571.187041][T26160] 9pnet_fd: Insufficient options for proto=fd [ 571.701351][T26164] loop0: detected capacity change from 0 to 512 [ 571.714565][T26164] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 571.726570][T26164] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 571.735850][T26164] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a84ec02c, mo2=0002] [ 571.743870][T26164] System zones: 0-2, 18-18, 34-34 [ 571.750177][T26164] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 571.765355][T26164] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5828: bg 0: block 408: padding at end of block bitmap is not set [ 571.787042][T26164] EXT4-fs (loop0): Remounting filesystem read-only [ 571.800487][T26164] EXT4-fs (loop0): 1 truncate cleaned up [ 571.806661][T26164] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 571.830435][T26182] netlink: 88 bytes leftover after parsing attributes in process `syz.2.5834'. [ 571.841180][T26182] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5834'. [ 571.853910][T26182] loop2: detected capacity change from 0 to 256 [ 571.911637][T26191] loop3: detected capacity change from 0 to 2048 [ 571.952379][T26191] EXT4-fs error (device loop3): ext4_orphan_get:1420: comm syz.3.5836: bad orphan inode 8192 [ 571.981999][T26202] loop2: detected capacity change from 0 to 1024 [ 571.988715][ T29] audit: type=1326 audit(2000000249.720:3046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26163 comm="syz.0.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d21b31bd9 code=0x7ffc0000 [ 572.012338][ T29] audit: type=1326 audit(2000000249.720:3047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26163 comm="syz.0.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d21b31bd9 code=0x7ffc0000 [ 572.050607][T26202] journal_path: Lookup failure for './file1' [ 572.056610][T26202] EXT4-fs: error: could not find journal device path [ 572.085170][ T29] audit: type=1326 audit(2000000249.775:3048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26163 comm="syz.0.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5d21b31bd9 code=0x7ffc0000 [ 572.108635][ T29] audit: type=1326 audit(2000000249.775:3049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26163 comm="syz.0.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d21b31bd9 code=0x7ffc0000 [ 572.132203][ T29] audit: type=1326 audit(2000000249.775:3050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26163 comm="syz.0.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f5d21b31bd9 code=0x7ffc0000 [ 572.155648][ T29] audit: type=1326 audit(2000000249.775:3051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26163 comm="syz.0.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d21b31bd9 code=0x7ffc0000 [ 572.179185][ T29] audit: type=1326 audit(2000000249.775:3052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26163 comm="syz.0.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f5d21b31bd9 code=0x7ffc0000 [ 572.202657][ T29] audit: type=1326 audit(2000000249.775:3053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26163 comm="syz.0.5828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d21b31bd9 code=0x7ffc0000 [ 572.225893][T26208] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5836'. [ 572.272225][T26196] loop0: detected capacity change from 0 to 8192 [ 572.289601][T26202] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5838'. [ 572.299712][T26202] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5838'. [ 572.402647][T26217] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5840'. [ 572.422320][T26224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5841'. [ 572.680431][T26243] FAULT_INJECTION: forcing a failure. [ 572.680431][T26243] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 572.693537][T26243] CPU: 0 PID: 26243 Comm: syz.0.5849 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 572.703670][T26243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 572.713799][T26243] Call Trace: [ 572.717074][T26243] [ 572.720001][T26243] dump_stack_lvl+0xf2/0x150 [ 572.724654][T26243] dump_stack+0x15/0x20 [ 572.728870][T26243] should_fail_ex+0x229/0x230 [ 572.733559][T26243] should_fail+0xb/0x10 [ 572.737739][T26243] should_fail_usercopy+0x1a/0x20 [ 572.742783][T26243] _copy_from_iter+0xd3/0xb00 [ 572.747463][T26243] ? kmalloc_reserve+0x16e/0x190 [ 572.752650][T26243] ? __build_skb_around+0x196/0x1f0 [ 572.757985][T26243] ? __alloc_skb+0x217/0x300 [ 572.762564][T26243] ? __virt_addr_valid+0x1dd/0x240 [ 572.768073][T26243] ? __check_object_size+0x35b/0x510 [ 572.773341][T26243] netlink_sendmsg+0x460/0x6e0 [ 572.778094][T26243] ? __pfx_netlink_sendmsg+0x10/0x10 [ 572.783405][T26243] __sock_sendmsg+0x140/0x180 [ 572.788073][T26243] ____sys_sendmsg+0x312/0x410 [ 572.792829][T26243] __sys_sendmsg+0x1e9/0x280 [ 572.795790][T26252] loop1: detected capacity change from 0 to 1024 [ 572.797418][T26243] __x64_sys_sendmsg+0x46/0x50 [ 572.797444][T26243] x64_sys_call+0xb25/0x2d70 [ 572.804402][T26252] journal_path: Lookup failure for './file1' [ 572.808468][T26243] do_syscall_64+0xc9/0x1c0 [ 572.808527][T26243] ? clear_bhb_loop+0x55/0xb0 [ 572.813099][T26252] EXT4-fs: error: could not find journal device path [ 572.819044][T26243] ? clear_bhb_loop+0x55/0xb0 [ 572.819069][T26243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 572.845448][T26243] RIP: 0033:0x7f5d21b31bd9 [ 572.845527][T26243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 572.845537][T26243] RSP: 002b:00007f5d20db3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 572.845549][T26243] RAX: ffffffffffffffda RBX: 00007f5d21cbff60 RCX: 00007f5d21b31bd9 [ 572.845557][T26243] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000009 [ 572.845569][T26243] RBP: 00007f5d20db30a0 R08: 0000000000000000 R09: 0000000000000000 [ 572.845581][T26243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 572.845593][T26243] R13: 000000000000000b R14: 00007f5d21cbff60 R15: 00007fffde1aae28 [ 572.845609][T26243] [ 572.944865][T20604] EXT4-fs unmount: 21 callbacks suppressed [ 572.944879][T20604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.958040][T26265] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 572.967988][T26265] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 572.996566][T26271] loop2: detected capacity change from 0 to 1024 [ 573.017989][T26271] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 573.053912][T26287] loop3: detected capacity change from 0 to 512 [ 573.061004][T24891] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.083577][T26287] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 573.092345][T26291] loop0: detected capacity change from 0 to 512 [ 573.105209][T26292] loop1: detected capacity change from 0 to 512 [ 573.114545][T26287] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 573.135255][T26291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 573.151634][T26292] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 573.154458][T26291] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 573.175010][T26291] FAULT_INJECTION: forcing a failure. [ 573.175010][T26291] name failslab, interval 1, probability 0, space 0, times 0 [ 573.187692][T26291] CPU: 0 PID: 26291 Comm: syz.0.5864 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 573.197835][T26291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 573.207929][T26291] Call Trace: [ 573.211191][T26291] [ 573.214106][T26291] dump_stack_lvl+0xf2/0x150 [ 573.218797][T26291] dump_stack+0x15/0x20 [ 573.222947][T26291] should_fail_ex+0x229/0x230 [ 573.227618][T26291] ? getname_flags+0x86/0x360 [ 573.232286][T26291] __should_failslab+0x92/0xa0 [ 573.237091][T26291] should_failslab+0x9/0x20 [ 573.241599][T26291] kmem_cache_alloc_noprof+0x4c/0x290 [ 573.247039][T26291] getname_flags+0x86/0x360 [ 573.251673][T26291] getname+0x19/0x20 [ 573.255581][T26291] __se_sys_quotactl+0x15e/0x670 [ 573.260582][T26291] __x64_sys_quotactl+0x55/0x70 [ 573.265893][T26291] x64_sys_call+0x1da4/0x2d70 [ 573.270667][T26291] do_syscall_64+0xc9/0x1c0 [ 573.275170][T26291] ? clear_bhb_loop+0x55/0xb0 [ 573.279900][T26291] ? clear_bhb_loop+0x55/0xb0 [ 573.284743][T26291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.290625][T26291] RIP: 0033:0x7f5d21b31bd9 [ 573.295024][T26291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 573.314784][T26291] RSP: 002b:00007f5d20db3048 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 573.323231][T26291] RAX: ffffffffffffffda RBX: 00007f5d21cbff60 RCX: 00007f5d21b31bd9 [ 573.331192][T26291] RDX: 0000000000000000 RSI: 0000000020000100 RDI: ffffffff80000801 [ 573.339186][T26291] RBP: 00007f5d20db30a0 R08: 0000000000000000 R09: 0000000000000000 [ 573.347253][T26291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 573.355324][T26291] R13: 000000000000000b R14: 00007f5d21cbff60 R15: 00007fffde1aae28 [ 573.363289][T26291] [ 573.371498][T26292] ext4 filesystem being mounted at /147/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 573.382588][T20604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.393204][T26292] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.417195][T22822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 573.508086][T26305] loop4: detected capacity change from 0 to 8192 [ 573.546221][T26305] loop4: p1 p2 p4 < > [ 573.550364][T26305] loop4: p1 size 8275718 extends beyond EOD, truncated [ 573.569454][T26309] pim6reg1: entered promiscuous mode [ 573.574758][T26309] pim6reg1: entered allmulticast mode [ 573.659112][T26305] loop4: p2 start 87291392 is beyond EOD, truncated [ 573.979352][T26343] loop1: detected capacity change from 0 to 1024 [ 573.991305][T26343] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 574.007923][T26343] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 574.101404][T23162] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 574.160320][T26368] ip6tnl0: mtu greater than device maximum [ 574.184775][T26373] loop1: detected capacity change from 0 to 1024 [ 574.191643][T26373] journal_path: Lookup failure for './file1' [ 574.197693][T26373] EXT4-fs: error: could not find journal device path [ 574.337697][T26406] FAULT_INJECTION: forcing a failure. [ 574.337697][T26406] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 574.350902][T26406] CPU: 0 PID: 26406 Comm: syz.1.5881 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 574.361036][T26406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 574.371092][T26406] Call Trace: [ 574.374358][T26406] [ 574.377287][T26406] dump_stack_lvl+0xf2/0x150 [ 574.381871][T26406] dump_stack+0x15/0x20 [ 574.386013][T26406] should_fail_ex+0x229/0x230 [ 574.390678][T26406] should_fail+0xb/0x10 [ 574.394837][T26406] should_fail_usercopy+0x1a/0x20 [ 574.399904][T26406] fpu__restore_sig+0x11a/0xaf0 [ 574.404747][T26406] ? copy_fpstate_to_sigframe+0x61d/0x720 [ 574.410526][T26406] restore_sigcontext+0x1b5/0x220 [ 574.415559][T26406] __do_sys_rt_sigreturn+0xc5/0x150 [ 574.420841][T26406] x64_sys_call+0x28f3/0x2d70 [ 574.425584][T26406] do_syscall_64+0xc9/0x1c0 [ 574.430174][T26406] ? clear_bhb_loop+0x55/0xb0 [ 574.434862][T26406] ? clear_bhb_loop+0x55/0xb0 [ 574.439636][T26406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.445522][T26406] RIP: 0033:0x7fea11213bd7 [ 574.449971][T26406] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 574.469790][T26406] RSP: 002b:00007fea10495048 EFLAGS: 00000246 [ 574.475845][T26406] RAX: 0000000000000010 RBX: 00007fea113a1f60 RCX: 00007fea11213bd9 [ 574.483819][T26406] RDX: 0000000000000000 RSI: 000000000000545c RDI: 0000000000000004 [ 574.491854][T26406] RBP: 00007fea104950a0 R08: 0000000000000000 R09: 0000000000000000 [ 574.499834][T26406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 574.508044][T26406] R13: 000000000000000b R14: 00007fea113a1f60 R15: 00007fffed0233f8 [ 574.516029][T26406] [ 574.596184][T26421] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4112 sclass=netlink_route_socket pid=26421 comm=syz.1.5888 [ 574.646340][T26425] 9pnet_fd: Insufficient options for proto=fd [ 574.718319][T26431] loop0: detected capacity change from 0 to 1024 [ 574.724984][T26431] journal_path: Lookup failure for './file1' [ 574.731294][T26431] EXT4-fs: error: could not find journal device path [ 574.773939][T26456] loop3: detected capacity change from 0 to 512 [ 574.778416][T26457] FAULT_INJECTION: forcing a failure. [ 574.778416][T26457] name failslab, interval 1, probability 0, space 0, times 0 [ 574.780527][T26456] EXT4-fs: Ignoring removed i_version option [ 574.793002][T26457] CPU: 0 PID: 26457 Comm: syz.1.5893 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 574.809417][T26457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 574.814745][T26456] EXT4-fs: Mount option(s) incompatible with ext3 [ 574.819456][T26457] Call Trace: [ 574.819464][T26457] [ 574.832141][T26457] dump_stack_lvl+0xf2/0x150 [ 574.836748][T26457] dump_stack+0x15/0x20 [ 574.840897][T26457] should_fail_ex+0x229/0x230 [ 574.845614][T26457] ? __alloc_skb+0x10b/0x300 [ 574.850192][T26457] __should_failslab+0x92/0xa0 [ 574.854943][T26457] should_failslab+0x9/0x20 [ 574.859437][T26457] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 574.865413][T26457] __alloc_skb+0x10b/0x300 [ 574.869818][T26457] tipc_msg_build+0xc6/0x820 [ 574.874404][T26457] ? _raw_spin_unlock_bh+0x36/0x40 [ 574.879535][T26457] ? lock_sock_nested+0x10f/0x140 [ 574.884562][T26457] __tipc_sendstream+0x672/0xb20 [ 574.889714][T26457] ? __pfx_woken_wake_function+0x10/0x10 [ 574.895343][T26457] ? __pfx_tipc_sendstream+0x10/0x10 [ 574.900695][T26457] tipc_sendstream+0x3e/0x60 [ 