x5}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x20}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x13}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xff}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x3}]}, @NL802154_ATTR_SEC_LEVEL={0x4c, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xff}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x80}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x40}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x3}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0xd8}, 0x1, 0x0, 0x0, 0x4004000}, 0x8000) 13:53:56 executing program 3: setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000000)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) ioctl$HIDIOCGRAWINFO(r0, 0x80084803, &(0x7f00000000c0)=""/23) write$FUSE_LSEEK(r0, &(0x7f0000000080)={0x18, 0x0, 0x0, {0xffffffffffffffff}}, 0x18) r1 = socket$inet(0x2, 0xa, 0x10001) setsockopt$inet_int(r1, 0x0, 0x9, &(0x7f0000000040)=0x8, 0x4) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000000)={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x8) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) ioctl$HIDIOCGRAWINFO(r0, 0x80084803, &(0x7f00000000c0)=""/23) (async) write$FUSE_LSEEK(r0, &(0x7f0000000080)={0x18, 0x0, 0x0, {0xffffffffffffffff}}, 0x18) (async) socket$inet(0x2, 0xa, 0x10001) (async) setsockopt$inet_int(r1, 0x0, 0x9, &(0x7f0000000040)=0x8, 0x4) (async) 13:53:56 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008004) 13:53:56 executing program 2: r0 = getpgrp(0x0) (async) r1 = getpgrp(0x0) get_robust_list(r1, &(0x7f0000000200)=0x0, &(0x7f0000000240)) (async, rerun: 32) tgkill(r0, r1, 0x36) (async, rerun: 32) r2 = getpgrp(r0) capget(&(0x7f0000000000)={0x19971634, r2}, &(0x7f0000000040)={0x7ff, 0x1f, 0xdb8a, 0x51, 0x8, 0x714}) (async) r3 = getpgrp(r1) ptrace$setopts(0x4200, r3, 0x2, 0x100040) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) 13:53:56 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async, rerun: 32) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan4\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x90f760b7bca7ff73}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0xd8, r1, 0x2, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_LEVEL={0x44, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xcd}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x20}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x13}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xff}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x3}]}, @NL802154_ATTR_SEC_LEVEL={0x4c, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xff}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x80}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x40}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x3}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0xd8}, 0x1, 0x0, 0x0, 0x4004000}, 0x8000) 13:53:56 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008004) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008004) (async) 13:53:56 executing program 3: r0 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r0, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x20}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x2}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x68}, 0x1, 0x0, 0x0, 0x94}, 0x10) socket$igmp(0x2, 0x3, 0x2) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000040)=""/23, 0x200000, 0x800, 0x3}, 0x20) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0) getsockopt$XDP_STATISTICS(r1, 0x11b, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x30) setsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000000)={@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast}, 0x8) 13:53:56 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000003c0)={0x8, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)=""/214, 0xd6}, {&(0x7f0000000100)=""/122, 0x7a}, {&(0x7f0000000180)=""/38, 0x26}, {&(0x7f00000002c0)=""/235, 0xeb}], &(0x7f0000000200)=[0xbbf, 0x40], 0x4}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000001800)={0x6, 0x1, 0x0, &(0x7f0000001740)=[{&(0x7f0000000400)=""/226, 0xe2}, {&(0x7f0000000500)=""/24, 0x18}, {&(0x7f0000000540)=""/178, 0xb2}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/107, 0x6b}, {&(0x7f0000001680)=""/177, 0xb1}], &(0x7f00000017c0)=[0x10001, 0x80000000, 0x7, 0x10001]}, 0x20) 13:53:56 executing program 5: r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x9, 0xc2201) ioctl$HIDIOCGRDESC(r0, 0x90044802, &(0x7f0000000040)={0x81b, "8aebf47ee245809dcc277eeb75c793714473755288620bee826ef9b2f235605d6c66a76cbb9e97700b1d9ffece7080b6c1e86fd6734e04a51b8fb07dc61ca616965ff6d5353e2d777a446fba9af1c90a18936e27a8f9275d8fb5bb89da5e988a7799aed356584dbb128d0f605b733f557516f057f9b6ffc6ce0f697edbdee52aca2f1007c054a6a22723c5ceb324adfe07788023e79e5c34ebee536662dda2e93943db2c338a7f24a0c5fbdba240b5ede05840b1be77d9d5c204e11149bc21a8d68faaa72e16e2c68397d3352f783da2dc6471e937281acff694a9d8c81c0df3660e89c0b49a71d8bdc37795fb2b05f3da8cdb5460d10dabe3d6d944c33913a6c335218a766c08d1480df1f8e4cb733910918412afde4051f3265bbe314dd8741691605214998bdd607a04e2c269c3a4c0f859079eb1c0ab659e1da78e137f569cc5f7650cc8963c475ed236ee437ad47acc98d109e119cc41c22d334694d9b8cd8bb70a6391ac9c8dba0051d80b07ee1e684b170751d2936bfe0a3a4f22a3a07101b9d534d243268a71dcd2f825d50d65424bf6ec389affad27d994bcb8570e0e8d55aa42dc0028098607757f7879b48a8472556e960a82e81c59ec1ed4eb680ce0fced0729cfacd8c743ae601723e280bd2c25637cf2d383776d70eb045e94735f3c9161ecd92e91ffbb11d4c908e22cecd3b0f62ae4d0b39987446c1017f14f9335ef436a4a83fa770ae7a108ca65d3f5f1db40eb270d4c0d2ad630dfbc7367f6b945396c94afc252ea034647e0bfe523fa38db551c090658d4b87766c7e8c81e7b89c0674d2a42a11937ba99b747cd9306ceaa2303a0de84b8aab1b40e04c06f4a7b168a7ee5f4bfaea3fbd9061d2c43dd406c6f802f0b866df38738687454c6d406b69fc2ddb00bfdd8aacfd96489e0d82c2438785eb63aefa3ee9f3b6c6d5c17813519b014441de2738585c270a17db5fea36a398fddc510e2d31702f14d3958c8aebc521c10f77cb4605d2a617ffc37f5a406f09dbc41451f8c4541ed1291c5ed79091e1af6484521949803650df483242fbd21c41ce5651eee76b242250819073b754e8595af75298521fdf8498f45f3661c3f0d88dc8854a3c3b1a0f47d9c20f222b2aba51f425a4f6e8299d8d8dff06d533c8b446c2ab320543b47ce6ee4afd24c2edacc7eeecfe47c59a274a472db5bcd1230011ce5dc71ce3f7a7dee1e7c3bb2f44badcf7d9d7624ed1f954481fa5956dc710b4f7edff0d44e1caf8c95f2d9f84ce0a90f69305c4add286caecd73b8764a277cceb28cec2926752a8046e5f4ba75bfbd8971dde66873b638062d21624ee6f1d7715028085f3d90fb5987188f5006c64ade17e8edda05215998516019804fbe1a1a31cbd603fd9b6338d26bc8e72d7a0f98133e456253a72f5d88b1251309cc41cfdd01d9eba612f3639ec50130e52b4b245ae496682a3dc7985d879d45f836a1ee9b93fd718a09d8457d4c1d36c817d4cb8ae96bc6a6325e21a2009ce4f6352213902d5ead03f6f8156940dd4782cd8aff7dfe7c29366734a11fdadab71ce27353c25adffc6ea836aa93b545a5510da70c0387e43b3313706eca5e6863c04158d8a6ae7c339755154e8aba66ed069ec3f653c426d1933340aac47047f60152387dc8e0962433a547e8378eda05a18cc995056c25a370f309314ff008f75a534475342292f56c3325838143abe133dab186154b020e7d6ad3d899f388107f124db8d29e20564f5ae72e9f07ffdb5e00c917f3db9bb068867c3b64f6a44046e3b5fe3b01dd80cec10347debdcbd6284de9244363879c5b488fa86142303bc0c3f05b062efc9959787720600b43f062082e1ea3fcf027d20905103b21530dd3845919eb162eadb3b8c4230e1c0abbffec7e683424c6621211ea7c3999fdff0b9eb3f01d6c752f6c5c6f4da85a50293cb291e87d477cdcf5b8387b9dfad285b2d9e93060a64a96dc28910d8fbd811a0f65609b32f51cffcc702df43ff70ea2794a0beea97318621961a1245a97bc76d0ced0274dad5df0c7a84abac3935ced36a2a9ae71773b641eeee228ae8ba3fd420822c212aa4780140278a77dda9988533f2a2f65061f502a2cf669cb73ebd4f02821b7e82fe9fe7fbb08b5a2577e4903dace7ca3df05c1259307c22159b019ff036d27dc226a513707c73168410cb2c800bf3a4d4bc2c52c57a117c1f19237020aa10843f30902bab210c8807a8b93af7d235fea7a00eec33642d87c03088088e31d6c5830788254e3164cd5342f138741bc5c690d106d74057489423bc9e32a56c30ed5b4d49f6d33f4cdd446a0495fdea12d7c7bb807e6cefdb5c8bb309b9d86a57319cc6cf1c83a49340d2ba277503179f1c991a220f6c48597341d3e9070034988ec259d4fc94d02c0fe344ed958442293822ca9cb99fd52de700938adfadeaeac3656b36f788e5dac8616ee643e9be0c8708fdddfd529510261e4c89f2617357df48cd8b3846ad7bbd91369ed2729a6e9987f541ca3c6a440437d5d1fd6cd6fd4e8c98276b52fc457b329500a6c4379a14a6f18d7855d8a49741422408d7986d4854f593f2f002f3b0b490112494fc273a6644a585ca2e1afd07f56ea937894163b852a69743f71a6ce20434f643de2596e35b14743582af40aa00a5861716500bff1aa6cb504aed6cb727689a61ab1ca3cd14d2d18e45454d8183602528efd442a6ca28b11ecde39d61bc90420f6a0918a487920aa8c5d575018e7a164ce9aad158ff3b531e041bf30321c4a2f24f366f4615509ab399aaa1b4f5d8a8cea2d9fdbfe099e83d279f0d8428feb87e40f0f5381ec8f97099bec6a0831fdca9f3713be8d8ea94f031e91fa708641ea3105dff10deef114268e315296893abcf850f397f5701bc5ee8068d39f6a93c17f7be14b"}) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) [ 1619.649292][ T22] audit: type=1326 audit(1676296436.459:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31429 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:53:56 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) socket$pptp(0x18, 0x1, 0x2) ustat(0x7, &(0x7f00000021c0)) (async) r0 = getgid() r1 = socket$xdp(0x2c, 0x3, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f00000000c0)={0x2020, 0x0, 0x0}, 0x2020) (async) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) (async) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) r5 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_SET_CAPACITY(r5, 0x4c07) write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000002100)={0xa0, 0xfffffffffffffffe, r2, {{0x4, 0x2, 0x798, 0x4100000001, 0x8001, 0x9, {0x1, 0xffffffffffffff92, 0x8000, 0x8000000000000003, 0x5, 0x9, 0x1, 0x3, 0x1, 0x1000, 0x4, 0xee01, r0, 0x9, 0x9}}}}, 0xa0) (async) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r3, &(0x7f00000022c0)={&(0x7f0000002200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000002280)={&(0x7f0000002240)={0x34, r4, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x200010c0}, 0x40) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000040)=0x802, 0x4) 13:53:56 executing program 3: r0 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r0, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x20}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x2}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x68}, 0x1, 0x0, 0x0, 0x94}, 0x10) (async) socket$igmp(0x2, 0x3, 0x2) (async) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000040)=""/23, 0x200000, 0x800, 0x3}, 0x20) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0) getsockopt$XDP_STATISTICS(r1, 0x11b, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x30) (async) setsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000000)={@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast}, 0x8) 13:53:56 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan3\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x90f760b7bca7ff73}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0xd8, r1, 0x2, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_LEVEL={0x44, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xcd}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x20}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x13}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xff}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x3}]}, @NL802154_ATTR_SEC_LEVEL={0x4c, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xff}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x80}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x2}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x40}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x3}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0xd8}, 0x1, 0x0, 0x0, 0x4004000}, 0x8000) 13:53:56 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008004) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008004) (async) 13:53:56 executing program 5: r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x9, 0xc2201) ioctl$HIDIOCGRDESC(r0, 0x90044802, &(0x7f0000000040)={0x81b, "8aebf47ee245809dcc277eeb75c793714473755288620bee826ef9b2f235605d6c66a76cbb9e97700b1d9ffece7080b6c1e86fd6734e04a51b8fb07dc61ca616965ff6d5353e2d777a446fba9af1c90a18936e27a8f9275d8fb5bb89da5e988a7799aed356584dbb128d0f605b733f557516f057f9b6ffc6ce0f697edbdee52aca2f1007c054a6a22723c5ceb324adfe07788023e79e5c34ebee536662dda2e93943db2c338a7f24a0c5fbdba240b5ede05840b1be77d9d5c204e11149bc21a8d68faaa72e16e2c68397d3352f783da2dc6471e937281acff694a9d8c81c0df3660e89c0b49a71d8bdc37795fb2b05f3da8cdb5460d10dabe3d6d944c33913a6c335218a766c08d1480df1f8e4cb733910918412afde4051f3265bbe314dd8741691605214998bdd607a04e2c269c3a4c0f859079eb1c0ab659e1da78e137f569cc5f7650cc8963c475ed236ee437ad47acc98d109e119cc41c22d334694d9b8cd8bb70a6391ac9c8dba0051d80b07ee1e684b170751d2936bfe0a3a4f22a3a07101b9d534d243268a71dcd2f825d50d65424bf6ec389affad27d994bcb8570e0e8d55aa42dc0028098607757f7879b48a8472556e960a82e81c59ec1ed4eb680ce0fced0729cfacd8c743ae601723e280bd2c25637cf2d383776d70eb045e94735f3c9161ecd92e91ffbb11d4c908e22cecd3b0f62ae4d0b39987446c1017f14f9335ef436a4a83fa770ae7a108ca65d3f5f1db40eb270d4c0d2ad630dfbc7367f6b945396c94afc252ea034647e0bfe523fa38db551c090658d4b87766c7e8c81e7b89c0674d2a42a11937ba99b747cd9306ceaa2303a0de84b8aab1b40e04c06f4a7b168a7ee5f4bfaea3fbd9061d2c43dd406c6f802f0b866df38738687454c6d406b69fc2ddb00bfdd8aacfd96489e0d82c2438785eb63aefa3ee9f3b6c6d5c17813519b014441de2738585c270a17db5fea36a398fddc510e2d31702f14d3958c8aebc521c10f77cb4605d2a617ffc37f5a406f09dbc41451f8c4541ed1291c5ed79091e1af6484521949803650df483242fbd21c41ce5651eee76b242250819073b754e8595af75298521fdf8498f45f3661c3f0d88dc8854a3c3b1a0f47d9c20f222b2aba51f425a4f6e8299d8d8dff06d533c8b446c2ab320543b47ce6ee4afd24c2edacc7eeecfe47c59a274a472db5bcd1230011ce5dc71ce3f7a7dee1e7c3bb2f44badcf7d9d7624ed1f954481fa5956dc710b4f7edff0d44e1caf8c95f2d9f84ce0a90f69305c4add286caecd73b8764a277cceb28cec2926752a8046e5f4ba75bfbd8971dde66873b638062d21624ee6f1d7715028085f3d90fb5987188f5006c64ade17e8edda05215998516019804fbe1a1a31cbd603fd9b6338d26bc8e72d7a0f98133e456253a72f5d88b1251309cc41cfdd01d9eba612f3639ec50130e52b4b245ae496682a3dc7985d879d45f836a1ee9b93fd718a09d8457d4c1d36c817d4cb8ae96bc6a6325e21a2009ce4f6352213902d5ead03f6f8156940dd4782cd8aff7dfe7c29366734a11fdadab71ce27353c25adffc6ea836aa93b545a5510da70c0387e43b3313706eca5e6863c04158d8a6ae7c339755154e8aba66ed069ec3f653c426d1933340aac47047f60152387dc8e0962433a547e8378eda05a18cc995056c25a370f309314ff008f75a534475342292f56c3325838143abe133dab186154b020e7d6ad3d899f388107f124db8d29e20564f5ae72e9f07ffdb5e00c917f3db9bb068867c3b64f6a44046e3b5fe3b01dd80cec10347debdcbd6284de9244363879c5b488fa86142303bc0c3f05b062efc9959787720600b43f062082e1ea3fcf027d20905103b21530dd3845919eb162eadb3b8c4230e1c0abbffec7e683424c6621211ea7c3999fdff0b9eb3f01d6c752f6c5c6f4da85a50293cb291e87d477cdcf5b8387b9dfad285b2d9e93060a64a96dc28910d8fbd811a0f65609b32f51cffcc702df43ff70ea2794a0beea97318621961a1245a97bc76d0ced0274dad5df0c7a84abac3935ced36a2a9ae71773b641eeee228ae8ba3fd420822c212aa4780140278a77dda9988533f2a2f65061f502a2cf669cb73ebd4f02821b7e82fe9fe7fbb08b5a2577e4903dace7ca3df05c1259307c22159b019ff036d27dc226a513707c73168410cb2c800bf3a4d4bc2c52c57a117c1f19237020aa10843f30902bab210c8807a8b93af7d235fea7a00eec33642d87c03088088e31d6c5830788254e3164cd5342f138741bc5c690d106d74057489423bc9e32a56c30ed5b4d49f6d33f4cdd446a0495fdea12d7c7bb807e6cefdb5c8bb309b9d86a57319cc6cf1c83a49340d2ba277503179f1c991a220f6c48597341d3e9070034988ec259d4fc94d02c0fe344ed958442293822ca9cb99fd52de700938adfadeaeac3656b36f788e5dac8616ee643e9be0c8708fdddfd529510261e4c89f2617357df48cd8b3846ad7bbd91369ed2729a6e9987f541ca3c6a440437d5d1fd6cd6fd4e8c98276b52fc457b329500a6c4379a14a6f18d7855d8a49741422408d7986d4854f593f2f002f3b0b490112494fc273a6644a585ca2e1afd07f56ea937894163b852a69743f71a6ce20434f643de2596e35b14743582af40aa00a5861716500bff1aa6cb504aed6cb727689a61ab1ca3cd14d2d18e45454d8183602528efd442a6ca28b11ecde39d61bc90420f6a0918a487920aa8c5d575018e7a164ce9aad158ff3b531e041bf30321c4a2f24f366f4615509ab399aaa1b4f5d8a8cea2d9fdbfe099e83d279f0d8428feb87e40f0f5381ec8f97099bec6a0831fdca9f3713be8d8ea94f031e91fa708641ea3105dff10deef114268e315296893abcf850f397f5701bc5ee8068d39f6a93c17f7be14b"}) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) syz_open_dev$hidraw(&(0x7f0000000000), 0x9, 0xc2201) (async) ioctl$HIDIOCGRDESC(r0, 0x90044802, &(0x7f0000000040)={0x81b, "8aebf47ee245809dcc277eeb75c793714473755288620bee826ef9b2f235605d6c66a76cbb9e97700b1d9ffece7080b6c1e86fd6734e04a51b8fb07dc61ca616965ff6d5353e2d777a446fba9af1c90a18936e27a8f9275d8fb5bb89da5e988a7799aed356584dbb128d0f605b733f557516f057f9b6ffc6ce0f697edbdee52aca2f1007c054a6a22723c5ceb324adfe07788023e79e5c34ebee536662dda2e93943db2c338a7f24a0c5fbdba240b5ede05840b1be77d9d5c204e11149bc21a8d68faaa72e16e2c68397d3352f783da2dc6471e937281acff694a9d8c81c0df3660e89c0b49a71d8bdc37795fb2b05f3da8cdb5460d10dabe3d6d944c33913a6c335218a766c08d1480df1f8e4cb733910918412afde4051f3265bbe314dd8741691605214998bdd607a04e2c269c3a4c0f859079eb1c0ab659e1da78e137f569cc5f7650cc8963c475ed236ee437ad47acc98d109e119cc41c22d334694d9b8cd8bb70a6391ac9c8dba0051d80b07ee1e684b170751d2936bfe0a3a4f22a3a07101b9d534d243268a71dcd2f825d50d65424bf6ec389affad27d994bcb8570e0e8d55aa42dc0028098607757f7879b48a8472556e960a82e81c59ec1ed4eb680ce0fced0729cfacd8c743ae601723e280bd2c25637cf2d383776d70eb045e94735f3c9161ecd92e91ffbb11d4c908e22cecd3b0f62ae4d0b39987446c1017f14f9335ef436a4a83fa770ae7a108ca65d3f5f1db40eb270d4c0d2ad630dfbc7367f6b945396c94afc252ea034647e0bfe523fa38db551c090658d4b87766c7e8c81e7b89c0674d2a42a11937ba99b747cd9306ceaa2303a0de84b8aab1b40e04c06f4a7b168a7ee5f4bfaea3fbd9061d2c43dd406c6f802f0b866df38738687454c6d406b69fc2ddb00bfdd8aacfd96489e0d82c2438785eb63aefa3ee9f3b6c6d5c17813519b014441de2738585c270a17db5fea36a398fddc510e2d31702f14d3958c8aebc521c10f77cb4605d2a617ffc37f5a406f09dbc41451f8c4541ed1291c5ed79091e1af6484521949803650df483242fbd21c41ce5651eee76b242250819073b754e8595af75298521fdf8498f45f3661c3f0d88dc8854a3c3b1a0f47d9c20f222b2aba51f425a4f6e8299d8d8dff06d533c8b446c2ab320543b47ce6ee4afd24c2edacc7eeecfe47c59a274a472db5bcd1230011ce5dc71ce3f7a7dee1e7c3bb2f44badcf7d9d7624ed1f954481fa5956dc710b4f7edff0d44e1caf8c95f2d9f84ce0a90f69305c4add286caecd73b8764a277cceb28cec2926752a8046e5f4ba75bfbd8971dde66873b638062d21624ee6f1d7715028085f3d90fb5987188f5006c64ade17e8edda05215998516019804fbe1a1a31cbd603fd9b6338d26bc8e72d7a0f98133e456253a72f5d88b1251309cc41cfdd01d9eba612f3639ec50130e52b4b245ae496682a3dc7985d879d45f836a1ee9b93fd718a09d8457d4c1d36c817d4cb8ae96bc6a6325e21a2009ce4f6352213902d5ead03f6f8156940dd4782cd8aff7dfe7c29366734a11fdadab71ce27353c25adffc6ea836aa93b545a5510da70c0387e43b3313706eca5e6863c04158d8a6ae7c339755154e8aba66ed069ec3f653c426d1933340aac47047f60152387dc8e0962433a547e8378eda05a18cc995056c25a370f309314ff008f75a534475342292f56c3325838143abe133dab186154b020e7d6ad3d899f388107f124db8d29e20564f5ae72e9f07ffdb5e00c917f3db9bb068867c3b64f6a44046e3b5fe3b01dd80cec10347debdcbd6284de9244363879c5b488fa86142303bc0c3f05b062efc9959787720600b43f062082e1ea3fcf027d20905103b21530dd3845919eb162eadb3b8c4230e1c0abbffec7e683424c6621211ea7c3999fdff0b9eb3f01d6c752f6c5c6f4da85a50293cb291e87d477cdcf5b8387b9dfad285b2d9e93060a64a96dc28910d8fbd811a0f65609b32f51cffcc702df43ff70ea2794a0beea97318621961a1245a97bc76d0ced0274dad5df0c7a84abac3935ced36a2a9ae71773b641eeee228ae8ba3fd420822c212aa4780140278a77dda9988533f2a2f65061f502a2cf669cb73ebd4f02821b7e82fe9fe7fbb08b5a2577e4903dace7ca3df05c1259307c22159b019ff036d27dc226a513707c73168410cb2c800bf3a4d4bc2c52c57a117c1f19237020aa10843f30902bab210c8807a8b93af7d235fea7a00eec33642d87c03088088e31d6c5830788254e3164cd5342f138741bc5c690d106d74057489423bc9e32a56c30ed5b4d49f6d33f4cdd446a0495fdea12d7c7bb807e6cefdb5c8bb309b9d86a57319cc6cf1c83a49340d2ba277503179f1c991a220f6c48597341d3e9070034988ec259d4fc94d02c0fe344ed958442293822ca9cb99fd52de700938adfadeaeac3656b36f788e5dac8616ee643e9be0c8708fdddfd529510261e4c89f2617357df48cd8b3846ad7bbd91369ed2729a6e9987f541ca3c6a440437d5d1fd6cd6fd4e8c98276b52fc457b329500a6c4379a14a6f18d7855d8a49741422408d7986d4854f593f2f002f3b0b490112494fc273a6644a585ca2e1afd07f56ea937894163b852a69743f71a6ce20434f643de2596e35b14743582af40aa00a5861716500bff1aa6cb504aed6cb727689a61ab1ca3cd14d2d18e45454d8183602528efd442a6ca28b11ecde39d61bc90420f6a0918a487920aa8c5d575018e7a164ce9aad158ff3b531e041bf30321c4a2f24f366f4615509ab399aaa1b4f5d8a8cea2d9fdbfe099e83d279f0d8428feb87e40f0f5381ec8f97099bec6a0831fdca9f3713be8d8ea94f031e91fa708641ea3105dff10deef114268e315296893abcf850f397f5701bc5ee8068d39f6a93c17f7be14b"}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) 13:53:56 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000003c0)={0x8, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)=""/214, 0xd6}, {&(0x7f0000000100)=""/122, 0x7a}, {&(0x7f0000000180)=""/38, 0x26}, {&(0x7f00000002c0)=""/235, 0xeb}], &(0x7f0000000200)=[0xbbf, 0x40], 0x4}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000001800)={0x6, 0x1, 0x0, &(0x7f0000001740)=[{&(0x7f0000000400)=""/226, 0xe2}, {&(0x7f0000000500)=""/24, 0x18}, {&(0x7f0000000540)=""/178, 0xb2}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/107, 0x6b}, {&(0x7f0000001680)=""/177, 0xb1}], &(0x7f00000017c0)=[0x10001, 0x80000000, 0x7, 0x10001]}, 0x20) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000003c0)={0x8, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)=""/214, 0xd6}, {&(0x7f0000000100)=""/122, 0x7a}, {&(0x7f0000000180)=""/38, 0x26}, {&(0x7f00000002c0)=""/235, 0xeb}], &(0x7f0000000200)=[0xbbf, 0x40], 0x4}, 0x20) (async) io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000001800)={0x6, 0x1, 0x0, &(0x7f0000001740)=[{&(0x7f0000000400)=""/226, 0xe2}, {&(0x7f0000000500)=""/24, 0x18}, {&(0x7f0000000540)=""/178, 0xb2}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/107, 0x6b}, {&(0x7f0000001680)=""/177, 0xb1}], &(0x7f00000017c0)=[0x10001, 0x80000000, 0x7, 0x10001]}, 0x20) (async) 13:53:56 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async, rerun: 32) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000003c0)={0x8, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)=""/214, 0xd6}, {&(0x7f0000000100)=""/122, 0x7a}, {&(0x7f0000000180)=""/38, 0x26}, {&(0x7f00000002c0)=""/235, 0xeb}], &(0x7f0000000200)=[0xbbf, 0x40], 0x4}, 0x20) (async, rerun: 32) io_uring_register$IORING_REGISTER_BUFFERS2(0xffffffffffffffff, 0xf, &(0x7f0000001800)={0x6, 0x1, 0x0, &(0x7f0000001740)=[{&(0x7f0000000400)=""/226, 0xe2}, {&(0x7f0000000500)=""/24, 0x18}, {&(0x7f0000000540)=""/178, 0xb2}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/107, 0x6b}, {&(0x7f0000001680)=""/177, 0xb1}], &(0x7f00000017c0)=[0x10001, 0x80000000, 0x7, 0x10001]}, 0x20) 13:53:56 executing program 3: r0 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r0, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x20}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x2}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x68}, 0x1, 0x0, 0x0, 0x94}, 0x10) socket$igmp(0x2, 0x3, 0x2) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000040)=""/23, 0x200000, 0x800, 0x3}, 0x20) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0) getsockopt$XDP_STATISTICS(r1, 0x11b, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x30) setsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000000)={@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast}, 0x8) syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x68, r0, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x20}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @remote}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x2}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_MODE={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x68}, 0x1, 0x0, 0x0, 0x94}, 0x10) (async) socket$igmp(0x2, 0x3, 0x2) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000040)=""/23, 0x200000, 0x800, 0x3}, 0x20) (async) openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x4000, 0x0) (async) getsockopt$XDP_STATISTICS(r1, 0x11b, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x30) (async) setsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000000)={@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast}, 0x8) (async) 13:53:56 executing program 5: r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x9, 0xc2201) ioctl$HIDIOCGRDESC(r0, 0x90044802, &(0x7f0000000040)={0x81b, "8aebf47ee245809dcc277eeb75c793714473755288620bee826ef9b2f235605d6c66a76cbb9e97700b1d9ffece7080b6c1e86fd6734e04a51b8fb07dc61ca616965ff6d5353e2d777a446fba9af1c90a18936e27a8f9275d8fb5bb89da5e988a7799aed356584dbb128d0f605b733f557516f057f9b6ffc6ce0f697edbdee52aca2f1007c054a6a22723c5ceb324adfe07788023e79e5c34ebee536662dda2e93943db2c338a7f24a0c5fbdba240b5ede05840b1be77d9d5c204e11149bc21a8d68faaa72e16e2c68397d3352f783da2dc6471e937281acff694a9d8c81c0df3660e89c0b49a71d8bdc37795fb2b05f3da8cdb5460d10dabe3d6d944c33913a6c335218a766c08d1480df1f8e4cb733910918412afde4051f3265bbe314dd8741691605214998bdd607a04e2c269c3a4c0f859079eb1c0ab659e1da78e137f569cc5f7650cc8963c475ed236ee437ad47acc98d109e119cc41c22d334694d9b8cd8bb70a6391ac9c8dba0051d80b07ee1e684b170751d2936bfe0a3a4f22a3a07101b9d534d243268a71dcd2f825d50d65424bf6ec389affad27d994bcb8570e0e8d55aa42dc0028098607757f7879b48a8472556e960a82e81c59ec1ed4eb680ce0fced0729cfacd8c743ae601723e280bd2c25637cf2d383776d70eb045e94735f3c9161ecd92e91ffbb11d4c908e22cecd3b0f62ae4d0b39987446c1017f14f9335ef436a4a83fa770ae7a108ca65d3f5f1db40eb270d4c0d2ad630dfbc7367f6b945396c94afc252ea034647e0bfe523fa38db551c090658d4b87766c7e8c81e7b89c0674d2a42a11937ba99b747cd9306ceaa2303a0de84b8aab1b40e04c06f4a7b168a7ee5f4bfaea3fbd9061d2c43dd406c6f802f0b866df38738687454c6d406b69fc2ddb00bfdd8aacfd96489e0d82c2438785eb63aefa3ee9f3b6c6d5c17813519b014441de2738585c270a17db5fea36a398fddc510e2d31702f14d3958c8aebc521c10f77cb4605d2a617ffc37f5a406f09dbc41451f8c4541ed1291c5ed79091e1af6484521949803650df483242fbd21c41ce5651eee76b242250819073b754e8595af75298521fdf8498f45f3661c3f0d88dc8854a3c3b1a0f47d9c20f222b2aba51f425a4f6e8299d8d8dff06d533c8b446c2ab320543b47ce6ee4afd24c2edacc7eeecfe47c59a274a472db5bcd1230011ce5dc71ce3f7a7dee1e7c3bb2f44badcf7d9d7624ed1f954481fa5956dc710b4f7edff0d44e1caf8c95f2d9f84ce0a90f69305c4add286caecd73b8764a277cceb28cec2926752a8046e5f4ba75bfbd8971dde66873b638062d21624ee6f1d7715028085f3d90fb5987188f5006c64ade17e8edda05215998516019804fbe1a1a31cbd603fd9b6338d26bc8e72d7a0f98133e456253a72f5d88b1251309cc41cfdd01d9eba612f3639ec50130e52b4b245ae496682a3dc7985d879d45f836a1ee9b93fd718a09d8457d4c1d36c817d4cb8ae96bc6a6325e21a2009ce4f6352213902d5ead03f6f8156940dd4782cd8aff7dfe7c29366734a11fdadab71ce27353c25adffc6ea836aa93b545a5510da70c0387e43b3313706eca5e6863c04158d8a6ae7c339755154e8aba66ed069ec3f653c426d1933340aac47047f60152387dc8e0962433a547e8378eda05a18cc995056c25a370f309314ff008f75a534475342292f56c3325838143abe133dab186154b020e7d6ad3d899f388107f124db8d29e20564f5ae72e9f07ffdb5e00c917f3db9bb068867c3b64f6a44046e3b5fe3b01dd80cec10347debdcbd6284de9244363879c5b488fa86142303bc0c3f05b062efc9959787720600b43f062082e1ea3fcf027d20905103b21530dd3845919eb162eadb3b8c4230e1c0abbffec7e683424c6621211ea7c3999fdff0b9eb3f01d6c752f6c5c6f4da85a50293cb291e87d477cdcf5b8387b9dfad285b2d9e93060a64a96dc28910d8fbd811a0f65609b32f51cffcc702df43ff70ea2794a0beea97318621961a1245a97bc76d0ced0274dad5df0c7a84abac3935ced36a2a9ae71773b641eeee228ae8ba3fd420822c212aa4780140278a77dda9988533f2a2f65061f502a2cf669cb73ebd4f02821b7e82fe9fe7fbb08b5a2577e4903dace7ca3df05c1259307c22159b019ff036d27dc226a513707c73168410cb2c800bf3a4d4bc2c52c57a117c1f19237020aa10843f30902bab210c8807a8b93af7d235fea7a00eec33642d87c03088088e31d6c5830788254e3164cd5342f138741bc5c690d106d74057489423bc9e32a56c30ed5b4d49f6d33f4cdd446a0495fdea12d7c7bb807e6cefdb5c8bb309b9d86a57319cc6cf1c83a49340d2ba277503179f1c991a220f6c48597341d3e9070034988ec259d4fc94d02c0fe344ed958442293822ca9cb99fd52de700938adfadeaeac3656b36f788e5dac8616ee643e9be0c8708fdddfd529510261e4c89f2617357df48cd8b3846ad7bbd91369ed2729a6e9987f541ca3c6a440437d5d1fd6cd6fd4e8c98276b52fc457b329500a6c4379a14a6f18d7855d8a49741422408d7986d4854f593f2f002f3b0b490112494fc273a6644a585ca2e1afd07f56ea937894163b852a69743f71a6ce20434f643de2596e35b14743582af40aa00a5861716500bff1aa6cb504aed6cb727689a61ab1ca3cd14d2d18e45454d8183602528efd442a6ca28b11ecde39d61bc90420f6a0918a487920aa8c5d575018e7a164ce9aad158ff3b531e041bf30321c4a2f24f366f4615509ab399aaa1b4f5d8a8cea2d9fdbfe099e83d279f0d8428feb87e40f0f5381ec8f97099bec6a0831fdca9f3713be8d8ea94f031e91fa708641ea3105dff10deef114268e315296893abcf850f397f5701bc5ee8068d39f6a93c17f7be14b"}) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) syz_open_dev$hidraw(&(0x7f0000000000), 