574.905336][T26457] __sock_sendmsg+0x140/0x180 [ 574.910009][T26457] sock_write_iter+0x164/0x1b0 [ 574.914792][T26457] vfs_write+0x78f/0x900 [ 574.919023][T26457] ? __pfx_sock_write_iter+0x10/0x10 [ 574.924301][T26457] ksys_write+0xeb/0x1b0 [ 574.928531][T26457] __x64_sys_write+0x42/0x50 [ 574.933160][T26457] x64_sys_call+0x27ef/0x2d70 [ 574.937825][T26457] do_syscall_64+0xc9/0x1c0 [ 574.942436][T26457] ? clear_bhb_loop+0x55/0xb0 [ 574.947118][T26457] ? clear_bhb_loop+0x55/0xb0 [ 574.951796][T26457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.957681][T26457] RIP: 0033:0x7fea11213bd9 [ 574.962128][T26457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 574.981731][T26457] RSP: 002b:00007fea10495048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 574.990131][T26457] RAX: ffffffffffffffda RBX: 00007fea113a1f60 RCX: 00007fea11213bd9 [ 574.998152][T26457] RDX: 000000002000011a RSI: 0000000020000080 RDI: 0000000000000003 [ 575.006109][T26457] RBP: 00007fea104950a0 R08: 0000000000000000 R09: 0000000000000000 [ 575.014116][T26457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 575.022073][T26457] R13: 000000000000000b R14: 00007fea113a1f60 R15: 00007fffed0233f8 [ 575.030132][T26457] [ 575.157252][T26485] loop3: detected capacity change from 0 to 512 [ 575.179740][T26485] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 575.193715][T26489] loop0: detected capacity change from 0 to 2048 [ 575.200941][T26485] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal [ 575.227786][T26489] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 575.244139][T26489] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5900: bg 0: block 234: padding at end of block bitmap is not set [ 575.272760][T26489] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 117 [ 575.285199][T26489] EXT4-fs (loop0): This should not happen!! Data will be lost [ 575.285199][T26489] [ 575.341404][T22822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.355798][T26512] loop3: detected capacity change from 0 to 128 [ 575.366025][T26512] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 575.380316][T26512] ext4 filesystem being mounted at /301/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 575.412659][T26520] loop0: detected capacity change from 0 to 1024 [ 575.421153][T20604] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 575.421944][T26520] journal_path: Lookup failure for './file1' [ 575.436266][T26520] EXT4-fs: error: could not find journal device path [ 575.530946][T26529] loop1: detected capacity change from 0 to 1764 [ 575.645810][T26534] bridge_slave_1: left allmulticast mode [ 575.651721][T26534] bridge_slave_1: left promiscuous mode [ 575.657528][T26534] bridge0: port 2(bridge_slave_1) entered disabled state [ 575.672235][T26534] netlink: 'syz.0.5910': attribute type 2 has an invalid length. [ 575.680087][T26534] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 575.803543][T26545] netlink: 'syz.1.5914': attribute type 3 has an invalid length. [ 575.811366][T26545] netlink: 'syz.1.5914': attribute type 1 has an invalid length. [ 575.819168][T26545] __nla_validate_parse: 13 callbacks suppressed [ 575.819178][T26545] netlink: 112865 bytes leftover after parsing attributes in process `syz.1.5914'. [ 575.877985][T26550] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5915'. [ 575.888601][T26550] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5915'. [ 575.914937][T26555] sctp: [Deprecated]: syz.0.5916 (pid 26555) Use of int in max_burst socket option. [ 575.914937][T26555] Use struct sctp_assoc_value instead [ 575.941199][T26557] loop1: detected capacity change from 0 to 512 [ 575.948103][T26557] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 575.962322][T26557] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 575.976290][T26557] ext4 filesystem being mounted at /164/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 576.018342][T23162] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 576.237010][T26594] loop2: detected capacity change from 0 to 1024 [ 576.272168][T26594] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 576.344398][T26594] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 576.353275][T26594] team0: Device ipvlan2 is already an upper device of the team interface [ 576.415508][T26615] netlink: 'syz.3.5927': attribute type 7 has an invalid length. [ 576.424945][T26615] loop3: detected capacity change from 0 to 128 [ 576.469501][T26617] loop1: detected capacity change from 0 to 512 [ 576.481039][T26617] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 576.494369][T26610] loop4: detected capacity change from 0 to 8192 [ 576.511538][T26617] EXT4-fs (loop1): 1 truncate cleaned up [ 576.512237][T24891] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 576.522126][T26617] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 576.554529][T23162] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 576.611295][ T29] kauditd_printk_skb: 18 callbacks suppressed [ 576.611308][ T29] audit: type=1400 audit(2000000254.003:3072): avc: denied { mount } for pid=26637 comm="syz.1.5931" name="/" dev="autofs" ino=89888 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 576.803618][T26670] loop4: detected capacity change from 0 to 512 [ 576.862171][ T29] audit: type=1326 audit(2000000254.233:3073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9453899bd9 code=0x7ffc0000 [ 576.887379][T26670] FAULT_INJECTION: forcing a failure. [ 576.887379][T26670] name failslab, interval 1, probability 0, space 0, times 0 [ 576.900132][T26670] CPU: 1 PID: 26670 Comm: syz.4.5936 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 576.910283][T26670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 576.920406][T26670] Call Trace: [ 576.920444][ T29] audit: type=1326 audit(2000000254.233:3074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9453899bd9 code=0x7ffc0000 [ 576.923672][T26670] [ 576.923681][T26670] dump_stack_lvl+0xf2/0x150 [ 576.947115][ T29] audit: type=1326 audit(2000000254.233:3075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9453899bd9 code=0x7ffc0000 [ 576.949915][T26670] dump_stack+0x15/0x20 [ 576.954469][ T29] audit: type=1326 audit(2000000254.233:3076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f9453899bd9 code=0x7ffc0000 [ 576.977865][T26670] should_fail_ex+0x229/0x230 [ 576.977902][T26670] ? __alloc_skb+0x10b/0x300 [ 576.977918][T26670] __should_failslab+0x92/0xa0 [ 576.982116][ T29] audit: type=1326 audit(2000000254.233:3077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9453899bd9 code=0x7ffc0000 [ 577.005541][T26670] should_failslab+0x9/0x20 [ 577.010239][ T29] audit: type=1326 audit(2000000254.233:3078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f9453899bd9 code=0x7ffc0000 [ 577.014788][T26670] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 577.014817][T26670] __alloc_skb+0x10b/0x300 [ 577.019543][ T29] audit: type=1326 audit(2000000254.233:3079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9453899bd9 code=0x7ffc0000 [ 577.042933][T26670] ? should_failslab+0x9/0x20 [ 577.042959][T26670] audit_log_start+0x368/0x6b0 [ 577.042987][T26670] ? __bpf_prog_run32+0x74/0xa0 [ 577.047577][ T29] audit: type=1326 audit(2000000254.233:3080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9453899bd9 code=0x7ffc0000 [ 577.071021][T26670] audit_seccomp+0x4b/0x130 [ 577.077014][ T29] audit: type=1326 audit(2000000254.233:3081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26669 comm="syz.4.5936" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9453899bd9 code=0x7ffc0000 [ 577.081298][T26670] __seccomp_filter+0x6fa/0x1180 [ 577.081321][T26670] ? __se_sys_mbind+0x106d/0x1160 [ 577.180460][T26670] __secure_computing+0x9f/0x1c0 [ 577.185441][T26670] syscall_trace_enter+0xd1/0x1f0 [ 577.190495][T26670] ? fpregs_assert_state_consistent+0x83/0xa0 [ 577.196652][T26670] do_syscall_64+0xaa/0x1c0 [ 577.201157][T26670] ? clear_bhb_loop+0x55/0xb0 [ 577.205909][T26670] ? clear_bhb_loop+0x55/0xb0 [ 577.210586][T26670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.216495][T26670] RIP: 0033:0x7f94538986bc [ 577.220939][T26670] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 577.240576][T26670] RSP: 002b:00007f9452b1b040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 577.248994][T26670] RAX: ffffffffffffffda RBX: 00007f9453a27f60 RCX: 00007f94538986bc [ 577.257047][T26670] RDX: 000000000000000f RSI: 00007f9452b1b0b0 RDI: 0000000000000005 [ 577.265114][T26670] RBP: 00007f9452b1b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 577.273082][T26670] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000002 [ 577.281111][T26670] R13: 000000000000000b R14: 00007f9453a27f60 R15: 00007ffe25f46268 [ 577.289113][T26670] [ 577.409861][T26680] loop3: detected capacity change from 0 to 1024 [ 577.432018][T26670] loop4: detected capacity change from 0 to 8192 [ 577.446074][T26680] journal_path: Lookup failure for './file1' [ 577.452168][T26680] EXT4-fs: error: could not find journal device path [ 577.513248][T26680] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5938'. [ 577.532588][T26680] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5938'. [ 577.688324][T26700] FAULT_INJECTION: forcing a failure. [ 577.688324][T26700] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 577.701464][T26700] CPU: 1 PID: 26700 Comm: syz.4.5943 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 577.711676][T26700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 577.721791][T26700] Call Trace: [ 577.725241][T26700] [ 577.728165][T26700] dump_stack_lvl+0xf2/0x150 [ 577.732792][T26700] dump_stack+0x15/0x20 [ 577.736965][T26700] should_fail_ex+0x229/0x230 [ 577.741723][T26700] should_fail+0xb/0x10 [ 577.745959][T26700] should_fail_usercopy+0x1a/0x20 [ 577.747997][T26703] loop0: detected capacity change from 0 to 512 [ 577.750975][T26700] _copy_to_iter+0xd3/0xaf0 [ 577.751004][T26700] ? __skb_try_recv_from_queue+0x3b5/0x420 [ 577.751027][T26700] ? __virt_addr_valid+0x1dd/0x240 [ 577.772606][T26700] ? __check_object_size+0x35b/0x510 [ 577.777895][T26700] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 577.783531][T26700] __skb_datagram_iter+0xd5/0x5f0 [ 577.788572][T26700] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 577.794194][T26700] skb_copy_datagram_iter+0x41/0x130 [ 577.799538][T26700] netlink_recvmsg+0x1a4/0x780 [ 577.804338][T26700] ? __pfx_netlink_recvmsg+0x10/0x10 [ 577.809655][T26700] sock_recvmsg+0x13f/0x170 [ 577.814149][T26700] __sys_recvfrom+0x16b/0x230 [ 577.818908][T26700] __x64_sys_recvfrom+0x78/0x90 [ 577.823755][T26700] x64_sys_call+0x26af/0x2d70 [ 577.828448][T26700] do_syscall_64+0xc9/0x1c0 [ 577.832943][T26700] ? clear_bhb_loop+0x55/0xb0 [ 577.837633][T26700] ? clear_bhb_loop+0x55/0xb0 [ 577.842298][T26700] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.848207][T26700] RIP: 0033:0x7f945389b8a4 [ 577.852652][T26700] Code: 89 4c 24 1c e8 ed 5a 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 5b 02 00 48 8b 04 [ 577.872251][T26700] RSP: 002b:00007f9452b19ee0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 577.880679][T26700] RAX: ffffffffffffffda RBX: 00007f9452b19fd0 RCX: 00007f945389b8a4 [ 577.888694][T26700] RDX: 0000000000001000 RSI: 00007f9452b1a020 RDI: 0000000000000003 [ 577.896731][T26700] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 577.904694][T26700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 577.912780][T26700] R13: 00007f9452b19f78 R14: 00007f9452b1a020 R15: 0000000000000000 [ 577.920745][T26700] [ 577.945039][T26703] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 577.966800][T26703] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 578.027017][T22822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 578.233039][T26720] FAULT_INJECTION: forcing a failure. [ 578.233039][T26720] name failslab, interval 1, probability 0, space 0, times 0 [ 578.245767][T26720] CPU: 1 PID: 26720 Comm: syz.0.5949 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 578.255923][T26720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 578.265973][T26720] Call Trace: [ 578.269261][T26720] [ 578.272188][T26720] dump_stack_lvl+0xf2/0x150 [ 578.276798][T26720] dump_stack+0x15/0x20 [ 578.280961][T26720] should_fail_ex+0x229/0x230 [ 578.285683][T26720] ? sidtab_sid2str_get+0xb8/0x140 [ 578.290821][T26720] __should_failslab+0x92/0xa0 [ 578.295596][T26720] should_failslab+0x9/0x20 [ 578.300115][T26720] kmalloc_node_track_caller_noprof+0xa6/0x380 [ 578.306324][T26720] kmemdup_noprof+0x2a/0x60 [ 578.310879][T26720] sidtab_sid2str_get+0xb8/0x140 [ 578.315899][T26720] security_sid_to_context_core+0x1eb/0x2f0 [ 578.321852][T26720] security_sid_to_context+0x27/0x30 [ 578.327259][T26720] avc_audit_post_callback+0x9d/0x530 [ 578.332639][T26720] ? __pfx_avc_audit_post_callback+0x10/0x10 [ 578.338639][T26720] common_lsm_audit+0x7d0/0xfc0 [ 578.343583][T26720] ? _parse_integer_limit+0x167/0x180 [ 578.349092][T26720] slow_avc_audit+0xf9/0x140 [ 578.353808][T26720] avc_has_perm+0x129/0x160 [ 578.358390][T26720] sel_write_avc_cache_threshold+0xa5/0x1b0 [ 578.364327][T26720] ? __pfx_sel_write_avc_cache_threshold+0x10/0x10 [ 578.370840][T26720] vfs_write+0x28b/0x900 [ 578.375070][T26720] ? __fget_files+0x1da/0x210 [ 578.379802][T26720] ksys_write+0xeb/0x1b0 [ 578.384034][T26720] __x64_sys_write+0x42/0x50 [ 578.388613][T26720] x64_sys_call+0x27ef/0x2d70 [ 578.393330][T26720] do_syscall_64+0xc9/0x1c0 [ 578.397984][T26720] ? clear_bhb_loop+0x55/0xb0 [ 578.402675][T26720] ? clear_bhb_loop+0x55/0xb0 [ 578.407343][T26720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 578.413223][T26720] RIP: 0033:0x7f5d21b31bd9 [ 578.417652][T26720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 578.437296][T26720] RSP: 002b:00007f5d20db3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 578.445763][T26720] RAX: ffffffffffffffda RBX: 00007f5d21cbff60 RCX: 00007f5d21b31bd9 [ 578.453745][T26720] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000006 [ 578.461763][T26720] RBP: 00007f5d20db30a0 R08: 0000000000000000 R09: 0000000000000000 [ 578.469738][T26720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 578.477749][T26720] R13: 000000000000000b R14: 00007f5d21cbff60 R15: 00007fffde1aae28 [ 578.485848][T26720] [ 578.903864][T26733] syzkaller1: entered promiscuous mode [ 578.909515][T26733] syzkaller1: entered allmulticast mode [ 579.051921][T26741] loop0: detected capacity change from 0 to 164 [ 579.070099][T26741] rock: directory entry would overflow storage [ 579.076410][T26741] rock: sig=0x4f50, size=4, remaining=3 [ 579.116218][T26743] loop4: detected capacity change from 0 to 512 [ 579.134912][T26741] isofs: Unable to find the ".." directory for NFS. [ 579.359251][T26743] loop4: detected capacity change from 0 to 8192 [ 579.415556][T26763] sock: sock_timestamping_bind_phc: sock not bind to device [ 579.430702][T26763] netlink: 'syz.3.5958': attribute type 4 has an invalid length. [ 579.447961][T26764] netlink: 'syz.3.5958': attribute type 4 has an invalid length. [ 579.524722][T26785] vhci_hcd: default hub control req: 4000 v0000 i0000 l50 [ 579.633541][T26794] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5966'. [ 579.642510][T26794] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5966'. [ 579.662389][T26794] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 579.683542][T26794] netdevsim netdevsim4 netdevsim0: left promiscuous mode [ 579.838374][T26801] loop0: detected capacity change from 0 to 1024 [ 579.908378][T26801] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 579.943435][T26808] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5968'. [ 580.020010][ T8600] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 580.047307][ T8600] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 580.059573][ T8600] EXT4-fs (loop0): This should not happen!! Data will be lost [ 580.059573][ T8600] [ 580.069312][ T8600] EXT4-fs (loop0): Total free blocks count 0 [ 580.075512][ T8600] EXT4-fs (loop0): Free/Dirty block details [ 580.081479][ T8600] EXT4-fs (loop0): free_blocks=68451041280 [ 580.087349][ T8600] EXT4-fs (loop0): dirty_blocks=16 [ 580.092485][ T8600] EXT4-fs (loop0): Block reservation details [ 580.098455][ T8600] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 580.146911][T22822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.160933][T26812] loop4: detected capacity change from 0 to 256 [ 580.231152][T26820] loop0: detected capacity change from 0 to 1024 [ 580.232743][T26812] rose0: tun_chr_ioctl cmd 1074025681 [ 580.238049][T26820] journal_path: Lookup failure for './file1' [ 580.248980][T26820] EXT4-fs: error: could not find journal device path [ 580.249052][T26812] rose0: tun_chr_ioctl cmd 1074812118 [ 580.277601][T26812] loop4: detected capacity change from 0 to 2048 [ 580.287939][T26812] EXT4-fs: Ignoring removed orlov option [ 580.295482][T26820] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5969'. [ 580.304774][T26820] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5969'. [ 580.361450][T26834] loop0: detected capacity change from 0 to 1024 [ 580.373253][T26834] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 580.386950][T26834] FAULT_INJECTION: forcing a failure. [ 580.386950][T26834] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 580.400112][T26834] CPU: 0 PID: 26834 Comm: syz.0.5975 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 580.410262][T26834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 580.420385][T26834] Call Trace: [ 580.423710][T26834] [ 580.426663][T26834] dump_stack_lvl+0xf2/0x150 [ 580.431268][T26834] dump_stack+0x15/0x20 [ 580.435435][T26834] should_fail_ex+0x229/0x230 [ 580.440131][T26834] should_fail+0xb/0x10 [ 580.444369][T26834] should_fail_usercopy+0x1a/0x20 [ 580.449543][T26834] _copy_to_user+0x1e/0xa0 [ 580.454046][T26834] simple_read_from_buffer+0xa0/0x110 [ 580.459639][T26834] proc_fail_nth_read+0xfc/0x140 [ 580.464792][T26834] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 580.470330][T26834] vfs_read+0x1a2/0x6e0 [ 580.474508][T26834] ? __rcu_read_unlock+0x4e/0x70 [ 580.479499][T26834] ? __fget_files+0x1da/0x210 [ 580.484260][T26834] ksys_read+0xeb/0x1b0 [ 580.488406][T26834] __x64_sys_read+0x42/0x50 [ 580.492895][T26834] x64_sys_call+0x27e5/0x2d70 [ 580.497562][T26834] do_syscall_64+0xc9/0x1c0 [ 580.502081][T26834] ? clear_bhb_loop+0x55/0xb0 [ 580.506746][T26834] ? clear_bhb_loop+0x55/0xb0 [ 580.511423][T26834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.517356][T26834] RIP: 0033:0x7f5d21b306bc [ 580.521761][T26834] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 580.541411][T26834] RSP: 002b:00007f5d20db3040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 580.549808][T26834] RAX: ffffffffffffffda RBX: 00007f5d21cbff60 RCX: 00007f5d21b306bc [ 580.557763][T26834] RDX: 000000000000000f RSI: 00007f5d20db30b0 RDI: 0000000000000006 [ 580.565737][T26834] RBP: 00007f5d20db30a0 R08: 0000000000000000 R09: 0000000000000000 [ 580.573694][T26834] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 580.581735][T26834] R13: 000000000000000b R14: 00007f5d21cbff60 R15: 00007fffde1aae28 [ 580.589692][T26834] [ 580.645636][ T50] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 580.662925][ T50] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 580.675230][ T50] EXT4-fs (loop0): This should not happen!! Data will be lost [ 580.675230][ T50] [ 580.684902][ T50] EXT4-fs (loop0): Total free blocks count 0 [ 580.690872][ T50] EXT4-fs (loop0): Free/Dirty block details [ 580.696811][ T50] EXT4-fs (loop0): free_blocks=68451041280 [ 580.702656][ T50] EXT4-fs (loop0): dirty_blocks=16 [ 580.707839][ T50] EXT4-fs (loop0): Block reservation details [ 580.713857][ T50] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 580.731829][T26851] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 580.739959][T26851] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 580.765813][T22822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.785020][T26861] batman_adv: batadv0: Adding interface: vlan2 [ 580.791207][T26861] batman_adv: batadv0: The MTU of interface vlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 580.813412][T26860] loop4: detected capacity change from 0 to 2048 [ 580.824734][T26861] batman_adv: batadv0: Interface activated: vlan2 [ 580.846047][ T3158] IPVS: starting estimator thread 0... [ 580.891069][T26877] loop2: detected capacity change from 0 to 1024 [ 580.909186][T26880] loop3: detected capacity change from 0 to 1024 [ 580.949872][T26868] IPVS: using max 3312 ests per chain, 165600 per kthread [ 580.992419][T26877] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 580.993088][T26880] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 581.120209][ T8598] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 581.161240][ T8598] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 581.173558][ T8598] EXT4-fs (loop3): This should not happen!! Data will be lost [ 581.173558][ T8598] [ 581.183193][ T8598] EXT4-fs (loop3): Total free blocks count 0 [ 581.189164][ T8598] EXT4-fs (loop3): Free/Dirty block details [ 581.195075][ T8598] EXT4-fs (loop3): free_blocks=68451041280 [ 581.200882][ T8598] EXT4-fs (loop3): dirty_blocks=16 [ 581.206115][ T8598] EXT4-fs (loop3): Block reservation details [ 581.212106][ T8598] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 581.228220][T20604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 581.261554][T24891] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 581.345854][T26898] loop1: detected capacity change from 0 to 256 [ 581.352950][T26898] FAT-fs (loop1): Unrecognized mount option "18446744073709551615ÿÿÿÿ" or missing value [ 581.402430][T26898] rose0: tun_chr_ioctl cmd 1074025681 [ 581.410399][T26898] rose0: tun_chr_ioctl cmd 1074812118 [ 581.436901][T26898] loop1: detected capacity change from 0 to 2048 [ 581.446060][T26898] EXT4-fs: Ignoring removed orlov option [ 581.447769][T26920] loop0: detected capacity change from 0 to 4096 [ 581.458472][T26920] EXT4-fs: Ignoring removed nobh option [ 581.464026][T26920] EXT4-fs: Ignoring removed i_version option [ 581.471955][T26920] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 581.487299][T26922] loop3: detected capacity change from 0 to 256 [ 581.494919][T26898] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 581.509881][T26922] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 581.523233][T26920] 9pnet_fd: Insufficient options for proto=fd [ 581.524343][T26928] __nla_validate_parse: 2 callbacks suppressed [ 581.524356][T26928] netlink: 84 bytes leftover after parsing attributes in process `syz.2.5996'. [ 581.549425][T26928] netlink: 32 bytes leftover after parsing attributes in process `syz.2.5996'. [ 581.616613][T22822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 581.673682][T26942] loop2: detected capacity change from 0 to 128 [ 581.682789][T26940] loop0: detected capacity change from 0 to 1024 [ 581.692282][T26940] journal_path: Lookup failure for './file1' [ 581.698293][T26940] EXT4-fs: error: could not find journal device path [ 581.771534][T26940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5999'. [ 581.790264][T26936] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 581.796449][T26940] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5999'. [ 581.807286][T26936] EXT4-fs (loop1): Remounting filesystem read-only [ 581.845124][T26952] netlink: 72 bytes leftover after parsing attributes in process `syz.3.6002'. [ 581.899252][T26952] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6002'. [ 581.952547][T26960] FAULT_INJECTION: forcing a failure. [ 581.952547][T26960] name failslab, interval 1, probability 0, space 0, times 0 [ 581.965249][T26960] CPU: 1 PID: 26960 Comm: syz.3.6006 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 581.975470][T26960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 581.985529][T26960] Call Trace: [ 581.988862][T26960] [ 581.991792][T26960] dump_stack_lvl+0xf2/0x150 [ 581.996390][T26960] dump_stack+0x15/0x20 [ 582.000658][T26960] should_fail_ex+0x229/0x230 [ 582.005345][T26960] ? __alloc_skb+0x10b/0x300 [ 582.010005][T26960] __should_failslab+0x92/0xa0 [ 582.014927][T26960] should_failslab+0x9/0x20 [ 582.019522][T26960] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 582.025334][T26960] __alloc_skb+0x10b/0x300 [ 582.029874][T26960] ? should_failslab+0x9/0x20 [ 582.034581][T26960] audit_log_start+0x368/0x6b0 [ 582.039351][T26960] ? __bpf_prog_run32+0x74/0xa0 [ 582.044216][T26960] audit_seccomp+0x4b/0x130 [ 582.048811][T26960] __seccomp_filter+0x6fa/0x1180 [ 582.053779][T26960] ? proc_fail_nth_write+0x12d/0x160 [ 582.059070][T26960] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 582.064768][T26960] ? vfs_write+0x5a5/0x900 [ 582.069191][T26960] __secure_computing+0x9f/0x1c0 [ 582.071515][T23162] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 582.074196][T26960] syscall_trace_enter+0xd1/0x1f0 [ 582.088138][T26960] do_syscall_64+0xaa/0x1c0 [ 582.092646][T26960] ? clear_bhb_loop+0x55/0xb0 [ 582.097320][T26960] ? clear_bhb_loop+0x55/0xb0 [ 582.102031][T26960] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 582.108009][T26960] RIP: 0033:0x7f434f4c9bd9 [ 582.112408][T26960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 582.132091][T26960] RSP: 002b:00007f434e74b048 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8 [ 582.140490][T26960] RAX: ffffffffffffffda RBX: 00007f434f657f60 RCX: 00007f434f4c9bd9 [ 582.148503][T26960] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 00000000200002c0 [ 582.156471][T26960] RBP: 00007f434e74b0a0 R08: fffffffffffffffe R09: 0000000000000000 [ 582.164516][T26960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 582.172560][T26960] R13: 000000000000000b R14: 00007f434f657f60 R15: 00007ffe47a50a28 [ 582.180536][T26960] [ 582.183615][T26960] audit_log_lost: 165 callbacks suppressed [ 582.183625][T26960] audit: audit_lost=6 audit_rate_limit=0 audit_backlog_limit=64 [ 582.197209][T26960] audit: out of memory in audit_log_start [ 582.212033][T26961] FAULT_INJECTION: forcing a failure. [ 582.212033][T26961] name failslab, interval 1, probability 0, space 0, times 0 [ 582.224771][T26961] CPU: 1 PID: 26961 Comm: syz.4.6004 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 582.234914][T26961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 582.244964][T26961] Call Trace: [ 582.248329][T26961] [ 582.251258][T26961] dump_stack_lvl+0xf2/0x150 [ 582.255892][T26961] dump_stack+0x15/0x20 [ 582.260038][T26961] should_fail_ex+0x229/0x230 [ 582.264780][T26961] ? __build_skb+0x30/0x70 [ 582.269191][T26961] __should_failslab+0x92/0xa0 [ 582.274053][T26961] should_failslab+0x9/0x20 [ 582.278549][T26961] kmem_cache_alloc_noprof+0x4c/0x290 [ 582.283911][T26961] __build_skb+0x30/0x70 [ 582.288233][T26961] netlink_alloc_large_skb+0x65/0xe0 [ 582.293566][T26961] netlink_sendmsg+0x3b4/0x6e0 [ 582.298391][T26961] ? __pfx_netlink_sendmsg+0x10/0x10 [ 582.303683][T26961] __sock_sendmsg+0x140/0x180 [ 582.308398][T26961] sock_sendmsg+0x96/0xe0 [ 582.312726][T26961] splice_to_socket+0x657/0x9d0 [ 582.317782][T26961] ? __pfx_splice_to_socket+0x10/0x10 [ 582.323154][T26961] do_splice+0x99b/0x1150 [ 582.327481][T26961] ? get_pid_task+0x8e/0xc0 [ 582.332031][T26961] ? proc_fail_nth_write+0x12d/0x160 [ 582.337312][T26961] ? __fget_files+0x1da/0x210 [ 582.342005][T26961] __se_sys_splice+0x24c/0x390 [ 582.346819][T26961] __x64_sys_splice+0x78/0x90 [ 582.351556][T26961] x64_sys_call+0x297f/0x2d70 [ 582.356232][T26961] do_syscall_64+0xc9/0x1c0 [ 582.360785][T26961] ? clear_bhb_loop+0x55/0xb0 [ 582.365514][T26961] ? clear_bhb_loop+0x55/0xb0 [ 582.370182][T26961] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 582.376160][T26961] RIP: 0033:0x7f9453899bd9 [ 582.380562][T26961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 582.400158][T26961] RSP: 002b:00007f9452afa048 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 582.408632][T26961] RAX: ffffffffffffffda RBX: 00007f9453a28038 RCX: 00007f9453899bd9 [ 582.416635][T26961] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000004 [ 582.424609][T26961] RBP: 00007f9452afa0a0 R08: 000000000004ffe3 R09: 0000000000000000 [ 582.432566][T26961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 582.440701][T26961] R13: 000000000000006e R14: 00007f9453a28038 R15: 00007ffe25f46268 [ 582.448663][T26961] [ 582.461084][ T29] audit: type=1326 audit(2000000259.199:3245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26959 comm="syz.3.6006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f434f4c86bc code=0x7ffc0000 [ 582.484412][ T29] audit: type=1326 audit(2000000259.199:3246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26959 comm="syz.3.6006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f434f4c875f code=0x7ffc0000 [ 582.508289][ T29] audit: type=1326 audit(2000000259.199:3247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26959 comm="syz.3.6006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f434f4c890a code=0x7ffc0000 [ 582.531679][ T29] audit: type=1326 audit(2000000259.199:3248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26959 comm="syz.3.6006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f434f4c9bd9 code=0x7ffc0000 [ 582.555604][ T29] audit: type=1326 audit(2000000259.199:3249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26959 comm="syz.3.6006" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f434f4c9bd9 code=0x7ffc0000 [ 582.582480][T26965] netlink: 84 bytes leftover after parsing attributes in process `syz.3.6007'. [ 582.593370][T26965] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6007'. [ 582.718729][ T29] audit: type=1326 audit(2000000259.633:3250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26977 comm="syz.1.6012" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea11213bd9 code=0x0 [ 582.747108][T26984] loop3: detected capacity change from 0 to 1024 [ 582.747841][T26986] loop2: detected capacity change from 0 to 256 [ 582.754160][T26984] journal_path: Lookup failure for './file1' [ 582.761273][T26986] FAT-fs (loop2): Unrecognized mount option "18446744073709551615ÿÿÿÿ" or missing value [ 582.765716][T26984] EXT4-fs: error: could not find journal device path [ 582.831734][T26991] loop4: detected capacity change from 0 to 128 [ 582.880095][T26984] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6014'. [ 582.899484][T26986] rose0: tun_chr_ioctl cmd 1074025681 [ 582.954462][T27003] rose0: tun_chr_ioctl cmd 1074812118 [ 582.986050][T26984] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6014'. [ 583.025758][T27003] loop2: detected capacity change from 0 to 2048 [ 583.059315][T27003] EXT4-fs: Ignoring removed orlov option [ 583.135270][T27003] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 583.307697][T27044] loop4: detected capacity change from 0 to 2048 [ 583.349990][T27044] loop4: p2 < > [ 583.415236][T27003] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 583.432518][T27003] EXT4-fs (loop2): Remounting filesystem read-only [ 583.464675][T27054] loop4: detected capacity change from 0 to 512 [ 583.512675][T27061] FAULT_INJECTION: forcing a failure. [ 583.512675][T27061] name failslab, interval 1, probability 0, space 0, times 0 [ 583.525364][T27061] CPU: 0 PID: 27061 Comm: syz.4.6028 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 583.535563][T27061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 583.545684][T27061] Call Trace: [ 583.548955][T27061] [ 583.551882][T27061] dump_stack_lvl+0xf2/0x150 [ 583.556480][T27061] dump_stack+0x15/0x20 [ 583.560725][T27061] should_fail_ex+0x229/0x230 [ 583.565411][T27061] ? sctp_add_bind_addr+0x6f/0x1e0 [ 583.570562][T27061] __should_failslab+0x92/0xa0 [ 583.575395][T27061] should_failslab+0x9/0x20 [ 583.579917][T27061] kmalloc_trace_noprof+0x4b/0x2a0 [ 583.585107][T27061] sctp_add_bind_addr+0x6f/0x1e0 [ 583.590050][T27061] sctp_copy_local_addr_list+0x19b/0x220 [ 583.595757][T27061] sctp_copy_one_addr+0x83/0x410 [ 583.600701][T27061] sctp_bind_addr_copy+0x81/0x2b0 [ 583.605822][T27061] sctp_assoc_set_bind_addr_from_ep+0xc0/0xd0 [ 583.611935][T27061] sctp_connect_new_asoc+0x1d0/0x3b0 [ 583.617208][T27061] sctp_sendmsg+0xf05/0x1920 [ 583.621799][T27061] ? __pfx_sctp_sendmsg+0x10/0x10 [ 583.626855][T27061] inet_sendmsg+0xc5/0xd0 [ 583.631168][T27061] __sock_sendmsg+0x102/0x180 [ 583.635851][T27061] ____sys_sendmsg+0x312/0x410 [ 583.640649][T27061] __sys_sendmmsg+0x269/0x500 [ 583.645426][T27061] __x64_sys_sendmmsg+0x57/0x70 [ 583.650293][T27061] x64_sys_call+0xa87/0x2d70 [ 583.654937][T27061] do_syscall_64+0xc9/0x1c0 [ 583.659436][T27061] ? clear_bhb_loop+0x55/0xb0 [ 583.664154][T27061] ? clear_bhb_loop+0x55/0xb0 [ 583.668884][T27061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.674771][T27061] RIP: 0033:0x7f9453899bd9 [ 583.679188][T27061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 583.698786][T27061] RSP: 002b:00007f9452b1b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 583.707394][T27061] RAX: ffffffffffffffda RBX: 00007f9453a27f60 RCX: 00007f9453899bd9 [ 583.715351][T27061] RDX: 0000000000000001 RSI: 00000000200032c0 RDI: 0000000000000004 [ 583.723308][T27061] RBP: 00007f9452b1b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 583.731362][T27061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 583.739321][T27061] R13: 000000000000000b R14: 00007f9453a27f60 R15: 00007ffe25f46268 [ 583.747351][T27061] [ 583.815916][T24891] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 583.952157][T27077] loop4: detected capacity change from 0 to 512 [ 584.000643][T27077] FAULT_INJECTION: forcing a failure. [ 584.000643][T27077] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 584.013885][T27077] CPU: 0 PID: 27077 Comm: syz.4.6033 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 584.024045][T27077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 584.034162][T27077] Call Trace: [ 584.037443][T27077] [ 584.040387][T27077] dump_stack_lvl+0xf2/0x150 [ 584.044981][T27077] dump_stack+0x15/0x20 [ 584.049141][T27077] should_fail_ex+0x229/0x230 [ 584.053992][T27077] should_fail+0xb/0x10 [ 584.058234][T27077] should_fail_usercopy+0x1a/0x20 [ 584.063277][T27077] strncpy_from_user+0x25/0x270 [ 584.068136][T27077] ? should_failslab+0x9/0x20 [ 584.072978][T27077] ? kmem_cache_alloc_noprof+0x10c/0x290 [ 584.078674][T27077] getname_flags+0xb4/0x360 [ 584.083216][T27077] __x64_sys_mkdirat+0x43/0x60 [ 584.088022][T27077] x64_sys_call+0x2ce5/0x2d70 [ 584.092760][T27077] do_syscall_64+0xc9/0x1c0 [ 584.097275][T27077] ? clear_bhb_loop+0x55/0xb0 [ 584.102035][T27077] ? clear_bhb_loop+0x55/0xb0 [ 584.106754][T27077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.112659][T27077] RIP: 0033:0x7f9453899bd9 [ 584.117076][T27077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 584.136720][T27077] RSP: 002b:00007f9452b1b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 584.145175][T27077] RAX: ffffffffffffffda RBX: 00007f9453a27f60 RCX: 00007f9453899bd9 [ 584.153191][T27077] RDX: 0000000000000000 RSI: 0000000020000540 RDI: ffffffffffffff9c [ 584.161154][T27077] RBP: 00007f9452b1b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 584.169183][T27077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 584.177146][T27077] R13: 000000000000000b R14: 00007f9453a27f60 R15: 00007ffe25f46268 [ 584.185112][T27077] [ 584.294437][T27094] loop4: detected capacity change from 0 to 512 [ 584.317497][ T29] audit: type=1326 audit(2000000261.110:3251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27095 comm="syz.3.6040" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f434f4c9bd9 code=0x0 [ 584.362423][T27101] loop2: detected capacity change from 0 to 1024 [ 584.370749][T27101] EXT4-fs: Ignoring removed nomblk_io_submit option [ 584.385361][T27101] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 584.402506][T27101] EXT4-fs error (device loop2): ext4_xattr_inode_iget:440: inode #11: comm syz.2.6041: missing EA_INODE flag [ 584.419862][T27101] EXT4-fs error (device loop2): ext4_xattr_inode_iget:445: comm syz.2.6041: error while reading EA inode 11 err=-117 [ 584.535240][T24891] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 584.987776][T27154] FAULT_INJECTION: forcing a failure. [ 584.987776][T27154] name failslab, interval 1, probability 0, space 0, times 0 [ 585.000784][T27154] CPU: 1 PID: 27154 Comm: syz.0.6056 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 585.011511][T27154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 585.021710][T27154] Call Trace: [ 585.024989][T27154] [ 585.028095][T27154] dump_stack_lvl+0xf2/0x150 [ 585.032698][T27154] dump_stack+0x15/0x20 [ 585.036956][T27154] should_fail_ex+0x229/0x230 [ 585.041682][T27154] ? alloc_empty_file+0xd0/0x310 [ 585.046691][T27154] __should_failslab+0x92/0xa0 [ 585.051486][T27154] should_failslab+0x9/0x20 [ 585.056114][T27154] kmem_cache_alloc_noprof+0x4c/0x290 [ 585.061491][T27154] alloc_empty_file+0xd0/0x310 [ 585.066335][T27154] alloc_file_pseudo+0xc3/0x140 [ 585.071234][T27154] __shmem_file_setup+0x1bb/0x1f0 [ 585.076253][T27154] shmem_file_setup+0x3b/0x50 [ 585.080996][T27154] __se_sys_memfd_create+0x31d/0x600 [ 585.086324][T27154] __x64_sys_memfd_create+0x31/0x40 [ 585.091525][T27154] x64_sys_call+0x28b7/0x2d70 [ 585.096254][T27154] do_syscall_64+0xc9/0x1c0 [ 585.100750][T27154] ? clear_bhb_loop+0x55/0xb0 [ 585.105419][T27154] ? clear_bhb_loop+0x55/0xb0 [ 585.110084][T27154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 585.116082][T27154] RIP: 0033:0x7f5d21b31bd9 [ 585.120485][T27154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 585.140158][T27154] RSP: 002b:00007f5d20db2e28 EFLAGS: 00000206 ORIG_RAX: 000000000000013f [ 585.148668][T27154] RAX: ffffffffffffffda RBX: 0000000000000254 RCX: 00007f5d21b31bd9 [ 585.156628][T27154] RDX: 00007f5d20db2f00 RSI: 0000000000000000 RDI: 00007f5d21b9fd24 [ 585.164585][T27154] RBP: 0000000020001000 R08: 00007f5d20db2bc7 R09: 00007f5d20db2e50 [ 585.172539][T27154] R10: 000000000000000a R11: 0000000000000206 R12: 0000000020000000 [ 585.180518][T27154] R13: 00007f5d20db2f00 R14: 00007f5d20db2ec0 R15: 0000000020001280 [ 585.188478][T27154] [ 585.224055][ T29] audit: type=1326 audit(2000000261.950:3252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27156 comm="syz.0.6057" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5d21b31bd9 code=0x0 [ 585.341382][T27175] loop4: detected capacity change from 0 to 1024 [ 585.348054][T27175] EXT4-fs: Ignoring removed orlov option [ 585.353853][T27175] EXT4-fs: Ignoring removed nomblk_io_submit option [ 585.419252][T27175] loop4: detected capacity change from 0 to 512 [ 585.441108][T27175] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002] [ 585.453743][T27175] EXT4-fs (loop4): write access unavailable, skipping orphan cleanup [ 585.462759][T27175] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 585.506165][T27175] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 586.548963][T27257] FAULT_INJECTION: forcing a failure. [ 586.548963][T27257] name failslab, interval 1, probability 0, space 0, times 0 [ 586.561623][T27257] CPU: 0 PID: 27257 Comm: syz.2.6093 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 586.571785][T27257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 586.581935][T27257] Call Trace: [ 586.585215][T27257] [ 586.588145][T27257] dump_stack_lvl+0xf2/0x150 [ 586.592802][T27257] dump_stack+0x15/0x20 [ 586.596951][T27257] should_fail_ex+0x229/0x230 [ 586.601627][T27257] ? sctp_add_bind_addr+0x6f/0x1e0 [ 586.606727][T27257] __should_failslab+0x92/0xa0 [ 586.611640][T27257] should_failslab+0x9/0x20 [ 586.616126][T27257] kmalloc_trace_noprof+0x4b/0x2a0 [ 586.621232][T27257] sctp_add_bind_addr+0x6f/0x1e0 [ 586.626168][T27257] sctp_copy_local_addr_list+0x19b/0x220 [ 586.631800][T27257] sctp_copy_one_addr+0x83/0x410 [ 586.636721][T27257] sctp_bind_addr_copy+0x81/0x2b0 [ 586.641758][T27257] sctp_assoc_set_bind_addr_from_ep+0xc0/0xd0 [ 586.647830][T27257] sctp_connect_new_asoc+0x1d0/0x3b0 [ 586.653204][T27257] sctp_sendmsg+0xf05/0x1920 [ 586.657790][T27257] ? __pfx_sctp_sendmsg+0x10/0x10 [ 586.662812][T27257] inet_sendmsg+0xc5/0xd0 [ 586.667176][T27257] __sock_sendmsg+0x102/0x180 [ 586.671891][T27257] __sys_sendto+0x1e5/0x260 [ 586.676385][T27257] __x64_sys_sendto+0x78/0x90 [ 586.681054][T27257] x64_sys_call+0x16d7/0x2d70 [ 586.685799][T27257] do_syscall_64+0xc9/0x1c0 [ 586.690334][T27257] ? clear_bhb_loop+0x55/0xb0 [ 586.695000][T27257] ? clear_bhb_loop+0x55/0xb0 [ 586.699660][T27257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.705570][T27257] RIP: 0033:0x7f28ae61fbd9 [ 586.709984][T27257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 586.729577][T27257] RSP: 002b:00007f28ad8a1048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 586.738023][T27257] RAX: ffffffffffffffda RBX: 00007f28ae7adf60 RCX: 00007f28ae61fbd9 [ 