0x9, 0xc2201) (async) ioctl$HIDIOCGRDESC(r0, 0x90044802, &(0x7f0000000040)={0x81b, "8aebf47ee245809dcc277eeb75c793714473755288620bee826ef9b2f235605d6c66a76cbb9e97700b1d9ffece7080b6c1e86fd6734e04a51b8fb07dc61ca616965ff6d5353e2d777a446fba9af1c90a18936e27a8f9275d8fb5bb89da5e988a7799aed356584dbb128d0f605b733f557516f057f9b6ffc6ce0f697edbdee52aca2f1007c054a6a22723c5ceb324adfe07788023e79e5c34ebee536662dda2e93943db2c338a7f24a0c5fbdba240b5ede05840b1be77d9d5c204e11149bc21a8d68faaa72e16e2c68397d3352f783da2dc6471e937281acff694a9d8c81c0df3660e89c0b49a71d8bdc37795fb2b05f3da8cdb5460d10dabe3d6d944c33913a6c335218a766c08d1480df1f8e4cb733910918412afde4051f3265bbe314dd8741691605214998bdd607a04e2c269c3a4c0f859079eb1c0ab659e1da78e137f569cc5f7650cc8963c475ed236ee437ad47acc98d109e119cc41c22d334694d9b8cd8bb70a6391ac9c8dba0051d80b07ee1e684b170751d2936bfe0a3a4f22a3a07101b9d534d243268a71dcd2f825d50d65424bf6ec389affad27d994bcb8570e0e8d55aa42dc0028098607757f7879b48a8472556e960a82e81c59ec1ed4eb680ce0fced0729cfacd8c743ae601723e280bd2c25637cf2d383776d70eb045e94735f3c9161ecd92e91ffbb11d4c908e22cecd3b0f62ae4d0b39987446c1017f14f9335ef436a4a83fa770ae7a108ca65d3f5f1db40eb270d4c0d2ad630dfbc7367f6b945396c94afc252ea034647e0bfe523fa38db551c090658d4b87766c7e8c81e7b89c0674d2a42a11937ba99b747cd9306ceaa2303a0de84b8aab1b40e04c06f4a7b168a7ee5f4bfaea3fbd9061d2c43dd406c6f802f0b866df38738687454c6d406b69fc2ddb00bfdd8aacfd96489e0d82c2438785eb63aefa3ee9f3b6c6d5c17813519b014441de2738585c270a17db5fea36a398fddc510e2d31702f14d3958c8aebc521c10f77cb4605d2a617ffc37f5a406f09dbc41451f8c4541ed1291c5ed79091e1af6484521949803650df483242fbd21c41ce5651eee76b242250819073b754e8595af75298521fdf8498f45f3661c3f0d88dc8854a3c3b1a0f47d9c20f222b2aba51f425a4f6e8299d8d8dff06d533c8b446c2ab320543b47ce6ee4afd24c2edacc7eeecfe47c59a274a472db5bcd1230011ce5dc71ce3f7a7dee1e7c3bb2f44badcf7d9d7624ed1f954481fa5956dc710b4f7edff0d44e1caf8c95f2d9f84ce0a90f69305c4add286caecd73b8764a277cceb28cec2926752a8046e5f4ba75bfbd8971dde66873b638062d21624ee6f1d7715028085f3d90fb5987188f5006c64ade17e8edda05215998516019804fbe1a1a31cbd603fd9b6338d26bc8e72d7a0f98133e456253a72f5d88b1251309cc41cfdd01d9eba612f3639ec50130e52b4b245ae496682a3dc7985d879d45f836a1ee9b93fd718a09d8457d4c1d36c817d4cb8ae96bc6a6325e21a2009ce4f6352213902d5ead03f6f8156940dd4782cd8aff7dfe7c29366734a11fdadab71ce27353c25adffc6ea836aa93b545a5510da70c0387e43b3313706eca5e6863c04158d8a6ae7c339755154e8aba66ed069ec3f653c426d1933340aac47047f60152387dc8e0962433a547e8378eda05a18cc995056c25a370f309314ff008f75a534475342292f56c3325838143abe133dab186154b020e7d6ad3d899f388107f124db8d29e20564f5ae72e9f07ffdb5e00c917f3db9bb068867c3b64f6a44046e3b5fe3b01dd80cec10347debdcbd6284de9244363879c5b488fa86142303bc0c3f05b062efc9959787720600b43f062082e1ea3fcf027d20905103b21530dd3845919eb162eadb3b8c4230e1c0abbffec7e683424c6621211ea7c3999fdff0b9eb3f01d6c752f6c5c6f4da85a50293cb291e87d477cdcf5b8387b9dfad285b2d9e93060a64a96dc28910d8fbd811a0f65609b32f51cffcc702df43ff70ea2794a0beea97318621961a1245a97bc76d0ced0274dad5df0c7a84abac3935ced36a2a9ae71773b641eeee228ae8ba3fd420822c212aa4780140278a77dda9988533f2a2f65061f502a2cf669cb73ebd4f02821b7e82fe9fe7fbb08b5a2577e4903dace7ca3df05c1259307c22159b019ff036d27dc226a513707c73168410cb2c800bf3a4d4bc2c52c57a117c1f19237020aa10843f30902bab210c8807a8b93af7d235fea7a00eec33642d87c03088088e31d6c5830788254e3164cd5342f138741bc5c690d106d74057489423bc9e32a56c30ed5b4d49f6d33f4cdd446a0495fdea12d7c7bb807e6cefdb5c8bb309b9d86a57319cc6cf1c83a49340d2ba277503179f1c991a220f6c48597341d3e9070034988ec259d4fc94d02c0fe344ed958442293822ca9cb99fd52de700938adfadeaeac3656b36f788e5dac8616ee643e9be0c8708fdddfd529510261e4c89f2617357df48cd8b3846ad7bbd91369ed2729a6e9987f541ca3c6a440437d5d1fd6cd6fd4e8c98276b52fc457b329500a6c4379a14a6f18d7855d8a49741422408d7986d4854f593f2f002f3b0b490112494fc273a6644a585ca2e1afd07f56ea937894163b852a69743f71a6ce20434f643de2596e35b14743582af40aa00a5861716500bff1aa6cb504aed6cb727689a61ab1ca3cd14d2d18e45454d8183602528efd442a6ca28b11ecde39d61bc90420f6a0918a487920aa8c5d575018e7a164ce9aad158ff3b531e041bf30321c4a2f24f366f4615509ab399aaa1b4f5d8a8cea2d9fdbfe099e83d279f0d8428feb87e40f0f5381ec8f97099bec6a0831fdca9f3713be8d8ea94f031e91fa708641ea3105dff10deef114268e315296893abcf850f397f5701bc5ee8068d39f6a93c17f7be14b"}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) 13:53:56 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x240000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r1) 13:53:56 executing program 4: accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, &(0x7f0000000040)=0x10, 0x80000) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) 13:53:56 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x240000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r1) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x240000, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) (async) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r1) (async) [ 1619.946636][ T22] audit: type=1326 audit(1676296436.749:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31481 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:53:56 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0xf8, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000000c0)={{0x0, @rand_addr=0x64010101, 0x4e21, 0x0, 'fo\x00', 0x1, 0x2, 0x3b}, {@private=0xa010102, 0x4e24, 0x2, 0x0, 0x4, 0x1ff}}, 0x44) getsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000040), &(0x7f0000000140)=0x4) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:53:56 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000040)={{0x29, @empty, 0x4e23, 0x3, 'ovf\x00', 0x10, 0x1, 0x1d}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24, 0x4, 0x4, 0x6, 0xd21}}, 0x44) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) write$FUSE_LK(r3, &(0x7f00000000c0)={0x28, 0x0, r1, {{0x700000000000000, 0x800, 0x2, r2}}}, 0x28) write$FUSE_LK(r0, &(0x7f0000000000)={0x28, 0x2f, r1, {{0x2a, 0x2, 0x2, 0xffffffffffffffff}}}, 0x28) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) 13:53:56 executing program 4: accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, &(0x7f0000000040)=0x10, 0x80000) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) 13:53:56 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) ptrace$setopts(0x4200, 0xffffffffffffffff, 0x1000, 0x100000) 13:53:56 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x240000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r1) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x240000, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) (async) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r1) (async) 13:53:56 executing program 3: sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x4c, 0x0, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4c}, 0x175edeab20c7457d) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @private=0xa010101}, 0x8) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r2, 0x200, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) write$FUSE_GETXATTR(r1, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x0, {0x800}}, 0x18) socket$inet_udp(0x2, 0x2, 0x0) 13:53:56 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) (async) ptrace$setopts(0x4200, 0xffffffffffffffff, 0x1000, 0x100000) 13:53:56 executing program 4: accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev}, &(0x7f0000000040)=0x10, 0x80000) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) 13:53:56 executing program 3: sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x4c, 0x0, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4c}, 0x175edeab20c7457d) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @private=0xa010101}, 0x8) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r2, 0x200, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) write$FUSE_GETXATTR(r1, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x0, {0x800}}, 0x18) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x4c, 0x0, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4c}, 0x175edeab20c7457d) (async) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @private=0xa010101}, 0x8) (async) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r2, 0x200, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) (async) write$FUSE_GETXATTR(r1, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x0, {0x800}}, 0x18) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) 13:53:56 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000040)={{0x29, @empty, 0x4e23, 0x3, 'ovf\x00', 0x10, 0x1, 0x1d}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24, 0x4, 0x4, 0x6, 0xd21}}, 0x44) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) write$FUSE_LK(r3, &(0x7f00000000c0)={0x28, 0x0, r1, {{0x700000000000000, 0x800, 0x2, r2}}}, 0x28) write$FUSE_LK(r0, &(0x7f0000000000)={0x28, 0x2f, r1, {{0x2a, 0x2, 0x2, 0xffffffffffffffff}}}, 0x28) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020}, 0x2020) (async) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000040)={{0x29, @empty, 0x4e23, 0x3, 'ovf\x00', 0x10, 0x1, 0x1d}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24, 0x4, 0x4, 0x6, 0xd21}}, 0x44) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) (async) write$FUSE_LK(r3, &(0x7f00000000c0)={0x28, 0x0, r1, {{0x700000000000000, 0x800, 0x2, r2}}}, 0x28) (async) write$FUSE_LK(r0, &(0x7f0000000000)={0x28, 0x2f, r1, {{0x2a, 0x2, 0x2, 0xffffffffffffffff}}}, 0x28) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) 13:53:57 executing program 1: sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x300, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000040)=""/163, 0x30c000, 0x1000, 0x48, 0x1}, 0x20) 13:53:57 executing program 4: write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000140)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x26, 0x200, 0x100300, 0x0, 0x9, 0x7, 0x8100}}, 0x50) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder-control\x00', 0x3, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(0xffffffffffffffff, 0x0, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) accept$inet(r2, 0x0, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000340)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000990f00009e239e21cc29b4267d1fb518137a7ee715eb14f55de0754f27b945b6b6818e4f42ad57175c2b2c49fe54c7b892b22df0ce06ec79dac6e668ee423529953d9b1189ae9379a9a086c61d909a668d73a02d485c9a9108dadb16309e8ffe9fedb6ac462a34f04f1f71875846957cab20115c7fc20738e9132278a64e5f9fe939190f022928721c9fe279c5f69f821cb1174c1e00b3706f11b1f462a89425a84ab912706cc7b8f81298b5068e7632a4c59aafac96d59c52da72839d4aec5d015e3f03ae020d413f781922ba172d067c6e7cf225db39fb64697e4d1958d905e2649b1f34ff715d0b1b67a83b5855d706161c76d50286"], &(0x7f00000001c0)=0xbd) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0) r3 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r3, 0x0, 0x0) setsockopt$inet_mreq(r3, 0x0, 0x24, &(0x7f00000000c0)={@multicast1, @local}, 0x8) [ 1620.241363][ T22] audit: type=1326 audit(1676296437.049:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31523 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:53:57 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0xf8, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) (async) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000000c0)={{0x0, @rand_addr=0x64010101, 0x4e21, 0x0, 'fo\x00', 0x1, 0x2, 0x3b}, {@private=0xa010102, 0x4e24, 0x2, 0x0, 0x4, 0x1ff}}, 0x44) (async) getsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000040), &(0x7f0000000140)=0x4) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() 13:53:57 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) (async) ptrace$setopts(0x4200, 0xffffffffffffffff, 0x1000, 0x100000) 13:53:57 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) setsockopt$IP_VS_SO_SET_DELDEST(r0, 0x0, 0x488, &(0x7f0000000040)={{0x29, @empty, 0x4e23, 0x3, 'ovf\x00', 0x10, 0x1, 0x1d}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e24, 0x4, 0x4, 0x6, 0xd21}}, 0x44) (async) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) (async) write$FUSE_LK(r3, &(0x7f00000000c0)={0x28, 0x0, r1, {{0x700000000000000, 0x800, 0x2, r2}}}, 0x28) (async) write$FUSE_LK(r0, &(0x7f0000000000)={0x28, 0x2f, r1, {{0x2a, 0x2, 0x2, 0xffffffffffffffff}}}, 0x28) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) 13:53:57 executing program 4: write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000140)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x26, 0x200, 0x100300, 0x0, 0x9, 0x7, 0x8100}}, 0x50) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder-control\x00', 0x3, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(0xffffffffffffffff, 0x0, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) accept$inet(r2, 0x0, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000340)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000990f00009e239e21cc29b4267d1fb518137a7ee715eb14f55de0754f27b945b6b6818e4f42ad57175c2b2c49fe54c7b892b22df0ce06ec79dac6e668ee423529953d9b1189ae9379a9a086c61d909a668d73a02d485c9a9108dadb16309e8ffe9fedb6ac462a34f04f1f71875846957cab20115c7fc20738e9132278a64e5f9fe939190f022928721c9fe279c5f69f821cb1174c1e00b3706f11b1f462a89425a84ab912706cc7b8f81298b5068e7632a4c59aafac96d59c52da72839d4aec5d015e3f03ae020d413f781922ba172d067c6e7cf225db39fb64697e4d1958d905e2649b1f34ff715d0b1b67a83b5855d706161c76d50286"], &(0x7f00000001c0)=0xbd) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0) r3 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r3, 0x0, 0x0) setsockopt$inet_mreq(r3, 0x0, 0x24, &(0x7f00000000c0)={@multicast1, @local}, 0x8) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000140)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x26, 0x200, 0x100300, 0x0, 0x9, 0x7, 0x8100}}, 0x50) (async) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder-control\x00', 0x3, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(0xffffffffffffffff, 0x0, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r1, 0x0, 0x0) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) accept$inet(r2, 0x0, 0x0) (async) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000340)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000990f00009e239e21cc29b4267d1fb518137a7ee715eb14f55de0754f27b945b6b6818e4f42ad57175c2b2c49fe54c7b892b22df0ce06ec79dac6e668ee423529953d9b1189ae9379a9a086c61d909a668d73a02d485c9a9108dadb16309e8ffe9fedb6ac462a34f04f1f71875846957cab20115c7fc20738e9132278a64e5f9fe939190f022928721c9fe279c5f69f821cb1174c1e00b3706f11b1f462a89425a84ab912706cc7b8f81298b5068e7632a4c59aafac96d59c52da72839d4aec5d015e3f03ae020d413f781922ba172d067c6e7cf225db39fb64697e4d1958d905e2649b1f34ff715d0b1b67a83b5855d706161c76d50286"], &(0x7f00000001c0)=0xbd) (async) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r3, 0x0, 0x0) (async) setsockopt$inet_mreq(r3, 0x0, 0x24, &(0x7f00000000c0)={@multicast1, @local}, 0x8) (async) 13:53:57 executing program 3: sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x4c, 0x0, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4c}, 0x175edeab20c7457d) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @private=0xa010101}, 0x8) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r2, 0x200, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) write$FUSE_GETXATTR(r1, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x0, {0x800}}, 0x18) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x4c, 0x0, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4c}, 0x175edeab20c7457d) (async) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @private=0xa010101}, 0x8) (async) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async) openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r2, 0x200, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000000) (async) write$FUSE_GETXATTR(r1, &(0x7f0000000080)={0x18, 0xffffffffffffffda, 0x0, {0x800}}, 0x18) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) 13:53:57 executing program 1: sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x300, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (async, rerun: 64) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (rerun: 64) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000040)=""/163, 0x30c000, 0x1000, 0x48, 0x1}, 0x20) 13:53:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) socket$pppl2tp(0x18, 0x1, 0x1) 13:53:57 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) 13:53:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) socket$pppl2tp(0x18, 0x1, 0x1) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) socket$pppl2tp(0x18, 0x1, 0x1) (async) 13:53:57 executing program 1: sendmsg$BATADV_CMD_TP_METER_CANCEL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, 0x0, 0x300, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000040)=""/163, 0x30c000, 0x1000, 0x48, 0x1}, 0x20) 13:53:57 executing program 4: write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000140)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x26, 0x200, 0x100300, 0x0, 0x9, 0x7, 0x8100}}, 0x50) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder-control\x00', 0x3, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(0xffffffffffffffff, 0x0, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) accept$inet(r2, 0x0, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000340)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000990f00009e239e21cc29b4267d1fb518137a7ee715eb14f55de0754f27b945b6b6818e4f42ad57175c2b2c49fe54c7b892b22df0ce06ec79dac6e668ee423529953d9b1189ae9379a9a086c61d909a668d73a02d485c9a9108dadb16309e8ffe9fedb6ac462a34f04f1f71875846957cab20115c7fc20738e9132278a64e5f9fe939190f022928721c9fe279c5f69f821cb1174c1e00b3706f11b1f462a89425a84ab912706cc7b8f81298b5068e7632a4c59aafac96d59c52da72839d4aec5d015e3f03ae020d413f781922ba172d067c6e7cf225db39fb64697e4d1958d905e2649b1f34ff715d0b1b67a83b5855d706161c76d50286"], &(0x7f00000001c0)=0xbd) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0) r3 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r3, 0x0, 0x0) setsockopt$inet_mreq(r3, 0x0, 0x24, &(0x7f00000000c0)={@multicast1, @local}, 0x8) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000140)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x26, 0x200, 0x100300, 0x0, 0x9, 0x7, 0x8100}}, 0x50) (async) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder-control\x00', 0x3, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(0xffffffffffffffff, 0x0, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r1, 0x0, 0x0) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) accept$inet(r2, 0x0, 0x0) (async) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000340)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000990f00009e239e21cc29b4267d1fb518137a7ee715eb14f55de0754f27b945b6b6818e4f42ad57175c2b2c49fe54c7b892b22df0ce06ec79dac6e668ee423529953d9b1189ae9379a9a086c61d909a668d73a02d485c9a9108dadb16309e8ffe9fedb6ac462a34f04f1f71875846957cab20115c7fc20738e9132278a64e5f9fe939190f022928721c9fe279c5f69f821cb1174c1e00b3706f11b1f462a89425a84ab912706cc7b8f81298b5068e7632a4c59aafac96d59c52da72839d4aec5d015e3f03ae020d413f781922ba172d067c6e7cf225db39fb64697e4d1958d905e2649b1f34ff715d0b1b67a83b5855d706161c76d50286"], &(0x7f00000001c0)=0xbd) (async) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r3, 0x0, 0x0) (async) setsockopt$inet_mreq(r3, 0x0, 0x24, &(0x7f00000000c0)={@multicast1, @local}, 0x8) (async) 13:53:57 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) sendto$inet(r0, &(0x7f0000000040)="f4390c4d9f5ac8ac700ca4804037c42d98654e390e068093a59b046301005a13028b6c0560f7ae49010da16f5913782af2bad42481f79009aa9b1a2515541ff813cd0c5250f933", 0x47, 0x80, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) socket$pptp(0x18, 0x1, 0x2) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000100)={{0x2, 0x4e24, @remote}, {0x6, @multicast}, 0x38, {0x2, 0x4e21, @private=0xa010102}, 'macvtap0\x00'}) [ 1620.567622][ T22] audit: type=1326 audit(1676296437.379:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31586 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:53:57 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0xf8, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000000c0)={{0x0, @rand_addr=0x64010101, 0x4e21, 0x0, 'fo\x00', 0x1, 0x2, 0x3b}, {@private=0xa010102, 0x4e24, 0x2, 0x0, 0x4, 0x1ff}}, 0x44) getsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000040), &(0x7f0000000140)=0x4) socket$inet_udplite(0x2, 0x2, 0x88) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0xf8, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r1, 0x0, 0x0) (async) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000000c0)={{0x0, @rand_addr=0x64010101, 0x4e21, 0x0, 'fo\x00', 0x1, 0x2, 0x3b}, {@private=0xa010102, 0x4e24, 0x2, 0x0, 0x4, 0x1ff}}, 0x44) (async) getsockopt$inet_int(r0, 0x0, 0x6, &(0x7f0000000040), &(0x7f0000000140)=0x4) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) 13:53:57 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) 13:53:57 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) sendto$inet(r0, &(0x7f0000000040)="f4390c4d9f5ac8ac700ca4804037c42d98654e390e068093a59b046301005a13028b6c0560f7ae49010da16f5913782af2bad42481f79009aa9b1a2515541ff813cd0c5250f933", 0x47, 0x80, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) socket$pptp(0x18, 0x1, 0x2) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000100)={{0x2, 0x4e24, @remote}, {0x6, @multicast}, 0x38, {0x2, 0x4e21, @private=0xa010102}, 'macvtap0\x00'}) socket$igmp(0x2, 0x3, 0x2) (async) sendto$inet(r0, &(0x7f0000000040)="f4390c4d9f5ac8ac700ca4804037c42d98654e390e068093a59b046301005a13028b6c0560f7ae49010da16f5913782af2bad42481f79009aa9b1a2515541ff813cd0c5250f933", 0x47, 0x80, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10) (async) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) socket$pptp(0x18, 0x1, 0x2) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r1, 0x0, 0x0) (async) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000100)={{0x2, 0x4e24, @remote}, {0x6, @multicast}, 0x38, {0x2, 0x4e21, @private=0xa010102}, 'macvtap0\x00'}) (async) 13:53:57 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, r2) 13:53:57 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000000)={@remote, @multicast2, 0x0, 0x5, [@private=0xa010100, @rand_addr=0x64010102, @loopback, @broadcast, @broadcast]}, 0x24) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000040)="2c4d35900684dd9aa74a92dc3d169529a5a5c2340a64e4719bd0277f8e80fb2a7bce858374e88e0fde0319e0eeebdcd6264c50346b3d42f4aabc0b1f1847cae6d07b34599fe4774bb6d74b961f79d055ff0a31c027abb42dda71141c2789a999d9898eaaea66bbdd2c1c4de8d24601a5ac88d71ac2c319619ac7a020dc117eaeca38ffd3df6b76ab2962164f17c4fde6a667d97b3461253812e8ba3163914ddd473cf000ad6f797d42a59070c1", 0xad, 0x881, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10) 13:53:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) socket$pppl2tp(0x18, 0x1, 0x1) 13:53:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x1, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x20000}]}) 13:53:57 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) sendto$inet(r0, &(0x7f0000000040)="f4390c4d9f5ac8ac700ca4804037c42d98654e390e068093a59b046301005a13028b6c0560f7ae49010da16f5913782af2bad42481f79009aa9b1a2515541ff813cd0c5250f933", 0x47, 0x80, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10) (async) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) socket$pptp(0x18, 0x1, 0x2) (async) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000100)={{0x2, 0x4e24, @remote}, {0x6, @multicast}, 0x38, {0x2, 0x4e21, @private=0xa010102}, 'macvtap0\x00'}) 13:53:57 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) 13:53:57 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000000)={@remote, @multicast2, 0x0, 0x5, [@private=0xa010100, @rand_addr=0x64010102, @loopback, @broadcast, @broadcast]}, 0x24) (async) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) (async) sendto$inet(r0, &(0x7f0000000040)="2c4d35900684dd9aa74a92dc3d169529a5a5c2340a64e4719bd0277f8e80fb2a7bce858374e88e0fde0319e0eeebdcd6264c50346b3d42f4aabc0b1f1847cae6d07b34599fe4774bb6d74b961f79d055ff0a31c027abb42dda71141c2789a999d9898eaaea66bbdd2c1c4de8d24601a5ac88d71ac2c319619ac7a020dc117eaeca38ffd3df6b76ab2962164f17c4fde6a667d97b3461253812e8ba3163914ddd473cf000ad6f797d42a59070c1", 0xad, 0x881, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10) 13:53:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x1, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x20000}]}) 13:53:57 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x3821a00}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002c016400fedbdf2506000000051511000000000005002f000000000007003500040000dd07003c0037af276ada34bc3171100966782cc57278793060a402a01ddf1448abe55e65c092a28bdc8e03a80714caa21dd1cb2f19d1cc37eecb30d550ea6f5161196e47eb2ae02e58c71640a3d5c071020476b9134900cd1b0f0eff5c4bfed2fbcb76c9d88b7684aea65130c4e8fc52e91cc798dbbdbdf3e130c2683221545fb55b9d3e60b15b885de0e3a9092214dc3bb71f73049170c7d5e696532add87f17c58bb143ec0d2abfee8fc368516563ef582536d8199b6a9dce3947ea86d1df3e8c8f832d5cdbd309b78b52de6b3d03b6546bf50d9bc969e9a9dee8c7db8e634250ab93bb49797d59c32f33cf339dc119ecc9299819baab0e8628d25ed06118389e9d107a794"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x20000001) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x17d082, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r2, 0x0, 0x24, &(0x7f0000000000)={@multicast1, @loopback}, 0x8) getgid() [ 1620.850156][ T22] audit: type=1326 audit(1676296437.659:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31622 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:53:57 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x0, 0x0) ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, &(0x7f0000000000)={'binder0\x00'}) 13:53:57 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, r2) 13:53:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x1, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x0, 0x0, 0x0, 0x20000}]}) 13:53:57 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000000)={@remote, @multicast2, 0x0, 0x5, [@private=0xa010100, @rand_addr=0x64010102, @loopback, @broadcast, @broadcast]}, 0x24) (async) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000040)="2c4d35900684dd9aa74a92dc3d169529a5a5c2340a64e4719bd0277f8e80fb2a7bce858374e88e0fde0319e0eeebdcd6264c50346b3d42f4aabc0b1f1847cae6d07b34599fe4774bb6d74b961f79d055ff0a31c027abb42dda71141c2789a999d9898eaaea66bbdd2c1c4de8d24601a5ac88d71ac2c319619ac7a020dc117eaeca38ffd3df6b76ab2962164f17c4fde6a667d97b3461253812e8ba3163914ddd473cf000ad6f797d42a59070c1", 0xad, 0x881, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10) 13:53:57 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x3821a00}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002c016400fedbdf2506000000051511000000000005002f000000000007003500040000dd07003c0037af276ada34bc3171100966782cc57278793060a402a01ddf1448abe55e65c092a28bdc8e03a80714caa21dd1cb2f19d1cc37eecb30d550ea6f5161196e47eb2ae02e58c71640a3d5c071020476b9134900cd1b0f0eff5c4bfed2fbcb76c9d88b7684aea65130c4e8fc52e91cc798dbbdbdf3e130c2683221545fb55b9d3e60b15b885de0e3a9092214dc3bb71f73049170c7d5e696532add87f17c58bb143ec0d2abfee8fc368516563ef582536d8199b6a9dce3947ea86d1df3e8c8f832d5cdbd309b78b52de6b3d03b6546bf50d9bc969e9a9dee8c7db8e634250ab93bb49797d59c32f33cf339dc119ecc9299819baab0e8628d25ed06118389e9d107a794"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x20000001) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x17d082, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r2, 0x0, 0x24, &(0x7f0000000000)={@multicast1, @loopback}, 