586.745977][T27257] RDX: 0000000000000001 RSI: 0000000020000100 RDI: 0000000000000004 [ 586.753990][T27257] RBP: 00007f28ad8a10a0 R08: 0000000020000000 R09: 0000000000000010 [ 586.761984][T27257] R10: 0000000004004844 R11: 0000000000000246 R12: 0000000000000002 [ 586.769943][T27257] R13: 000000000000000b R14: 00007f28ae7adf60 R15: 00007ffe1e0f6b88 [ 586.777990][T27257] [ 586.890205][T27277] loop2: detected capacity change from 0 to 2048 [ 586.981901][T27295] loop2: detected capacity change from 0 to 2048 [ 587.029122][T27298] loop4: detected capacity change from 0 to 256 [ 587.033947][T27295] loop2: p2 p3 p7 [ 587.053517][T27295] 9pnet_fd: Insufficient options for proto=fd [ 587.110863][T27311] team_slave_0: entered promiscuous mode [ 587.116615][T27311] team_slave_1: entered promiscuous mode [ 587.123084][T27311] macsec1: entered promiscuous mode [ 587.128289][T27311] team0: entered promiscuous mode [ 587.133481][T27311] macsec1: entered allmulticast mode [ 587.138746][T27311] team0: entered allmulticast mode [ 587.143948][T27311] team_slave_0: entered allmulticast mode [ 587.149710][T27311] team_slave_1: entered allmulticast mode [ 587.157936][T27311] team0: Device macsec1 is already an upper device of the team interface [ 587.167468][T27311] team0: left allmulticast mode [ 587.172335][T27311] team_slave_0: left allmulticast mode [ 587.177827][T27311] team_slave_1: left allmulticast mode [ 587.183287][T27311] team0: left promiscuous mode [ 587.188228][T27311] team_slave_0: left promiscuous mode [ 587.193594][T27311] team_slave_1: left promiscuous mode [ 587.220803][T27319] FAULT_INJECTION: forcing a failure. [ 587.220803][T27319] name failslab, interval 1, probability 0, space 0, times 0 [ 587.233563][T27319] CPU: 1 PID: 27319 Comm: syz.3.6109 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 587.243712][T27319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 587.253809][T27319] Call Trace: [ 587.257072][T27319] [ 587.259990][T27319] dump_stack_lvl+0xf2/0x150 [ 587.264576][T27319] dump_stack+0x15/0x20 [ 587.268720][T27319] should_fail_ex+0x229/0x230 [ 587.273394][T27319] ? tcp_sendmsg_fastopen+0x163/0x4f0 [ 587.278777][T27319] __should_failslab+0x92/0xa0 [ 587.283529][T27319] should_failslab+0x9/0x20 [ 587.288025][T27319] kmalloc_trace_noprof+0x4b/0x2a0 [ 587.293282][T27319] tcp_sendmsg_fastopen+0x163/0x4f0 [ 587.298472][T27319] ? __pfx_tcp_sendmsg+0x10/0x10 [ 587.303421][T27319] tcp_sendmsg_locked+0x2445/0x2640 [ 587.309217][T27319] ? _raw_spin_unlock+0x26/0x50 [ 587.314058][T27319] ? __mod_memcg_lruvec_state+0x130/0x220 [ 587.319802][T27319] ? __rcu_read_unlock+0x4e/0x70 [ 587.324734][T27319] ? avc_has_perm_noaudit+0x1cc/0x210 [ 587.330184][T27319] ? avc_has_perm+0xd4/0x160 [ 587.334816][T27319] ? _raw_spin_unlock_bh+0x36/0x40 [ 587.339981][T27319] ? __pfx_tcp_sendmsg+0x10/0x10 [ 587.344912][T27319] tcp_sendmsg+0x30/0x50 [ 587.349201][T27319] inet6_sendmsg+0x77/0xd0 [ 587.354054][T27319] __sock_sendmsg+0x8b/0x180 [ 587.358684][T27319] sock_write_iter+0x164/0x1b0 [ 587.363439][T27319] aio_write+0x304/0x430 [ 587.367718][T27319] io_submit_one+0xb18/0x1240 [ 587.372439][T27319] __se_sys_io_submit+0xf5/0x280 [ 587.377441][T27319] __x64_sys_io_submit+0x43/0x50 [ 587.382486][T27319] x64_sys_call+0x2ab5/0x2d70 [ 587.387162][T27319] do_syscall_64+0xc9/0x1c0 [ 587.391687][T27319] ? clear_bhb_loop+0x55/0xb0 [ 587.396358][T27319] ? clear_bhb_loop+0x55/0xb0 [ 587.401091][T27319] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.407030][T27319] RIP: 0033:0x7f434f4c9bd9 [ 587.411432][T27319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 587.431068][T27319] RSP: 002b:00007f434e74b048 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 587.439904][T27319] RAX: ffffffffffffffda RBX: 00007f434f657f60 RCX: 00007f434f4c9bd9 [ 587.447862][T27319] RDX: 0000000020000040 RSI: 0000000000000001 RDI: 00007f434f62d000 [ 587.455829][T27319] RBP: 00007f434e74b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 587.463822][T27319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 587.471779][T27319] R13: 000000000000000b R14: 00007f434f657f60 R15: 00007ffe47a50a28 [ 587.479743][T27319] [ 587.619143][T27338] __nla_validate_parse: 16 callbacks suppressed [ 587.619168][T27338] netlink: 84 bytes leftover after parsing attributes in process `syz.3.6116'. [ 587.651696][T27338] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6116'. [ 587.809331][T27370] loop2: detected capacity change from 0 to 128 [ 587.822780][T27370] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 587.857164][T27373] FAULT_INJECTION: forcing a failure. [ 587.857164][T27373] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 587.868683][T27370] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 587.870455][T27373] CPU: 0 PID: 27373 Comm: syz.1.6128 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 587.889536][T27373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 587.899668][T27373] Call Trace: [ 587.903024][T27373] [ 587.905957][T27373] dump_stack_lvl+0xf2/0x150 [ 587.910554][T27373] dump_stack+0x15/0x20 [ 587.914711][T27373] should_fail_ex+0x229/0x230 [ 587.919524][T27373] __should_fail_alloc_page+0xfd/0x110 [ 587.925078][T27373] __alloc_pages_noprof+0x109/0x360 [ 587.930278][T27373] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 587.935657][T27373] alloc_pages_noprof+0xe1/0x100 [ 587.940647][T27373] pte_alloc_one+0x32/0xf0 [ 587.945100][T27373] __pte_alloc+0x33/0x270 [ 587.949470][T27373] handle_mm_fault+0x1ade/0x2a80 [ 587.954488][T27373] exc_page_fault+0x296/0x650 [ 587.959214][T27373] ? do_dentry_open+0x446/0xa60 [ 587.964091][T27373] asm_exc_page_fault+0x26/0x30 [ 587.968944][T27373] RIP: 0010:__put_user_4+0x11/0x20 [ 587.974063][T27373] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 [ 587.993670][T27373] RSP: 0018:ffffc900015d7bf8 EFLAGS: 00050206 [ 587.999728][T27373] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000200002c0 [ 588.007712][T27373] RDX: 00000000000002c5 RSI: 0000000000000000 RDI: ffffc900015d7c00 [ 588.015680][T27373] RBP: 0000000000000000 R08: 0001c900015d7c03 R09: 0000000000000000 [ 588.023693][T27373] R10: 0001ffffffffffff R11: 0001c900015d7c00 R12: ffff888109511040 [ 588.031840][T27373] R13: ffffffff85550908 R14: 00000000200002c0 R15: 000000000000541b [ 588.039815][T27373] sk_ioctl+0x25c/0x3c0 [ 588.043987][T27373] ? path_openat+0x1a6f/0x1fa0 [ 588.048823][T27373] ? _parse_integer_limit+0x167/0x180 [ 588.054317][T27373] ieee802154_sock_ioctl+0xc3/0x240 [ 588.059601][T27373] ? __rcu_read_unlock+0x4e/0x70 [ 588.064542][T27373] sock_do_ioctl+0x81/0x260 [ 588.069050][T27373] sock_ioctl+0x470/0x640 [ 588.073451][T27373] ? file_has_perm+0x347/0x390 [ 588.078215][T27373] ? __pfx_sock_ioctl+0x10/0x10 [ 588.083095][T27373] do_vfs_ioctl+0x96f/0x1560 [ 588.085877][T27380] loop3: detected capacity change from 0 to 512 [ 588.087680][T27373] ? selinux_file_ioctl+0x1c6/0x380 [ 588.099124][T27373] ? __fget_files+0x1da/0x210 [ 588.103861][T27373] __se_sys_ioctl+0x81/0x150 [ 588.108493][T27373] __x64_sys_ioctl+0x43/0x50 [ 588.113169][T27373] x64_sys_call+0x1581/0x2d70 [ 588.118029][T27373] do_syscall_64+0xc9/0x1c0 [ 588.122659][T27373] ? clear_bhb_loop+0x55/0xb0 [ 588.127334][T27373] ? clear_bhb_loop+0x55/0xb0 [ 588.132017][T27373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 588.137912][T27373] RIP: 0033:0x7fea11213bd9 [ 588.142317][T27373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 588.161926][T27373] RSP: 002b:00007fea10495048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 588.170341][T27373] RAX: ffffffffffffffda RBX: 00007fea113a1f60 RCX: 00007fea11213bd9 [ 588.178310][T27373] RDX: 00000000200002c0 RSI: 000000000000541b RDI: 0000000000000004 [ 588.186277][T27373] RBP: 00007fea104950a0 R08: 0000000000000000 R09: 0000000000000000 [ 588.194243][T27373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 588.202206][T27373] R13: 000000000000000b R14: 00007fea113a1f60 R15: 00007fffed0233f8 [ 588.210169][T27373] [ 588.220007][ T8600] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 588.273480][T27394] netlink: 84 bytes leftover after parsing attributes in process `syz.2.6130'. [ 588.284122][T27394] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6130'. [ 588.290505][T27390] loop0: detected capacity change from 0 to 512 [ 588.303325][T27396] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6136'. [ 588.312362][T27396] netlink: 48 bytes leftover after parsing attributes in process `syz.2.6136'. [ 588.328632][T27396] netlink: 48 bytes leftover after parsing attributes in process `syz.2.6136'. [ 588.328806][T27390] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 588.365427][T27390] ext4 filesystem being mounted at /227/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 588.380886][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 588.380920][ T29] audit: type=1326 audit(2000000264.857:3255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27402 comm="syz.2.6138" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f28ae61fbd9 code=0x0 [ 588.458750][ T29] audit: type=1400 audit(2000000264.931:3256): avc: denied { write } for pid=27389 comm="syz.0.6135" name="/" dev="9p" ino=2305843558969507842 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 588.483902][ T29] audit: type=1400 audit(2000000264.931:3257): avc: denied { add_name } for pid=27389 comm="syz.0.6135" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 588.504764][ T29] audit: type=1400 audit(2000000264.931:3258): avc: denied { associate } for pid=27389 comm="syz.0.6135" name="bus" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 588.526406][ T29] audit: type=1400 audit(2000000264.931:3259): avc: denied { associate } for pid=27389 comm="syz.0.6135" name="cpu.stat" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 588.552604][T22822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 588.716067][T27429] loop0: detected capacity change from 0 to 164 [ 588.842754][T27435] netlink: 84 bytes leftover after parsing attributes in process `syz.0.6146'. [ 588.864232][T27435] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6146'. [ 588.919727][T27440] ieee802154 phy0 wpan0: encryption failed: -22 [ 588.945322][ T29] audit: type=1400 audit(2000000265.383:3260): avc: denied { name_connect } for pid=27439 comm="syz.0.6148" dest=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 588.967022][ T29] audit: type=1326 audit(2000000265.383:3261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27441 comm="syz.3.6149" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f434f4c9bd9 code=0x0 [ 589.042881][T27445] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2 sclass=netlink_route_socket pid=27445 comm=syz.0.6151 [ 589.064979][T27446] loop4: detected capacity change from 0 to 1024 [ 589.071815][T27446] journal_path: Lookup failure for './file1' [ 589.077880][T27446] EXT4-fs: error: could not find journal device path [ 589.114108][T27455] loop0: detected capacity change from 0 to 164 [ 589.130907][T27446] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6150'. [ 589.340957][T27461] loop4: detected capacity change from 0 to 256 [ 589.359863][T27474] loop1: detected capacity change from 0 to 2048 [ 589.420618][T27474] loop1: p1 < > p4 [ 589.435575][T27474] loop1: p4 size 8388608 extends beyond EOD, truncated [ 589.452949][T27483] loop4: detected capacity change from 0 to 2048 [ 589.457560][T27474] netlink: 'syz.1.6162': attribute type 12 has an invalid length. [ 589.504779][T27483] loop4: p1 < > p4 [ 589.509339][T27483] loop4: p4 size 8388608 extends beyond EOD, truncated [ 589.582014][T27503] FAULT_INJECTION: forcing a failure. [ 589.582014][T27503] name failslab, interval 1, probability 0, space 0, times 0 [ 589.594667][T27503] CPU: 1 PID: 27503 Comm: syz.1.6167 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 589.604805][T27503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 589.615053][T27503] Call Trace: [ 589.618315][T27503] [ 589.621225][T27503] dump_stack_lvl+0xf2/0x150 [ 589.625858][T27503] dump_stack+0x15/0x20 [ 589.629996][T27503] should_fail_ex+0x229/0x230 [ 589.634729][T27503] ? bpf_test_init+0xc7/0x170 [ 589.639456][T27503] __should_failslab+0x92/0xa0 [ 589.644219][T27503] should_failslab+0x9/0x20 [ 589.648770][T27503] __kmalloc_noprof+0xa5/0x370 [ 589.653542][T27503] ? _parse_integer+0x27/0x30 [ 589.658221][T27503] bpf_test_init+0xc7/0x170 [ 589.662733][T27503] bpf_prog_test_run_nf+0x17d/0x580 [ 589.667972][T27503] ? __rcu_read_unlock+0x4e/0x70 [ 589.672924][T27503] ? __pfx_bpf_prog_test_run_nf+0x10/0x10 [ 589.678657][T27503] bpf_prog_test_run+0x26d/0x3e0 [ 589.683662][T27503] __sys_bpf+0x400/0x7a0 [ 589.687949][T27503] __x64_sys_bpf+0x43/0x50 [ 589.692433][T27503] x64_sys_call+0x2655/0x2d70 [ 589.697116][T27503] do_syscall_64+0xc9/0x1c0 [ 589.701627][T27503] ? clear_bhb_loop+0x55/0xb0 [ 589.706313][T27503] ? clear_bhb_loop+0x55/0xb0 [ 589.711069][T27503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.717033][T27503] RIP: 0033:0x7fea11213bd9 [ 589.721439][T27503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.741082][T27503] RSP: 002b:00007fea10495048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 589.749503][T27503] RAX: ffffffffffffffda RBX: 00007fea113a1f60 RCX: 00007fea11213bd9 [ 589.757460][T27503] RDX: 0000000000000050 RSI: 00000000200008c0 RDI: 000000000000000a [ 589.765417][T27503] RBP: 00007fea104950a0 R08: 0000000000000000 R09: 0000000000000000 [ 589.773413][T27503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 589.781391][T27503] R13: 000000000000000b R14: 00007fea113a1f60 R15: 00007fffed0233f8 [ 589.789363][T27503] [ 