0x8) getgid() socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x3821a00}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002c016400fedbdf2506000000051511000000000005002f000000000007003500040000dd07003c0037af276ada34bc3171100966782cc57278793060a402a01ddf1448abe55e65c092a28bdc8e03a80714caa21dd1cb2f19d1cc37eecb30d550ea6f5161196e47eb2ae02e58c71640a3d5c071020476b9134900cd1b0f0eff5c4bfed2fbcb76c9d88b7684aea65130c4e8fc52e91cc798dbbdbdf3e130c2683221545fb55b9d3e60b15b885de0e3a9092214dc3bb71f73049170c7d5e696532add87f17c58bb143ec0d2abfee8fc368516563ef582536d8199b6a9dce3947ea86d1df3e8c8f832d5cdbd309b78b52de6b3d03b6546bf50d9bc969e9a9dee8c7db8e634250ab93bb49797d59c32f33cf339dc119ecc9299819baab0e8628d25ed06118389e9d107a794"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x20000001) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x17d082, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r2, 0x0, 0x24, &(0x7f0000000000)={@multicast1, @loopback}, 0x8) (async) getgid() (async) 13:53:57 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0xd, 0x0, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x1, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x490080, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x0, 0x4, 0x418, 0x1, "3776650ebec2432144454c24994bc2584b50eee2c10bc39ebb487967dbaf67cf11f986646ca379ec7dcf193b71c67f9a5b7c297e99ac591da3e30adc664651c2", "9b81cfba5b8e0c65fa8935cb0c50ebb9510180b12c3b1700", [0x6, 0x4683]}) write$hidraw(r1, &(0x7f0000000080)="c02570ff33e331034ca2c6ed381707fc7b41367303dfce76787dc9347f069539c198ccaa8f5dfd9512537ffaf927d59df5b6bda7d540cde4a17db109a592a4c56467c037552a6628df50151e5a40a6f42705c734cee627231c5c13acd09308a78f0e271ac146bc8e30c8758431a6660e9e85cf5420c7fa6c9535f61e2a17d1e3e8357005b20799e5a164f298f2cda3a650d31c5311e575cf168e893adb4f6b380452fa08c2225a729d36d314bc0a074cb14faa1f6574a6e8534f6f43b3f33240451f565ef2ca9c23d335b2e8083ce27c2190ef56", 0xd4) 13:53:57 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x0, 0x0) ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, &(0x7f0000000000)={'binder0\x00'}) 13:53:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) r0 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@local, @in=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@initdev}}, &(0x7f0000000140)=0xe8) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000001c0)={0x5, &(0x7f0000000180)=[{0x6, 0x8, 0x5, 0x3ff}, {0x7f, 0x3, 0x9, 0x5}, {0x9, 0xcc, 0x9, 0x7}, {0x3, 0x81, 0x0, 0x1}, {0x23d, 0x6, 0x6, 0x3}]}) 13:53:57 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x0, 0x0) (async) ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, &(0x7f0000000000)={'binder0\x00'}) 13:53:57 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0xd, 0x0, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x1, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x490080, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x0, 0x4, 0x418, 0x1, "3776650ebec2432144454c24994bc2584b50eee2c10bc39ebb487967dbaf67cf11f986646ca379ec7dcf193b71c67f9a5b7c297e99ac591da3e30adc664651c2", "9b81cfba5b8e0c65fa8935cb0c50ebb9510180b12c3b1700", [0x6, 0x4683]}) write$hidraw(r1, &(0x7f0000000080)="c02570ff33e331034ca2c6ed381707fc7b41367303dfce76787dc9347f069539c198ccaa8f5dfd9512537ffaf927d59df5b6bda7d540cde4a17db109a592a4c56467c037552a6628df50151e5a40a6f42705c734cee627231c5c13acd09308a78f0e271ac146bc8e30c8758431a6660e9e85cf5420c7fa6c9535f61e2a17d1e3e8357005b20799e5a164f298f2cda3a650d31c5311e575cf168e893adb4f6b380452fa08c2225a729d36d314bc0a074cb14faa1f6574a6e8534f6f43b3f33240451f565ef2ca9c23d335b2e8083ce27c2190ef56", 0xd4) socket$xdp(0x2c, 0x3, 0x0) (async) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0xd, 0x0, 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), 0xffffffffffffffff) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x1, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x490080, 0x0) (async) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x0, 0x4, 0x418, 0x1, "3776650ebec2432144454c24994bc2584b50eee2c10bc39ebb487967dbaf67cf11f986646ca379ec7dcf193b71c67f9a5b7c297e99ac591da3e30adc664651c2", "9b81cfba5b8e0c65fa8935cb0c50ebb9510180b12c3b1700", [0x6, 0x4683]}) (async) write$hidraw(r1, &(0x7f0000000080)="c02570ff33e331034ca2c6ed381707fc7b41367303dfce76787dc9347f069539c198ccaa8f5dfd9512537ffaf927d59df5b6bda7d540cde4a17db109a592a4c56467c037552a6628df50151e5a40a6f42705c734cee627231c5c13acd09308a78f0e271ac146bc8e30c8758431a6660e9e85cf5420c7fa6c9535f61e2a17d1e3e8357005b20799e5a164f298f2cda3a650d31c5311e575cf168e893adb4f6b380452fa08c2225a729d36d314bc0a074cb14faa1f6574a6e8534f6f43b3f33240451f565ef2ca9c23d335b2e8083ce27c2190ef56", 0xd4) (async) 13:53:57 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x3821a00}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002c016400fedbdf2506000000051511000000000005002f000000000007003500040000dd07003c0037af276ada34bc3171100966782cc57278793060a402a01ddf1448abe55e65c092a28bdc8e03a80714caa21dd1cb2f19d1cc37eecb30d550ea6f5161196e47eb2ae02e58c71640a3d5c071020476b9134900cd1b0f0eff5c4bfed2fbcb76c9d88b7684aea65130c4e8fc52e91cc798dbbdbdf3e130c2683221545fb55b9d3e60b15b885de0e3a9092214dc3bb71f73049170c7d5e696532add87f17c58bb143ec0d2abfee8fc368516563ef582536d8199b6a9dce3947ea86d1df3e8c8f832d5cdbd309b78b52de6b3d03b6546bf50d9bc969e9a9dee8c7db8e634250ab93bb49797d59c32f33cf339dc119ecc9299819baab0e8628d25ed06118389e9d107a794"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x20000001) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x17d082, 0x0) (async) r2 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r2, 0x0, 0x24, &(0x7f0000000000)={@multicast1, @loopback}, 0x8) (async) getgid() 13:53:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) r0 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@local, @in=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@initdev}}, &(0x7f0000000140)=0xe8) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000001c0)={0x5, &(0x7f0000000180)=[{0x6, 0x8, 0x5, 0x3ff}, {0x7f, 0x3, 0x9, 0x5}, {0x9, 0xcc, 0x9, 0x7}, {0x3, 0x81, 0x0, 0x1}, {0x23d, 0x6, 0x6, 0x3}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) (async) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@local, @in=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@initdev}}, &(0x7f0000000140)=0xe8) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000001c0)={0x5, &(0x7f0000000180)=[{0x6, 0x8, 0x5, 0x3ff}, {0x7f, 0x3, 0x9, 0x5}, {0x9, 0xcc, 0x9, 0x7}, {0x3, 0x81, 0x0, 0x1}, {0x23d, 0x6, 0x6, 0x3}]}) (async) 13:53:57 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbd}, {0x6, 0x3, 0x4, 0x80008}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getgid() getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000180)=0x1e) r1 = getuid() r2 = getgid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f00000000c0)={0x90, 0xfffffffffffffff5, 0x0, {0x0, 0x0, 0x6, 0xf1, 0x52, 0x20, {0x3, 0x0, 0xfffffffffffffe01, 0xa46f, 0x5, 0x1, 0x9, 0x5659, 0xff, 0x0, 0xd368, r1, r2, 0x6, 0x9}}}, 0x90) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) 13:53:57 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) r2 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, r2) 13:53:57 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) 13:53:57 executing program 3: prctl$PR_GET_TSC(0x19, &(0x7f0000000040)) socket$igmp(0x2, 0x3, 0x2) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@private=0xa010105, @multicast2}, 0x8) 13:53:57 executing program 4: r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0xd, 0x0, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x1, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x490080, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x0, 0x4, 0x418, 0x1, "3776650ebec2432144454c24994bc2584b50eee2c10bc39ebb487967dbaf67cf11f986646ca379ec7dcf193b71c67f9a5b7c297e99ac591da3e30adc664651c2", "9b81cfba5b8e0c65fa8935cb0c50ebb9510180b12c3b1700", [0x6, 0x4683]}) (async) write$hidraw(r1, &(0x7f0000000080)="c02570ff33e331034ca2c6ed381707fc7b41367303dfce76787dc9347f069539c198ccaa8f5dfd9512537ffaf927d59df5b6bda7d540cde4a17db109a592a4c56467c037552a6628df50151e5a40a6f42705c734cee627231c5c13acd09308a78f0e271ac146bc8e30c8758431a6660e9e85cf5420c7fa6c9535f61e2a17d1e3e8357005b20799e5a164f298f2cda3a650d31c5311e575cf168e893adb4f6b380452fa08c2225a729d36d314bc0a074cb14faa1f6574a6e8534f6f43b3f33240451f565ef2ca9c23d335b2e8083ce27c2190ef56", 0xd4) 13:53:57 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) (async) 13:53:57 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) r0 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@local, @in=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@initdev}}, &(0x7f0000000140)=0xe8) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000001c0)={0x5, &(0x7f0000000180)=[{0x6, 0x8, 0x5, 0x3ff}, {0x7f, 0x3, 0x9, 0x5}, {0x9, 0xcc, 0x9, 0x7}, {0x3, 0x81, 0x0, 0x1}, {0x23d, 0x6, 0x6, 0x3}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x0) (async) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@local, @in=@initdev}}, {{@in=@multicast2}, 0x0, @in6=@initdev}}, &(0x7f0000000140)=0xe8) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000001c0)={0x5, &(0x7f0000000180)=[{0x6, 0x8, 0x5, 0x3ff}, {0x7f, 0x3, 0x9, 0x5}, {0x9, 0xcc, 0x9, 0x7}, {0x3, 0x81, 0x0, 0x1}, {0x23d, 0x6, 0x6, 0x3}]}) (async) 13:53:57 executing program 3: prctl$PR_GET_TSC(0x19, &(0x7f0000000040)) (async) socket$igmp(0x2, 0x3, 0x2) (async) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@private=0xa010105, @multicast2}, 0x8) 13:53:57 executing program 4: sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x20, 0x70bd27, 0x7ff, {}, [@NL802154_ATTR_WPAN_DEV={0xc}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000400}, 0x4) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000002140)={{{@in=@multicast2, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6}}, &(0x7f0000002240)=0xe8) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000002280)={0x90, 0xb, r0, {0x1, 0x0, 0x7fff, 0x1, 0x9, 0xffffffff, {0x5, 0x93, 0x6, 0x93db, 0x7ff, 0x1, 0xb7f7, 0x7e9, 0xae, 0xc000, 0x7000, r1, 0xee00, 0x3, 0x4}}}, 0x90) 13:53:58 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x2}]}) setsockopt$MRT_DEL_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd3, &(0x7f0000000000)={@initdev={0xac, 0x1e, 0x1, 0x0}, @empty, 0x1, "12918c11a6e2fd925e1a4cdd3e26840c8954745826ad3ba3aab7082eeb2a7354", 0x2, 0xf648, 0x6, 0x3}, 0x3c) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0000fb000000fedbdf25090000000800060065a2b39f2e31653e92ef44d6cbe0ff0d1bfbc15e8659ace04d1aae5c87510507ae33b8fd8d901b3f6b64a0389f5ad6539b97e5c6242311e54c6e0fc61000a723767c6399da00"/98, @ANYRES32=r1, @ANYBLOB="990b5a3dc39a419a460970da5337a298e67ee1e241f1348b3c8415a43fde24499ae778a342a8312d43ff9db72e6b99e3e045f7fa78cbf89aa773f9a6b4af1fe51de6fa667d2f79451f7e4ae7ab94d36beaddfc38699f56d5270ee3f62f8835746176602e82e69d933f4832986ca12681b51947da98e220db00eecc49456db405b6c19d9d2194ddc1dd81ea84d98f2c2007156b0bf89b23e246f859159e7e4f687ae39c983603be31e14c0bb139816fff7694f191a89327f6a0726fce3135301f038e2b6fa90bdb95adcbfa9bb494b7f5c4bb0303a5721724871e7d57321e30c7e434b6fc4a4785c7fa3539d2b31a4450cb2808b5e52c469ba6c35ec8d887e9f9bfc4b404c1c7f64e0fe457f3133185ec3d2fb1d83c06898dd9706b342035f709cb8568e85c99259f8e3dcb784821ca4b97f75ad1ea75669851ae40ba061d5e1b0c4959ce52c81a785881c90c"], 0x1c}, 0x1, 0x0, 0x0, 0x48}, 0x880) r2 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r2, 0x0, 0x0) bind$inet(r2, &(0x7f0000000140)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) (async) 13:53:58 executing program 4: sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x20, 0x70bd27, 0x7ff, {}, [@NL802154_ATTR_WPAN_DEV={0xc}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000400}, 0x4) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) (async) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000002140)={{{@in=@multicast2, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6}}, &(0x7f0000002240)=0xe8) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000002280)={0x90, 0xb, r0, {0x1, 0x0, 0x7fff, 0x1, 0x9, 0xffffffff, {0x5, 0x93, 0x6, 0x93db, 0x7ff, 0x1, 0xb7f7, 0x7e9, 0xae, 0xc000, 0x7000, r1, 0xee00, 0x3, 0x4}}}, 0x90) [ 1621.184116][ T22] audit: type=1326 audit(1676296437.989:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31693 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:53:58 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbd}, {0x6, 0x3, 0x4, 0x80008}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getgid() getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000180)=0x1e) r1 = getuid() r2 = getgid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f00000000c0)={0x90, 0xfffffffffffffff5, 0x0, {0x0, 0x0, 0x6, 0xf1, 0x52, 0x20, {0x3, 0x0, 0xfffffffffffffe01, 0xa46f, 0x5, 0x1, 0x9, 0x5659, 0xff, 0x0, 0xd368, r1, r2, 0x6, 0x9}}}, 0x90) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbd}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000180)=0x1e) (async) getuid() (async) getgid() (async) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f00000000c0)={0x90, 0xfffffffffffffff5, 0x0, {0x0, 0x0, 0x6, 0xf1, 0x52, 0x20, {0x3, 0x0, 0xfffffffffffffe01, 0xa46f, 0x5, 0x1, 0x9, 0x5659, 0xff, 0x0, 0xd368, r1, r2, 0x6, 0x9}}}, 0x90) (async) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async) 13:53:58 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x10000000) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 13:53:58 executing program 3: prctl$PR_GET_TSC(0x19, &(0x7f0000000040)) (async) socket$igmp(0x2, 0x3, 0x2) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@private=0xa010105, @multicast2}, 0x8) 13:53:58 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x2}]}) (async) setsockopt$MRT_DEL_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd3, &(0x7f0000000000)={@initdev={0xac, 0x1e, 0x1, 0x0}, @empty, 0x1, "12918c11a6e2fd925e1a4cdd3e26840c8954745826ad3ba3aab7082eeb2a7354", 0x2, 0xf648, 0x6, 0x3}, 0x3c) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0000fb000000fedbdf25090000000800060065a2b39f2e31653e92ef44d6cbe0ff0d1bfbc15e8659ace04d1aae5c87510507ae33b8fd8d901b3f6b64a0389f5ad6539b97e5c6242311e54c6e0fc61000a723767c6399da00"/98, @ANYRES32=r1, @ANYBLOB="990b5a3dc39a419a460970da5337a298e67ee1e241f1348b3c8415a43fde24499ae778a342a8312d43ff9db72e6b99e3e045f7fa78cbf89aa773f9a6b4af1fe51de6fa667d2f79451f7e4ae7ab94d36beaddfc38699f56d5270ee3f62f8835746176602e82e69d933f4832986ca12681b51947da98e220db00eecc49456db405b6c19d9d2194ddc1dd81ea84d98f2c2007156b0bf89b23e246f859159e7e4f687ae39c983603be31e14c0bb139816fff7694f191a89327f6a0726fce3135301f038e2b6fa90bdb95adcbfa9bb494b7f5c4bb0303a5721724871e7d57321e30c7e434b6fc4a4785c7fa3539d2b31a4450cb2808b5e52c469ba6c35ec8d887e9f9bfc4b404c1c7f64e0fe457f3133185ec3d2fb1d83c06898dd9706b342035f709cb8568e85c99259f8e3dcb784821ca4b97f75ad1ea75669851ae40ba061d5e1b0c4959ce52c81a785881c90c"], 0x1c}, 0x1, 0x0, 0x0, 0x48}, 0x880) (async) r2 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r2, 0x0, 0x0) (async) bind$inet(r2, &(0x7f0000000140)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, &(0x7f0000000140)={'binder0\x00'}) 13:53:58 executing program 4: sendmsg$NL802154_CMD_SET_TX_POWER(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x20, 0x70bd27, 0x7ff, {}, [@NL802154_ATTR_WPAN_DEV={0xc}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000400}, 0x4) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000002140)={{{@in=@multicast2, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6}}, &(0x7f0000002240)=0xe8) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000002280)={0x90, 0xb, r0, {0x1, 0x0, 0x7fff, 0x1, 0x9, 0xffffffff, {0x5, 0x93, 0x6, 0x93db, 0x7ff, 0x1, 0xb7f7, 0x7e9, 0xae, 0xc000, 0x7000, r1, 0xee00, 0x3, 0x4}}}, 0x90) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, &(0x7f0000000140)={'binder0\x00'}) 13:53:58 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x0, 0x0, 0x2}]}) (async) setsockopt$MRT_DEL_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd3, &(0x7f0000000000)={@initdev={0xac, 0x1e, 0x1, 0x0}, @empty, 0x1, "12918c11a6e2fd925e1a4cdd3e26840c8954745826ad3ba3aab7082eeb2a7354", 0x2, 0xf648, 0x6, 0x3}, 0x3c) (async, rerun: 32) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0000fb000000fedbdf25090000000800060065a2b39f2e31653e92ef44d6cbe0ff0d1bfbc15e8659ace04d1aae5c87510507ae33b8fd8d901b3f6b64a0389f5ad6539b97e5c6242311e54c6e0fc61000a723767c6399da00"/98, @ANYRES32=r1, @ANYBLOB="990b5a3dc39a419a460970da5337a298e67ee1e241f1348b3c8415a43fde24499ae778a342a8312d43ff9db72e6b99e3e045f7fa78cbf89aa773f9a6b4af1fe51de6fa667d2f79451f7e4ae7ab94d36beaddfc38699f56d5270ee3f62f8835746176602e82e69d933f4832986ca12681b51947da98e220db00eecc49456db405b6c19d9d2194ddc1dd81ea84d98f2c2007156b0bf89b23e246f859159e7e4f687ae39c983603be31e14c0bb139816fff7694f191a89327f6a0726fce3135301f038e2b6fa90bdb95adcbfa9bb494b7f5c4bb0303a5721724871e7d57321e30c7e434b6fc4a4785c7fa3539d2b31a4450cb2808b5e52c469ba6c35ec8d887e9f9bfc4b404c1c7f64e0fe457f3133185ec3d2fb1d83c06898dd9706b342035f709cb8568e85c99259f8e3dcb784821ca4b97f75ad1ea75669851ae40ba061d5e1b0c4959ce52c81a785881c90c"], 0x1c}, 0x1, 0x0, 0x0, 0x48}, 0x880) r2 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r2, 0x0, 0x0) bind$inet(r2, &(0x7f0000000140)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 13:53:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x9b, "b43aab19a6e946541ca3e92be5f32caf3178c5d154a0633ba43b6845e0f047e652e911bcec52df9d15fcb73eddc8facc6905d69d51f31c01d082da4ffddd95aed7eb15787994b190f1136e2297bacec6d676ab6aa2cca8ec88b6d0eba5ce299ff6a34fb3f28dd98a16d8ca70badec4e4f9ef2bcc3437920f0172040ab13326e68889a8ed5180c90807c7e0fe6c8894e5a4dab7b510e5df40c9d527"}, &(0x7f00000000c0)=0xbf) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) sendto$inet(r1, &(0x7f0000000100)="4791246fa42327728ec2b64a5bbcbe9867facf3ff30de3a75726b07f8a7013e194bf549c4bb18ee5a7042b7fd5b2b704fe037aded9b00ae54dd4f7cba4953f391a", 0x41, 0x20000800, &(0x7f0000000180)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) 13:53:58 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200200, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:53:58 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x10000000) (async) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) ioctl$BINDER_CTL_ADD(0xffffffffffffffff, 0xc1086201, &(0x7f0000000140)={'binder0\x00'}) [ 1621.556771][ T22] audit: type=1326 audit(1676296438.359:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31737 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:53:58 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbd}, {0x6, 0x3, 0x4, 0x80008}]}) (async) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getgid() (async) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000180)=0x1e) (async) r1 = getuid() (async) r2 = getgid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f00000000c0)={0x90, 0xfffffffffffffff5, 0x0, {0x0, 0x0, 0x6, 0xf1, 0x52, 0x20, {0x3, 0x0, 0xfffffffffffffe01, 0xa46f, 0x5, 0x1, 0x9, 0x5659, 0xff, 0x0, 0xd368, r1, r2, 0x6, 0x9}}}, 0x90) (async) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) 13:53:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x9b, "b43aab19a6e946541ca3e92be5f32caf3178c5d154a0633ba43b6845e0f047e652e911bcec52df9d15fcb73eddc8facc6905d69d51f31c01d082da4ffddd95aed7eb15787994b190f1136e2297bacec6d676ab6aa2cca8ec88b6d0eba5ce299ff6a34fb3f28dd98a16d8ca70badec4e4f9ef2bcc3437920f0172040ab13326e68889a8ed5180c90807c7e0fe6c8894e5a4dab7b510e5df40c9d527"}, &(0x7f00000000c0)=0xbf) (async) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) (async) sendto$inet(r1, &(0x7f0000000100)="4791246fa42327728ec2b64a5bbcbe9867facf3ff30de3a75726b07f8a7013e194bf549c4bb18ee5a7042b7fd5b2b704fe037aded9b00ae54dd4f7cba4953f391a", 0x41, 0x20000800, &(0x7f0000000180)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x8, 0xf8, 0x3, 0x7e2}, {0x1ff, 0x1, 0x0, 0x1}, {0x7f, 0xb9, 0x5, 0x7}, {0x7f, 0x7, 0x7, 0x1e592471}, {0x5, 0x3f, 0x9, 0xfffffffd}, {0x4, 0x6d, 0x7f, 0x1c6c0000}, {0x7ff, 0x2, 0x6}]}) 13:53:58 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x10000000) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async) mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x10000000) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) (async) 13:53:58 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200200, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:53:58 executing program 2: ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="170026bd08000200", @ANYRES32=r1, @ANYBLOB="0c0005000202aaaaaaaaaaaa0a0001007770616e310000000c0005000201aaaaaaaaaaaa0a0001007770616e3300000008000200", @ANYRES32=0x0, @ANYBLOB="0a0001007770616e300000000a0001007770616e330000000c0005000201aaaaaaaaaaaa"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x10) sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x4000) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) r2 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, 0xffffffffffffffff) r3 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) syz_genetlink_get_family_id$batadv(&(0x7f0000000580), 0xffffffffffffffff) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_DEL_DEV(r4, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x14, r5, 0x100, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20001000}, 0x4004804) ioctl$LOOP_SET_FD(r3, 0x4c00, 0xffffffffffffffff) ioctl$LOOP_SET_CAPACITY(r3, 0x4c07) ioctl$LOOP_GET_STATUS(r3, 0x4c03, &(0x7f0000000180)) ioctl$LOOP_SET_DIRECT_IO(r2, 0x4c08, 0x101) r6 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_SET_STATUS(r6, 0x4c02, &(0x7f0000000700)={0x0, {}, 0x0, {}, 0x7fffffff, 0xa, 0x2, 0x18, "f4470f0390c493913ce58ec5fa1b2c0d2199db002ceb3856191c7d8f3310f4507f91fff03df6c3f62e62207865c8501b128771365e0930e9bb0ae871a772aa28", "0086a02a073f6a1e942f01e22935cb0951ac1da8d8510b0eeab913d95fc7ce3a", [0x1, 0x6]}) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x8, 0xf8, 0x3, 0x7e2}, {0x1ff, 0x1, 0x0, 0x1}, {0x7f, 0xb9, 0x5, 0x7}, {0x7f, 0x7, 0x7, 0x1e592471}, {0x5, 0x3f, 0x9, 0xfffffffd}, {0x4, 0x6d, 0x7f, 0x1c6c0000}, {0x7ff, 0x2, 0x6}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x8, 0xf8, 0x3, 0x7e2}, {0x1ff, 0x1, 0x0, 0x1}, {0x7f, 0xb9, 0x5, 0x7}, {0x7f, 0x7, 0x7, 0x1e592471}, {0x5, 0x3f, 0x9, 0xfffffffd}, {0x4, 0x6d, 0x7f, 0x1c6c0000}, {0x7ff, 0x2, 0x6}]}) (async) 13:53:58 executing program 2: ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan4\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="170026bd08000200", @ANYRES32=r1, @ANYBLOB="0c0005000202aaaaaaaaaaaa0a0001007770616e310000000c0005000201aaaaaaaaaaaa0a0001007770616e3300000008000200", @ANYRES32=0x0, @ANYBLOB="0a0001007770616e300000000a0001007770616e330000000c0005000201aaaaaaaaaaaa"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x10) (async) sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x4000) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) r2 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, 0xffffffffffffffff) (async) r3 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000580), 0xffffffffffffffff) (async) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) (async) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$IEEE802154_LLSEC_DEL_DEV(r4, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x14, r5, 0x100, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20001000}, 0x4004804) (async) ioctl$LOOP_SET_FD(r3, 0x4c00, 0xffffffffffffffff) ioctl$LOOP_SET_CAPACITY(r3, 0x4c07) ioctl$LOOP_GET_STATUS(r3, 0x4c03, &(0x7f0000000180)) (async) ioctl$LOOP_SET_DIRECT_IO(r2, 0x4c08, 0x101) (async) r6 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_SET_STATUS(r6, 0x4c02, &(0x7f0000000700)={0x0, {}, 0x0, {}, 0x7fffffff, 0xa, 0x2, 0x18, "f4470f0390c493913ce58ec5fa1b2c0d2199db002ceb3856191c7d8f3310f4507f91fff03df6c3f62e62207865c8501b128771365e0930e9bb0ae871a772aa28", "0086a02a073f6a1e942f01e22935cb0951ac1da8d8510b0eeab913d95fc7ce3a", [0x1, 0x6]}) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x8, 0xf8, 0x3, 0x7e2}, {0x1ff, 0x1, 0x0, 0x1}, {0x7f, 0xb9, 0x5, 0x7}, {0x7f, 0x7, 0x7, 0x1e592471}, {0x5, 0x3f, 0x9, 0xfffffffd}, {0x4, 0x6d, 0x7f, 0x1c6c0000}, {0x7ff, 0x2, 0x6}]}) 13:53:58 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x9b, "b43aab19a6e946541ca3e92be5f32caf3178c5d154a0633ba43b6845e0f047e652e911bcec52df9d15fcb73eddc8facc6905d69d51f31c01d082da4ffddd95aed7eb15787994b190f1136e2297bacec6d676ab6aa2cca8ec88b6d0eba5ce299ff6a34fb3f28dd98a16d8ca70badec4e4f9ef2bcc3437920f0172040ab13326e68889a8ed5180c90807c7e0fe6c8894e5a4dab7b510e5df40c9d527"}, &(0x7f00000000c0)=0xbf) (async) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) (async) sendto$inet(r1, &(0x7f0000000100)="4791246fa42327728ec2b64a5bbcbe9867facf3ff30de3a75726b07f8a7013e194bf549c4bb18ee5a7042b7fd5b2b704fe037aded9b00ae54dd4f7cba4953f391a", 0x41, 0x20000800, &(0x7f0000000180)={0x2, 0x4e22, @rand_addr=0x64010102}, 0x10) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) 13:53:58 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200200, 0x0) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x1, 0x0) 13:53:58 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) getgid() r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000000)={'raw\x00', 0xda, "3ca8c597360515174d9eb6379b3741e34b05f493e4789703f1c98e372c33c934877bd0fc11052fa41f40ce190468c583399a7ea46f9420ea9e2672af3034e616c1bbc277c9b625ce9b80c2b6c61532b74b49d52ea1ddb47bf9645ad6946ffb50cb495e02ad7a52b072db1f04d74df6276b34d7ca089d8224602eb3b1cab1f9194300f93957a979bb70ca07439ae3c868191108c0a28303d4edec3ce06666dab21480270a23153cc432b87948ffcfe89295f9c051de483998b97bab56a677bbc519a71fd58be19d8af57c339c34d9dcd68e2f7fad24981179c00f"}, &(0x7f0000000100)=0xfe) 13:53:58 executing program 4: sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2028000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4001}, 0x90) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) 13:53:58 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast1, @local}, 0x8) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x1, 0x0) 13:53:58 executing program 2: ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan4\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wpan1\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="170026bd08000200", @ANYRES32=r1, @ANYBLOB="0c0005000202aaaaaaaaaaaa0a0001007770616e310000000c0005000201aaaaaaaaaaaa0a0001007770616e3300000008000200", @ANYRES32=0x0, @ANYBLOB="0a0001007770616e300000000a0001007770616e330000000c0005000201aaaaaaaaaaaa"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x10) (async) sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, 0x0, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x4000) (async, rerun: 32) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async, rerun: 32) r2 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, 0xffffffffffffffff) r3 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async, rerun: 64) ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async, rerun: 64) syz_genetlink_get_family_id$batadv(&(0x7f0000000580), 0xffffffffffffffff) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000600), 0xffffffffffffffff) (rerun: 64) sendmsg$IEEE802154_LLSEC_DEL_DEV(r4, &(0x7f00000006c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x14, r5, 0x100, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20001000}, 0x4004804) (async, rerun: 64) ioctl$LOOP_SET_FD(r3, 0x4c00, 0xffffffffffffffff) (rerun: 64) ioctl$LOOP_SET_CAPACITY(r3, 0x4c07) (async) ioctl$LOOP_GET_STATUS(r3, 0x4c03, &(0x7f0000000180)) (async) ioctl$LOOP_SET_DIRECT_IO(r2, 0x4c08, 0x101) (async) r6 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_SET_STATUS(r6, 0x4c02, &(0x7f0000000700)={0x0, {}, 0x0, {}, 0x7fffffff, 0xa, 0x2, 0x18, "f4470f0390c493913ce58ec5fa1b2c0d2199db002ceb3856191c7d8f3310f4507f91fff03df6c3f62e62207865c8501b128771365e0930e9bb0ae871a772aa28", "0086a02a073f6a1e942f01e22935cb0951ac1da8d8510b0eeab913d95fc7ce3a", [0x1, 0x6]}) 13:53:58 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) write$cgroup_type(r1, &(0x7f0000000040), 0x9) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) syz_open_dev$MSR(&(0x7f0000000080), 0x8, 0x0) 13:53:58 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) write$cgroup_type(r1, &(0x7f0000000040), 0x9) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async, rerun: 32) syz_open_dev$MSR(&(0x7f0000000080), 0x8, 0x0) (rerun: 32) 13:53:58 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) getgid() r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000000)={'raw\x00', 0xda, "3ca8c597360515174d9eb6379b3741e34b05f493e4789703f1c98e372c33c934877bd0fc11052fa41f40ce190468c583399a7ea46f9420ea9e2672af3034e616c1bbc277c9b625ce9b80c2b6c61532b74b49d52ea1ddb47bf9645ad6946ffb50cb495e02ad7a52b072db1f04d74df6276b34d7ca089d8224602eb3b1cab1f9194300f93957a979bb70ca07439ae3c868191108c0a28303d4edec3ce06666dab21480270a23153cc432b87948ffcfe89295f9c051de483998b97bab56a677bbc519a71fd58be19d8af57c339c34d9dcd68e2f7fad24981179c00f"}, &(0x7f0000000100)=0xfe) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r0, 0x0, 0x0) (async) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000000)={'raw\x00', 0xda, "3ca8c597360515174d9eb6379b3741e34b05f493e4789703f1c98e372c33c934877bd0fc11052fa41f40ce190468c583399a7ea46f9420ea9e2672af3034e616c1bbc277c9b625ce9b80c2b6c61532b74b49d52ea1ddb47bf9645ad6946ffb50cb495e02ad7a52b072db1f04d74df6276b34d7ca089d8224602eb3b1cab1f9194300f93957a979bb70ca07439ae3c868191108c0a28303d4edec3ce06666dab21480270a23153cc432b87948ffcfe89295f9c051de483998b97bab56a677bbc519a71fd58be19d8af57c339c34d9dcd68e2f7fad24981179c00f"}, &(0x7f0000000100)=0xfe) (async) 13:53:58 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast1, @local}, 0x8) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x1, 0x0) 13:53:58 executing program 4: sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2028000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4001}, 0x90) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2028000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4001}, 0x90) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x4, 0x0) 13:53:58 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) write$cgroup_type(r1, &(0x7f0000000040), 0x9) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) syz_open_dev$MSR(&(0x7f0000000080), 0x8, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) write$cgroup_type(r1, &(0x7f0000000040), 0x9) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) syz_open_dev$MSR(&(0x7f0000000080), 0x8, 0x0) (async) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x4, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x4, 0x0) (async) 13:53:58 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000000)={'raw\x00', 0xda, "3ca8c597360515174d9eb6379b3741e34b05f493e4789703f1c98e372c33c934877bd0fc11052fa41f40ce190468c583399a7ea46f9420ea9e2672af3034e616c1bbc277c9b625ce9b80c2b6c61532b74b49d52ea1ddb47bf9645ad6946ffb50cb495e02ad7a52b072db1f04d74df6276b34d7ca089d8224602eb3b1cab1f9194300f93957a979bb70ca07439ae3c868191108c0a28303d4edec3ce06666dab21480270a23153cc432b87948ffcfe89295f9c051de483998b97bab56a677bbc519a71fd58be19d8af57c339c34d9dcd68e2f7fad24981179c00f"}, &(0x7f0000000100)=0xfe) 13:53:58 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast1, @local}, 0x8) 13:53:58 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) write$FUSE_ATTR(r0, &(0x7f0000000000)={0x78, 0x0, 0x0, {0x0, 0xffffffff, 0x0, {0x5, 0xc8, 0x8001, 0x7fffffffffffffff, 0x6, 0xfffe000000000000, 0x5b90, 0x1, 0x0, 0xa000, 0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x3f, 0x7}}}, 0x78) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) 13:53:58 executing program 4: sendmsg$NL802154_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2028000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x4001}, 0x90) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x4, 0x0) 13:53:58 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x7d, 0x4, 0x9, 0x2b}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x4f, 0x4, 0x3f}]}) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000180)={0x6, &(0x7f0000000140)=[{0x100, 0x3f, 0x8}, {0xffff, 0x2, 0x67, 0xffffd7a8}, {0xff, 0x0, 0x5b, 0xfffffffb}, {0x413e, 0xb9, 0xe9, 0x33dd}, {0x2, 0xf6, 0x80, 0x8}, {0x7, 0xa8, 0x20, 0xb2}]}) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x9, 0x4, 0x8, 0x81}, {0x5, 0x3, 0x7, 0x10001}]}) 13:53:58 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x541941, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x1000, 0x20, 0x81, 0x5}, {0x1, 0x5, 0x3, 0xffc}]}) 13:53:58 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) write$FUSE_ATTR(r0, &(0x7f0000000000)={0x78, 0x0, 0x0, {0x0, 0xffffffff, 0x0, {0x5, 0xc8, 0x8001, 0x7fffffffffffffff, 0x6, 0xfffe000000000000, 0x5b90, 0x1, 0x0, 0xa000, 0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x3f, 0x7}}}, 0x78) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) 13:53:58 executing program 3: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb, 0x11, 0xffffffffffffffff, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:53:58 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x7d, 0x4, 0x9, 0x2b}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x4f, 0x4, 0x3f}]}) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000180)={0x6, &(0x7f0000000140)=[{0x100, 0x3f, 0x8}, {0xffff, 0x2, 0x67, 0xffffd7a8}, {0xff, 0x0, 0x5b, 0xfffffffb}, {0x413e, 0xb9, 0xe9, 0x33dd}, {0x2, 0xf6, 0x80, 0x8}, {0x7, 0xa8, 0x20, 0xb2}]}) (async, rerun: 64) getgid() (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x9, 0x4, 0x8, 0x81}, {0x5, 0x3, 0x7, 0x10001}]}) 13:53:58 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) write$FUSE_ATTR(r0, &(0x7f0000000000)={0x78, 0x0, 0x0, {0x0, 0xffffffff, 0x0, {0x5, 0xc8, 0x8001, 0x7fffffffffffffff, 0x6, 0xfffe000000000000, 0x5b90, 0x1, 0x0, 0xa000, 0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x3f, 0x7}}}, 0x78) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) 13:53:58 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) 13:53:58 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x541941, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x1000, 0x20, 0x81, 0x5}, {0x1, 0x5, 0x3, 0xffc}]}) 13:53:58 executing program 3: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb, 0x11, 0xffffffffffffffff, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:53:58 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) (async) 13:53:58 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x2}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0x81, 0x4, 0x2}]}) prctl$PR_GET_TIMERSLACK(0x1e) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x8000}, 0x8) 13:53:58 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x541941, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x1000, 0x20, 0x81, 0x5}, {0x1, 0x5, 0x3, 0xffc}]}) 13:53:58 executing program 3: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb, 0x11, 0xffffffffffffffff, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb, 0x11, 0xffffffffffffffff, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) 13:53:58 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x7d, 0x4, 0x9, 0x2b}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x4f, 0x4, 0x3f}]}) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000180)={0x6, &(0x7f0000000140)=[{0x100, 0x3f, 0x8}, {0xffff, 0x2, 0x67, 0xffffd7a8}, {0xff, 0x0, 0x5b, 0xfffffffb}, {0x413e, 0xb9, 0xe9, 0x33dd}, {0x2, 0xf6, 0x80, 0x8}, {0x7, 0xa8, 0x20, 0xb2}]}) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x9, 0x4, 0x8, 0x81}, {0x5, 0x3, 0x7, 0x10001}]}) 13:53:58 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x2}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0x81, 0x4, 0x2}]}) prctl$PR_GET_TIMERSLACK(0x1e) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x8000}, 0x8) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x2}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0x81, 0x4, 0x2}]}) (async) prctl$PR_GET_TIMERSLACK(0x1e) (async) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x8000}, 0x8) (async) 13:53:58 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) (async) 13:53:58 executing program 1: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'}) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000040)=""/124, 0x0, 0x1800, 0xffffffff, 0x1}, 0x20) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) read$FUSE(r1, &(0x7f00000020c0)={0x2020, 0x0, 0x0}, 0x2020) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$FUSE_OPEN(0xffffffffffffffff, &(0x7f0000002040)={0x20, 0x0, r2, {0x0, 0x4}}, 0x20) 13:53:58 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)) socket$pptp(0x18, 0x1, 0x2) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) capget(&(0x7f0000000100)={0x20080522, 0xffffffffffffffff}, &(0x7f0000000140)={0x80000000, 0x90c, 0x1, 0x7fff, 0x80000001, 0x3}) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x84}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xcc}]}, 0x24}, 0x1, 0x0, 0x0, 0x200440c0}, 0x40400c1) r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x0, 0x81, 0x6, 0x80000000}]}) io_uring_enter(r0, 0xe7, 0x120b, 0x16, &(0x7f00000000c0)={[0xffffffffffffffff]}, 0x8) socket$inet_udplite(0x2, 0x2, 0x88) getgid() sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES32=r3, @ANYRES8=r0, @ANYRESHEX=r3, @ANYRESHEX=0x0, @ANYRESDEC=r3, @ANYRESHEX=r1], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 13:53:58 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000000)={'filter\x00', 0x0, 0x0, 0x0, [0x8, 0xb0, 0x401, 0x5, 0xfffffffffffffff7, 0x1f]}, &(0x7f0000000080)=0x78) 13:53:58 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) (async) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) read$FUSE(r1, &(0x7f00000020c0)={0x2020, 0x0, 0x0}, 0x2020) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) (async) write$FUSE_OPEN(0xffffffffffffffff, &(0x7f0000002040)={0x20, 0x0, r2, {0x0, 0x4}}, 0x20) 13:53:58 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)) socket$pptp(0x18, 0x1, 0x2) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async, rerun: 32) capget(&(0x7f0000000100)={0x20080522, 0xffffffffffffffff}, &(0x7f0000000140)={0x80000000, 0x90c, 0x1, 0x7fff, 0x80000001, 0x3}) (rerun: 32) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x84}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xcc}]}, 0x24}, 0x1, 0x0, 0x0, 0x200440c0}, 0x40400c1) r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x0, 0x81, 0x6, 0x80000000}]}) (async, rerun: 64) io_uring_enter(r0, 0xe7, 0x120b, 0x16, &(0x7f00000000c0)={[0xffffffffffffffff]}, 0x8) (async, rerun: 64) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES32=r3, @ANYRES8=r0, @ANYRESHEX=r3, @ANYRESHEX=0x0, @ANYRESDEC=r3, @ANYRESHEX=r1], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 13:53:58 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000000)={'filter\x00', 0x0, 0x0, 0x0, [0x8, 0xb0, 0x401, 0x5, 0xfffffffffffffff7, 0x1f]}, &(0x7f0000000080)=0x78) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, 0x0) (async) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000000)={'filter\x00', 0x0, 0x0, 0x0, [0x8, 0xb0, 0x401, 0x5, 0xfffffffffffffff7, 0x1f]}, &(0x7f0000000080)=0x78) (async) 13:53:58 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x2}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0x81, 0x4, 0x2}]}) prctl$PR_GET_TIMERSLACK(0x1e) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x8000}, 0x8) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x2}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x7, 0x81, 0x4, 0x2}]}) (async) prctl$PR_GET_TIMERSLACK(0x1e) (async) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x8000}, 0x8) (async) 13:53:58 executing program 1: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'}) (async, rerun: 64) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 64) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) (async) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000040)=""/124, 0x0, 0x1800, 0xffffffff, 0x1}, 0x20) 13:53:58 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) read$FUSE(r1, &(0x7f00000020c0)={0x2020, 0x0, 0x0}, 0x2020) (async) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$FUSE_OPEN(0xffffffffffffffff, &(0x7f0000002040)={0x20, 0x0, r2, {0x0, 0x4}}, 0x20) 13:53:58 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) 13:53:58 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)) (async) socket$pptp(0x18, 0x1, 0x2) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) capget(&(0x7f0000000100)={0x20080522, 0xffffffffffffffff}, &(0x7f0000000140)={0x80000000, 0x90c, 0x1, 0x7fff, 0x80000001, 0x3}) (async) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r2, 0x1, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x84}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xcc}]}, 0x24}, 0x1, 0x0, 0x0, 0x200440c0}, 0x40400c1) r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x0, 0x81, 0x6, 0x80000000}]}) (async) io_uring_enter(r0, 0xe7, 0x120b, 0x16, &(0x7f00000000c0)={[0xffffffffffffffff]}, 0x8) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRES32=r3, @ANYRES8=r0, @ANYRESHEX=r3, @ANYRESHEX=0x0, @ANYRESDEC=r3, @ANYRESHEX=r1], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 13:53:58 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000de7c1552aa2d44050000000000000000000000002195d38ee14cb935000000000100"/51], &(0x7f00000001c0)=""/214, 0x3e, 0xd6, 0x1}, 0x20) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x9, &(0x7f0000000040)=[{0x7, 0x0, 0x1f, 0xa2}, {0x9, 0x20, 0x7, 0x8}, {0xf596, 0x6, 0x80, 0x9}, {0x41, 0x7f, 0x2, 0x2}, {0x5, 0xf7, 0x14, 0x1}, {0x6, 0x0, 0x40, 0x1}, {0x181, 0x7f, 0x7, 0x3}, {0x885, 0x3, 0x5, 0x1}, {0x8, 0x75, 0x1, 0x2}]}) socket$xdp(0x2c, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)) 13:53:58 executing program 1: r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'}) (async) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000040)=""/124, 0x0, 0x1800, 0xffffffff, 0x1}, 0x20) 13:53:58 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000000)={'filter\x00', 0x0, 0x0, 0x0, [0x8, 0xb0, 0x401, 0x5, 0xfffffffffffffff7, 0x1f]}, &(0x7f0000000080)=0x78) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, 0x0) (async) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000000)={'filter\x00', 0x0, 0x0, 0x0, [0x8, 0xb0, 0x401, 0x5, 0xfffffffffffffff7, 0x1f]}, &(0x7f0000000080)=0x78) (async) 13:53:58 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80006}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x2, 0x6, 0x0, 0x1}, {0xf7, 0x9, 0xff, 0x3}, {0x8, 0x55, 0xc9, 0x6c68}, {0x5, 0x2, 0x97, 0x6}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), 0xffffffffffffffff) 13:53:58 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:53:58 executing program 4: r0 = io_uring_setup(0x6f57, &(0x7f0000000000)={0x0, 0x114b, 0x800, 0x2, 0x255}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x14400, 0x0) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x80000001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) syz_io_uring_setup(0x3f4d, &(0x7f0000000080)={0x0, 0x321a, 0x100, 0x2, 0x2a5, 0x0, r0}, &(0x7f0000fec000/0x13000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) 13:53:58 executing program 2: socket$pppl2tp(0x18, 0x1, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000840}, 0x40) 13:53:58 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000de7c1552aa2d44050000000000000000000000002195d38ee14cb935000000000100"/51], &(0x7f00000001c0)=""/214, 0x3e, 0xd6, 0x1}, 0x20) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x9, &(0x7f0000000040)=[{0x7, 0x0, 0x1f, 0xa2}, {0x9, 0x20, 0x7, 0x8}, {0xf596, 0x6, 0x80, 0x9}, {0x41, 0x7f, 0x2, 0x2}, {0x5, 0xf7, 0x14, 0x1}, {0x6, 0x0, 0x40, 0x1}, {0x181, 0x7f, 0x7, 0x3}, {0x885, 0x3, 0x5, 0x1}, {0x8, 0x75, 0x1, 0x2}]}) socket$xdp(0x2c, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)) 13:53:58 executing program 2: socket$pppl2tp(0x18, 0x1, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000840}, 0x40) socket$pppl2tp(0x18, 0x1, 0x1) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000840}, 0x40) (async) 13:53:58 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x6caf82, 0x0) bind$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000040), 0x4) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:53:58 executing program 3: r0 = io_uring_setup(0x6175, &(0x7f0000000000)={0x0, 0x90b7, 0x200, 0x3, 0x117}) io_uring_setup(0x40cf, &(0x7f0000000080)={0x0, 0xf707, 0x4, 0x1, 0x77, 0x0, r0}) 13:53:58 executing program 4: r0 = io_uring_setup(0x6f57, &(0x7f0000000000)={0x0, 0x114b, 0x800, 0x2, 0x255}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x14400, 0x0) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x80000001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) syz_io_uring_setup(0x3f4d, &(0x7f0000000080)={0x0, 0x321a, 0x100, 0x2, 0x2a5, 0x0, r0}, &(0x7f0000fec000/0x13000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) io_uring_setup(0x6f57, &(0x7f0000000000)={0x0, 0x114b, 0x800, 0x2, 0x255}) (async) openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x14400, 0x0) (async) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x80000001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) (async) syz_io_uring_setup(0x3f4d, &(0x7f0000000080)={0x0, 0x321a, 0x100, 0x2, 0x2a5, 0x0, r0}, &(0x7f0000fec000/0x13000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) 13:53:58 executing program 2: socket$pppl2tp(0x18, 0x1, 0x1) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000840}, 0x40) socket$pppl2tp(0x18, 0x1, 0x1) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000840}, 0x40) (async) 13:53:59 executing program 3: r0 = io_uring_setup(0x6175, &(0x7f0000000000)={0x0, 0x90b7, 0x200, 0x3, 0x117}) io_uring_setup(0x40cf, &(0x7f0000000080)={0x0, 0xf707, 0x4, 0x1, 0x77, 0x0, r0}) 13:53:59 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x6caf82, 0x0) bind$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000040), 0x4) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x6caf82, 0x0) (async) bind$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000040), 0x4) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) 13:53:59 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80006}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x2, 0x6, 0x0, 0x1}, {0xf7, 0x9, 0xff, 0x3}, {0x8, 0x55, 0xc9, 0x6c68}, {0x5, 0x2, 0x97, 0x6}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), 0xffffffffffffffff) 13:53:59 executing program 4: r0 = io_uring_setup(0x6f57, &(0x7f0000000000)={0x0, 0x114b, 0x800, 0x2, 0x255}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x14400, 0x0) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x80000001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) syz_io_uring_setup(0x3f4d, &(0x7f0000000080)={0x0, 0x321a, 0x100, 0x2, 0x2a5, 0x0, r0}, &(0x7f0000fec000/0x13000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) io_uring_setup(0x6f57, &(0x7f0000000000)={0x0, 0x114b, 0x800, 0x2, 0x255}) (async) openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x14400, 0x0) (async) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x80000001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) (async) syz_io_uring_setup(0x3f4d, &(0x7f0000000080)={0x0, 0x321a, 0x100, 0x2, 0x2a5, 0x0, r0}, &(0x7f0000fec000/0x13000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) 13:53:59 executing program 5: bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000de7c1552aa2d44050000000000000000000000002195d38ee14cb935000000000100"/51], &(0x7f00000001c0)=""/214, 0x3e, 0xd6, 0x1}, 0x20) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000140)={0x9, &(0x7f0000000040)=[{0x7, 0x0, 0x1f, 0xa2}, {0x9, 0x20, 0x7, 0x8}, {0xf596, 0x6, 0x80, 0x9}, {0x41, 0x7f, 0x2, 0x2}, {0x5, 0xf7, 0x14, 0x1}, {0x6, 0x0, 0x40, 0x1}, {0x181, 0x7f, 0x7, 0x3}, {0x885, 0x3, 0x5, 0x1}, {0x8, 0x75, 0x1, 0x2}]}) (async) socket$xdp(0x2c, 0x3, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)) 13:53:59 executing program 3: r0 = io_uring_setup(0x6175, &(0x7f0000000000)={0x0, 0x90b7, 0x200, 0x3, 0x117}) io_uring_setup(0x40cf, &(0x7f0000000080)={0x0, 0xf707, 0x4, 0x1, 0x77, 0x0, r0}) io_uring_setup(0x6175, &(0x7f0000000000)={0x0, 0x90b7, 0x200, 0x3, 0x117}) (async) io_uring_setup(0x40cf, &(0x7f0000000080)={0x0, 0xf707, 0x4, 0x1, 0x77, 0x0, r0}) (async) 13:53:59 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x6caf82, 0x0) bind$bt_sco(0xffffffffffffffff, &(0x7f0000000080)={0x1f, @none}, 0x8) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000040), 0x4) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:53:59 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020, 0x0, 0x0}, 0x2020) r2 = getgid() write$FUSE_DIRENTPLUS(r0, &(0x7f0000002300)={0x290, 0x0, r1, [{{0x0, 0x3, 0x70000, 0x7f, 0xfffffffd, 0x1f, {0x6, 0x7, 0x8, 0x28cfade4, 0x35, 0x3, 0x1, 0x8001, 0x4, 0xa000, 0x40, 0xee01, r2, 0x9, 0x1}}, {0x4, 0x3, 0x2, 0x2bf, ',\x85'}}, {{0x1, 0x3, 0x80, 0x6, 0x1, 0x8, {0x0, 0x4, 0x1, 0xfff, 0x4467, 0xcef, 0x8, 0x1000, 0x10000, 0x1000, 0x80, 0xffffffffffffffff, 0x0, 0x59e7c49b, 0x3}}, {0x2, 0x0, 0x5, 0x8, '((#h.'}}, {{0x6, 0x1, 0x8, 0x6, 0x1, 0x80, {0x0, 0x5, 0x8, 0x4759, 0xffffffff, 0x3, 0x2a, 0x3, 0x8, 0x1000, 0xea6a, 0xffffffffffffffff, 0xffffffffffffffff, 0xb08, 0x9}}, {0x3, 0x1, 0x1, 0x400, ':'}}, {{0x0, 0x2, 0x5, 0xfffffffffffffff8, 0x7fffffff, 0x800, {0x5, 0x0, 0x400, 0x6, 0x0, 0xfffffffffffffff7, 0x9, 0x3, 0x7, 0x8000, 0x0, 0xee00, 0xee01, 0x401, 0xfffffffb}}, {0x4, 0x200, 0x8, 0x6, '##%-\xdd(\'!'}}]}, 0x290) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000000)={{{@in=@loopback, @in6=@dev}}, {{@in=@local}, 0x0, @in6=@private2}}, &(0x7f0000000100)=0xe8) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000140)={@private=0xa010102, @empty}, 0x8) 13:53:59 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) bpf$BPF_BTF_LOAD(0x15, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x20) delete_module(&(0x7f0000000040)='+(\x00', 0x0) 13:53:59 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async, rerun: 32) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (rerun: 32) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020, 0x0, 0x0}, 0x2020) (async, rerun: 32) r2 = getgid() (rerun: 32) write$FUSE_DIRENTPLUS(r0, &(0x7f0000002300)={0x290, 0x0, r1, [{{0x0, 0x3, 0x70000, 0x7f, 0xfffffffd, 0x1f, {0x6, 0x7, 0x8, 0x28cfade4, 0x35, 0x3, 0x1, 0x8001, 0x4, 0xa000, 0x40, 0xee01, r2, 0x9, 0x1}}, {0x4, 0x3, 0x2, 0x2bf, ',\x85'}}, {{0x1, 0x3, 0x80, 0x6, 0x1, 0x8, {0x0, 0x4, 0x1, 0xfff, 0x4467, 0xcef, 0x8, 0x1000, 0x10000, 0x1000, 0x80, 0xffffffffffffffff, 0x0, 0x59e7c49b, 0x3}}, {0x2, 0x0, 0x5, 0x8, '((#h.'}}, {{0x6, 0x1, 0x8, 0x6, 0x1, 0x80, {0x0, 0x5, 0x8, 0x4759, 0xffffffff, 0x3, 0x2a, 0x3, 0x8, 0x1000, 0xea6a, 0xffffffffffffffff, 0xffffffffffffffff, 0xb08, 0x9}}, {0x3, 0x1, 0x1, 0x400, ':'}}, {{0x0, 0x2, 0x5, 0xfffffffffffffff8, 0x7fffffff, 0x800, {0x5, 0x0, 0x400, 0x6, 0x0, 0xfffffffffffffff7, 0x9, 0x3, 0x7, 0x8000, 0x0, 0xee00, 0xee01, 0x401, 0xfffffffb}}, {0x4, 0x200, 0x8, 0x6, '##%-\xdd(\'!'}}]}, 0x290) (async) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000000)={{{@in=@loopback, @in6=@dev}}, {{@in=@local}, 0x0, @in6=@private2}}, &(0x7f0000000100)=0xe8) (async) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000140)={@private=0xa010102, @empty}, 0x8) 13:53:59 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x4, 0x0) 13:53:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x6fad, 0x2, 0x40, 0x3}, {0x0, 0x80, 0x1, 0x1}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x6, 0x7f, 0x6, 0x10000}, {0x3, 0x1, 0x0, 0x101}, {0x5, 0x0, 0x1f, 0x3}, {0x4, 0x0, 0x3f, 0x6553}, {0x100, 0x4, 0x3f, 0x20000}, {0x6, 0x3, 0x2}, {0x9, 0x1f, 0x6, 0x5}]}) 13:53:59 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x4, 0x0) 13:53:59 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) bpf$BPF_BTF_LOAD(0x15, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x20) (async) delete_module(&(0x7f0000000040)='+(\x00', 0x0) 13:53:59 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80006}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x2, 0x6, 0x0, 0x1}, {0xf7, 0x9, 0xff, 0x3}, {0x8, 0x55, 0xc9, 0x6c68}, {0x5, 0x2, 0x97, 0x6}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000100), 0xffffffffffffffff) 13:53:59 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020, 0x0, 0x0}, 0x2020) (async) r2 = getgid() write$FUSE_DIRENTPLUS(r0, &(0x7f0000002300)={0x290, 0x0, r1, [{{0x0, 0x3, 0x70000, 0x7f, 0xfffffffd, 0x1f, {0x6, 0x7, 0x8, 0x28cfade4, 0x35, 0x3, 0x1, 0x8001, 0x4, 0xa000, 0x40, 0xee01, r2, 0x9, 0x1}}, {0x4, 0x3, 0x2, 0x2bf, ',\x85'}}, {{0x1, 0x3, 0x80, 0x6, 0x1, 0x8, {0x0, 0x4, 0x1, 0xfff, 0x4467, 0xcef, 0x8, 0x1000, 0x10000, 0x1000, 0x80, 0xffffffffffffffff, 0x0, 0x59e7c49b, 0x3}}, {0x2, 0x0, 0x5, 0x8, '((#h.'}}, {{0x6, 0x1, 0x8, 0x6, 0x1, 0x80, {0x0, 0x5, 0x8, 0x4759, 0xffffffff, 0x3, 0x2a, 0x3, 0x8, 0x1000, 0xea6a, 0xffffffffffffffff, 0xffffffffffffffff, 0xb08, 0x9}}, {0x3, 0x1, 0x1, 0x400, ':'}}, {{0x0, 0x2, 0x5, 0xfffffffffffffff8, 0x7fffffff, 0x800, {0x5, 0x0, 0x400, 0x6, 0x0, 0xfffffffffffffff7, 0x9, 0x3, 0x7, 0x8000, 0x0, 0xee00, 0xee01, 0x401, 0xfffffffb}}, {0x4, 0x200, 0x8, 0x6, '##%-\xdd(\'!'