589.829121][T27507] loop1: detected capacity change from 0 to 2048 [ 589.831589][T27509] loop0: detected capacity change from 0 to 1024 [ 589.842408][T27509] journal_path: Lookup failure for './file1' [ 589.848392][T27509] EXT4-fs: error: could not find journal device path [ 589.872033][T27507] loop1: p1 < > p4 [ 589.876347][T27507] loop1: p4 size 8388608 extends beyond EOD, truncated [ 589.887640][ T29] audit: type=1326 audit(2000000266.251:3262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27514 comm="syz.3.6171" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f434f4c9bd9 code=0x0 [ 589.977182][T27529] loop1: detected capacity change from 0 to 1024 [ 589.986925][T27529] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.025664][T23162] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 590.094341][T27547] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 590.165534][T27551] FAULT_INJECTION: forcing a failure. [ 590.165534][T27551] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 590.178644][T27551] CPU: 0 PID: 27551 Comm: syz.0.6180 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 590.188832][T27551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 590.198885][T27551] Call Trace: [ 590.202205][T27551] [ 590.205127][T27551] dump_stack_lvl+0xf2/0x150 [ 590.209786][T27551] dump_stack+0x15/0x20 [ 590.214026][T27551] should_fail_ex+0x229/0x230 [ 590.218771][T27551] should_fail+0xb/0x10 [ 590.222932][T27551] should_fail_usercopy+0x1a/0x20 [ 590.227953][T27551] _copy_from_user+0x1e/0xd0 [ 590.232642][T27551] memdup_user+0x64/0xc0 [ 590.236887][T27551] do_vfs_ioctl+0xe0a/0x1560 [ 590.241516][T27551] ? selinux_file_ioctl+0x2f7/0x380 [ 590.246831][T27551] ? __fget_files+0x1da/0x210 [ 590.251515][T27551] __se_sys_ioctl+0x81/0x150 [ 590.256130][T27551] __x64_sys_ioctl+0x43/0x50 [ 590.260741][T27551] x64_sys_call+0x1581/0x2d70 [ 590.265440][T27551] do_syscall_64+0xc9/0x1c0 [ 590.269949][T27551] ? clear_bhb_loop+0x55/0xb0 [ 590.274629][T27551] ? clear_bhb_loop+0x55/0xb0 [ 590.279307][T27551] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.285204][T27551] RIP: 0033:0x7f5d21b31bd9 [ 590.289663][T27551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 590.309369][T27551] RSP: 002b:00007f5d20db3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 590.317785][T27551] RAX: ffffffffffffffda RBX: 00007f5d21cbff60 RCX: 00007f5d21b31bd9 [ 590.325791][T27551] RDX: 000000001ffffffe RSI: 00000000c0189436 RDI: 0000000000000009 [ 590.333750][T27551] RBP: 00007f5d20db30a0 R08: 0000000000000000 R09: 0000000000000000 [ 590.341790][T27551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 590.349819][T27551] R13: 000000000000000b R14: 00007f5d21cbff60 R15: 00007fffde1aae28 [ 590.357884][T27551] [ 590.414451][T27555] FAULT_INJECTION: forcing a failure. [ 590.414451][T27555] name failslab, interval 1, probability 0, space 0, times 0 [ 590.427102][T27555] CPU: 1 PID: 27555 Comm: syz.2.6181 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 590.437456][T27555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 590.447502][T27555] Call Trace: [ 590.450766][T27555] [ 590.453687][T27555] dump_stack_lvl+0xf2/0x150 [ 590.458275][T27555] dump_stack+0x15/0x20 [ 590.462424][T27555] should_fail_ex+0x229/0x230 [ 590.467113][T27555] ? skb_clone+0x154/0x1f0 [ 590.471520][T27555] __should_failslab+0x92/0xa0 [ 590.476319][T27555] should_failslab+0x9/0x20 [ 590.480856][T27555] kmem_cache_alloc_noprof+0x4c/0x290 [ 590.486295][T27555] skb_clone+0x154/0x1f0 [ 590.490564][T27555] __netlink_deliver_tap+0x2bd/0x4c0 [ 590.495884][T27555] __netlink_sendskb+0xda/0xe0 [ 590.500671][T27555] netlink_dump+0x725/0x820 [ 590.505205][T27555] __netlink_dump_start+0x42e/0x510 [ 590.510472][T27555] ? __pfx_tc_dump_tclass+0x10/0x10 [ 590.515675][T27555] rtnetlink_rcv_msg+0x75d/0x910 [ 590.520602][T27555] ? __pfx_tc_dump_tclass+0x10/0x10 [ 590.525786][T27555] ? __pfx_tc_dump_tclass+0x10/0x10 [ 590.530989][T27555] ? __memcg_slab_free_hook+0xc9/0x1e0 [ 590.536608][T27555] ? xas_load+0x3ae/0x3d0 [ 590.541008][T27555] ? kmem_cache_free+0xd8/0x280 [ 590.545923][T27555] ? nlmon_xmit+0x51/0x60 [ 590.550289][T27555] ? __kfree_skb+0x102/0x150 [ 590.554945][T27555] ? consume_skb+0x57/0x180 [ 590.559438][T27555] ? nlmon_xmit+0x51/0x60 [ 590.563762][T27555] ? dev_hard_start_xmit+0x3c1/0x3f0 [ 590.569034][T27555] ? __dev_queue_xmit+0xb21/0x1e50 [ 590.574180][T27555] ? ref_tracker_free+0x3a5/0x410 [ 590.579201][T27555] netlink_rcv_skb+0x12c/0x230 [ 590.584045][T27555] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 590.589585][T27555] rtnetlink_rcv+0x1c/0x30 [ 590.593986][T27555] netlink_unicast+0x58d/0x660 [ 590.598744][T27555] netlink_sendmsg+0x5ca/0x6e0 [ 590.603504][T27555] ? __pfx_netlink_sendmsg+0x10/0x10 [ 590.608888][T27555] __sock_sendmsg+0x140/0x180 [ 590.613556][T27555] ____sys_sendmsg+0x312/0x410 [ 590.618367][T27555] __sys_sendmsg+0x1e9/0x280 [ 590.622951][T27555] __x64_sys_sendmsg+0x46/0x50 [ 590.627722][T27555] x64_sys_call+0xb25/0x2d70 [ 590.632456][T27555] do_syscall_64+0xc9/0x1c0 [ 590.636992][T27555] ? clear_bhb_loop+0x55/0xb0 [ 590.641744][T27555] ? clear_bhb_loop+0x55/0xb0 [ 590.646463][T27555] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.652360][T27555] RIP: 0033:0x7f28ae61fbd9 [ 590.656759][T27555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 590.676357][T27555] RSP: 002b:00007f28ad8a1048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 590.684789][T27555] RAX: ffffffffffffffda RBX: 00007f28ae7adf60 RCX: 00007f28ae61fbd9 [ 590.692792][T27555] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005 [ 590.700881][T27555] RBP: 00007f28ad8a10a0 R08: 0000000000000000 R09: 0000000000000000 [ 590.708885][T27555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 590.716895][T27555] R13: 000000000000000b R14: 00007f28ae7adf60 R15: 00007ffe1e0f6b88 [ 590.724859][T27555] [ 590.772110][T27562] loop2: detected capacity change from 0 to 1024 [ 590.788371][T27562] journal_path: Lookup failure for './file1' [ 590.794463][T27562] EXT4-fs: error: could not find journal device path [ 590.832679][T27571] FAULT_INJECTION: forcing a failure. [ 590.832679][T27571] name failslab, interval 1, probability 0, space 0, times 0 [ 590.845380][T27571] CPU: 0 PID: 27571 Comm: syz.1.6188 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 590.855550][T27571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 590.865598][T27571] Call Trace: [ 590.868888][T27571] [ 590.871841][T27571] dump_stack_lvl+0xf2/0x150 [ 590.876524][T27571] dump_stack+0x15/0x20 [ 590.880768][T27571] should_fail_ex+0x229/0x230 [ 590.885454][T27571] ? tcp_sendmsg_fastopen+0x163/0x4f0 [ 590.890893][T27571] __should_failslab+0x92/0xa0 [ 590.895640][T27571] should_failslab+0x9/0x20 [ 590.900125][T27571] kmalloc_trace_noprof+0x4b/0x2a0 [ 590.905334][T27571] ? __pfx_tcp_sendmsg+0x10/0x10 [ 590.910267][T27571] tcp_sendmsg_fastopen+0x163/0x4f0 [ 590.915449][T27571] ? __pfx_tcp_sendmsg+0x10/0x10 [ 590.920373][T27571] tcp_sendmsg_locked+0x2445/0x2640 [ 590.925557][T27571] ? __rcu_read_unlock+0x4e/0x70 [ 590.930502][T27571] ? mod_objcg_state+0x39b/0x4e0 [ 590.935438][T27571] ? __rcu_read_unlock+0x4e/0x70 [ 590.940371][T27571] ? avc_has_perm_noaudit+0x1cc/0x210 [ 590.945808][T27571] ? avc_has_perm+0xd4/0x160 [ 590.950392][T27571] ? _raw_spin_unlock_bh+0x36/0x40 [ 590.955498][T27571] ? __pfx_tcp_sendmsg+0x10/0x10 [ 590.960447][T27571] tcp_sendmsg+0x30/0x50 [ 590.964684][T27571] inet6_sendmsg+0x77/0xd0 [ 590.969090][T27571] __sock_sendmsg+0x8b/0x180 [ 590.973675][T27571] ____sys_sendmsg+0x312/0x410 [ 590.978478][T27571] __sys_sendmmsg+0x269/0x500 [ 590.983237][T27571] __x64_sys_sendmmsg+0x57/0x70 [ 590.988127][T27571] x64_sys_call+0xa87/0x2d70 [ 590.992714][T27571] do_syscall_64+0xc9/0x1c0 [ 590.997241][T27571] ? clear_bhb_loop+0x55/0xb0 [ 591.001906][T27571] ? clear_bhb_loop+0x55/0xb0 [ 591.006605][T27571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 591.012534][T27571] RIP: 0033:0x7fea11213bd9 [ 591.017013][T27571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 591.036614][T27571] RSP: 002b:00007fea10495048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 591.045067][T27571] RAX: ffffffffffffffda RBX: 00007fea113a1f60 RCX: 00007fea11213bd9 [ 591.053024][T27571] RDX: 0000000000000001 RSI: 00000000200002c0 RDI: 0000000000000003 [ 591.060993][T27571] RBP: 00007fea104950a0 R08: 0000000000000000 R09: 0000000000000000 [ 591.068952][T27571] R10: 000000002400005c R11: 0000000000000246 R12: 0000000000000001 [ 591.076910][T27571] R13: 000000000000000b R14: 00007fea113a1f60 R15: 00007fffed0233f8 [ 591.084891][T27571] [ 591.137805][T27584] loop4: detected capacity change from 0 to 128 [ 591.167806][T27586] bridge0: port 3(vlan2) entered blocking state [ 591.174275][T27586] bridge0: port 3(vlan2) entered disabled state [ 591.181693][T27586] vlan2: entered allmulticast mode [ 591.187460][T27586] vlan2: left allmulticast mode [ 591.220351][ T29] audit: type=1326 audit(2000000267.479:3263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27597 comm="syz.3.6196" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f434f4c9bd9 code=0x0 [ 591.280514][T27603] vhci_hcd: invalid port number 128 [ 591.281590][T27604] vlan2: entered allmulticast mode [ 591.285723][T27603] vhci_hcd: default hub control req: 0200 v0000 i0080 l0 [ 591.771397][T27617] FAULT_INJECTION: forcing a failure. [ 591.771397][T27617] name failslab, interval 1, probability 0, space 0, times 0 [ 591.784080][T27617] CPU: 0 PID: 27617 Comm: syz.1.6199 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 591.794312][T27617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 591.804526][T27617] Call Trace: [ 591.807801][T27617] [ 591.810724][T27617] dump_stack_lvl+0xf2/0x150 [ 591.815351][T27617] dump_stack+0x15/0x20 [ 591.819593][T27617] should_fail_ex+0x229/0x230 [ 591.824276][T27617] ? xdp_umem_create+0x3c/0x9a0 [ 591.829125][T27617] __should_failslab+0x92/0xa0 [ 591.833891][T27617] should_failslab+0x9/0x20 [ 591.838405][T27617] kmalloc_trace_noprof+0x4b/0x2a0 [ 591.843574][T27617] xdp_umem_create+0x3c/0x9a0 [ 591.848326][T27617] ? selinux_socket_setsockopt+0x1ca/0x200 [ 591.854140][T27617] ? should_fail_ex+0xd7/0x230 [ 591.858948][T27617] xsk_setsockopt+0x4df/0x520 [ 591.863698][T27617] ? __pfx_xsk_setsockopt+0x10/0x10 [ 591.868982][T27617] __sys_setsockopt+0x1d8/0x250 [ 591.873897][T27617] __x64_sys_setsockopt+0x66/0x80 [ 591.878918][T27617] x64_sys_call+0x1183/0x2d70 [ 591.883598][T27617] do_syscall_64+0xc9/0x1c0 [ 591.888193][T27617] ? clear_bhb_loop+0x55/0xb0 [ 591.892899][T27617] ? clear_bhb_loop+0x55/0xb0 [ 591.897603][T27617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 591.903584][T27617] RIP: 0033:0x7fea11213bd9 [ 591.908025][T27617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 591.927681][T27617] RSP: 002b:00007fea10495048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 591.936089][T27617] RAX: ffffffffffffffda RBX: 00007fea113a1f60 RCX: 00007fea11213bd9 [ 591.944046][T27617] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000005 [ 591.952081][T27617] RBP: 00007fea104950a0 R08: 0000000000000020 R09: 0000000000000000 [ 591.960036][T27617] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 591.968053][T27617] R13: 000000000000000b R14: 00007fea113a1f60 R15: 00007fffed0233f8 [ 591.976016][T27617] [ 591.991835][T27651] loop0: detected capacity change from 0 to 512 [ 592.000053][T27583] syz.4.6193 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 592.011050][T27583] CPU: 0 PID: 27583 Comm: syz.4.6193 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 592.021186][T27583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 592.031310][T27583] Call Trace: [ 592.034584][T27583] [ 592.037511][T27583] dump_stack_lvl+0xf2/0x150 [ 592.042211][T27583] dump_stack+0x15/0x20 [ 592.046444][T27583] dump_header+0x83/0x2d0 [ 592.050865][T27583] oom_kill_process+0x33e/0x4c0 [ 592.055709][T27583] out_of_memory+0x9af/0xbe0 [ 592.060292][T27583] mem_cgroup_out_of_memory+0x13e/0x190 [ 592.065859][T27583] try_charge_memcg+0x745/0xcd0 [ 592.070760][T27583] ? _raw_spin_unlock+0x26/0x50 [ 592.075624][T27583] ? radix_tree_lookup+0xf9/0x150 [ 592.080689][T27583] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 592.086782][T27583] __read_swap_cache_async+0x2b9/0x520 [ 592.092270][T27583] swap_cluster_readahead+0x276/0x3f0 [ 592.097740][T27583] swapin_readahead+0xe2/0x7a0 [ 592.102510][T27583] ? __filemap_get_folio+0x420/0x5b0 [ 592.107788][T27583] ? swap_cache_get_folio+0x6e/0x210 [ 592.113063][T27583] do_swap_page+0x3bc/0x1840 [ 592.117710][T27583] ? cgroup_rstat_updated+0x99/0x550 [ 592.122989][T27583] ? __rcu_read_lock+0x36/0x50 [ 592.127819][T27583] handle_mm_fault+0x809/0x2a80 [ 592.132773][T27583] ? mas_walk+0x204/0x320 [ 592.137097][T27583] exc_page_fault+0x3b9/0x650 [ 592.141836][T27583] asm_exc_page_fault+0x26/0x30 [ 592.146735][T27583] RIP: 0033:0x7f945376e54c [ 592.151155][T27583] Code: 45 b5 2b 00 00 0f 8e 79 fe ff ff e8 3e f1 fe ff 49 39 c4 0f 82 e3 00 00 00 69 3d 53 b1 de 00 e8 03 00 00 48 8d 1d 14 9a 2b 00 df b5 12 00 eb 11 0f 1f 44 00 00 48 81 c3 d8 00 00 00 48 39 dd [ 592.170758][T27583] RSP: 002b:00007ffe25f46350 EFLAGS: 00010206 [ 592.176894][T27583] RAX: 0000000000087087 RBX: 00007f9453a27f60 RCX: 0000000000087028 [ 592.184989][T27583] RDX: 000000000000005f RSI: 00007ffe25f46330 RDI: 00000000000003e8 [ 592.193023][T27583] RBP: 00007f9453a29a60 R08: 0000000005b09e6c R09: 7fffffffffffffff [ 592.200980][T27583] R10: 00007f94539fe0b8 R11: 00007f94539fe080 R12: 000000000008710b [ 592.208940][T27583] R13: 0000000000000032 R14: 00007f9453a29a60 R15: 00007f9453a28038 [ 