}}]}, 0x290) (async) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000000)={{{@in=@loopback, @in6=@dev}}, {{@in=@local}, 0x0, @in6=@private2}}, &(0x7f0000000100)=0xe8) (async) setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000140)={@private=0xa010102, @empty}, 0x8) 13:53:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$PPPIOCGMRU(0xffffffffffffffff, 0x80047453, &(0x7f0000000180)) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r1, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44000}, 0x4000041) sendmsg$BATADV_CMD_TP_METER_CANCEL(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x54, r1, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7fff}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xc8f}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x163}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) openat$cgroup_type(r3, &(0x7f00000001c0), 0x2, 0x0) 13:53:59 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async, rerun: 64) bpf$BPF_BTF_LOAD(0x15, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x20) (async, rerun: 64) delete_module(&(0x7f0000000040)='+(\x00', 0x0) 13:53:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x6fad, 0x2, 0x40, 0x3}, {0x0, 0x80, 0x1, 0x1}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x6, 0x7f, 0x6, 0x10000}, {0x3, 0x1, 0x0, 0x101}, {0x5, 0x0, 0x1f, 0x3}, {0x4, 0x0, 0x3f, 0x6553}, {0x100, 0x4, 0x3f, 0x20000}, {0x6, 0x3, 0x2}, {0x9, 0x1f, 0x6, 0x5}]}) 13:53:59 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x4, 0x0) 13:53:59 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r0) 13:53:59 executing program 5: eventfd(0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) 13:53:59 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = accept$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast1}, &(0x7f0000000080)=0x10) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000000c0)={{0x3a, @local, 0x4e22, 0x3, 'lblcr\x00', 0x2, 0x2, 0x7d}, {@dev={0xac, 0x14, 0x14, 0x3b}, 0x4e20, 0x10000, 0x200, 0x395, 0x40}}, 0x44) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:53:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x6fad, 0x2, 0x40, 0x3}, {0x0, 0x80, 0x1, 0x1}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x6, 0x7f, 0x6, 0x10000}, {0x3, 0x1, 0x0, 0x101}, {0x5, 0x0, 0x1f, 0x3}, {0x4, 0x0, 0x3f, 0x6553}, {0x100, 0x4, 0x3f, 0x20000}, {0x6, 0x3, 0x2}, {0x9, 0x1f, 0x6, 0x5}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x6fad, 0x2, 0x40, 0x3}, {0x0, 0x80, 0x1, 0x1}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x6, 0x7f, 0x6, 0x10000}, {0x3, 0x1, 0x0, 0x101}, {0x5, 0x0, 0x1f, 0x3}, {0x4, 0x0, 0x3f, 0x6553}, {0x100, 0x4, 0x3f, 0x20000}, {0x6, 0x3, 0x2}, {0x9, 0x1f, 0x6, 0x5}]}) (async) 13:53:59 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async, rerun: 32) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r0) (rerun: 32) 13:53:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$PPPIOCGMRU(0xffffffffffffffff, 0x80047453, &(0x7f0000000180)) (async, rerun: 64) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (rerun: 64) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r1, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44000}, 0x4000041) (async) sendmsg$BATADV_CMD_TP_METER_CANCEL(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x54, r1, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7fff}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xc8f}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x163}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) (async, rerun: 64) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (rerun: 64) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) (async) openat$cgroup_type(r3, &(0x7f00000001c0), 0x2, 0x0) 13:53:59 executing program 5: eventfd(0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) eventfd(0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) 13:53:59 executing program 0: io_uring_setup(0x148d, &(0x7f0000000180)={0x0, 0x8cbb, 0x0, 0x0, 0x329}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x9de7}, {0x7, 0x0, 0x4, 0x800bc}, {0xffff, 0x3, 0x45, 0x88008}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x2, 0x20, 0xac, 0xfffffffe}, {0x2407, 0x8, 0x9, 0xfffffffa}, {0x8, 0x4, 0x40, 0xd65a}]}) r0 = getgid() r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000100)={'wpan0\x00'}) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0, 0x0) write$FUSE_ATTR(r2, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x6, 0xffffffff, 0x0, {0x5, 0x4, 0x5, 0x7f, 0x0, 0x4, 0x4, 0x3bf, 0x392b6b7f, 0xc000, 0x71480, 0xee01, r0, 0xd1, 0xffffff6a}}}, 0x78) 13:53:59 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r0) 13:53:59 executing program 5: eventfd(0x0) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (rerun: 64) 13:53:59 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = accept$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast1}, &(0x7f0000000080)=0x10) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000000c0)={{0x3a, @local, 0x4e22, 0x3, 'lblcr\x00', 0x2, 0x2, 0x7d}, {@dev={0xac, 0x14, 0x14, 0x3b}, 0x4e20, 0x10000, 0x200, 0x395, 0x40}}, 0x44) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:53:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x7, 0x1f, 0x20, 0xfffffffe}, {0x28, 0x81, 0xd3, 0xec9}, {0x1, 0x90, 0x7}, {0x5, 0x7, 0xfc, 0x9c9}, {0x2c25, 0x5, 0x0, 0x54b0}, {0x1, 0x5, 0x2, 0xf359}, {0x20, 0x6, 0x8, 0x1}]}) 13:53:59 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$PPPIOCGMRU(0xffffffffffffffff, 0x80047453, &(0x7f0000000180)) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r1, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44000}, 0x4000041) sendmsg$BATADV_CMD_TP_METER_CANCEL(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x54, r1, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7fff}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xc8f}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x163}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) openat$cgroup_type(r3, &(0x7f00000001c0), 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$PPPIOCGMRU(0xffffffffffffffff, 0x80047453, &(0x7f0000000180)) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, r1, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44000}, 0x4000041) (async) sendmsg$BATADV_CMD_TP_METER_CANCEL(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x54, r1, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x7fff}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xc8f}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x163}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) (async) openat$cgroup_type(r3, &(0x7f00000001c0), 0x2, 0x0) (async) 13:53:59 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = accept$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast1}, &(0x7f0000000080)=0x10) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000000c0)={{0x3a, @local, 0x4e22, 0x3, 'lblcr\x00', 0x2, 0x2, 0x7d}, {@dev={0xac, 0x14, 0x14, 0x3b}, 0x4e20, 0x10000, 0x200, 0x395, 0x40}}, 0x44) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:53:59 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, 0x0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x9}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x8000) brk(0x9) 13:53:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x7, 0x1f, 0x20, 0xfffffffe}, {0x28, 0x81, 0xd3, 0xec9}, {0x1, 0x90, 0x7}, {0x5, 0x7, 0xfc, 0x9c9}, {0x2c25, 0x5, 0x0, 0x54b0}, {0x1, 0x5, 0x2, 0xf359}, {0x20, 0x6, 0x8, 0x1}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x7, 0x1f, 0x20, 0xfffffffe}, {0x28, 0x81, 0xd3, 0xec9}, {0x1, 0x90, 0x7}, {0x5, 0x7, 0xfc, 0x9c9}, {0x2c25, 0x5, 0x0, 0x54b0}, {0x1, 0x5, 0x2, 0xf359}, {0x20, 0x6, 0x8, 0x1}]}) (async) 13:53:59 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x7, 0x3, 0x40, 0x7}, {0x87, 0x3, 0x1, 0x3acef8b}, {0x35eb, 0x33, 0x1, 0xfff}, {0x5, 0x8b, 0xf8, 0x1}, {0x6, 0x9, 0xff, 0x7}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x4, 0xe5, 0x60}, {0x9, 0x1, 0x4, 0xd432}]}) 13:53:59 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket(0x36, 0x5, 0x7) setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000040)={0xfffffff8, 0x6, 0xffffffff}, 0xc) r2 = socket$pptp(0x18, 0x1, 0x2) ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f0000000080)=0x4) prctl$PR_GET_TIMERSLACK(0x1e) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x4040c0, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r6 = ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r6) 13:53:59 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x4e24, @local}, {0x1, @remote}, 0xc, {0x2, 0x4e24, @remote}, 'ipvlan0\x00'}) socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000080)={@private=0xa010101, @multicast2, 0x0, 0x1, [@private=0xa010102]}, 0x14) 13:53:59 executing program 0: io_uring_setup(0x148d, &(0x7f0000000180)={0x0, 0x8cbb, 0x0, 0x0, 0x329}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x9de7}, {0x7, 0x0, 0x4, 0x800bc}, {0xffff, 0x3, 0x45, 0x88008}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x2, 0x20, 0xac, 0xfffffffe}, {0x2407, 0x8, 0x9, 0xfffffffa}, {0x8, 0x4, 0x40, 0xd65a}]}) r0 = getgid() r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000100)={'wpan0\x00'}) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0, 0x0) write$FUSE_ATTR(r2, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x6, 0xffffffff, 0x0, {0x5, 0x4, 0x5, 0x7f, 0x0, 0x4, 0x4, 0x3bf, 0x392b6b7f, 0xc000, 0x71480, 0xee01, r0, 0xd1, 0xffffff6a}}}, 0x78) io_uring_setup(0x148d, &(0x7f0000000180)={0x0, 0x8cbb, 0x0, 0x0, 0x329}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x9de7}, {0x7, 0x0, 0x4, 0x800bc}, {0xffff, 0x3, 0x45, 0x88008}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x2, 0x20, 0xac, 0xfffffffe}, {0x2407, 0x8, 0x9, 0xfffffffa}, {0x8, 0x4, 0x40, 0xd65a}]}) (async) getgid() (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000100)={'wpan0\x00'}) (async) openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0, 0x0) (async) write$FUSE_ATTR(r2, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x6, 0xffffffff, 0x0, {0x5, 0x4, 0x5, 0x7f, 0x0, 0x4, 0x4, 0x3bf, 0x392b6b7f, 0xc000, 0x71480, 0xee01, r0, 0xd1, 0xffffff6a}}}, 0x78) (async) 13:53:59 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, 0x0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x9}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x8000) (async) brk(0x9) 13:53:59 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x4e24, @local}, {0x1, @remote}, 0xc, {0x2, 0x4e24, @remote}, 'ipvlan0\x00'}) (async) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000080)={@private=0xa010101, @multicast2, 0x0, 0x1, [@private=0xa010102]}, 0x14) 13:53:59 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket(0x36, 0x5, 0x7) setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000040)={0xfffffff8, 0x6, 0xffffffff}, 0xc) r2 = socket$pptp(0x18, 0x1, 0x2) ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f0000000080)=0x4) prctl$PR_GET_TIMERSLACK(0x1e) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x4040c0, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) (async) r6 = ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r6) 13:53:59 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x7, 0x3, 0x40, 0x7}, {0x87, 0x3, 0x1, 0x3acef8b}, {0x35eb, 0x33, 0x1, 0xfff}, {0x5, 0x8b, 0xf8, 0x1}, {0x6, 0x9, 0xff, 0x7}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x4, 0xe5, 0x60}, {0x9, 0x1, 0x4, 0xd432}]}) 13:53:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x7, 0x1f, 0x20, 0xfffffffe}, {0x28, 0x81, 0xd3, 0xec9}, {0x1, 0x90, 0x7}, {0x5, 0x7, 0xfc, 0x9c9}, {0x2c25, 0x5, 0x0, 0x54b0}, {0x1, 0x5, 0x2, 0xf359}, {0x20, 0x6, 0x8, 0x1}]}) 13:53:59 executing program 0: io_uring_setup(0x148d, &(0x7f0000000180)={0x0, 0x8cbb, 0x0, 0x0, 0x329}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x9de7}, {0x7, 0x0, 0x4, 0x800bc}, {0xffff, 0x3, 0x45, 0x88008}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000140)={0x3, &(0x7f0000000000)=[{0x2, 0x20, 0xac, 0xfffffffe}, {0x2407, 0x8, 0x9, 0xfffffffa}, {0x8, 0x4, 0x40, 0xd65a}]}) (async) r0 = getgid() (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000100)={'wpan0\x00'}) (async) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0, 0x0) write$FUSE_ATTR(r2, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x6, 0xffffffff, 0x0, {0x5, 0x4, 0x5, 0x7f, 0x0, 0x4, 0x4, 0x3bf, 0x392b6b7f, 0xc000, 0x71480, 0xee01, r0, 0xd1, 0xffffff6a}}}, 0x78) 13:53:59 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket(0x36, 0x5, 0x7) setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000040)={0xfffffff8, 0x6, 0xffffffff}, 0xc) r2 = socket$pptp(0x18, 0x1, 0x2) ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f0000000080)=0x4) prctl$PR_GET_TIMERSLACK(0x1e) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x4040c0, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r6 = ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r6) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) socket(0x36, 0x5, 0x7) (async) setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000040)={0xfffffff8, 0x6, 0xffffffff}, 0xc) (async) socket$pptp(0x18, 0x1, 0x2) (async) ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f0000000080)=0x4) (async) prctl$PR_GET_TIMERSLACK(0x1e) (async) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000100), 0x4040c0, 0x0) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) (async) ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x1) (async) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) (async) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r6) (async) 13:53:59 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, 0x0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x9}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x8000) (async) brk(0x9) 13:53:59 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x7, 0x3, 0x40, 0x7}, {0x87, 0x3, 0x1, 0x3acef8b}, {0x35eb, 0x33, 0x1, 0xfff}, {0x5, 0x8b, 0xf8, 0x1}, {0x6, 0x9, 0xff, 0x7}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x4, 0xe5, 0x60}, {0x9, 0x1, 0x4, 0xd432}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x2, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x7, 0x3, 0x40, 0x7}, {0x87, 0x3, 0x1, 0x3acef8b}, {0x35eb, 0x33, 0x1, 0xfff}, {0x5, 0x8b, 0xf8, 0x1}, {0x6, 0x9, 0xff, 0x7}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{0x4, 0xe5, 0x60}, {0x9, 0x1, 0x4, 0xd432}]}) (async) 13:53:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) 13:53:59 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x4e24, @local}, {0x1, @remote}, 0xc, {0x2, 0x4e24, @remote}, 'ipvlan0\x00'}) socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000080)={@private=0xa010101, @multicast2, 0x0, 0x1, [@private=0xa010102]}, 0x14) socket$igmp(0x2, 0x3, 0x2) (async) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x4e24, @local}, {0x1, @remote}, 0xc, {0x2, 0x4e24, @remote}, 'ipvlan0\x00'}) (async) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0) (async) setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000080)={@private=0xa010101, @multicast2, 0x0, 0x1, [@private=0xa010102]}, 0x14) (async) 13:53:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) 13:53:59 executing program 2: prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) 13:53:59 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x81, 0x1, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}, {0x9, 0x1, 0x1f, 0xbaf}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:53:59 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x2, 0x0) (async) 13:53:59 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = socket$inet(0x2, 0xa, 0x0) bind$inet(r1, 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x82f03, 0x0) write$FUSE_WRITE(r2, &(0x7f0000000080)={0x18, 0x2f, 0x0, {0x1f}}, 0x18) 13:54:00 executing program 2: prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) (async) 13:54:00 executing program 5: r0 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000100)={{{@in=@initdev, @in=@loopback}}, {{@in=@dev}, 0x0, @in=@empty}}, &(0x7f0000000280)=0xe8) accept$inet(r0, 0x0, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000080)={'IDLETIMER\x00'}, &(0x7f00000000c0)=0x1e) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) accept4$inet(r1, &(0x7f0000000200)={0x2, 0x0, @initdev}, &(0x7f0000000240)=0x10, 0x800) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)) socket$inet(0x2, 0x5, 0xfffffffc) 13:54:00 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x81, 0x1, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}, {0x9, 0x1, 0x1f, 0xbaf}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:00 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:00 executing program 5: r0 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000100)={{{@in=@initdev, @in=@loopback}}, {{@in=@dev}, 0x0, @in=@empty}}, &(0x7f0000000280)=0xe8) (async) accept$inet(r0, 0x0, 0x0) (async) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000080)={'IDLETIMER\x00'}, &(0x7f00000000c0)=0x1e) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) (async) accept4$inet(r1, &(0x7f0000000200)={0x2, 0x0, @initdev}, &(0x7f0000000240)=0x10, 0x800) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)) socket$inet(0x2, 0x5, 0xfffffffc) 13:54:00 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x3, 0x0, 0x4, 0xfffffff9}, {0x401, 0xfe, 0x0, 0x4447}, {0x1f, 0x1f, 0x0, 0x1}, {0x4, 0xb9, 0x9, 0x19d0}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x8, &(0x7f0000000080)=[{0x3ff, 0x43, 0xff, 0x20}, {0x3, 0x8, 0xd, 0x5}, {0x9, 0x5c, 0x1, 0x2}, {0x9, 0x9, 0x80, 0x90}, {0x2, 0x2, 0x0, 0x7f1}, {0x101, 0xfc, 0x5, 0x8b5d}, {0x5, 0x6, 0x9, 0x931d}, {0x2, 0x7f, 0x3f, 0x80000000}]}) 13:54:00 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x81, 0x1, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}, {0x9, 0x1, 0x1f, 0xbaf}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async, rerun: 32) getgid() (rerun: 32) 13:54:00 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) (async) socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:00 executing program 5: r0 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000100)={{{@in=@initdev, @in=@loopback}}, {{@in=@dev}, 0x0, @in=@empty}}, &(0x7f0000000280)=0xe8) (async) accept$inet(r0, 0x0, 0x0) (async) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000080)={'IDLETIMER\x00'}, &(0x7f00000000c0)=0x1e) (async, rerun: 32) r1 = socket$igmp(0x2, 0x3, 0x2) (rerun: 32) accept$inet(r1, 0x0, 0x0) (async, rerun: 32) accept4$inet(r1, &(0x7f0000000200)={0x2, 0x0, @initdev}, &(0x7f0000000240)=0x10, 0x800) (rerun: 32) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)) (async) socket$inet(0x2, 0x5, 0xfffffffc) 13:54:00 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) r1 = socket$inet(0x2, 0xa, 0x0) bind$inet(r1, 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x82f03, 0x0) write$FUSE_WRITE(r2, &(0x7f0000000080)={0x18, 0x2f, 0x0, {0x1f}}, 0x18) 13:54:00 executing program 2: prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000)) 13:54:00 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x3, 0x0, 0x4, 0xfffffff9}, {0x401, 0xfe, 0x0, 0x4447}, {0x1f, 0x1f, 0x0, 0x1}, {0x4, 0xb9, 0x9, 0x19d0}]}) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x8, &(0x7f0000000080)=[{0x3ff, 0x43, 0xff, 0x20}, {0x3, 0x8, 0xd, 0x5}, {0x9, 0x5c, 0x1, 0x2}, {0x9, 0x9, 0x80, 0x90}, {0x2, 0x2, 0x0, 0x7f1}, {0x101, 0xfc, 0x5, 0x8b5d}, {0x5, 0x6, 0x9, 0x931d}, {0x2, 0x7f, 0x3f, 0x80000000}]}) 13:54:00 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}, {0x4, 0x0, 0x2, 0x5}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x6, &(0x7f0000000000)=[{0x7, 0x7, 0x9, 0x3}, {0xffe0, 0x1, 0xcd, 0x1}, {0x5, 0x0, 0x20, 0x9}, {0x537, 0x9, 0x3f}, {0x100, 0x5, 0x2, 0x4}, {0x5, 0xff, 0x4, 0x3}]}) 13:54:00 executing program 2: r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x0) ioctl$HIDIOCGRAWPHYS(r0, 0x80404805, &(0x7f0000000040)) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x1, &(0x7f0000000280)={0x51, &(0x7f0000000240)}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x6, 0x8, 0x9, 0x100}, {0x3, 0x0, 0x6, 0x200}, {0x7, 0x8, 0x1, 0x8a}, {0x81, 0x4, 0x20, 0x8}, {0x400, 0x1, 0x6}, {0x2, 0x4, 0x60, 0x7a2}, {0x7, 0x4, 0x5, 0xd5}]}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = syz_open_dev$hidraw(&(0x7f0000000100), 0x3ff, 0x381982) ioctl$HIDIOCGRDESC(r2, 0x90044802, &(0x7f00000002c0)={0xb5b, "20ff32a946caa4818f1232009bc36d0609d06a777e8316dd7a0f6012bfb5812bae9b523ba4a99a0c495003dfc340eba6e527b33894c850bb9586a3f5d57314adcf6261cdd39aa7d79ac4f620cba78cdbdaaf8749c4886ed310afdda8cda5aadb93d87910d75f488ae96cf465bf29e08da7981a5c73221027247e2cc3c89e19e338ef750c7abf21926529d7b965baf4137dc870deb173eadfc540d5bece0c1fe49ab7aad6c9ce2f8d8f9dfb756d16664c1be6cf6f6d9fb0f9deac1a1bc19d419dc8aca3308e6f8373e2a53d1395f97024c5ec5f41224a87bfafe3ca8e19f6a5ace0b89a08a31b9b6ed3feb2e2c4a1ab104330ee3811c803a6c3af3be89d4f6431d8ca4f4ede04f2bb2a84192838a2ad600be26e2dd52515dc5087c176880018ae055c818832f9d6a146b22e5d3d6aefd8322770941546d33b1116673f4ceb445d174cbedd61b551125d3ce72313edd55b71f4019c8c449a651f05ac2e7502b4f23a296513af056da88a5fd4e28a97d266233caeffd3c348c215dc4383cd7f425d876002293545479794e41c3dc00c82316919ee61eb88402f899e0c9b646932030e74d1f8ee6610d02337f6c0e9a6d58a3165f13f04497249230e1d79d9354477cfd7fe06578f86e1977a33cf95eeec2824d02b8db3387dadfa025d201b34bc537a4da4bbd1d63c8f0a33bb4aeee79cc5e5e23f910f15db7f1694719fd2f7bc4ff1ca452e6d230542e1ab1393a04b55a5d8737247261731caacee141e7874cc49498087403bb460d94e84584fc8d5c19a5d2f080bcbb3410afadccca561cac093909af03d07faf588c9c1e45bc6172f4f3bfff2aba5f6448060e08db621a732f55aa39e476731c52978520547f2e209bdc3a4a0e397c5e2e8b7ea7194980cc38001767853a86ed0921318bc06c3b92527843a9896f28600dc1d37daf2b0d4ba5294cbe7c2fc9360dbf37fbfd843f1450db296be95815c3a207f01e0c46593826862ab76c99e4cd45bb61874dda2bac3ec10ea34722867b6aa5fc43efc6dafd224179adda64dd5cbe2d6d2bbc3da0f48391beb2b562ebcb502d0e0f28a570dcc367c8fb809603fa26b1d1209dfb63843d835c139b3cd1e1de4effcc7d430e1e91d517ba400b6a98b146fea02aa18e9989136a9c2a98ac27310bd181371466d81a152f737ac2766221408adbf91460cdb03c37ed302060ba0b93704aa81aa2a49081a8b4ed0af98b16f057908c659cf083ed8c9d0736d7d0d15b139c88e480a910f1a442dd2dd6e66299be647affe87e4f5a7710a8d997ca9e2a97a5808f108163c744317fa4c44985d18045aeddf85302b479568730696f880e09fae34dbf7e37f3618aa6d9bef05c47f54e46a5c37f9a6a510aa498de70ee938f99b425ce4174a4c131469b770fe4b8e7c01ff08f0e03c3e06fbc82f8e045481e36d202d0d1356aeece419bc3f8dd939c7a0db312c97fe9b6ecebc52d289c57a3b8be314fab012b034c791425300b45f22cb5cc21c0a0dee7d09583934568616cd0b1dded43c13dfda64947fc7527e4479630259e2336684928947c103e638a9794d9188035ccdcd09ad41250c4e82644a974acdffd0217c8cd274e8e1625e5d1a98813a251852be5f090b27ce565b9a0989906309a5ee3e224ff9861f786106678ba87abe1a759097af12878e0472a38dd51e202157523c66eebdf091c5f83ea6ba7c95127b8bcee5ddd0a4ccc070d2e6e7a016e4b5a624d7fb41327dd7bdaef1e87c761fb8fb1c1d6453b75d7a2102f5005efc810c9c84e5a906f0b84c1b82696fb1d4c243740825c8f75c8f69f8d440bcb011721bc6ec6c826576f65f0cda1a8b056fb395faaa11376d08272e3fdeef182e9dd7e6c0fde4a7f0f8f9fe60799d1f390c954121a8cb23572d05162d59d291e62d260e58fe0a31935035ca235e3703ba0f2618aff63c9be987636f044bb35803c9cbdc928e07bc7b6042f03d7e2b1ec82bb61d219d208d891d74f5d24860c4b06bd2b74efb810894cd9bdf1373ae7bcffee5abf7e676cf7760a834810ec5f9d2b555c2def4639ab51e28473c764d0f8049692971de8a369e55a200ca72476c134b9e5053549f584a4db1e171aa9a752faba8f3cfea51aad9af99a772a3f6a0e7045b14606d27abfdd0613f239c5afef26613be80df9cdff64a88156520dd574f3704ed8a0a7099ce8e550f4a97827497a8f5f251de96d91d557cbadf61bf84e73d69593a0b555bc4551710673979317413b52133d3114e5e60f7458cdc7a9d2729ecd17f28a39452e532599811c6f3bef3417cbd44e224edd2dd0e03eaff1334e7a724b41ec5f9eebc1129e93fd7966dfe79de8cc75698ffce60f7505f4a88e1e435c40b9ea779c7bd74fb0ca0537ea385a8e596296015885c2019238cd7b0d4b2314c2f896fbd907b46e1ddfb5b5781d5122290e7a1a4bfc26caaac870e97dc80198ba5fdb1fe1f7fb8005ee40ac8a63863f00fb25daa8019a40d7c7b342bd839509632f23a4b30f828faaeda2f9f1aa61ed0a4f81d39328cd5d3e2b172791e13be65fae6ce5ad0880f81530bda59ec62b28fbc6fe7413e9a4ec5e1317f238b7c5d9c1729d9d70c9b2c3969d04a3bfb07f56576586fa91321d039135c3ad72ef61f52a6187d173e16ac13c7f64c2c71ea6c61d9a5f09bf0e24f2b2ed8ce7704300e076929c6489be332eae91e760482e87ca1cec655330215ea5007d858053444e53adb706e4691f9ccc070ee7e83947626576cd7c2fea7ccd4a254df313aacc99300e4a15af365bd2643785b9092c0facbe1436c255945f4ea4a2d90545f204db2a4b198a41c0402b2a929d8a6d6c3939e3b28c68b3a1c93758b49bea9ba3479efb2ec90bbf2781bf8b8812af60329bee5477da8c1b2abd92ca90974d301556f68fdc40892d3575bd4114a30c0f2c3883d2f44841d6caf7288daf39b78eea48bb206e35bc8328ff07cc0707ca6afce33702d8769d3b386a5429edd6070313f561b56d29d036d797461f4d56d5a2d3e41b5a03242f87462c62c1233a44d9b6475d8f76c4a3fbf2945f19ac3b04d651ffa2360e5ff03e39d189e114ca8a35e42eb41b7ac23211a891a26518a810acd19ea66190dedbecda7893e599deb8ba6ac8148a580106c14e3da266cb41bd2ef2ded465044c6c647c643cc2a2d776ec579671f7fff08661415561ed38a0427c15e9a2c3e6c0730a4eb65fa0308736087bbf958a9dacf3f52f8918f812b9d3d4c40dc5e85dc4ca5434e98351c4558dbcbb65b0a15d1ed66512df1bb0aa465cb55d76792f8e565ac5195c306809859c89d73dc13e22df5833dec6872e6befd641f27087bc2b94105484b34fdf93ba4a77fe81ecaa21fc1b403abafa0f1790cff8bd75e26c04ef0d736f94e4844a547e77941fca7af87009cc9fc7147801e0efe3afd17059466548b7d5a780bd3cb42d4d8e27c963a8abfd60f7eca5107e296e49e653850b7101ccd353b595339aec55838c3393c0c318b04fde4539c0650ea18fd9019e3214b71ab5cf7330554458292d7203cf5af7a0b0f612bf82eb648a47cf0adf608ee46543c692a00a725ace20a5c0643d507afda4ec29db8266bf187f6f5fee151c4819ccee61fcd34e3615cd7e916d4dd4227363f0b0074dbae77d6eb9bc5813c4d82f746ab46173ce89af8c4eca2890c43918a82b154486c2f593e2f8b3111173ca9b9309fd161f3bca568b8989817ba685274347e6444ed7e2432a8d13dcd66484be1745fddd858a9664c0d55fb405cebc8e1c32f92cd609274663aaa017e2ceb34a56d4c3c844b3b1b96fda2c5b01de8f02e871b6dd7387c4f71f1a30c52a91da35d735db5c1682f6853c723f4818e2355148946aa9d4d29a709f2977a78d96e4f2aff66c31166d0ab9d857c726910506b8a30d5a2e8cdc80592e8b2d1439ddbaf7eefac79c90a7a5eeb02bedcefaeb512686ec583515131a6b7af23476c5ce3f56ea8f54bdc12c3567d2da3774687d1d5edb1b2c04539e8fe334c04d75d252209ed7e064fcc9e0925e59b6503e5013c56e80b5b0264ebc7ecc2ba2287cec8794ac12e6d174e4b75a3bac6eb8489bbf10be80b283160e21f59e2b4f8"}) 13:54:00 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) socket$igmp(0x2, 0x3, 0x2) (async, rerun: 32) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (rerun: 32) 13:54:00 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) r1 = socket$inet(0x2, 0xa, 0x0) bind$inet(r1, 0x0, 0x0) (async) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x82f03, 0x0) write$FUSE_WRITE(r2, &(0x7f0000000080)={0x18, 0x2f, 0x0, {0x1f}}, 0x18) 13:54:00 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}, {0x4, 0x0, 0x2, 0x5}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) getgid() (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x6, &(0x7f0000000000)=[{0x7, 0x7, 0x9, 0x3}, {0xffe0, 0x1, 0xcd, 0x1}, {0x5, 0x0, 0x20, 0x9}, {0x537, 0x9, 0x3f}, {0x100, 0x5, 0x2, 0x4}, {0x5, 0xff, 0x4, 0x3}]}) 13:54:00 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x3, 0x0, 0x4, 0xfffffff9}, {0x401, 0xfe, 0x0, 0x4447}, {0x1f, 0x1f, 0x0, 0x1}, {0x4, 0xb9, 0x9, 0x19d0}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x8, &(0x7f0000000080)=[{0x3ff, 0x43, 0xff, 0x20}, {0x3, 0x8, 0xd, 0x5}, {0x9, 0x5c, 0x1, 0x2}, {0x9, 0x9, 0x80, 0x90}, {0x2, 0x2, 0x0, 0x7f1}, {0x101, 0xfc, 0x5, 0x8b5d}, {0x5, 0x6, 0x9, 0x931d}, {0x2, 0x7f, 0x3f, 0x80000000}]}) 13:54:00 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) r0 = syz_open_dev$hidraw(&(0x7f0000000100), 0x3ef, 0x400) ioctl$HIDIOCGRDESCSIZE(r0, 0x80044801, &(0x7f0000000140)) ioctl$HIDIOCGRDESC(r0, 0x90044802, &(0x7f0000000f00)={0xd8c, "a29210ddf6bd0dc330937299fa3b2db3a8a2b6dcc57bcde33f6d41a6b3bcf62da3785a1411bd5f68449dc30640a162d367b81b04fe72687b65e48286f6ae3403cfeff5c6c0b384e3b30ea68162279b2ca734342d1f95a0bbc828fc43cca0a3cf69d373e8e9ea6e4e8c3087f39e65ce34bbcf6fab0d8b4c91757a6d03c9c08e36d4b93009fa1b6f2609affd5190b6a61e74096fdc838cb3e15c8cca0e579f710e80436d5f7da8a55918030b96253b3519fc47dbf6c2b146a3db51e45ff7c9d4dbdb0ca7a606322d3dcf6b210de980a29bf18d45c1a6461cfefb84c5f2820de40331fab8c1b0dbb49e9320f32438217906cacdb63e65cc0805db0331a4e76590f8f8340ae8b8f4d78de6829c8740edaed14efeddc30baaf20405b18e5916746863d71a77d55a3c01d679bf0a1e66a6cbe878d8c4279cea5324709721bd6f3284e3d0ea886795a5d83ed8b87ff4c5c365d14b9d5daaa060157fa3046dd4a8d163ed54d71b9aa7c9012dd300cbd19f81ab0a3546cb83dd78ba031ebf27f8e60c6cf8c32a2f4a34bbaf6313a158dfe1b014f079ee942b80d11e8709dfd64ee4122e1fc305f458fce4e7e8273ec992046dfa2c287f66b9a6217b74c45a65103035c3b8127888903e91a5f7dd959b61a0ce4a188a0fcfb7c469eca51d5f0a7b2f995bbeb25d3833c3c1426d5151c2a6ac5dcb8f4f0588341c561858042a5e9eea08324e86596c42ddebed7a5df8f8cb59d8e0c781a8a512284aefeb1be34970d471a67c75e6ba231ee0a3444b98f778891c9ba0ecec1205f61a224a0991a5f297c58138b5c7d6c59092f3997d361a8b1b1dd9d6674f1d50ec72d243f281be07a9a7d307645c7a5468ad234512159d670fd6850c900bb3e01574ad419b14a77f8e95af4e838f5bdd413de0ffa1e2c5679a48dfd4b0df2f2ebc9c37154895284f8d16b4e4e06fb454df05b4d195b06038757f3ed653f83214ee9c9fb01024819633a83d64ff9b674fa3146f07a44c4e0476ff697f878223961b8b221b714b9864222f051ed2bb19c9d23490f5551ab09b31d6b7cfc82139bcc077a29efa1b5f19461d6b4cd3bd6405ddc2b0315c10c184da1f222f96624f2ef3238ec8cc4258ef942db3bcd4294eac455588be563cf132f0760c980abba7616a3bdf9ec8108a7a856d20cd9aa5adc2e0abb9b56afcb5dd1311cb4c066c053c919998cf9caeda02f0ab16d10a7238d545c3ffb8c58f08fff557782105421f86ff5bb229f6a06fb4dc783a5c2608e10d1d174b2600a5330d255a7d282747b7f7c794615197c2a0359a1e2cafbf3946c4d395da0fcec789ed12f2e7ff823d1a55b5f48458d50385090ad96c93ad6e92d9ddf0c973b0dcf62118deb272abcb1f45c85e188ec7cb443411e3f72da9b7cd5752cbee35bcca2a7a15361f7e0d66e7999bf0bc9ad52c6995ad60f57bd4bc7a35a1a75fc9dcc4ae6487404993cb3a760b265936748bc220f2b99dd835a71ef28ec0991b6c5d68a3f8bedf463ecba3e0131631fba51d60b721cc4b34bef543ee6b22aca930ef8bb737d751fd70d222dac919f903bee0c99b9fe6466052a573aee2277e13f5c7957a34dbd1739879af85602034af1b9c0effdc709cd4ee07c0653e66a29ffdc1ee19f8d178182648380ed8283f6155b7a597cbd3a79233effe0c478abb2edf87b24ebb5373f494ffdc893336a6d8cd908dcf3394e6fa4c5cfd928203d939966e736b94df8fe5fd9f614fa84e8a316488575b84b6c72d350106a86082a95eb9718d33df7df0b7a70dd9e589f38ae037cbe41ab890c91b00edc1bbc69e50c1524b3664de14eb36497407d068d2405770ee5e5ae20cc4a5492f338a1a1f9660dac0d9c697f1231d5fb7cbb50e19e2b48cb8f6cdc527c3fe19f9e46db348a62750c0cefbe9f7841afce02f00afe3c44ba34c4fa4fd55439ed12d3728b78bc92b5fcea14d75bf0875f6b4f5a2a206b646e0371f840f628e8d47c2c85ccab6a8f205578d41ef537d34dea9af21d0794541670e4c689e66f145b3cbf5fbef83e2f5cc526c83abdc9ef3999ff53a9de1228aca8d62b53e666944ff0637b1cff7365f9d5c998cc58a0d08008e7b8391ddb5023037dd27480d1aec0c05806f6cc09ab03109bc6581df34f0547cb8fd70f5e3faf57c12c2cdfdaaa076e1539db81fce99affe54d22dab78c99d3e081771ba22a89755d03f6fb8817fe4b707e0ad589bb4084de57f72c0bf3650144f785278372528a5050ed87ae851c617842307d908187157e370e2fc47410b80e07e08a30441fc7d2a63a949ed00eeb95b65a157438e2767fbb42b3d9fd7690ba4424f10c23db622ef930713973d1d15a684623b2123a448db1843eea8cc59eba3db72fcb14e10650eae0d3b883c2a22971b437c227631f3c5843ff0636117d6a5bf15e987a0d595ed0c69f13cf1990d4ed8621cf418525f07969010da02beaf8b97d203a651fbac5c75fd615ffb0fc0f4b9ea347cb3c41e50d6f9c025403545135897ab22ef68d7a18738287167e0538900882b23c382a7cacd1641f23e9f536b87d45ef79b2a3cce886713a5c4259ad08a1b4af4b9160ac1651ffe9d7e1e4506af2f388a003c60a86a363aedf43857bcaffbfbd6f197b5d9e48cc832905ea0fc0e1791ba3fe356719b01ab17472fcc3ca61c5865568c32e1097895803674f68ac338e2aeb37d86c2ddc1f0e3e8069d95be62e6719cfe90e986842a30f7f4e9cab59d45f0aedc9a15a13f06ecc2c63d5856241924020fde61f8a59255851d592247ff08c7c6c28198c3d9838e348f4fff5d4bde14e76e77e362cb716733a58faff0df1963d45072e417f81f9d21c4860b564e7af6aba988ed4bc87a953ea4bfe2c5332f76e4c21087ef3cea06d90c2a4002db7aa0ee41d55a4c63d71b0b07d68e27e2aab6ee50e45d09348086f245d6053a7e0abd95f7c3c99313751ba553a01d6268d04d24f0f432097239ebaa839eb47270c9e9bc0af8c62a496b2b4271f1552ca4dff6cc6da978a6e13769a871b23db42de52b693e38299e477974b48537e4ad613f00fcac5d7251c1f91464ee7bd6371cd396b7006206349e802633fc5616e7379a0c9a42039fc1016d7bf70e790dd18ea55d6106bf0bf79d8648f742a6bc60fa285a207f39420a429392443e78bfc49e4296ef2ebe35c401785af84033914e6e0d1cca095d0aea7562ae85484c13122b013d071d2c8a2705a1ebf70c67627d5200c90611b837fb8751b7bf603cdb264156a6a7d88894c7dfa04c1db0b2ea55eb621a76842ee1c33ea0c9b41855aef143d6c3094d587bed190e8244a1d06ed73e255cb9415439c6f572702b66485a0897e584114341cb2bca987a20ef97f74c1e92b95193ab7fff53bbd30b96faf2dd58c8a2787437778fe8d47608fcdc391113258155a60dc091b2ec3e9a4f56c2fff855f917076dc391505f7833aaf42b0670a6d4d317a9cc3c6f8c755f8ab90511e30d8ba4501be72c8a33feda970a88246249e541b7775a0da3b5cd77c47e4dd9b85f7ee7536143ba9fc2c9073ac83cf7a64df51375f09bf6b4e4606195d5f2f335e0aa1a5bf2e48f14a559a36f1201b0571bb019a232cdc92df163b13565be86977602d9e573b0dd8ddcd6d4198383da2e091c6929704b6d4a6dd5dc6caf103634ff4989ed6791ad35a6d36e43c8458e0aa6ab137c326f740cb73047cbad26bc5235d005422ea002418bb014ea490d8e370dc94722cb300716d071864b3099d2c7bf81fb26eef8e3d76ec6dae12421d4870fb6f25dd140ab0f6ec6bbdf0117b81cd1bb79196fa1d406cd92923b6db82bd0457aea0b397735cb3b09fcd25f679cd05962deccded415a89acee650dfe6aaf0d9daf84dc9c2c963f3dc708cd4bfb60a8eb2247ae116a187186a53afa82baf18b85c2a45c5b204b4b427b882110058cb3d05f6767c253977db175db7abbd298d417bec1efab3e5fd909c681c7ce39056b57db6d8ae2a6b5075e9a658f1c5b8aff1978213277ef2702021144cd947221cc5f94a275e344ce6a566150ffefe7f4351ca52e6f851070fe32c1bba56da718f48aec93f065a7516f8ae3dae2d2b79bc1c3ce2bd792a2753f84a1051c56f4fe4deb5a1cfb6930fa862ee223835868535e135062908b23783a023df30901565ab4a18044bd8bf59ba92b3688b4dd956dd798afccd5336964676f8f9db957550105456be2bd66541ce455bf993c9ac862f89aaf68a4bdd27d17ba565e042bc3e7292524e2fc558aa9dd9fcd84dc6e6d3db8be458313b72c88ec6b2b9a972a7230412d06498085702632ce7d1adae1870ffa0101ca042b994c5ec3aa217bdbda13718e5cb0805263d18fb6b3472a4a046d93cf7342d33bbcd201dedad24a6ca7d182dd9eae456e11eb43a275cdd88d1ed6f12d96f3ac355e8314706fbeb01f2335fee6c2545cb8766ac69879b2dbc07318c3f6150fb0dd0886779aae3a26cb4c2f0bff521556e56b80429cd6493d59f9e590047de121b24dd7d7d3e5bd1496bba847f6a236dbbb5e7dd570e67a7751e200c575e9536bb4dcb11ead97e15b20a2b8bae7ecc2b6d567721f78be342e824ad5eda9c78895bde7b1240cca6292d9c7345b084d1e4832fb496985687890217444e2985b01f6f7168196494dcda647f03a59604fdc8d30f78952158ed27629d78697ffcdb9e0f3d233e6d28ba31144ae8ca627fdcfb7458612e94d28b82fd68ad7b11113394cacf8a31f46cf708325aabd58b60711644d543e58a719d565055e33675581eb0975a96d2dcf2aa6ddde19c2b74084feb60fdccc348a4bea7a82b8075dadb8a1ff8b085f649d1a317114c5ee709f53aff257820fe502003d4672563b387420848d360c6d8253e193ddbf7bc63524b6f3d46680a83"}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x3, 