592.216899][T27583] [ 592.220319][T27583] memory: usage 307200kB, limit 307200kB, failcnt 100 [ 592.227576][T27583] memory+swap: usage 308912kB, limit 9007199254740988kB, failcnt 0 [ 592.235650][T27583] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 592.243010][T27583] Memory cgroup stats for /syz4: [ 592.243147][T27583] cache 0 [ 592.250981][T27583] rss 0 [ 592.253753][T27583] shmem 0 [ 592.255469][T27651] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 592.256703][T27583] mapped_file 0 [ 592.270030][T27583] dirty 0 [ 592.273015][T27583] writeback 0 [ 592.276278][T27583] workingset_refault_anon 13 [ 592.280937][T27583] workingset_refault_file 48 [ 592.285514][T27583] swap 1736704 [ 592.288137][T27651] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 592.288922][T27583] swapcached 20480 [ 592.300591][T27583] pgpgin 884154 [ 592.300745][T27651] System zones: [ 592.304026][T27583] pgpgout 884149 [ 592.304036][T27583] pgfault 943905 [ 592.307553][T27651] 1-12 [ 592.311104][T27583] pgmajfault 32 [ 592.311113][T27583] inactive_anon 16384 [ 592.314667][T27651] [ 592.317297][T27583] active_anon 4096 [ 592.317305][T27583] inactive_file 0 [ 592.317310][T27583] active_file 0 [ 592.317316][T27583] unevictable 0 [ 592.317322][T27583] hierarchical_memory_limit 314572800 [ 592.317329][T27583] hierarchical_memsw_limit 9223372036854771712 [ 592.317369][T27583] total_cache 0 [ 592.324768][T27583] total_rss 0 [ 592.324776][T27583] total_shmem 0 [ 592.327412][T27651] EXT4-fs (loop0): 1 truncate cleaned up [ 592.330766][T27583] total_mapped_file 0 [ 592.335011][T27651] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 592.337826][T27583] total_dirty 0 [ 592.337834][T27583] total_writeback 0 [ 592.392578][T27583] total_workingset_refault_anon 13 [ 592.397683][T27583] total_workingset_refault_file 48 [ 592.402765][T27583] total_swap 1736704 [ 592.406695][T27583] total_swapcached 20480 [ 592.410942][T27583] total_pgpgin 884154 [ 592.414929][T27583] total_pgpgout 884149 [ 592.419027][T27583] total_pgfault 943905 [ 592.423082][T27583] total_pgmajfault 32 [ 592.427039][T27583] total_inactive_anon 16384 [ 592.431533][T27583] total_active_anon 4096 [ 592.435763][T27583] total_inactive_file 0 [ 592.439922][T27583] total_active_file 0 [ 592.443997][T27583] total_unevictable 0 [ 592.447991][T27583] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1341,pid=8734,uid=0 [ 592.462870][T27583] Memory cgroup out of memory: Killed process 8736 (syz.4.1341) total-vm:80620kB, anon-rss:452kB, file-rss:9880kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000 [ 592.503343][T27664] loop3: detected capacity change from 0 to 164 [ 592.520009][T27665] ip6tnl1: entered allmulticast mode [ 592.551463][T22822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 592.732293][T27682] loop0: detected capacity change from 0 to 1024 [ 592.746001][T27682] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 592.763616][T27682] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 592.777027][T27682] EXT4-fs (loop0): orphan cleanup on readonly fs [ 592.786350][T27682] EXT4-fs error (device loop0): __ext4_get_inode_loc:4357: comm syz.0.6212: Invalid inode table block 0 in block_group 0 [ 592.814959][T27682] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5731: Corrupt filesystem [ 592.847556][T27682] EXT4-fs error (device loop0): ext4_quota_write:7232: inode #3: comm syz.0.6212: mark_inode_dirty error [ 592.860080][T27682] Quota error (device loop0): write_blk: dquota write failed [ 592.867550][T27682] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz.0.6212: Failed to acquire dquot type 0 [ 592.881424][T27682] EXT4-fs error (device loop0): __ext4_get_inode_loc:4357: comm syz.0.6212: Invalid inode table block 0 in block_group 0 [ 592.894229][T27682] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5731: Corrupt filesystem [ 592.906174][T27682] EXT4-fs error (device loop0): ext4_ext_truncate:4432: inode #15: comm syz.0.6212: mark_inode_dirty error [ 592.917815][T27682] EXT4-fs error (device loop0): __ext4_get_inode_loc:4357: comm syz.0.6212: Invalid inode table block 0 in block_group 0 [ 592.930704][T27682] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5731: Corrupt filesystem [ 592.940265][T27682] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 592.950022][T27682] EXT4-fs error (device loop0): __ext4_get_inode_loc:4357: comm syz.0.6212: Invalid inode table block 0 in block_group 0 [ 592.963443][T27682] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5731: Corrupt filesystem [ 592.973093][T27682] EXT4-fs error (device loop0): ext4_truncate:4162: inode #15: comm syz.0.6212: mark_inode_dirty error [ 592.986430][T27682] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 593.014021][T27682] EXT4-fs (loop0): 1 truncate cleaned up [ 593.031445][T27682] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 593.085613][T27682] EXT4-fs error (device loop0): ext4_search_dir:1548: inode #2: block 16: comm syz.0.6212: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 593.140744][T22822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.209313][T27690] __nla_validate_parse: 14 callbacks suppressed [ 593.209329][T27690] netlink: 84 bytes leftover after parsing attributes in process `syz.0.6214'. [ 593.264062][T27690] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6214'. [ 593.392931][T27704] FAULT_INJECTION: forcing a failure. [ 593.392931][T27704] name failslab, interval 1, probability 0, space 0, times 0 [ 593.405711][T27704] CPU: 1 PID: 27704 Comm: syz.0.6219 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 593.415857][T27704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 593.425971][T27704] Call Trace: [ 593.429240][T27704] [ 593.432161][T27704] dump_stack_lvl+0xf2/0x150 [ 593.436822][T27704] dump_stack+0x15/0x20 [ 593.440991][T27704] should_fail_ex+0x229/0x230 [ 593.445759][T27704] ? skb_clone+0x154/0x1f0 [ 593.450264][T27704] __should_failslab+0x92/0xa0 [ 593.455030][T27704] should_failslab+0x9/0x20 [ 593.459574][T27704] kmem_cache_alloc_noprof+0x4c/0x290 [ 593.464957][T27704] skb_clone+0x154/0x1f0 [ 593.469202][T27704] __netlink_deliver_tap+0x2bd/0x4c0 [ 593.474515][T27704] netlink_unicast+0x63b/0x660 [ 593.479288][T27704] netlink_sendmsg+0x5ca/0x6e0 [ 593.484125][T27704] ? __pfx_netlink_sendmsg+0x10/0x10 [ 593.489423][T27704] __sock_sendmsg+0x140/0x180 [ 593.494155][T27704] ____sys_sendmsg+0x312/0x410 [ 593.498928][T27704] __sys_sendmsg+0x1e9/0x280 [ 593.503546][T27704] __x64_sys_sendmsg+0x46/0x50 [ 593.508309][T27704] x64_sys_call+0xb25/0x2d70 [ 593.512915][T27704] do_syscall_64+0xc9/0x1c0 [ 593.517424][T27704] ? clear_bhb_loop+0x55/0xb0 [ 593.522153][T27704] ? clear_bhb_loop+0x55/0xb0 [ 593.526911][T27704] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.532815][T27704] RIP: 0033:0x7f5d21b31bd9 [ 593.537546][T27704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 593.557252][T27704] RSP: 002b:00007f5d20db3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 593.565836][T27704] RAX: ffffffffffffffda RBX: 00007f5d21cbff60 RCX: 00007f5d21b31bd9 [ 593.573817][T27704] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003 [ 593.581832][T27704] RBP: 00007f5d20db30a0 R08: 0000000000000000 R09: 0000000000000000 [ 593.589885][T27704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 593.597859][T27704] R13: 000000000000000b R14: 00007f5d21cbff60 R15: 00007fffde1aae28 [ 593.602500][T27707] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 593.605824][T27704] [ 593.606498][T27704] netlink: 48 bytes leftover after parsing attributes in process `syz.0.6219'. [ 594.220360][T27710] loop2: detected capacity change from 0 to 512 [ 594.258043][T27717] loop3: detected capacity change from 0 to 512 [ 594.284010][T27717] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 594.302887][T27717] ext4 filesystem being mounted at /362/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 594.336492][T20604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.369799][T27727] netlink: 84 bytes leftover after parsing attributes in process `syz.2.6226'. [ 594.390634][T27727] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6226'. [ 594.481696][T27729] loop2: detected capacity change from 0 to 256 [ 594.492362][T27747] loop3: detected capacity change from 0 to 512 [ 594.545379][T27747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 594.547404][T27729] FAT-fs (loop2): Directory bread(block 64) failed [ 594.573693][T27747] ext4 filesystem being mounted at /364/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 594.584496][T27729] FAT-fs (loop2): Directory bread(block 65) failed [ 594.586697][T27747] FAULT_INJECTION: forcing a failure. [ 594.586697][T27747] name failslab, interval 1, probability 0, space 0, times 0 [ 594.591083][T27729] FAT-fs (loop2): Directory bread(block 66) failed [ 594.603583][T27747] CPU: 0 PID: 27747 Comm: syz.3.6229 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 594.620345][T27747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 594.623429][T27729] FAT-fs (loop2): Directory bread(block 67) failed [ 594.630466][T27747] Call Trace: [ 594.630475][T27747] [ 594.630483][T27747] dump_stack_lvl+0xf2/0x150 [ 594.647773][T27747] dump_stack+0x15/0x20 [ 594.652053][T27747] should_fail_ex+0x229/0x230 [ 594.652802][T27729] FAT-fs (loop2): Directory bread(block 68) failed [ 594.656822][T27747] ? ext4_find_extent+0x216/0x860 [ 594.656951][T27747] __should_failslab+0x92/0xa0 [ 594.667182][T27729] FAT-fs (loop2): Directory bread(block 69) failed [ 594.668451][T27747] should_failslab+0x9/0x20 [ 594.678405][T27729] FAT-fs (loop2): Directory bread(block 70) failed [ 594.679775][T27747] __kmalloc_noprof+0xa5/0x370 [ 594.689284][T27729] FAT-fs (loop2): Directory bread(block 71) failed [ 594.690720][T27747] ext4_find_extent+0x216/0x860 [ 594.700764][T27729] FAT-fs (loop2): Directory bread(block 72) failed [ 594.701944][T27747] ? mas_replace_node+0x2f8/0x440 [ 594.714017][T27729] FAT-fs (loop2): Directory bread(block 73) failed [ 594.718265][T27747] ? mas_wr_modify+0x2c1e/0x3c90 [ 594.729993][T27747] ext4_ext_map_blocks+0x114/0x33b0 [ 594.735196][T27747] ? xas_load+0x3ae/0x3d0 [ 594.739603][T27747] ? xas_load+0x3ae/0x3d0 [ 594.743942][T27747] ? __rcu_read_unlock+0x4e/0x70 [ 594.748979][T27747] ? ext4_es_lookup_extent+0x35b/0x520 [ 594.754553][T27747] ext4_map_blocks+0x2b1/0xf50 [ 594.759381][T27747] ext4_getblk+0x112/0x500 [ 594.763813][T27747] ext4_bread_batch+0x5b/0x360 [ 594.768634][T27747] __ext4_find_entry+0x9d3/0x10a0 [ 594.773701][T27747] ? d_alloc_parallel+0xbef/0xc70 [ 594.778727][T27747] ext4_lookup+0xba/0x390 [ 594.783073][T27747] __lookup_slow+0x184/0x250 [ 594.787730][T27747] lookup_slow+0x3c/0x60 [ 594.792056][T27747] walk_component+0x1f5/0x230 [ 594.796827][T27747] ? path_lookupat+0xfd/0x2b0 [ 594.801546][T27747] path_lookupat+0x10a/0x2b0 [ 594.806184][T27747] filename_lookup+0x127/0x300 [ 594.810963][T27747] user_path_at_empty+0x42/0x120 [ 594.815925][T27747] do_fchownat+0x95/0x1a0 [ 594.820344][T27747] __x64_sys_fchownat+0x64/0x80 [ 594.825248][T27747] x64_sys_call+0x2871/0x2d70 [ 594.829932][T27747] do_syscall_64+0xc9/0x1c0 [ 594.834557][T27747] ? clear_bhb_loop+0x55/0xb0 [ 594.839238][T27747] ? clear_bhb_loop+0x55/0xb0 [ 594.843953][T27747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 594.849875][T27747] RIP: 0033:0x7f434f4c9bd9 [ 594.854295][T27747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 594.869410][T27729] syz.2.6228: attempt to access beyond end of device [ 594.869410][T27729] loop2: rw=0, sector=1768, nr_sectors = 4 limit=256 [ 594.873950][T27747] RSP: 002b:00007f434e74b048 EFLAGS: 00000246 ORIG_RAX: 0000000000000104 [ 594.873976][T27747] RAX: ffffffffffffffda RBX: 00007f434f657f60 RCX: 00007f434f4c9bd9 [ 594.903622][T27747] RDX: 0000000000000000 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 594.911590][T27747] RBP: 00007f434e74b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 594.919624][T27747] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 594.927591][T27747] R13: 000000000000000b R14: 00007f434f657f60 R15: 00007ffe47a50a28 [ 594.935550][T27747] [ 594.954149][ T30] oom_reaper: reaped process 8736 (syz.4.1341), now anon-rss:16kB, file-rss:8844kB, shmem-rss:0kB [ 594.965524][T20391] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 594.976505][T20391] CPU: 0 PID: 20391 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 594.986860][T20391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 594.996906][T20391] Call Trace: [ 595.000174][T20391] [ 595.003133][T20391] dump_stack_lvl+0xf2/0x150 [ 595.007763][T20391] dump_stack+0x15/0x20 [ 595.011925][T20391] dump_header+0x83/0x2d0 [ 595.016333][T20391] oom_kill_process+0x33e/0x4c0 [ 595.021178][T20391] out_of_memory+0x9af/0xbe0 [ 595.025764][T20391] mem_cgroup_out_of_memory+0x13e/0x190 [ 595.031333][T20391] try_charge_memcg+0x745/0xcd0 [ 595.036204][T20391] ? _raw_spin_unlock+0x26/0x50 [ 595.041111][T20391] ? radix_tree_lookup+0xf9/0x150 [ 595.046201][T20391] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 595.052330][T20391] __read_swap_cache_async+0x2b9/0x520 [ 595.057850][T20391] swap_cluster_readahead+0x276/0x3f0 [ 595.063232][T20391] swapin_readahead+0xe2/0x7a0 [ 595.067999][T20391] ? __filemap_get_folio+0x420/0x5b0 [ 595.073315][T20391] ? swap_cache_get_folio+0x6e/0x210 [ 595.078602][T20391] do_swap_page+0x3bc/0x1840 [ 595.083340][T20391] ? __rcu_read_lock+0x36/0x50 [ 595.088131][T20391] handle_mm_fault+0x809/0x2a80 [ 595.092990][T20391] ? mas_walk+0x204/0x320 [ 595.097355][T20391] exc_page_fault+0x3b9/0x650 [ 595.102164][T20391] asm_exc_page_fault+0x26/0x30 [ 