0x9, 0x3, 0x7}, {0x9, 0x47, 0xff, 0x67}, {0x9, 0x6, 0x8, 0xfffffffa}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x7f, 0xdd, 0x9, 0x6}, {0x100, 0x1, 0x3f, 0xfff}, {0xfff, 0x6, 0x0, 0x40}, {0x0, 0x40, 0x90, 0x8}, {0x5, 0x4, 0x9, 0x7}, {0x1, 0x7f, 0x2}, {0x100, 0x3f, 0x2, 0x7f}, {0x2, 0x0, 0x4}]}) 13:54:00 executing program 2: r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x0) ioctl$HIDIOCGRAWPHYS(r0, 0x80404805, &(0x7f0000000040)) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x1, &(0x7f0000000280)={0x51, &(0x7f0000000240)}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x6, 0x8, 0x9, 0x100}, {0x3, 0x0, 0x6, 0x200}, {0x7, 0x8, 0x1, 0x8a}, {0x81, 0x4, 0x20, 0x8}, {0x400, 0x1, 0x6}, {0x2, 0x4, 0x60, 0x7a2}, {0x7, 0x4, 0x5, 0xd5}]}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = syz_open_dev$hidraw(&(0x7f0000000100), 0x3ff, 0x381982) ioctl$HIDIOCGRDESC(r2, 0x90044802, &(0x7f00000002c0)={0xb5b, "20ff32a946caa4818f1232009bc36d0609d06a777e8316dd7a0f6012bfb5812bae9b523ba4a99a0c495003dfc340eba6e527b33894c850bb9586a3f5d57314adcf6261cdd39aa7d79ac4f620cba78cdbdaaf8749c4886ed310afdda8cda5aadb93d87910d75f488ae96cf465bf29e08da7981a5c73221027247e2cc3c89e19e338ef750c7abf21926529d7b965baf4137dc870deb173eadfc540d5bece0c1fe49ab7aad6c9ce2f8d8f9dfb756d16664c1be6cf6f6d9fb0f9deac1a1bc19d419dc8aca3308e6f8373e2a53d1395f97024c5ec5f41224a87bfafe3ca8e19f6a5ace0b89a08a31b9b6ed3feb2e2c4a1ab104330ee3811c803a6c3af3be89d4f6431d8ca4f4ede04f2bb2a84192838a2ad600be26e2dd52515dc5087c176880018ae055c818832f9d6a146b22e5d3d6aefd8322770941546d33b1116673f4ceb445d174cbedd61b551125d3ce72313edd55b71f4019c8c449a651f05ac2e7502b4f23a296513af056da88a5fd4e28a97d266233caeffd3c348c215dc4383cd7f425d876002293545479794e41c3dc00c82316919ee61eb88402f899e0c9b646932030e74d1f8ee6610d02337f6c0e9a6d58a3165f13f04497249230e1d79d9354477cfd7fe06578f86e1977a33cf95eeec2824d02b8db3387dadfa025d201b34bc537a4da4bbd1d63c8f0a33bb4aeee79cc5e5e23f910f15db7f1694719fd2f7bc4ff1ca452e6d230542e1ab1393a04b55a5d8737247261731caacee141e7874cc49498087403bb460d94e84584fc8d5c19a5d2f080bcbb3410afadccca561cac093909af03d07faf588c9c1e45bc6172f4f3bfff2aba5f6448060e08db621a732f55aa39e476731c52978520547f2e209bdc3a4a0e397c5e2e8b7ea7194980cc38001767853a86ed0921318bc06c3b92527843a9896f28600dc1d37daf2b0d4ba5294cbe7c2fc9360dbf37fbfd843f1450db296be95815c3a207f01e0c46593826862ab76c99e4cd45bb61874dda2bac3ec10ea34722867b6aa5fc43efc6dafd224179adda64dd5cbe2d6d2bbc3da0f48391beb2b562ebcb502d0e0f28a570dcc367c8fb809603fa26b1d1209dfb63843d835c139b3cd1e1de4effcc7d430e1e91d517ba400b6a98b146fea02aa18e9989136a9c2a98ac27310bd181371466d81a152f737ac2766221408adbf91460cdb03c37ed302060ba0b93704aa81aa2a49081a8b4ed0af98b16f057908c659cf083ed8c9d0736d7d0d15b139c88e480a910f1a442dd2dd6e66299be647affe87e4f5a7710a8d997ca9e2a97a5808f108163c744317fa4c44985d18045aeddf85302b479568730696f880e09fae34dbf7e37f3618aa6d9bef05c47f54e46a5c37f9a6a510aa498de70ee938f99b425ce4174a4c131469b770fe4b8e7c01ff08f0e03c3e06fbc82f8e045481e36d202d0d1356aeece419bc3f8dd939c7a0db312c97fe9b6ecebc52d289c57a3b8be314fab012b034c791425300b45f22cb5cc21c0a0dee7d09583934568616cd0b1dded43c13dfda64947fc7527e4479630259e2336684928947c103e638a9794d9188035ccdcd09ad41250c4e82644a974acdffd0217c8cd274e8e1625e5d1a98813a251852be5f090b27ce565b9a0989906309a5ee3e224ff9861f786106678ba87abe1a759097af12878e0472a38dd51e202157523c66eebdf091c5f83ea6ba7c95127b8bcee5ddd0a4ccc070d2e6e7a016e4b5a624d7fb41327dd7bdaef1e87c761fb8fb1c1d6453b75d7a2102f5005efc810c9c84e5a906f0b84c1b82696fb1d4c243740825c8f75c8f69f8d440bcb011721bc6ec6c826576f65f0cda1a8b056fb395faaa11376d08272e3fdeef182e9dd7e6c0fde4a7f0f8f9fe60799d1f390c954121a8cb23572d05162d59d291e62d260e58fe0a31935035ca235e3703ba0f2618aff63c9be987636f044bb35803c9cbdc928e07bc7b6042f03d7e2b1ec82bb61d219d208d891d74f5d24860c4b06bd2b74efb810894cd9bdf1373ae7bcffee5abf7e676cf7760a834810ec5f9d2b555c2def4639ab51e28473c764d0f8049692971de8a369e55a200ca72476c134b9e5053549f584a4db1e171aa9a752faba8f3cfea51aad9af99a772a3f6a0e7045b14606d27abfdd0613f239c5afef26613be80df9cdff64a88156520dd574f3704ed8a0a7099ce8e550f4a97827497a8f5f251de96d91d557cbadf61bf84e73d69593a0b555bc4551710673979317413b52133d3114e5e60f7458cdc7a9d2729ecd17f28a39452e532599811c6f3bef3417cbd44e224edd2dd0e03eaff1334e7a724b41ec5f9eebc1129e93fd7966dfe79de8cc75698ffce60f7505f4a88e1e435c40b9ea779c7bd74fb0ca0537ea385a8e596296015885c2019238cd7b0d4b2314c2f896fbd907b46e1ddfb5b5781d5122290e7a1a4bfc26caaac870e97dc80198ba5fdb1fe1f7fb8005ee40ac8a63863f00fb25daa8019a40d7c7b342bd839509632f23a4b30f828faaeda2f9f1aa61ed0a4f81d39328cd5d3e2b172791e13be65fae6ce5ad0880f81530bda59ec62b28fbc6fe7413e9a4ec5e1317f238b7c5d9c1729d9d70c9b2c3969d04a3bfb07f56576586fa91321d039135c3ad72ef61f52a6187d173e16ac13c7f64c2c71ea6c61d9a5f09bf0e24f2b2ed8ce7704300e076929c6489be332eae91e760482e87ca1cec655330215ea5007d858053444e53adb706e4691f9ccc070ee7e83947626576cd7c2fea7ccd4a254df313aacc99300e4a15af365bd2643785b9092c0facbe1436c255945f4ea4a2d90545f204db2a4b198a41c0402b2a929d8a6d6c3939e3b28c68b3a1c93758b49bea9ba3479efb2ec90bbf2781bf8b8812af60329bee5477da8c1b2abd92ca90974d301556f68fdc40892d3575bd4114a30c0f2c3883d2f44841d6caf7288daf39b78eea48bb206e35bc8328ff07cc0707ca6afce33702d8769d3b386a5429edd6070313f561b56d29d036d797461f4d56d5a2d3e41b5a03242f87462c62c1233a44d9b6475d8f76c4a3fbf2945f19ac3b04d651ffa2360e5ff03e39d189e114ca8a35e42eb41b7ac23211a891a26518a810acd19ea66190dedbecda7893e599deb8ba6ac8148a580106c14e3da266cb41bd2ef2ded465044c6c647c643cc2a2d776ec579671f7fff08661415561ed38a0427c15e9a2c3e6c0730a4eb65fa0308736087bbf958a9dacf3f52f8918f812b9d3d4c40dc5e85dc4ca5434e98351c4558dbcbb65b0a15d1ed66512df1bb0aa465cb55d76792f8e565ac5195c306809859c89d73dc13e22df5833dec6872e6befd641f27087bc2b94105484b34fdf93ba4a77fe81ecaa21fc1b403abafa0f1790cff8bd75e26c04ef0d736f94e4844a547e77941fca7af87009cc9fc7147801e0efe3afd17059466548b7d5a780bd3cb42d4d8e27c963a8abfd60f7eca5107e296e49e653850b7101ccd353b595339aec55838c3393c0c318b04fde4539c0650ea18fd9019e3214b71ab5cf7330554458292d7203cf5af7a0b0f612bf82eb648a47cf0adf608ee46543c692a00a725ace20a5c0643d507afda4ec29db8266bf187f6f5fee151c4819ccee61fcd34e3615cd7e916d4dd4227363f0b0074dbae77d6eb9bc5813c4d82f746ab46173ce89af8c4eca2890c43918a82b154486c2f593e2f8b3111173ca9b9309fd161f3bca568b8989817ba685274347e6444ed7e2432a8d13dcd66484be1745fddd858a9664c0d55fb405cebc8e1c32f92cd609274663aaa017e2ceb34a56d4c3c844b3b1b96fda2c5b01de8f02e871b6dd7387c4f71f1a30c52a91da35d735db5c1682f6853c723f4818e2355148946aa9d4d29a709f2977a78d96e4f2aff66c31166d0ab9d857c726910506b8a30d5a2e8cdc80592e8b2d1439ddbaf7eefac79c90a7a5eeb02bedcefaeb512686ec583515131a6b7af23476c5ce3f56ea8f54bdc12c3567d2da3774687d1d5edb1b2c04539e8fe334c04d75d252209ed7e064fcc9e0925e59b6503e5013c56e80b5b0264ebc7ecc2ba2287cec8794ac12e6d174e4b75a3bac6eb8489bbf10be80b283160e21f59e2b4f8"}) syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x0) (async) ioctl$HIDIOCGRAWPHYS(r0, 0x80404805, &(0x7f0000000040)) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x1, &(0x7f0000000280)={0x51, &(0x7f0000000240)}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x6, 0x8, 0x9, 0x100}, {0x3, 0x0, 0x6, 0x200}, {0x7, 0x8, 0x1, 0x8a}, {0x81, 0x4, 0x20, 0x8}, {0x400, 0x1, 0x6}, {0x2, 0x4, 0x60, 0x7a2}, {0x7, 0x4, 0x5, 0xd5}]}) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) syz_open_dev$hidraw(&(0x7f0000000100), 0x3ff, 0x381982) (async) ioctl$HIDIOCGRDESC(r2, 0x90044802, &(0x7f00000002c0)={0xb5b, "20ff32a946caa4818f1232009bc36d0609d06a777e8316dd7a0f6012bfb5812bae9b523ba4a99a0c495003dfc340eba6e527b33894c850bb9586a3f5d57314adcf6261cdd39aa7d79ac4f620cba78cdbdaaf8749c4886ed310afdda8cda5aadb93d87910d75f488ae96cf465bf29e08da7981a5c73221027247e2cc3c89e19e338ef750c7abf21926529d7b965baf4137dc870deb173eadfc540d5bece0c1fe49ab7aad6c9ce2f8d8f9dfb756d16664c1be6cf6f6d9fb0f9deac1a1bc19d419dc8aca3308e6f8373e2a53d1395f97024c5ec5f41224a87bfafe3ca8e19f6a5ace0b89a08a31b9b6ed3feb2e2c4a1ab104330ee3811c803a6c3af3be89d4f6431d8ca4f4ede04f2bb2a84192838a2ad600be26e2dd52515dc5087c176880018ae055c818832f9d6a146b22e5d3d6aefd8322770941546d33b1116673f4ceb445d174cbedd61b551125d3ce72313edd55b71f4019c8c449a651f05ac2e7502b4f23a296513af056da88a5fd4e28a97d266233caeffd3c348c215dc4383cd7f425d876002293545479794e41c3dc00c82316919ee61eb88402f899e0c9b646932030e74d1f8ee6610d02337f6c0e9a6d58a3165f13f04497249230e1d79d9354477cfd7fe06578f86e1977a33cf95eeec2824d02b8db3387dadfa025d201b34bc537a4da4bbd1d63c8f0a33bb4aeee79cc5e5e23f910f15db7f1694719fd2f7bc4ff1ca452e6d230542e1ab1393a04b55a5d8737247261731caacee141e7874cc49498087403bb460d94e84584fc8d5c19a5d2f080bcbb3410afadccca561cac093909af03d07faf588c9c1e45bc6172f4f3bfff2aba5f6448060e08db621a732f55aa39e476731c52978520547f2e209bdc3a4a0e397c5e2e8b7ea7194980cc38001767853a86ed0921318bc06c3b92527843a9896f28600dc1d37daf2b0d4ba5294cbe7c2fc9360dbf37fbfd843f1450db296be95815c3a207f01e0c46593826862ab76c99e4cd45bb61874dda2bac3ec10ea34722867b6aa5fc43efc6dafd224179adda64dd5cbe2d6d2bbc3da0f48391beb2b562ebcb502d0e0f28a570dcc367c8fb809603fa26b1d1209dfb63843d835c139b3cd1e1de4effcc7d430e1e91d517ba400b6a98b146fea02aa18e9989136a9c2a98ac27310bd181371466d81a152f737ac2766221408adbf91460cdb03c37ed302060ba0b93704aa81aa2a49081a8b4ed0af98b16f057908c659cf083ed8c9d0736d7d0d15b139c88e480a910f1a442dd2dd6e66299be647affe87e4f5a7710a8d997ca9e2a97a5808f108163c744317fa4c44985d18045aeddf85302b479568730696f880e09fae34dbf7e37f3618aa6d9bef05c47f54e46a5c37f9a6a510aa498de70ee938f99b425ce4174a4c131469b770fe4b8e7c01ff08f0e03c3e06fbc82f8e045481e36d202d0d1356aeece419bc3f8dd939c7a0db312c97fe9b6ecebc52d289c57a3b8be314fab012b034c791425300b45f22cb5cc21c0a0dee7d09583934568616cd0b1dded43c13dfda64947fc7527e4479630259e2336684928947c103e638a9794d9188035ccdcd09ad41250c4e82644a974acdffd0217c8cd274e8e1625e5d1a98813a251852be5f090b27ce565b9a0989906309a5ee3e224ff9861f786106678ba87abe1a759097af12878e0472a38dd51e202157523c66eebdf091c5f83ea6ba7c95127b8bcee5ddd0a4ccc070d2e6e7a016e4b5a624d7fb41327dd7bdaef1e87c761fb8fb1c1d6453b75d7a2102f5005efc810c9c84e5a906f0b84c1b82696fb1d4c243740825c8f75c8f69f8d440bcb011721bc6ec6c826576f65f0cda1a8b056fb395faaa11376d08272e3fdeef182e9dd7e6c0fde4a7f0f8f9fe60799d1f390c954121a8cb23572d05162d59d291e62d260e58fe0a31935035ca235e3703ba0f2618aff63c9be987636f044bb35803c9cbdc928e07bc7b6042f03d7e2b1ec82bb61d219d208d891d74f5d24860c4b06bd2b74efb810894cd9bdf1373ae7bcffee5abf7e676cf7760a834810ec5f9d2b555c2def4639ab51e28473c764d0f8049692971de8a369e55a200ca72476c134b9e5053549f584a4db1e171aa9a752faba8f3cfea51aad9af99a772a3f6a0e7045b14606d27abfdd0613f239c5afef26613be80df9cdff64a88156520dd574f3704ed8a0a7099ce8e550f4a97827497a8f5f251de96d91d557cbadf61bf84e73d69593a0b555bc4551710673979317413b52133d3114e5e60f7458cdc7a9d2729ecd17f28a39452e532599811c6f3bef3417cbd44e224edd2dd0e03eaff1334e7a724b41ec5f9eebc1129e93fd7966dfe79de8cc75698ffce60f7505f4a88e1e435c40b9ea779c7bd74fb0ca0537ea385a8e596296015885c2019238cd7b0d4b2314c2f896fbd907b46e1ddfb5b5781d5122290e7a1a4bfc26caaac870e97dc80198ba5fdb1fe1f7fb8005ee40ac8a63863f00fb25daa8019a40d7c7b342bd839509632f23a4b30f828faaeda2f9f1aa61ed0a4f81d39328cd5d3e2b172791e13be65fae6ce5ad0880f81530bda59ec62b28fbc6fe7413e9a4ec5e1317f238b7c5d9c1729d9d70c9b2c3969d04a3bfb07f56576586fa91321d039135c3ad72ef61f52a6187d173e16ac13c7f64c2c71ea6c61d9a5f09bf0e24f2b2ed8ce7704300e076929c6489be332eae91e760482e87ca1cec655330215ea5007d858053444e53adb706e4691f9ccc070ee7e83947626576cd7c2fea7ccd4a254df313aacc99300e4a15af365bd2643785b9092c0facbe1436c255945f4ea4a2d90545f204db2a4b198a41c0402b2a929d8a6d6c3939e3b28c68b3a1c93758b49bea9ba3479efb2ec90bbf2781bf8b8812af60329bee5477da8c1b2abd92ca90974d301556f68fdc40892d3575bd4114a30c0f2c3883d2f44841d6caf7288daf39b78eea48bb206e35bc8328ff07cc0707ca6afce33702d8769d3b386a5429edd6070313f561b56d29d036d797461f4d56d5a2d3e41b5a03242f87462c62c1233a44d9b6475d8f76c4a3fbf2945f19ac3b04d651ffa2360e5ff03e39d189e114ca8a35e42eb41b7ac23211a891a26518a810acd19ea66190dedbecda7893e599deb8ba6ac8148a580106c14e3da266cb41bd2ef2ded465044c6c647c643cc2a2d776ec579671f7fff08661415561ed38a0427c15e9a2c3e6c0730a4eb65fa0308736087bbf958a9dacf3f52f8918f812b9d3d4c40dc5e85dc4ca5434e98351c4558dbcbb65b0a15d1ed66512df1bb0aa465cb55d76792f8e565ac5195c306809859c89d73dc13e22df5833dec6872e6befd641f27087bc2b94105484b34fdf93ba4a77fe81ecaa21fc1b403abafa0f1790cff8bd75e26c04ef0d736f94e4844a547e77941fca7af87009cc9fc7147801e0efe3afd17059466548b7d5a780bd3cb42d4d8e27c963a8abfd60f7eca5107e296e49e653850b7101ccd353b595339aec55838c3393c0c318b04fde4539c0650ea18fd9019e3214b71ab5cf7330554458292d7203cf5af7a0b0f612bf82eb648a47cf0adf608ee46543c692a00a725ace20a5c0643d507afda4ec29db8266bf187f6f5fee151c4819ccee61fcd34e3615cd7e916d4dd4227363f0b0074dbae77d6eb9bc5813c4d82f746ab46173ce89af8c4eca2890c43918a82b154486c2f593e2f8b3111173ca9b9309fd161f3bca568b8989817ba685274347e6444ed7e2432a8d13dcd66484be1745fddd858a9664c0d55fb405cebc8e1c32f92cd609274663aaa017e2ceb34a56d4c3c844b3b1b96fda2c5b01de8f02e871b6dd7387c4f71f1a30c52a91da35d735db5c1682f6853c723f4818e2355148946aa9d4d29a709f2977a78d96e4f2aff66c31166d0ab9d857c726910506b8a30d5a2e8cdc80592e8b2d1439ddbaf7eefac79c90a7a5eeb02bedcefaeb512686ec583515131a6b7af23476c5ce3f56ea8f54bdc12c3567d2da3774687d1d5edb1b2c04539e8fe334c04d75d252209ed7e064fcc9e0925e59b6503e5013c56e80b5b0264ebc7ecc2ba2287cec8794ac12e6d174e4b75a3bac6eb8489bbf10be80b283160e21f59e2b4f8"}) (async) 13:54:00 executing program 3: r0 = syz_open_dev$hidraw(&(0x7f0000000040), 0x5, 0x1) write$hidraw(r0, &(0x7f0000000080)="a63b62ab548664e7773a0a6883bbd5a0731459376dc9", 0x16) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) ioctl$HIDIOCGRAWINFO(r0, 0x80084803, &(0x7f0000000100)=""/67) r1 = socket$igmp(0x2, 0x3, 0x2) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @broadcast}, 0x8) r3 = syz_io_uring_setup(0x1f2, &(0x7f0000000180)={0x0, 0x53a8, 0x20, 0x2, 0x174}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000240)) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs2/binder-control\x00', 0x1000, 0x0) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f00000002c0)=[r2, r3, r1, r4, r5, r1, r2, 0xffffffffffffffff, r0], 0x9) 13:54:00 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}, {0x4, 0x0, 0x2, 0x5}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x6, &(0x7f0000000000)=[{0x7, 0x7, 0x9, 0x3}, {0xffe0, 0x1, 0xcd, 0x1}, {0x5, 0x0, 0x20, 0x9}, {0x537, 0x9, 0x3f}, {0x100, 0x5, 0x2, 0x4}, {0x5, 0xff, 0x4, 0x3}]}) 13:54:00 executing program 4: r0 = socket$igmp(0x2, 0x3, 0x2) socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:00 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async, rerun: 32) r0 = syz_open_dev$hidraw(&(0x7f0000000100), 0x3ef, 0x400) (rerun: 32) ioctl$HIDIOCGRDESCSIZE(r0, 0x80044801, &(0x7f0000000140)) (async) ioctl$HIDIOCGRDESC(r0, 0x90044802, &(0x7f0000000f00)={0xd8c, "a29210ddf6bd0dc330937299fa3b2db3a8a2b6dcc57bcde33f6d41a6b3bcf62da3785a1411bd5f68449dc30640a162d367b81b04fe72687b65e48286f6ae3403cfeff5c6c0b384e3b30ea68162279b2ca734342d1f95a0bbc828fc43cca0a3cf69d373e8e9ea6e4e8c3087f39e65ce34bbcf6fab0d8b4c91757a6d03c9c08e36d4b93009fa1b6f2609affd5190b6a61e74096fdc838cb3e15c8cca0e579f710e80436d5f7da8a55918030b96253b3519fc47dbf6c2b146a3db51e45ff7c9d4dbdb0ca7a606322d3dcf6b210de980a29bf18d45c1a6461cfefb84c5f2820de40331fab8c1b0dbb49e9320f32438217906cacdb63e65cc0805db0331a4e76590f8f8340ae8b8f4d78de6829c8740edaed14efeddc30baaf20405b18e5916746863d71a77d55a3c01d679bf0a1e66a6cbe878d8c4279cea5324709721bd6f3284e3d0ea886795a5d83ed8b87ff4c5c365d14b9d5daaa060157fa3046dd4a8d163ed54d71b9aa7c9012dd300cbd19f81ab0a3546cb83dd78ba031ebf27f8e60c6cf8c32a2f4a34bbaf6313a158dfe1b014f079ee942b80d11e8709dfd64ee4122e1fc305f458fce4e7e8273ec992046dfa2c287f66b9a6217b74c45a65103035c3b8127888903e91a5f7dd959b61a0ce4a188a0fcfb7c469eca51d5f0a7b2f995bbeb25d3833c3c1426d5151c2a6ac5dcb8f4f0588341c561858042a5e9eea08324e86596c42ddebed7a5df8f8cb59d8e0c781a8a512284aefeb1be34970d471a67c75e6ba231ee0a3444b98f778891c9ba0ecec1205f61a224a0991a5f297c58138b5c7d6c59092f3997d361a8b1b1dd9d6674f1d50ec72d243f281be07a9a7d307645c7a5468ad234512159d670fd6850c900bb3e01574ad419b14a77f8e95af4e838f5bdd413de0ffa1e2c5679a48dfd4b0df2f2ebc9c37154895284f8d16b4e4e06fb454df05b4d195b06038757f3ed653f83214ee9c9fb01024819633a83d64ff9b674fa3146f07a44c4e0476ff697f878223961b8b221b714b9864222f051ed2bb19c9d23490f5551ab09b31d6b7cfc82139bcc077a29efa1b5f19461d6b4cd3bd6405ddc2b0315c10c184da1f222f96624f2ef3238ec8cc4258ef942db3bcd4294eac455588be563cf132f0760c980abba7616a3bdf9ec8108a7a856d20cd9aa5adc2e0abb9b56afcb5dd1311cb4c066c053c919998cf9caeda02f0ab16d10a7238d545c3ffb8c58f08fff557782105421f86ff5bb229f6a06fb4dc783a5c2608e10d1d174b2600a5330d255a7d282747b7f7c794615197c2a0359a1e2cafbf3946c4d395da0fcec789ed12f2e7ff823d1a55b5f48458d50385090ad96c93ad6e92d9ddf0c973b0dcf62118deb272abcb1f45c85e188ec7cb443411e3f72da9b7cd5752cbee35bcca2a7a15361f7e0d66e7999bf0bc9ad52c6995ad60f57bd4bc7a35a1a75fc9dcc4ae6487404993cb3a760b265936748bc220f2b99dd835a71ef28ec0991b6c5d68a3f8bedf463ecba3e0131631fba51d60b721cc4b34bef543ee6b22aca930ef8bb737d751fd70d222dac919f903bee0c99b9fe6466052a573aee2277e13f5c7957a34dbd1739879af85602034af1b9c0effdc709cd4ee07c0653e66a29ffdc1ee19f8d178182648380ed8283f6155b7a597cbd3a79233effe0c478abb2edf87b24ebb5373f494ffdc893336a6d8cd908dcf3394e6fa4c5cfd928203d939966e736b94df8fe5fd9f614fa84e8a316488575b84b6c72d350106a86082a95eb9718d33df7df0b7a70dd9e589f38ae037cbe41ab890c91b00edc1bbc69e50c1524b3664de14eb36497407d068d2405770ee5e5ae20cc4a5492f338a1a1f9660dac0d9c697f1231d5fb7cbb50e19e2b48cb8f6cdc527c3fe19f9e46db348a62750c0cefbe9f7841afce02f00afe3c44ba34c4fa4fd55439ed12d3728b78bc92b5fcea14d75bf0875f6b4f5a2a206b646e0371f840f628e8d47c2c85ccab6a8f205578d41ef537d34dea9af21d0794541670e4c689e66f145b3cbf5fbef83e2f5cc526c83abdc9ef3999ff53a9de1228aca8d62b53e666944ff0637b1cff7365f9d5c998cc58a0d08008e7b8391ddb5023037dd27480d1aec0c05806f6cc09ab03109bc6581df34f0547cb8fd70f5e3faf57c12c2cdfdaaa076e1539db81fce99affe54d22dab78c99d3e081771ba22a89755d03f6fb8817fe4b707e0ad589bb4084de57f72c0bf3650144f785278372528a5050ed87ae851c617842307d908187157e370e2fc47410b80e07e08a30441fc7d2a63a949ed00eeb95b65a157438e2767fbb42b3d9fd7690ba4424f10c23db622ef930713973d1d15a684623b2123a448db1843eea8cc59eba3db72fcb14e10650eae0d3b883c2a22971b437c227631f3c5843ff0636117d6a5bf15e987a0d595ed0c69f13cf1990d4ed8621cf418525f07969010da02beaf8b97d203a651fbac5c75fd615ffb0fc0f4b9ea347cb3c41e50d6f9c025403545135897ab22ef68d7a18738287167e0538900882b23c382a7cacd1641f23e9f536b87d45ef79b2a3cce886713a5c4259ad08a1b4af4b9160ac1651ffe9d7e1e4506af2f388a003c60a86a363aedf43857bcaffbfbd6f197b5d9e48cc832905ea0fc0e1791ba3fe356719b01ab17472fcc3ca61c5865568c32e1097895803674f68ac338e2aeb37d86c2ddc1f0e3e8069d95be62e6719cfe90e986842a30f7f4e9cab59d45f0aedc9a15a13f06ecc2c63d5856241924020fde61f8a59255851d592247ff08c7c6c28198c3d9838e348f4fff5d4bde14e76e77e362cb716733a58faff0df1963d45072e417f81f9d21c4860b564e7af6aba988ed4bc87a953ea4bfe2c5332f76e4c21087ef3cea06d90c2a4002db7aa0ee41d55a4c63d71b0b07d68e27e2aab6ee50e45d09348086f245d6053a7e0abd95f7c3c99313751ba553a01d6268d04d24f0f432097239ebaa839eb47270c9e9bc0af8c62a496b2b4271f1552ca4dff6cc6da978a6e13769a871b23db42de52b693e38299e477974b48537e4ad613f00fcac5d7251c1f91464ee7bd6371cd396b7006206349e802633fc5616e7379a0c9a42039fc1016d7bf70e790dd18ea55d6106bf0bf79d8648f742a6bc60fa285a207f39420a429392443e78bfc49e4296ef2ebe35c401785af84033914e6e0d1cca095d0aea7562ae85484c13122b013d071d2c8a2705a1ebf70c67627d5200c90611b837fb8751b7bf603cdb264156a6a7d88894c7dfa04c1db0b2ea55eb621a76842ee1c33ea0c9b41855aef143d6c3094d587bed190e8244a1d06ed73e255cb9415439c6f572702b66485a0897e584114341cb2bca987a20ef97f74c1e92b95193ab7fff53bbd30b96faf2dd58c8a2787437778fe8d47608fcdc391113258155a60dc091b2ec3e9a4f56c2fff855f917076dc391505f7833aaf42b0670a6d4d317a9cc3c6f8c755f8ab90511e30d8ba4501be72c8a33feda970a88246249e541b7775a0da3b5cd77c47e4dd9b85f7ee7536143ba9fc2c9073ac83cf7a64df51375f09bf6b4e4606195d5f2f335e0aa1a5bf2e48f14a559a36f1201b0571bb019a232cdc92df163b13565be86977602d9e573b0dd8ddcd6d4198383da2e091c6929704b6d4a6dd5dc6caf103634ff4989ed6791ad35a6d36e43c8458e0aa6ab137c326f740cb73047cbad26bc5235d005422ea002418bb014ea490d8e370dc94722cb300716d071864b3099d2c7bf81fb26eef8e3d76ec6dae12421d4870fb6f25dd140ab0f6ec6bbdf0117b81cd1bb79196fa1d406cd92923b6db82bd0457aea0b397735cb3b09fcd25f679cd05962deccded415a89acee650dfe6aaf0d9daf84dc9c2c963f3dc708cd4bfb60a8eb2247ae116a187186a53afa82baf18b85c2a45c5b204b4b427b882110058cb3d05f6767c253977db175db7abbd298d417bec1efab3e5fd909c681c7ce39056b57db6d8ae2a6b5075e9a658f1c5b8aff1978213277ef2702021144cd947221cc5f94a275e344ce6a566150ffefe7f4351ca52e6f851070fe32c1bba56da718f48aec93f065a7516f8ae3dae2d2b79bc1c3ce2bd792a2753f84a1051c56f4fe4deb5a1cfb6930fa862ee223835868535e135062908b23783a023df30901565ab4a18044bd8bf59ba92b3688b4dd956dd798afccd5336964676f8f9db957550105456be2bd66541ce455bf993c9ac862f89aaf68a4bdd27d17ba565e042bc3e7292524e2fc558aa9dd9fcd84dc6e6d3db8be458313b72c88ec6b2b9a972a7230412d06498085702632ce7d1adae1870ffa0101ca042b994c5ec3aa217bdbda13718e5cb0805263d18fb6b3472a4a046d93cf7342d33bbcd201dedad24a6ca7d182dd9eae456e11eb43a275cdd88d1ed6f12d96f3ac355e8314706fbeb01f2335fee6c2545cb8766ac69879b2dbc07318c3f6150fb0dd0886779aae3a26cb4c2f0bff521556e56b80429cd6493d59f9e590047de121b24dd7d7d3e5bd1496bba847f6a236dbbb5e7dd570e67a7751e200c575e9536bb4dcb11ead97e15b20a2b8bae7ecc2b6d567721f78be342e824ad5eda9c78895bde7b1240cca6292d9c7345b084d1e4832fb496985687890217444e2985b01f6f7168196494dcda647f03a59604fdc8d30f78952158ed27629d78697ffcdb9e0f3d233e6d28ba31144ae8ca627fdcfb7458612e94d28b82fd68ad7b11113394cacf8a31f46cf708325aabd58b60711644d543e58a719d565055e33675581eb0975a96d2dcf2aa6ddde19c2b74084feb60fdccc348a4bea7a82b8075dadb8a1ff8b085f649d1a317114c5ee709f53aff257820fe502003d4672563b387420848d360c6d8253e193ddbf7bc63524b6f3d46680a83"}) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x3, 0x9, 0x3, 0x7}, {0x9, 0x47, 0xff, 0x67}, {0x9, 0x6, 0x8, 0xfffffffa}]}) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x7f, 0xdd, 0x9, 0x6}, {0x100, 0x1, 0x3f, 0xfff}, {0xfff, 0x6, 0x0, 0x40}, {0x0, 0x40, 0x90, 0x8}, {0x5, 0x4, 0x9, 0x7}, {0x1, 0x7f, 0x2}, {0x100, 0x3f, 0x2, 0x7f}, {0x2, 0x0, 0x4}]}) 13:54:00 executing program 4: r0 = io_uring_setup(0x6f57, &(0x7f0000000000)={0x0, 0x114b, 0x800, 0x2, 0x255}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x14400, 0x0) sendmsg$BATADV_CMD_GET_VLAN(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x10, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x80000001}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r1) syz_io_uring_setup(0x3f4d, &(0x7f0000000080)={0x0, 0x321a, 0x100, 0x2, 0x2a5, 0x0, r0}, &(0x7f0000fec000/0x13000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) 13:54:00 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000100)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x8, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x8001, 0x6, 0x0, 0x611b1a92}]}) getgid() 13:54:00 executing program 3: r0 = syz_open_dev$hidraw(&(0x7f0000000040), 0x5, 0x1) write$hidraw(r0, &(0x7f0000000080)="a63b62ab548664e7773a0a6883bbd5a0731459376dc9", 0x16) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) ioctl$HIDIOCGRAWINFO(r0, 0x80084803, &(0x7f0000000100)=""/67) r1 = socket$igmp(0x2, 0x3, 0x2) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @broadcast}, 0x8) r3 = syz_io_uring_setup(0x1f2, &(0x7f0000000180)={0x0, 0x53a8, 0x20, 0x2, 0x174}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000240)) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs2/binder-control\x00', 0x1000, 0x0) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f00000002c0)=[r2, r3, r1, r4, r5, r1, r2, 0xffffffffffffffff, r0], 0x9) syz_open_dev$hidraw(&(0x7f0000000040), 0x5, 0x1) (async) write$hidraw(r0, &(0x7f0000000080)="a63b62ab548664e7773a0a6883bbd5a0731459376dc9", 0x16) (async) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) (async) ioctl$HIDIOCGRAWINFO(r0, 0x80084803, &(0x7f0000000100)=""/67) (async) socket$igmp(0x2, 0x3, 0x2) (async) openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) (async) setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @broadcast}, 0x8) (async) syz_io_uring_setup(0x1f2, &(0x7f0000000180)={0x0, 0x53a8, 0x20, 0x2, 0x174}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs2/binder-control\x00', 0x1000, 0x0) (async) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f00000002c0)=[r2, r3, r1, r4, r5, r1, r2, 0xffffffffffffffff, r0], 0x9) (async) 13:54:00 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x620002, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:00 executing program 2: r0 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x0) ioctl$HIDIOCGRAWPHYS(r0, 0x80404805, &(0x7f0000000040)) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x1, &(0x7f0000000280)={0x51, &(0x7f0000000240)}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x6, 0x8, 0x9, 0x100}, {0x3, 0x0, 0x6, 0x200}, {0x7, 0x8, 0x1, 0x8a}, {0x81, 0x4, 0x20, 0x8}, {0x400, 0x1, 0x6}, {0x2, 0x4, 0x60, 0x7a2}, {0x7, 0x4, 0x5, 0xd5}]}) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = syz_open_dev$hidraw(&(0x7f0000000100), 