595.107082][T20391] RIP: 0033:0x7f94538cbb85 [ 595.111502][T20391] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d be d9 12 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74 [ 595.131189][T20391] RSP: 002b:00007ffe25f46528 EFLAGS: 00010246 [ 595.137261][T20391] RAX: 0000000000000000 RBX: 0000000000000435 RCX: 00007f94538cbb83 [ 595.145316][T20391] RDX: 00007ffe25f46540 RSI: 0000000000000000 RDI: 0000000000000000 [ 595.153282][T20391] RBP: 00007ffe25f465cc R08: 00000000058c0dff R09: 7fffffffffffffff [ 595.161273][T20391] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032 [ 595.169317][T20391] R13: 0000000000086e4a R14: 0000000000086dc5 R15: 0000000000000027 [ 595.177304][T20391] [ 595.180443][T20391] memory: usage 307200kB, limit 307200kB, failcnt 8678 [ 595.187344][T20391] memory+swap: usage 308848kB, limit 9007199254740988kB, failcnt 0 [ 595.195403][T20391] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 595.202735][T20391] Memory cgroup stats for /syz4: [ 595.203010][T20391] cache 0 [ 595.210933][T20391] rss 0 [ 595.213623][T20604] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 595.213949][T20391] shmem 0 [ 595.225835][T20391] mapped_file 0 [ 595.229291][T20391] dirty 0 [ 595.232232][T20391] writeback 0 [ 595.235520][T20391] workingset_refault_anon 14 [ 595.240087][T20391] workingset_refault_file 48 [ 595.244666][T20391] swap 1687552 [ 595.248049][T20391] swapcached 4096 [ 595.251754][T20391] pgpgin 884155 [ 595.255184][T20391] pgpgout 884154 [ 595.258720][T20391] pgfault 943906 [ 595.262240][T20391] pgmajfault 32 [ 595.265674][T20391] inactive_anon 4096 [ 595.269613][T20391] active_anon 0 [ 595.273083][T20391] inactive_file 0 [ 595.276753][T20391] active_file 0 [ 595.280361][T20391] unevictable 0 [ 595.283885][T20391] hierarchical_memory_limit 314572800 [ 595.289300][T20391] hierarchical_memsw_limit 9223372036854771712 [ 595.295566][T20391] total_cache 0 [ 595.299004][T20391] total_rss 0 [ 595.302404][T20391] total_shmem 0 [ 595.305896][T20391] total_mapped_file 0 [ 595.309854][T20391] total_dirty 0 [ 595.313315][T20391] total_writeback 0 [ 595.317151][T20391] total_workingset_refault_anon 14 [ 595.322265][T20391] total_workingset_refault_file 48 [ 595.327362][T20391] total_swap 1687552 [ 595.331411][T20391] total_swapcached 4096 [ 595.335570][T20391] total_pgpgin 884155 [ 595.339524][T20391] total_pgpgout 884154 [ 595.343767][T20391] total_pgfault 943906 [ 595.347820][T20391] total_pgmajfault 32 [ 595.351778][T20391] total_inactive_anon 4096 [ 595.356260][T20391] total_active_anon 0 [ 595.360259][T20391] total_inactive_file 0 [ 595.364394][T20391] total_active_file 0 [ 595.368375][T20391] total_unevictable 0 [ 595.372377][T20391] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.2714,pid=14006,uid=0 [ 595.387549][T20391] Memory cgroup out of memory: Killed process 14007 (syz.4.2714) total-vm:80620kB, anon-rss:580kB, file-rss:9736kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000 [ 595.508103][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 595.508115][ T29] audit: type=1326 audit(2000000271.438:3265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27762 comm="syz.2.6233" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f28ae61fbd9 code=0x0 [ 596.374149][T27768] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1547 sclass=netlink_route_socket pid=27768 comm=syz.3.6234 [ 596.394476][T27768] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6234'. [ 596.593773][T27772] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (31) [ 596.613524][T27780] netlink: 84 bytes leftover after parsing attributes in process `syz.1.6238'. [ 596.616232][T27772] loop2: detected capacity change from 0 to 512 [ 596.636639][T27780] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6238'. [ 596.638104][T27772] EXT4-fs: Ignoring removed i_version option [ 596.651606][T27772] EXT4-fs: Ignoring removed nobh option [ 596.675853][T27772] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 596.681862][T27782] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6239'. [ 596.689439][T27772] EXT4-fs (loop2): 1 truncate cleaned up [ 596.701489][T27772] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 596.721455][T27782] loop1: detected capacity change from 0 to 512 [ 596.738961][T24891] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.748726][T27782] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 596.776432][T27782] EXT4-fs (loop1): 1 orphan inode deleted [ 596.782232][T27782] EXT4-fs (loop1): 1 truncate cleaned up [ 596.788226][T27782] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 596.827652][T23162] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 597.076648][T27800] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6242'. [ 597.190292][T27804] loop1: detected capacity change from 0 to 512 [ 597.197107][T27804] EXT4-fs: Ignoring removed i_version option [ 597.203342][T27804] EXT4-fs: Ignoring removed nobh option [ 597.220517][T27804] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 597.240082][T27804] EXT4-fs (loop1): 1 truncate cleaned up [ 597.246010][T27804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 597.270774][T23162] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 597.368972][T27584] ================================================================== [ 597.377071][T27584] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64 [ 597.386888][T27584] [ 597.389199][T27584] read-write to 0xffffffff860079c0 of 8 bytes by interrupt on cpu 0: [ 597.397255][T27584] tick_do_update_jiffies64+0x112/0x1b0 [ 597.402796][T27584] tick_nohz_handler+0x7c/0x2d0 [ 597.407644][T27584] __hrtimer_run_queues+0x20d/0x5e0 [ 597.412840][T27584] hrtimer_interrupt+0x210/0x7b0 [ 597.417770][T27584] __sysvec_apic_timer_interrupt+0x5c/0x1a0 [ 597.423702][T27584] sysvec_apic_timer_interrupt+0x6e/0x80 [ 597.429329][T27584] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 597.435309][T27584] kcsan_setup_watchpoint+0x404/0x410 [ 597.440689][T27584] lruvec_page_state_local+0x22/0xe0 [ 597.445983][T27584] count_shadow_nodes+0x163/0x230 [ 597.451010][T27584] do_shrink_slab+0x5a/0x690 [ 597.455596][T27584] shrink_slab+0x4ed/0x860 [ 597.460007][T27584] shrink_node+0xa0d/0x13c0 [ 597.464512][T27584] do_try_to_free_pages+0x3c6/0xc50 [ 597.469712][T27584] try_to_free_mem_cgroup_pages+0x1eb/0x4e0 [ 597.475608][T27584] try_charge_memcg+0x27a/0xcd0 [ 597.480455][T27584] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 597.486517][T27584] __read_swap_cache_async+0x2b9/0x520 [ 597.491978][T27584] swap_cluster_readahead+0x276/0x3f0 [ 597.497356][T27584] swapin_readahead+0xe2/0x7a0 [ 597.502128][T27584] do_swap_page+0x3bc/0x1840 [ 597.506811][T27584] handle_mm_fault+0x809/0x2a80 [ 597.511668][T27584] exc_page_fault+0x3b9/0x650 [ 597.516346][T27584] asm_exc_page_fault+0x26/0x30 [ 597.521199][T27584] [ 597.523513][T27584] read to 0xffffffff860079c0 of 8 bytes by task 27584 on cpu 1: [ 597.531133][T27584] mem_cgroup_flush_stats_ratelimited+0x29/0x100 [ 597.537552][T27584] count_shadow_nodes+0x6b/0x230 [ 597.542505][T27584] do_shrink_slab+0x5a/0x690 [ 597.547100][T27584] shrink_slab+0x4ed/0x860 [ 597.551515][T27584] shrink_node+0xa0d/0x13c0 [ 597.556013][T27584] do_try_to_free_pages+0x3c6/0xc50 [ 597.561196][T27584] try_to_free_mem_cgroup_pages+0x1eb/0x4e0 [ 597.567079][T27584] try_charge_memcg+0x27a/0xcd0 [ 597.571917][T27584] obj_cgroup_charge_pages+0xbd/0x1d0 [ 597.577282][T27584] __memcg_kmem_charge_page+0x9d/0x170 [ 597.582731][T27584] __alloc_pages_noprof+0x1bc/0x360 [ 597.587913][T27584] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 597.593273][T27584] alloc_pages_noprof+0xe1/0x100 [ 597.598200][T27584] __vmalloc_node_range_noprof+0x719/0xef0 [ 597.603995][T27584] kvmalloc_node_noprof+0x121/0x170 [ 597.609190][T27584] ip_set_alloc+0x1f/0x30 [ 597.613508][T27584] hash_netiface_create+0x273/0x730 [ 597.618697][T27584] ip_set_create+0x359/0x8a0 [ 597.623294][T27584] nfnetlink_rcv_msg+0x4a9/0x570 [ 597.628217][T27584] netlink_rcv_skb+0x12c/0x230 [ 597.632969][T27584] nfnetlink_rcv+0x16c/0x15b0 [ 597.637632][T27584] netlink_unicast+0x58d/0x660 [ 597.642388][T27584] netlink_sendmsg+0x5ca/0x6e0 [ 597.647140][T27584] __sock_sendmsg+0x140/0x180 [ 597.651806][T27584] ____sys_sendmsg+0x312/0x410 [ 597.656552][T27584] __sys_sendmsg+0x1e9/0x280 [ 597.661140][T27584] __x64_sys_sendmsg+0x46/0x50 [ 597.665904][T27584] x64_sys_call+0xb25/0x2d70 [ 597.670488][T27584] do_syscall_64+0xc9/0x1c0 [ 597.674985][T27584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.680868][T27584] [ 597.683212][T27584] value changed: 0x00000001000064a9 -> 0x00000001000064aa [ 597.690299][T27584] [ 597.692642][T27584] Reported by Kernel Concurrency Sanitizer on: [ 597.698858][T27584] CPU: 1 PID: 27584 Comm: syz.4.6193 Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 597.708993][T27584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 597.719118][T27584] ================================================================== [ 597.738497][ T29] audit: type=1326 audit(2000000273.497:3266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27810 comm="syz.1.6246" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea11213bd9 code=0x0 [ 597.748947][ T30] oom_reaper: reaped process 14007 (syz.4.2714), now anon-rss:144kB, file-rss:8644kB, shmem-rss:0kB [ 597.772901][T20391] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 597.783827][T20391] CPU: 0 PID: 20391 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00223-gc6653f49e4fd #0 [ 597.794196][T20391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 597.804236][T20391] Call Trace: [ 597.807501][T20391] [ 597.810414][T20391] dump_stack_lvl+0xf2/0x150 [ 597.815072][T20391] dump_stack+0x15/0x20 [ 597.819217][T20391] dump_header+0x83/0x2d0 [ 597.823597][T20391] oom_kill_process+0x33e/0x4c0 [ 597.828446][T20391] out_of_memory+0x9af/0xbe0 [ 597.833104][T20391] mem_cgroup_out_of_memory+0x13e/0x190 [ 597.838646][T20391] try_charge_memcg+0x745/0xcd0 [ 597.843489][T20391] ? _raw_spin_unlock+0x26/0x50 [ 597.848360][T20391] ? radix_tree_lookup+0xf9/0x150 [ 597.853453][T20391] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 597.859619][T20391] __read_swap_cache_async+0x2b9/0x520 [ 597.865098][T20391] swap_cluster_readahead+0x276/0x3f0 [ 597.870470][T20391] swapin_readahead+0xe2/0x7a0 [ 597.875288][T20391] ? __filemap_get_folio+0x420/0x5b0 [ 597.880564][T20391] ? swap_cache_get_folio+0x6e/0x210 [ 597.885923][T20391] do_swap_page+0x3bc/0x1840 [ 597.890522][T20391] ? __rcu_read_lock+0x36/0x50 [ 597.895323][T20391] handle_mm_fault+0x809/0x2a80 [ 597.900196][T20391] ? mas_walk+0x204/0x320 [ 597.904566][T20391] exc_page_fault+0x3b9/0x650 [ 597.909258][T20391] asm_exc_page_fault+0x26/0x30 [ 597.914097][T20391] RIP: 0033:0x7f94538cbb85 [ 597.918498][T20391] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d be d9 12 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74 [ 597.938160][T20391] RSP: 002b:00007ffe25f46528 EFLAGS: 00010246 [ 597.944224][T20391] RAX: 0000000000000000 RBX: 0000000000000435 RCX: 00007f94538cbb83 [ 597.952176][T20391] RDX: 00007ffe25f46540 RSI: 0000000000000000 RDI: 0000000000000000 [ 597.960136][T20391] RBP: 00007ffe25f465cc R08: 00000000058c0dff R09: 7fffffffffffffff [ 597.968094][T20391] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032 [ 597.976106][T20391] R13: 0000000000086e4a R14: 0000000000086dc5 R15: 0000000000000027 [ 597.984065][T20391] [ 597.987247][T20391] memory: usage 307200kB, limit 307200kB, failcnt 20172 [ 597.994284][T20391] memory+swap: usage 308788kB, limit 9007199254740988kB, failcnt 0 [ 598.002245][T20391] kmem: usage 307196kB, limit 9007199254740988kB, failcnt 0 [ 598.009535][T20391] Memory cgroup stats for /syz4: [ 598.009658][T20391] cache 0 [ 598.017510][T20391] rss 0 [ 598.020303][T20391] shmem 0 [ 598.023229][T20391] mapped_file 0 [ 598.026672][T20391] dirty 0 [ 598.029625][T20391] writeback 0 [ 598.032913][T20391] workingset_refault_anon 15 [ 598.037481][T20391] workingset_refault_file 48 [ 598.042150][T20391] swap 1626112 [ 598.045510][T20391] swapcached 4096 [ 598.049126][T20391] pgpgin 884156 [ 598.052618][T20391] pgpgout 884155 [ 598.056150][T20391] pgfault 943906 [ 598.059695][T20391] pgmajfault 32 [ 598.063200][T20391] inactive_anon 4096 [ 598.067071][T20391] active_anon 0 [ 598.070551][T20391] inactive_file 0 [ 598.074185][T20391] active_file 0 [ 598.077682][T20391] unevictable 0 [ 598.081112][T20391] hierarchical_memory_limit 314572800 [ 598.086492][T20391] hierarchical_memsw_limit 9223372036854771712 [ 598.092621][T20391] total_cache 0 [ 598.096079][T20391] total_rss 0 [ 598.099358][T20391] total_shmem 0 [ 598.102833][T20391] total_mapped_file 0 [ 598.106828][T20391] total_dirty 0 [ 598.110285][T20391] total_writeback 0 [ 598.114076][T20391] total_workingset_refault_anon 15 [ 598.119180][T20391] total_workingset_refault_file 48 [ 598.124270][T20391] total_swap 1626112 [ 598.128171][T20391] total_swapcached 4096 [ 598.132309][T20391] total_pgpgin 884156 [ 598.136297][T20391] total_pgpgout 884155 [ 598.140542][T20391] total_pgfault 943906 [ 598.144589][T20391] total_pgmajfault 32 [ 598.148570][T20391] total_inactive_anon 4096 [ 598.153101][T20391] total_active_anon 0 [ 598.157122][T20391] total_inactive_file 0 [ 598.161276][T20391] total_active_file 0 [ 598.165236][T20391] total_unevictable 0 [ 598.169194][T20391] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.6193,pid=27583,uid=0 [ 598.184327][T20391] Memory cgroup out of memory: Killed process 27583 (syz.4.6193) total-vm:77044kB, anon-rss:456kB, file-rss:9256kB, shmem-rss:0kB, UID:0 pgtables:84kB oom_score_adj:1000