0x3ff, 0x381982) ioctl$HIDIOCGRDESC(r2, 0x90044802, &(0x7f00000002c0)={0xb5b, "20ff32a946caa4818f1232009bc36d0609d06a777e8316dd7a0f6012bfb5812bae9b523ba4a99a0c495003dfc340eba6e527b33894c850bb9586a3f5d57314adcf6261cdd39aa7d79ac4f620cba78cdbdaaf8749c4886ed310afdda8cda5aadb93d87910d75f488ae96cf465bf29e08da7981a5c73221027247e2cc3c89e19e338ef750c7abf21926529d7b965baf4137dc870deb173eadfc540d5bece0c1fe49ab7aad6c9ce2f8d8f9dfb756d16664c1be6cf6f6d9fb0f9deac1a1bc19d419dc8aca3308e6f8373e2a53d1395f97024c5ec5f41224a87bfafe3ca8e19f6a5ace0b89a08a31b9b6ed3feb2e2c4a1ab104330ee3811c803a6c3af3be89d4f6431d8ca4f4ede04f2bb2a84192838a2ad600be26e2dd52515dc5087c176880018ae055c818832f9d6a146b22e5d3d6aefd8322770941546d33b1116673f4ceb445d174cbedd61b551125d3ce72313edd55b71f4019c8c449a651f05ac2e7502b4f23a296513af056da88a5fd4e28a97d266233caeffd3c348c215dc4383cd7f425d876002293545479794e41c3dc00c82316919ee61eb88402f899e0c9b646932030e74d1f8ee6610d02337f6c0e9a6d58a3165f13f04497249230e1d79d9354477cfd7fe06578f86e1977a33cf95eeec2824d02b8db3387dadfa025d201b34bc537a4da4bbd1d63c8f0a33bb4aeee79cc5e5e23f910f15db7f1694719fd2f7bc4ff1ca452e6d230542e1ab1393a04b55a5d8737247261731caacee141e7874cc49498087403bb460d94e84584fc8d5c19a5d2f080bcbb3410afadccca561cac093909af03d07faf588c9c1e45bc6172f4f3bfff2aba5f6448060e08db621a732f55aa39e476731c52978520547f2e209bdc3a4a0e397c5e2e8b7ea7194980cc38001767853a86ed0921318bc06c3b92527843a9896f28600dc1d37daf2b0d4ba5294cbe7c2fc9360dbf37fbfd843f1450db296be95815c3a207f01e0c46593826862ab76c99e4cd45bb61874dda2bac3ec10ea34722867b6aa5fc43efc6dafd224179adda64dd5cbe2d6d2bbc3da0f48391beb2b562ebcb502d0e0f28a570dcc367c8fb809603fa26b1d1209dfb63843d835c139b3cd1e1de4effcc7d430e1e91d517ba400b6a98b146fea02aa18e9989136a9c2a98ac27310bd181371466d81a152f737ac2766221408adbf91460cdb03c37ed302060ba0b93704aa81aa2a49081a8b4ed0af98b16f057908c659cf083ed8c9d0736d7d0d15b139c88e480a910f1a442dd2dd6e66299be647affe87e4f5a7710a8d997ca9e2a97a5808f108163c744317fa4c44985d18045aeddf85302b479568730696f880e09fae34dbf7e37f3618aa6d9bef05c47f54e46a5c37f9a6a510aa498de70ee938f99b425ce4174a4c131469b770fe4b8e7c01ff08f0e03c3e06fbc82f8e045481e36d202d0d1356aeece419bc3f8dd939c7a0db312c97fe9b6ecebc52d289c57a3b8be314fab012b034c791425300b45f22cb5cc21c0a0dee7d09583934568616cd0b1dded43c13dfda64947fc7527e4479630259e2336684928947c103e638a9794d9188035ccdcd09ad41250c4e82644a974acdffd0217c8cd274e8e1625e5d1a98813a251852be5f090b27ce565b9a0989906309a5ee3e224ff9861f786106678ba87abe1a759097af12878e0472a38dd51e202157523c66eebdf091c5f83ea6ba7c95127b8bcee5ddd0a4ccc070d2e6e7a016e4b5a624d7fb41327dd7bdaef1e87c761fb8fb1c1d6453b75d7a2102f5005efc810c9c84e5a906f0b84c1b82696fb1d4c243740825c8f75c8f69f8d440bcb011721bc6ec6c826576f65f0cda1a8b056fb395faaa11376d08272e3fdeef182e9dd7e6c0fde4a7f0f8f9fe60799d1f390c954121a8cb23572d05162d59d291e62d260e58fe0a31935035ca235e3703ba0f2618aff63c9be987636f044bb35803c9cbdc928e07bc7b6042f03d7e2b1ec82bb61d219d208d891d74f5d24860c4b06bd2b74efb810894cd9bdf1373ae7bcffee5abf7e676cf7760a834810ec5f9d2b555c2def4639ab51e28473c764d0f8049692971de8a369e55a200ca72476c134b9e5053549f584a4db1e171aa9a752faba8f3cfea51aad9af99a772a3f6a0e7045b14606d27abfdd0613f239c5afef26613be80df9cdff64a88156520dd574f3704ed8a0a7099ce8e550f4a97827497a8f5f251de96d91d557cbadf61bf84e73d69593a0b555bc4551710673979317413b52133d3114e5e60f7458cdc7a9d2729ecd17f28a39452e532599811c6f3bef3417cbd44e224edd2dd0e03eaff1334e7a724b41ec5f9eebc1129e93fd7966dfe79de8cc75698ffce60f7505f4a88e1e435c40b9ea779c7bd74fb0ca0537ea385a8e596296015885c2019238cd7b0d4b2314c2f896fbd907b46e1ddfb5b5781d5122290e7a1a4bfc26caaac870e97dc80198ba5fdb1fe1f7fb8005ee40ac8a63863f00fb25daa8019a40d7c7b342bd839509632f23a4b30f828faaeda2f9f1aa61ed0a4f81d39328cd5d3e2b172791e13be65fae6ce5ad0880f81530bda59ec62b28fbc6fe7413e9a4ec5e1317f238b7c5d9c1729d9d70c9b2c3969d04a3bfb07f56576586fa91321d039135c3ad72ef61f52a6187d173e16ac13c7f64c2c71ea6c61d9a5f09bf0e24f2b2ed8ce7704300e076929c6489be332eae91e760482e87ca1cec655330215ea5007d858053444e53adb706e4691f9ccc070ee7e83947626576cd7c2fea7ccd4a254df313aacc99300e4a15af365bd2643785b9092c0facbe1436c255945f4ea4a2d90545f204db2a4b198a41c0402b2a929d8a6d6c3939e3b28c68b3a1c93758b49bea9ba3479efb2ec90bbf2781bf8b8812af60329bee5477da8c1b2abd92ca90974d301556f68fdc40892d3575bd4114a30c0f2c3883d2f44841d6caf7288daf39b78eea48bb206e35bc8328ff07cc0707ca6afce33702d8769d3b386a5429edd6070313f561b56d29d036d797461f4d56d5a2d3e41b5a03242f87462c62c1233a44d9b6475d8f76c4a3fbf2945f19ac3b04d651ffa2360e5ff03e39d189e114ca8a35e42eb41b7ac23211a891a26518a810acd19ea66190dedbecda7893e599deb8ba6ac8148a580106c14e3da266cb41bd2ef2ded465044c6c647c643cc2a2d776ec579671f7fff08661415561ed38a0427c15e9a2c3e6c0730a4eb65fa0308736087bbf958a9dacf3f52f8918f812b9d3d4c40dc5e85dc4ca5434e98351c4558dbcbb65b0a15d1ed66512df1bb0aa465cb55d76792f8e565ac5195c306809859c89d73dc13e22df5833dec6872e6befd641f27087bc2b94105484b34fdf93ba4a77fe81ecaa21fc1b403abafa0f1790cff8bd75e26c04ef0d736f94e4844a547e77941fca7af87009cc9fc7147801e0efe3afd17059466548b7d5a780bd3cb42d4d8e27c963a8abfd60f7eca5107e296e49e653850b7101ccd353b595339aec55838c3393c0c318b04fde4539c0650ea18fd9019e3214b71ab5cf7330554458292d7203cf5af7a0b0f612bf82eb648a47cf0adf608ee46543c692a00a725ace20a5c0643d507afda4ec29db8266bf187f6f5fee151c4819ccee61fcd34e3615cd7e916d4dd4227363f0b0074dbae77d6eb9bc5813c4d82f746ab46173ce89af8c4eca2890c43918a82b154486c2f593e2f8b3111173ca9b9309fd161f3bca568b8989817ba685274347e6444ed7e2432a8d13dcd66484be1745fddd858a9664c0d55fb405cebc8e1c32f92cd609274663aaa017e2ceb34a56d4c3c844b3b1b96fda2c5b01de8f02e871b6dd7387c4f71f1a30c52a91da35d735db5c1682f6853c723f4818e2355148946aa9d4d29a709f2977a78d96e4f2aff66c31166d0ab9d857c726910506b8a30d5a2e8cdc80592e8b2d1439ddbaf7eefac79c90a7a5eeb02bedcefaeb512686ec583515131a6b7af23476c5ce3f56ea8f54bdc12c3567d2da3774687d1d5edb1b2c04539e8fe334c04d75d252209ed7e064fcc9e0925e59b6503e5013c56e80b5b0264ebc7ecc2ba2287cec8794ac12e6d174e4b75a3bac6eb8489bbf10be80b283160e21f59e2b4f8"}) 13:54:00 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) r0 = syz_open_dev$hidraw(&(0x7f0000000100), 0x3ef, 0x400) ioctl$HIDIOCGRDESCSIZE(r0, 0x80044801, &(0x7f0000000140)) (async) ioctl$HIDIOCGRDESC(r0, 0x90044802, &(0x7f0000000f00)={0xd8c, "a29210ddf6bd0dc330937299fa3b2db3a8a2b6dcc57bcde33f6d41a6b3bcf62da3785a1411bd5f68449dc30640a162d367b81b04fe72687b65e48286f6ae3403cfeff5c6c0b384e3b30ea68162279b2ca734342d1f95a0bbc828fc43cca0a3cf69d373e8e9ea6e4e8c3087f39e65ce34bbcf6fab0d8b4c91757a6d03c9c08e36d4b93009fa1b6f2609affd5190b6a61e74096fdc838cb3e15c8cca0e579f710e80436d5f7da8a55918030b96253b3519fc47dbf6c2b146a3db51e45ff7c9d4dbdb0ca7a606322d3dcf6b210de980a29bf18d45c1a6461cfefb84c5f2820de40331fab8c1b0dbb49e9320f32438217906cacdb63e65cc0805db0331a4e76590f8f8340ae8b8f4d78de6829c8740edaed14efeddc30baaf20405b18e5916746863d71a77d55a3c01d679bf0a1e66a6cbe878d8c4279cea5324709721bd6f3284e3d0ea886795a5d83ed8b87ff4c5c365d14b9d5daaa060157fa3046dd4a8d163ed54d71b9aa7c9012dd300cbd19f81ab0a3546cb83dd78ba031ebf27f8e60c6cf8c32a2f4a34bbaf6313a158dfe1b014f079ee942b80d11e8709dfd64ee4122e1fc305f458fce4e7e8273ec992046dfa2c287f66b9a6217b74c45a65103035c3b8127888903e91a5f7dd959b61a0ce4a188a0fcfb7c469eca51d5f0a7b2f995bbeb25d3833c3c1426d5151c2a6ac5dcb8f4f0588341c561858042a5e9eea08324e86596c42ddebed7a5df8f8cb59d8e0c781a8a512284aefeb1be34970d471a67c75e6ba231ee0a3444b98f778891c9ba0ecec1205f61a224a0991a5f297c58138b5c7d6c59092f3997d361a8b1b1dd9d6674f1d50ec72d243f281be07a9a7d307645c7a5468ad234512159d670fd6850c900bb3e01574ad419b14a77f8e95af4e838f5bdd413de0ffa1e2c5679a48dfd4b0df2f2ebc9c37154895284f8d16b4e4e06fb454df05b4d195b06038757f3ed653f83214ee9c9fb01024819633a83d64ff9b674fa3146f07a44c4e0476ff697f878223961b8b221b714b9864222f051ed2bb19c9d23490f5551ab09b31d6b7cfc82139bcc077a29efa1b5f19461d6b4cd3bd6405ddc2b0315c10c184da1f222f96624f2ef3238ec8cc4258ef942db3bcd4294eac455588be563cf132f0760c980abba7616a3bdf9ec8108a7a856d20cd9aa5adc2e0abb9b56afcb5dd1311cb4c066c053c919998cf9caeda02f0ab16d10a7238d545c3ffb8c58f08fff557782105421f86ff5bb229f6a06fb4dc783a5c2608e10d1d174b2600a5330d255a7d282747b7f7c794615197c2a0359a1e2cafbf3946c4d395da0fcec789ed12f2e7ff823d1a55b5f48458d50385090ad96c93ad6e92d9ddf0c973b0dcf62118deb272abcb1f45c85e188ec7cb443411e3f72da9b7cd5752cbee35bcca2a7a15361f7e0d66e7999bf0bc9ad52c6995ad60f57bd4bc7a35a1a75fc9dcc4ae6487404993cb3a760b265936748bc220f2b99dd835a71ef28ec0991b6c5d68a3f8bedf463ecba3e0131631fba51d60b721cc4b34bef543ee6b22aca930ef8bb737d751fd70d222dac919f903bee0c99b9fe6466052a573aee2277e13f5c7957a34dbd1739879af85602034af1b9c0effdc709cd4ee07c0653e66a29ffdc1ee19f8d178182648380ed8283f6155b7a597cbd3a79233effe0c478abb2edf87b24ebb5373f494ffdc893336a6d8cd908dcf3394e6fa4c5cfd928203d939966e736b94df8fe5fd9f614fa84e8a316488575b84b6c72d350106a86082a95eb9718d33df7df0b7a70dd9e589f38ae037cbe41ab890c91b00edc1bbc69e50c1524b3664de14eb36497407d068d2405770ee5e5ae20cc4a5492f338a1a1f9660dac0d9c697f1231d5fb7cbb50e19e2b48cb8f6cdc527c3fe19f9e46db348a62750c0cefbe9f7841afce02f00afe3c44ba34c4fa4fd55439ed12d3728b78bc92b5fcea14d75bf0875f6b4f5a2a206b646e0371f840f628e8d47c2c85ccab6a8f205578d41ef537d34dea9af21d0794541670e4c689e66f145b3cbf5fbef83e2f5cc526c83abdc9ef3999ff53a9de1228aca8d62b53e666944ff0637b1cff7365f9d5c998cc58a0d08008e7b8391ddb5023037dd27480d1aec0c05806f6cc09ab03109bc6581df34f0547cb8fd70f5e3faf57c12c2cdfdaaa076e1539db81fce99affe54d22dab78c99d3e081771ba22a89755d03f6fb8817fe4b707e0ad589bb4084de57f72c0bf3650144f785278372528a5050ed87ae851c617842307d908187157e370e2fc47410b80e07e08a30441fc7d2a63a949ed00eeb95b65a157438e2767fbb42b3d9fd7690ba4424f10c23db622ef930713973d1d15a684623b2123a448db1843eea8cc59eba3db72fcb14e10650eae0d3b883c2a22971b437c227631f3c5843ff0636117d6a5bf15e987a0d595ed0c69f13cf1990d4ed8621cf418525f07969010da02beaf8b97d203a651fbac5c75fd615ffb0fc0f4b9ea347cb3c41e50d6f9c025403545135897ab22ef68d7a18738287167e0538900882b23c382a7cacd1641f23e9f536b87d45ef79b2a3cce886713a5c4259ad08a1b4af4b9160ac1651ffe9d7e1e4506af2f388a003c60a86a363aedf43857bcaffbfbd6f197b5d9e48cc832905ea0fc0e1791ba3fe356719b01ab17472fcc3ca61c5865568c32e1097895803674f68ac338e2aeb37d86c2ddc1f0e3e8069d95be62e6719cfe90e986842a30f7f4e9cab59d45f0aedc9a15a13f06ecc2c63d5856241924020fde61f8a59255851d592247ff08c7c6c28198c3d9838e348f4fff5d4bde14e76e77e362cb716733a58faff0df1963d45072e417f81f9d21c4860b564e7af6aba988ed4bc87a953ea4bfe2c5332f76e4c21087ef3cea06d90c2a4002db7aa0ee41d55a4c63d71b0b07d68e27e2aab6ee50e45d09348086f245d6053a7e0abd95f7c3c99313751ba553a01d6268d04d24f0f432097239ebaa839eb47270c9e9bc0af8c62a496b2b4271f1552ca4dff6cc6da978a6e13769a871b23db42de52b693e38299e477974b48537e4ad613f00fcac5d7251c1f91464ee7bd6371cd396b7006206349e802633fc5616e7379a0c9a42039fc1016d7bf70e790dd18ea55d6106bf0bf79d8648f742a6bc60fa285a207f39420a429392443e78bfc49e4296ef2ebe35c401785af84033914e6e0d1cca095d0aea7562ae85484c13122b013d071d2c8a2705a1ebf70c67627d5200c90611b837fb8751b7bf603cdb264156a6a7d88894c7dfa04c1db0b2ea55eb621a76842ee1c33ea0c9b41855aef143d6c3094d587bed190e8244a1d06ed73e255cb9415439c6f572702b66485a0897e584114341cb2bca987a20ef97f74c1e92b95193ab7fff53bbd30b96faf2dd58c8a2787437778fe8d47608fcdc391113258155a60dc091b2ec3e9a4f56c2fff855f917076dc391505f7833aaf42b0670a6d4d317a9cc3c6f8c755f8ab90511e30d8ba4501be72c8a33feda970a88246249e541b7775a0da3b5cd77c47e4dd9b85f7ee7536143ba9fc2c9073ac83cf7a64df51375f09bf6b4e4606195d5f2f335e0aa1a5bf2e48f14a559a36f1201b0571bb019a232cdc92df163b13565be86977602d9e573b0dd8ddcd6d4198383da2e091c6929704b6d4a6dd5dc6caf103634ff4989ed6791ad35a6d36e43c8458e0aa6ab137c326f740cb73047cbad26bc5235d005422ea002418bb014ea490d8e370dc94722cb300716d071864b3099d2c7bf81fb26eef8e3d76ec6dae12421d4870fb6f25dd140ab0f6ec6bbdf0117b81cd1bb79196fa1d406cd92923b6db82bd0457aea0b397735cb3b09fcd25f679cd05962deccded415a89acee650dfe6aaf0d9daf84dc9c2c963f3dc708cd4bfb60a8eb2247ae116a187186a53afa82baf18b85c2a45c5b204b4b427b882110058cb3d05f6767c253977db175db7abbd298d417bec1efab3e5fd909c681c7ce39056b57db6d8ae2a6b5075e9a658f1c5b8aff1978213277ef2702021144cd947221cc5f94a275e344ce6a566150ffefe7f4351ca52e6f851070fe32c1bba56da718f48aec93f065a7516f8ae3dae2d2b79bc1c3ce2bd792a2753f84a1051c56f4fe4deb5a1cfb6930fa862ee223835868535e135062908b23783a023df30901565ab4a18044bd8bf59ba92b3688b4dd956dd798afccd5336964676f8f9db957550105456be2bd66541ce455bf993c9ac862f89aaf68a4bdd27d17ba565e042bc3e7292524e2fc558aa9dd9fcd84dc6e6d3db8be458313b72c88ec6b2b9a972a7230412d06498085702632ce7d1adae1870ffa0101ca042b994c5ec3aa217bdbda13718e5cb0805263d18fb6b3472a4a046d93cf7342d33bbcd201dedad24a6ca7d182dd9eae456e11eb43a275cdd88d1ed6f12d96f3ac355e8314706fbeb01f2335fee6c2545cb8766ac69879b2dbc07318c3f6150fb0dd0886779aae3a26cb4c2f0bff521556e56b80429cd6493d59f9e590047de121b24dd7d7d3e5bd1496bba847f6a236dbbb5e7dd570e67a7751e200c575e9536bb4dcb11ead97e15b20a2b8bae7ecc2b6d567721f78be342e824ad5eda9c78895bde7b1240cca6292d9c7345b084d1e4832fb496985687890217444e2985b01f6f7168196494dcda647f03a59604fdc8d30f78952158ed27629d78697ffcdb9e0f3d233e6d28ba31144ae8ca627fdcfb7458612e94d28b82fd68ad7b11113394cacf8a31f46cf708325aabd58b60711644d543e58a719d565055e33675581eb0975a96d2dcf2aa6ddde19c2b74084feb60fdccc348a4bea7a82b8075dadb8a1ff8b085f649d1a317114c5ee709f53aff257820fe502003d4672563b387420848d360c6d8253e193ddbf7bc63524b6f3d46680a83"}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x3, 0x9, 0x3, 0x7}, {0x9, 0x47, 0xff, 0x67}, {0x9, 0x6, 0x8, 0xfffffffa}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x7f, 0xdd, 0x9, 0x6}, {0x100, 0x1, 0x3f, 0xfff}, {0xfff, 0x6, 0x0, 0x40}, {0x0, 0x40, 0x90, 0x8}, {0x5, 0x4, 0x9, 0x7}, {0x1, 0x7f, 0x2}, {0x100, 0x3f, 0x2, 0x7f}, {0x2, 0x0, 0x4}]}) 13:54:00 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, r2) 13:54:00 executing program 2: ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000040)={0x0, {0x2, 0x4e24, @empty}, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x25}}, 0x4, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)='ipvlan1\x00', 0x1f, 0x6, 0x100}) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) 13:54:00 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x620002, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:00 executing program 4: write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000140)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x26, 0x200, 0x100300, 0x0, 0x9, 0x7, 0x8100}}, 0x50) openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs2/binder-control\x00', 0x3, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(0xffffffffffffffff, 0x0, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) accept$inet(r2, 0x0, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000340)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000990f00009e239e21cc29b4267d1fb518137a7ee715eb14f55de0754f27b945b6b6818e4f42ad57175c2b2c49fe54c7b892b22df0ce06ec79dac6e668ee423529953d9b1189ae9379a9a086c61d909a668d73a02d485c9a9108dadb16309e8ffe9fedb6ac462a34f04f1f71875846957cab20115c7fc20738e9132278a64e5f9fe939190f022928721c9fe279c5f69f821cb1174c1e00b3706f11b1f462a89425a84ab912706cc7b8f81298b5068e7632a4c59aafac96d59c52da72839d4aec5d015e3f03ae020d413f781922ba172d067c6e7cf225db39fb64697e4d1958d905e2649b1f34ff715d0b1b67a83b5855d706161c76d50286"], &(0x7f00000001c0)=0xbd) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x200002, 0x0) r3 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r3, 0x0, 0x0) setsockopt$inet_mreq(r3, 0x0, 0x24, &(0x7f00000000c0)={@multicast1, @local}, 0x8) 13:54:00 executing program 3: r0 = syz_open_dev$hidraw(&(0x7f0000000040), 0x5, 0x1) write$hidraw(r0, &(0x7f0000000080)="a63b62ab548664e7773a0a6883bbd5a0731459376dc9", 0x16) (async) io_uring_register$IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, 0x0, 0x0) ioctl$HIDIOCGRAWINFO(r0, 0x80084803, &(0x7f0000000100)=""/67) (async) r1 = socket$igmp(0x2, 0x3, 0x2) (async) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @broadcast}, 0x8) (async) r3 = syz_io_uring_setup(0x1f2, &(0x7f0000000180)={0x0, 0x53a8, 0x20, 0x2, 0x174}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (async) r4 = socket$inet_udplite(0x2, 0x2, 0x88) (async) r5 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs2/binder-control\x00', 0x1000, 0x0) io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f00000002c0)=[r2, r3, r1, r4, r5, r1, r2, 0xffffffffffffffff, r0], 0x9) 13:54:00 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000200), 0xd0, 0x414500) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="a80000a356430cc7ad66f8c32055ccaae4b0f344ff33bcd22b2d89bcb29dbf5a53d06571ed792583e8ac7d27582279a1e78a8d46475364bcc2ed3a650a4c50bd54a92591eb2820e85ee3f8bc7d007bf44f1d842b892f1afe84a46bfdfd15ab94334e48d98cac782ac464a0bdaee282ed", @ANYRES16=r2, @ANYBLOB="000301000000fc0000000000020001000000"], 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0xa, &(0x7f0000000000)=[{0x20, 0xc7, 0x80, 0x3}, {0x37e, 0x95, 0x9, 0x401}, {0x7, 0xb5, 0x9, 0x5}, {0x6, 0x3f, 0x80, 0x2}, {0x627d, 0x3f, 0xff, 0x2}, {0x21, 0x1a, 0xa7, 0x921}, {0x2, 0xfc, 0x20, 0x3ff}, {0x81, 0x3f, 0x1, 0x3ff}, {0x4, 0x9, 0x7f, 0x800}, {0x4, 0x6, 0x8f, 0x7ff}]}) 13:54:00 executing program 4: read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020}, 0x2020) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, &(0x7f0000002080)={0x2, 0x0, @empty}, &(0x7f00000020c0)=0x10) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:00 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000100)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x8, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x8001, 0x6, 0x0, 0x611b1a92}]}) (async) getgid() 13:54:00 executing program 2: ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000040)={0x0, {0x2, 0x4e24, @empty}, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x25}}, 0x4, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)='ipvlan1\x00', 0x1f, 0x6, 0x100}) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000040)={0x0, {0x2, 0x4e24, @empty}, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x25}}, 0x4, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)='ipvlan1\x00', 0x1f, 0x6, 0x100}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) 13:54:00 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000200), 0xd0, 0x414500) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, 0xffffffffffffffff) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="a80000a356430cc7ad66f8c32055ccaae4b0f344ff33bcd22b2d89bcb29dbf5a53d06571ed792583e8ac7d27582279a1e78a8d46475364bcc2ed3a650a4c50bd54a92591eb2820e85ee3f8bc7d007bf44f1d842b892f1afe84a46bfdfd15ab94334e48d98cac782ac464a0bdaee282ed", @ANYRES16=r2, @ANYBLOB="000301000000fc0000000000020001000000"], 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0xa, &(0x7f0000000000)=[{0x20, 0xc7, 0x80, 0x3}, {0x37e, 0x95, 0x9, 0x401}, {0x7, 0xb5, 0x9, 0x5}, {0x6, 0x3f, 0x80, 0x2}, {0x627d, 0x3f, 0xff, 0x2}, {0x21, 0x1a, 0xa7, 0x921}, {0x2, 0xfc, 0x20, 0x3ff}, {0x81, 0x3f, 0x1, 0x3ff}, {0x4, 0x9, 0x7f, 0x800}, {0x4, 0x6, 0x8f, 0x7ff}]}) 13:54:00 executing program 4: r0 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_mreqsrc(r0, 0x0, 0x2, &(0x7f0000000040)={@initdev, @local}, &(0x7f0000000080)=0xc) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@dev={0xac, 0x14, 0x14, 0x2f}, @broadcast}, 0x8) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x0, 0x3, 0x4, 0xc, "8cf3899ed9b9bc8fec468f8a976563c530d0020f81e1769850c646b0145763ec8731ea86e0d112471a19730061a8327169fe427eca545a71569a3b44b517daa7", "3b5b2a885ab68d6d5ea75f5740bb23b29b5ceadce24aaa50761ae7e03e4dcaab", [0x1]}) 13:54:00 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x620002, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:00 executing program 3: setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000000040)=0x21001, 0x4) r0 = socket$igmp(0x2, 0x3, 0x2) socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x8) 13:54:00 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000200), 0xd0, 0x414500) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, 0xffffffffffffffff) (async) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="a80000a356430cc7ad66f8c32055ccaae4b0f344ff33bcd22b2d89bcb29dbf5a53d06571ed792583e8ac7d27582279a1e78a8d46475364bcc2ed3a650a4c50bd54a92591eb2820e85ee3f8bc7d007bf44f1d842b892f1afe84a46bfdfd15ab94334e48d98cac782ac464a0bdaee282ed", @ANYRES16=r2, @ANYBLOB="000301000000fc0000000000020001000000"], 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0xa, &(0x7f0000000000)=[{0x20, 0xc7, 0x80, 0x3}, {0x37e, 0x95, 0x9, 0x401}, {0x7, 0xb5, 0x9, 0x5}, {0x6, 0x3f, 0x80, 0x2}, {0x627d, 0x3f, 0xff, 0x2}, {0x21, 0x1a, 0xa7, 0x921}, {0x2, 0xfc, 0x20, 0x3ff}, {0x81, 0x3f, 0x1, 0x3ff}, {0x4, 0x9, 0x7f, 0x800}, {0x4, 0x6, 0x8f, 0x7ff}]}) 13:54:00 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = socket$inet(0x2, 0xa, 0x30000000) r2 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xb) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0) 13:54:00 executing program 2: ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000040)={0x0, {0x2, 0x4e24, @empty}, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x25}}, 0x4, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000000)='ipvlan1\x00', 0x1f, 0x6, 0x100}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) 13:54:00 executing program 3: setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000000040)=0x21001, 0x4) r0 = socket$igmp(0x2, 0x3, 0x2) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x8) 13:54:00 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xfffd, 0x0, 0x1}, {0x5, 0x9, 0x2, 0x20}]}) 13:54:00 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xfffd, 0x0, 0x1}, {0x5, 0x9, 0x2, 0x20}]}) 13:54:00 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000100)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x8, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x8001, 0x6, 0x0, 0x611b1a92}]}) (async) getgid() 13:54:00 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/112, 0x1008000, 0x1000, 0x2f, 0x1}, 0x20) socket$igmp(0x2, 0x3, 0x2) 13:54:00 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = socket$inet(0x2, 0xa, 0x30000000) r2 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xb) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0) 13:54:00 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xfffd, 0x0, 0x1}, {0x5, 0x9, 0x2, 0x20}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xfffd, 0x0, 0x1}, {0x5, 0x9, 0x2, 0x20}]}) (async) 13:54:00 executing program 3: setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000000040)=0x21001, 0x4) r0 = socket$igmp(0x2, 0x3, 0x2) (async, rerun: 64) socket$igmp(0x2, 0x3, 0x2) (rerun: 64) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x8) 13:54:00 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r2 = ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r2) 13:54:00 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = socket$inet(0x2, 0xa, 0x30000000) r2 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xb) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0) 13:54:00 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), 0xffffffffffffffff) 13:54:00 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x101040, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) write$FUSE_WRITE(r2, &(0x7f0000000080)={0x18, 0x0, 0x0, {0x6}}, 0x18) 13:54:00 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r2 = ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) (async) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) (async) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r2) 13:54:00 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = io_uring_setup(0x1000e46, &(0x7f0000000040)={0x0, 0x70c6, 0x1, 0x3, 0x2d0}) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000000c0)=0x100b40e, 0x4) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r3) syz_genetlink_get_family_id$batadv(&(0x7f0000000140), r3) syz_io_uring_setup(0x7993, &(0x7f0000000180)={0x0, 0x87cb, 0x800, 0x2, 0x16b, 0x0, r1}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200), &(0x7f0000000240)) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r4) r5 = syz_io_uring_setup(0x4e0e, &(0x7f0000000280)={0x0, 0x4cfe, 0x200, 0x1, 0x3ac}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000300), &(0x7f0000000340)) io_uring_register$IORING_REGISTER_ENABLE_RINGS(r5, 0xc, 0x0, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:00 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), 0xffffffffffffffff) [ 1624.026537][ T22] kauditd_printk_skb: 7 callbacks suppressed [ 1624.026546][ T22] audit: type=1326 audit(1676296440.829:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32346 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:01 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{}]}) (async) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), 0xffffffffffffffff) 13:54:01 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_GET_INTERFACE(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x0, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x28}, 0x1, 0x0, 0x0, 0x81}, 0x8000) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:01 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) (async) r1 = io_uring_setup(0x1000e46, &(0x7f0000000040)={0x0, 0x70c6, 0x1, 0x3, 0x2d0}) (async) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000000c0)=0x100b40e, 0x4) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r3) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000140), r3) syz_io_uring_setup(0x7993, &(0x7f0000000180)={0x0, 0x87cb, 0x800, 0x2, 0x16b, 0x0, r1}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (async) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r4) r5 = syz_io_uring_setup(0x4e0e, &(0x7f0000000280)={0x0, 0x4cfe, 0x200, 0x1, 0x3ac}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000300), &(0x7f0000000340)) io_uring_register$IORING_REGISTER_ENABLE_RINGS(r5, 0xc, 0x0, 0x0) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:01 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r2 = ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r2) 13:54:01 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) (async, rerun: 64) r2 = ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) (async, rerun: 64) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) (async) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r2) 13:54:01 executing program 5: io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40c201, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r3 = ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r4) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0xb) 13:54:01 executing program 2: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CALIPSO_C_ADD(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, 0x0, 0x2, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x1) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) sendmsg$NLBL_CALIPSO_C_LISTALL(r1, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)={0x2c, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000003}, 0x1) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000140)={0x50, 0x0, 0x0, {0x7, 0x26, 0x8001, 0x20004, 0x0, 0x2, 0x2d5, 0x401}}, 0x50) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@rand_addr=0x64010101, @local}, 0x8) 13:54:01 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) (async) r1 = io_uring_setup(0x1000e46, &(0x7f0000000040)={0x0, 0x70c6, 0x1, 0x3, 0x2d0}) (async) r2 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f00000000c0)=0x100b40e, 0x4) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), r3) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000140), r3) (async) syz_io_uring_setup(0x7993, &(0x7f0000000180)={0x0, 0x87cb, 0x800, 0x2, 0x16b, 0x0, r1}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200), &(0x7f0000000240)) (async) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r4) r5 = syz_io_uring_setup(0x4e0e, &(0x7f0000000280)={0x0, 0x4cfe, 0x200, 0x1, 0x3ac}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000300), &(0x7f0000000340)) io_uring_register$IORING_REGISTER_ENABLE_RINGS(r5, 0xc, 0x0, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:01 executing program 2: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000021c0)={&(0x7f0000002140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000002180)={&(0x7f00000024c0)={0x8b4, 0x0, 0x300, 0x70bd27, 0x25dfdbfd, {}, [@WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c}, @WGDEVICE_A_PEERS={0x828, 0x8, 0x0, 0x1, [{0x2cc, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "5862b13a1e5b9ab7967439278191988db23ae1034494e892031cf7b9002fe255"}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x9ac2}, @WGPEER_A_ALLOWEDIPS={0x25c, 0x9, 0x0, 0x1, [{0x124, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00'}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @empty}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x28}}, {0x5}}]}, {0xd0, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010102}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010101}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x2}}]}, {0x64, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @local}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @remote}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "4227b209e8c1dad7dfaf42e5cd81b7dea26984e9e705faee66b5b0f48d87f10b"}]}, {0x558, 0x0, 0x0, 0x1, [@WGPEER_A_PRESHARED_KEY={0x24, 0x2, "5971221f28e4277040949700d6d1fe1f2a0ed51e1ebf6d0adeeda98657777836"}, @WGPEER_A_ALLOWEDIPS={0x1c8, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x3}}]}, {0x100, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @rand_addr=0x64010101}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @private0}, {0x5, 0x3, 0x1}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @local}, {0x5, 0x3, 0x3}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e24, 0x5, @mcast2, 0x3}}, @WGPEER_A_ALLOWEDIPS={0x31c, 0x9, 0x0, 0x1, [{0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private1}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010100}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x3}}]}, {0x4c, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}]}, {0x118, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @private=0xa010102}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0xb}}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @multicast1}}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2c}}, {0x5, 0x3, 0x3}}]}, {0x40, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5}}]}, {0xf4, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast1}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @ipv4={'\x00', '\xff\xff', @loopback}}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @private=0xa010500}, {0x5}}, @ipv6={{0x6}, {0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x3}}]}]}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x1ff}]}]}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e20}]}, 0x8b4}, 0x1, 0x0, 0x0, 0x20040000}, 0x20044121) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0}, 0x2020) r4 = getuid() openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002100), 0x2, 0x0) r5 = getgid() getuid() write$FUSE_ATTR(r2, &(0x7f0000002080)={0x78, 0xfffffffffffffff5, r3, {0x7, 0x3, 0x0, {0x5, 0x7fffffffffffffff, 0x9, 0x9, 0x1, 0x4, 0x1, 0x7ff, 0xfffff800, 0xa000, 0x20, r4, r5, 0x7, 0x3}}}, 0x78) 13:54:01 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000000), r0) 13:54:01 executing program 3: sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x440c1}, 0x40000) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x5c, 0x0, 0x2, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x57cba92d}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x24008002) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1, @local}, 0x8) 13:54:01 executing program 5: io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40c201, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r3 = ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r4) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0xb) 13:54:01 executing program 4: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x10, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(0xffffffffffffffff, 0x0, 0x48a, &(0x7f0000000000)={0x1, 0x3, 0x1}, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000040)=0x8080, 0x4) 13:54:01 executing program 3: sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x440c1}, 0x40000) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x5c, 0x0, 0x2, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x57cba92d}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x24008002) (async) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1, @local}, 0x8) [ 1624.299836][T32377] Module has invalid ELF structures [ 1624.357962][ T22] audit: type=1326 audit(1676296441.169:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32387 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:01 executing program 3: sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x7}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x440c1}, 0x40000) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x5c, 0x0, 0x2, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x57cba92d}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}]}, 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x24008002) (async, rerun: 64) r0 = socket$igmp(0x2, 0x3, 0x2) (rerun: 64) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1, @local}, 0x8) 13:54:01 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_GET_INTERFACE(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x0, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x28}, 0x1, 0x0, 0x0, 0x81}, 0x8000) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:01 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000000), r0) 13:54:01 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="00022dbd7000fbdbdf2506000000cc2bcce97bb437fa74aa4be30f1a9b86e8cda5e6c925dea4a0b31d8403797209a0e0ae01e2d17529ee3cb43432f8fd22d7"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000000180)=0x200, 0x4) 13:54:01 executing program 4: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = accept4$inet(r0, 0x0, &(0x7f0000000040), 0x80000) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000080)={{0x2f, @local, 0x4e23, 0x2, 'sh\x00', 0x8, 0x10001, 0x79}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e24, 0x2, 0x22, 0x0, 0x1}}, 0x44) 13:54:01 executing program 5: io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x40c201, 0x0) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r3 = ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r4) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0xb) 13:54:01 executing program 4: getuid() r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000040)={0x2, 'hsr0\x00', 0x2}, 0x18) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:01 executing program 5: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0xc0045878, 0x0) 13:54:01 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="00022dbd7000fbdbdf2506000000cc2bcce97bb437fa74aa4be30f1a9b86e8cda5e6c925dea4a0b31d8403797209a0e0ae01e2d17529ee3cb43432f8fd22d7"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000000180)=0x200, 0x4) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="00022dbd7000fbdbdf2506000000cc2bcce97bb437fa74aa4be30f1a9b86e8cda5e6c925dea4a0b31d8403797209a0e0ae01e2d17529ee3cb43432f8fd22d7"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8000) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) (async) setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000000180)=0x200, 0x4) (async) 13:54:01 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000000), r0) 13:54:01 executing program 5: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) setsockopt$MRT_DEL_MFC_PROXY(r1, 0x0, 0xd3, &(0x7f0000000040)={@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102, 0x1, "1629e08f9725c6485369290515aa2f68728129798aca2f747e9aa1de7f7a06ec", 0x7fffffff, 0xfff, 0x9}, 0x3c) [ 1624.593686][T32394] Module has invalid ELF structures 13:54:01 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 1) 13:54:01 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (fail_nth: 1) [ 1624.644493][T32418] Module has invalid ELF structures [ 1624.707952][T32419] FAULT_INJECTION: forcing a failure. [ 1624.707952][T32419] name failslab, interval 1, probability 0, space 0, times 0 [ 1624.721164][T32419] CPU: 1 PID: 32419 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1624.729639][T32419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1624.739667][T32419] Call Trace: [ 1624.742937][T32419] dump_stack+0x1d8/0x241 [ 1624.747240][T32419] ? panic+0x73f/0x73f [ 1624.751280][T32419] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1624.757063][T32419] should_fail+0x71f/0x880 [ 1624.761452][T32419] ? setup_fault_attr+0x3d0/0x3d0 [ 1624.766448][T32419] ? avc_flush+0x1f0/0x1f0 [ 1624.770838][T32419] ? loop_add+0x56/0x740 [ 1624.775050][T32419] should_failslab+0x5/0x20 [ 1624.779533][T32419] kmem_cache_alloc_trace+0x28/0x240 [ 1624.784787][T32419] loop_add+0x56/0x740 [ 1624.788832][T32419] ? get_pid_task+0xc3/0xf0 [ 1624.793306][T32419] ? radix_tree_lookup+0x16f/0x1c0 [ 1624.798387][T32419] loop_control_ioctl+0x448/0x620 [ 1624.803383][T32419] ? loop_remove+0xa0/0xa0 [ 1624.807772][T32419] ? memset+0x1f/0x40 [ 1624.811726][T32419] ? fsnotify+0x1280/0x1340 [ 1624.816198][T32419] ? loop_remove+0xa0/0xa0 [ 1624.820590][T32419] do_vfs_ioctl+0x742/0x1720 [ 1624.825154][T32419] ? ioctl_preallocate+0x250/0x250 [ 1624.830236][T32419] ? __fget+0x407/0x490 [ 1624.834364][T32419] ? fget_many+0x20/0x20 [ 1624.838580][T32419] ? debug_smp_processor_id+0x20/0x20 [ 1624.843921][T32419] ? security_file_ioctl+0x7d/0xa0 [ 1624.849006][T32419] __x64_sys_ioctl+0xd4/0x110 [ 1624.853655][T32419] do_syscall_64+0xca/0x1c0 [ 1624.858151][T32419] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1624.865170][ T22] audit: type=1326 audit(1676296441.679:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32422 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:01 executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan4\x00', 0x0}) sendmsg$NL802154_CMD_GET_INTERFACE(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, 0x0, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x28}, 0x1, 0x0, 0x0, 0x81}, 0x8000) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() 13:54:01 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 13:54:01 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="00022dbd7000fbdbdf2506000000cc2bcce97bb437fa74aa4be30f1a9b86e8cda5e6c925dea4a0b31d8403797209a0e0ae01e2d17529ee3cb43432f8fd22d7"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8000) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000000180)=0x200, 0x4) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="00022dbd7000fbdbdf2506000000cc2bcce97bb437fa74aa4be30f1a9b86e8cda5e6c925dea4a0b31d8403797209a0e0ae01e2d17529ee3cb43432f8fd22d7"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x8000) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) (async) setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000000180)=0x200, 0x4) (async) 13:54:01 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:01 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @empty}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @dev={0xfe, 0x80, '\x00', 0x2b}}, @FOU_ATTR_PEER_V6={0x14, 0x9, @mcast2}, @FOU_ATTR_PEER_V6={0x14, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4008}, 0x20040044) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) 13:54:01 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 2) 13:54:01 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x0, 0x0) 13:54:01 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @empty}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @dev={0xfe, 0x80, '\x00', 0x2b}}, @FOU_ATTR_PEER_V6={0x14, 0x9, @mcast2}, @FOU_ATTR_PEER_V6={0x14, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4008}, 0x20040044) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) (async) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @empty}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @dev={0xfe, 0x80, '\x00', 0x2b}}, @FOU_ATTR_PEER_V6={0x14, 0x9, @mcast2}, @FOU_ATTR_PEER_V6={0x14, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4008}, 0x20040044) (async) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) (async) 13:54:01 executing program 1: r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder-control\x00', 0x802, 0x0) ioctl$BINDER_CTL_ADD(r0, 0xc1086201, &(0x7f0000000080)={'custom1\x00'}) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x684341, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) r3 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x7, 0x1, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893aa34dae2e9c8037388a28e45d6600", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "f6958359ae0f6f2ca9ef4f000000002600"}}) ioctl$LOOP_SET_DIRECT_IO(r2, 0x4c08, 0x8) r4 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r4, 0x0, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x5, 0x2, 0x12, 0x4, "7ac79cd91ec02fb3910ce6d9542ad602bc172e7d697d321cefb31d56d96759f778532d377f8a10b8c5cd34718080d4a5551addca5dd74a2825dfedde4fcabab6", "71723b7ea8bdbf0cabea39e83d2430bb5d3bf4f7805b6812eb0bf585d057b7c8", [0x4, 0xd0]}) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 13:54:01 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x3, 0x0, 0x0) 13:54:01 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @empty}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @dev={0xfe, 0x80, '\x00', 0x2b}}, @FOU_ATTR_PEER_V6={0x14, 0x9, @mcast2}, @FOU_ATTR_PEER_V6={0x14, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4008}, 0x20040044) (async) openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000080), 0x2, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) 13:54:01 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) [ 1625.065857][T32432] FAULT_INJECTION: forcing a failure. [ 1625.065857][T32432] name failslab, interval 1, probability 0, space 0, times 0 [ 1625.105951][T32440] Module has invalid ELF structures [ 1625.140985][T32432] CPU: 1 PID: 32432 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1625.149488][T32432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1625.155330][T32459] Module has invalid ELF structures [ 1625.159523][T32432] Call Trace: [ 1625.159541][T32432] dump_stack+0x1d8/0x241 [ 1625.159549][T32432] ? panic+0x73f/0x73f [ 1625.159558][T32432] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1625.159572][T32432] ? do_vfs_ioctl+0x742/0x1720 [ 1625.186860][T32432] ? do_syscall_64+0xca/0x1c0 [ 1625.191524][T32432] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1625.197577][T32432] should_fail+0x71f/0x880 [ 1625.201982][T32432] ? setup_fault_attr+0x3d0/0x3d0 [ 1625.206994][T32432] ? idr_alloc+0x205/0x2f0 [ 1625.211397][T32432] ? blk_mq_alloc_tag_set+0x311/0x890 [ 1625.216750][T32432] should_failslab+0x5/0x20 [ 1625.221233][T32432] __kmalloc+0x51/0x2b0 [ 1625.225360][T32432] ? idr_alloc_u32+0x320/0x320 [ 1625.230097][T32432] blk_mq_alloc_tag_set+0x311/0x890 [ 1625.235269][T32432] ? loop_add+0x56/0x740 [ 1625.239482][T32432] loop_add+0x231/0x740 [ 1625.243610][T32432] ? get_pid_task+0xc3/0xf0 [ 1625.248084][T32432] ? radix_tree_lookup+0x16f/0x1c0 [ 1625.253167][T32432] loop_control_ioctl+0x448/0x620 [ 1625.258163][T32432] ? loop_remove+0xa0/0xa0 [ 1625.262552][T32432] ? memset+0x1f/0x40 [ 1625.266508][T32432] ? fsnotify+0x1280/0x1340 [ 1625.270982][T32432] ? loop_remove+0xa0/0xa0 [ 1625.275371][T32432] do_vfs_ioctl+0x742/0x1720 [ 1625.279935][T32432] ? ioctl_preallocate+0x250/0x250 [ 1625.285019][T32432] ? __fget+0x407/0x490 [ 1625.289147][T32432] ? fget_many+0x20/0x20 [ 1625.293363][T32432] ? debug_smp_processor_id+0x20/0x20 [ 1625.298708][T32432] ? security_file_ioctl+0x7d/0xa0 [ 1625.303805][T32432] __x64_sys_ioctl+0xd4/0x110 [ 1625.308465][T32432] do_syscall_64+0xca/0x1c0 [ 1625.312946][T32432] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1625.322130][ T22] audit: type=1326 audit(1676296442.129:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32463 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:02 executing program 3: socket$igmp(0x2, 0x3, 0x2) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000080)={@private=0xa010101, @local}, 0x8) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, &(0x7f00000000c0)) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f0000000000)=0x8) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000040)={0x2, 'vlan1\x00', 0x1}, 0x18) 13:54:02 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') 13:54:02 executing program 1: r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder-control\x00', 0x802, 0x0) ioctl$BINDER_CTL_ADD(r0, 0xc1086201, &(0x7f0000000080)={'custom1\x00'}) (async) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x684341, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) (async) r3 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x7, 0x1, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893aa34dae2e9c8037388a28e45d6600", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "f6958359ae0f6f2ca9ef4f000000002600"}}) ioctl$LOOP_SET_DIRECT_IO(r2, 0x4c08, 0x8) (async) r4 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r4, 0x0, 0x0) (async) setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) (async, rerun: 64) ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x5, 0x2, 0x12, 0x4, "7ac79cd91ec02fb3910ce6d9542ad602bc172e7d697d321cefb31d56d96759f778532d377f8a10b8c5cd34718080d4a5551addca5dd74a2825dfedde4fcabab6", "71723b7ea8bdbf0cabea39e83d2430bb5d3bf4f7805b6812eb0bf585d057b7c8", [0x4, 0xd0]}) (async, rerun: 64) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 13:54:02 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 3) 13:54:02 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = socket(0xa, 0xa, 0x6) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xffff}, @BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xe9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4c045}, 0x20008010) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) 13:54:02 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) r0 = socket(0xa, 0xa, 0x6) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xffff}, @BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xe9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4c045}, 0x20008010) (async) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) 13:54:02 executing program 3: socket$igmp(0x2, 0x3, 0x2) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000080)={@private=0xa010101, @local}, 0x8) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, &(0x7f00000000c0)) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f0000000000)=0x8) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000040)={0x2, 'vlan1\x00', 0x1}, 0x18) socket$igmp(0x2, 0x3, 0x2) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000080)={@private=0xa010101, @local}, 0x8) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r1, 0x0, 0x0) (async) ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, &(0x7f00000000c0)) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async) ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f0000000000)=0x8) (async) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000040)={0x2, 'vlan1\x00', 0x1}, 0x18) (async) 13:54:02 executing program 2: init_module(0x0, 0x0, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') [ 1625.556442][T32474] Module has invalid ELF structures [ 1625.562208][T32475] FAULT_INJECTION: forcing a failure. [ 1625.562208][T32475] name failslab, interval 1, probability 0, space 0, times 0 [ 1625.622616][T32475] CPU: 1 PID: 32475 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1625.631120][T32475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1625.641161][T32475] Call Trace: [ 1625.644442][T32475] dump_stack+0x1d8/0x241 [ 1625.648761][T32475] ? panic+0x73f/0x73f [ 1625.652818][T32475] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1625.658610][T32475] should_fail+0x71f/0x880 [ 1625.663044][T32475] ? setup_fault_attr+0x3d0/0x3d0 [ 1625.668057][T32475] ? blk_mq_alloc_tag_set+0x3ab/0x890 [ 1625.673412][T32475] should_failslab+0x5/0x20 [ 1625.677906][T32475] __kmalloc+0x51/0x2b0 [ 1625.682049][T32475] blk_mq_alloc_tag_set+0x3ab/0x890 [ 1625.687245][T32475] loop_add+0x231/0x740 [ 1625.691444][T32475] ? get_pid_task+0xc3/0xf0 [ 1625.695931][T32475] ? radix_tree_lookup+0x16f/0x1c0 [ 1625.701027][T32475] loop_control_ioctl+0x448/0x620 [ 1625.706031][T32475] ? loop_remove+0xa0/0xa0 [ 1625.710425][T32475] ? memset+0x1f/0x40 [ 1625.714383][T32475] ? fsnotify+0x1280/0x1340 13:54:02 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) r0 = socket(0xa, 0xa, 0x6) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xffff}, @BATADV_ATTR_HOP_PENALTY={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0xe9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4c045}, 0x20008010) (async) ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, r0) 13:54:02 executing program 1: r0 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/binder-control\x00', 0x802, 0x0) ioctl$BINDER_CTL_ADD(r0, 0xc1086201, &(0x7f0000000080)={'custom1\x00'}) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x684341, 0x0) (async) r2 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) (async) r3 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, 0x7, 0x1, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893aa34dae2e9c8037388a28e45d6600", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "f6958359ae0f6f2ca9ef4f000000002600"}}) (async) ioctl$LOOP_SET_DIRECT_IO(r2, 0x4c08, 0x8) (async) r4 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r4, 0x0, 0x0) (async) setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x5, 0x2, 0x12, 0x4, "7ac79cd91ec02fb3910ce6d9542ad602bc172e7d697d321cefb31d56d96759f778532d377f8a10b8c5cd34718080d4a5551addca5dd74a2825dfedde4fcabab6", "71723b7ea8bdbf0cabea39e83d2430bb5d3bf4f7805b6812eb0bf585d057b7c8", [0x4, 0xd0]}) (async) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 13:54:02 executing program 3: socket$igmp(0x2, 0x3, 0x2) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000080)={@private=0xa010101, @local}, 0x8) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) (async) ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, &(0x7f00000000c0)) (async) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async) ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f0000000000)=0x8) (async) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000040)={0x2, 'vlan1\x00', 0x1}, 0x18) 13:54:02 executing program 0: r0 = getgid() r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) write$FUSE_DIRENTPLUS(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="b0000000f5ffffff", @ANYRES64=0x0, @ANYBLOB="0500000000000000010000000000000006000000000000000200000000000000ff03000000f8ffff0500000000000000000000890000000000000000040000000000000000000000000000ffffffff0008c887000000000000008000000400"/110, @ANYRES32, @ANYRES32=r0, @ANYBLOB="92670000a20f00000000000001000000000000000100000000000000070000000600000026282528267b2800"], 0xb0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r2, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) r3 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LISTALL(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x44, r3, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x2000001}, 0x4000000) 13:54:02 executing program 2: init_module(0x0, 0x0, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') [ 1625.718857][T32475] ? loop_remove+0xa0/0xa0 [ 1625.723245][T32475] do_vfs_ioctl+0x742/0x1720 [ 1625.727810][T32475] ? ioctl_preallocate+0x250/0x250 [ 1625.732892][T32475] ? __fget+0x407/0x490 [ 1625.737018][T32475] ? fget_many+0x20/0x20 [ 1625.741235][T32475] ? debug_smp_processor_id+0x20/0x20 [ 1625.746577][T32475] ? security_file_ioctl+0x7d/0xa0 [ 1625.751657][T32475] __x64_sys_ioctl+0xd4/0x110 [ 1625.756305][T32475] do_syscall_64+0xca/0x1c0 [ 1625.760783][T32475] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:02 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) 13:54:02 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000040)={0x80000001, {{0x2, 0x4e24, @local}}}, 0x88) [ 1625.775358][ T22] audit: type=1326 audit(1676296442.579:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32507 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:02 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 4) 13:54:02 executing program 2: init_module(0x0, 0x0, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') 13:54:02 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000040)={0x80000001, {{0x2, 0x4e24, @local}}}, 0x88) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000040)={0x80000001, {{0x2, 0x4e24, @local}}}, 0x88) (async) 13:54:02 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) 13:54:02 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x8002, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) r4 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, r2) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r7 = ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r8 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r9 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r11 = ioctl$LOOP_CTL_ADD(r9, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r10, 0x4c81, r11) r12 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r13 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r14 = ioctl$LOOP_CTL_ADD(r12, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r13, 0x4c81, r14) r15 = ioctl$LOOP_CTL_ADD(r6, 0x4c80, r4) ioctl$LOOP_CTL_REMOVE(r8, 0x4c81, r15) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r15) syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), r6) 13:54:02 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async) 13:54:02 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000040)={0x80000001, {{0x2, 0x4e24, @local}}}, 0x88) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000040)={0x80000001, {{0x2, 0x4e24, @local}}}, 0x88) (async) 13:54:02 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1625.881692][T32533] FAULT_INJECTION: forcing a failure. [ 1625.881692][T32533] name failslab, interval 1, probability 0, space 0, times 0 [ 1625.903020][T32533] CPU: 1 PID: 32533 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1625.911516][T32533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1625.921553][T32533] Call Trace: [ 1625.924830][T32533] dump_stack+0x1d8/0x241 [ 1625.929147][T32533] ? panic+0x73f/0x73f [ 1625.933205][T32533] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1625.939004][T32533] ? __kasan_kmalloc+0x199/0x1d0 [ 1625.943978][T32533] should_fail+0x71f/0x880 [ 1625.948379][T32533] ? __kasan_kmalloc+0x199/0x1d0 [ 1625.953299][T32533] ? setup_fault_attr+0x3d0/0x3d0 [ 1625.958308][T32533] ? __x64_sys_ioctl+0xd4/0x110 [ 1625.963140][T32533] ? do_syscall_64+0xca/0x1c0 [ 1625.967804][T32533] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1625.973862][T32533] ? blk_mq_init_tags+0x74/0x280 [ 1625.978820][T32533] should_failslab+0x5/0x20 [ 1625.983311][T32533] kmem_cache_alloc_trace+0x28/0x240 [ 1625.988584][T32533] blk_mq_init_tags+0x74/0x280 [ 1625.993329][T32533] ? blk_mq_hw_queue_to_node+0xe3/0x100 [ 1625.998859][T32533] blk_mq_alloc_rq_map+0x95/0x1a0 [ 1626.003869][T32533] __blk_mq_alloc_rq_map+0x70/0x2a0 [ 1626.009052][T32533] ? find_first_bit+0x5b/0xf0 [ 1626.013712][T32533] blk_mq_alloc_rq_maps+0xac/0x410 [ 1626.018810][T32533] blk_mq_alloc_tag_set+0x50e/0x890 [ 1626.023996][T32533] loop_add+0x231/0x740 [ 1626.028134][T32533] ? get_pid_task+0xc3/0xf0 [ 1626.032621][T32533] ? radix_tree_lookup+0x16f/0x1c0 [ 1626.037723][T32533] loop_control_ioctl+0x448/0x620 [ 1626.040507][T32542] Module has invalid ELF structures [ 1626.042731][T32533] ? loop_remove+0xa0/0xa0 [ 1626.042742][T32533] ? memset+0x1f/0x40 [ 1626.042755][T32533] ? fsnotify+0x1280/0x1340 [ 1626.060747][T32533] ? loop_remove+0xa0/0xa0 [ 1626.065187][T32533] do_vfs_ioctl+0x742/0x1720 [ 1626.069771][T32533] ? ioctl_preallocate+0x250/0x250 [ 1626.074866][T32533] ? __fget+0x407/0x490 [ 1626.079037][T32533] ? fget_many+0x20/0x20 [ 1626.083263][T32533] ? debug_smp_processor_id+0x20/0x20 [ 1626.088616][T32533] ? security_file_ioctl+0x7d/0xa0 [ 1626.093710][T32533] __x64_sys_ioctl+0xd4/0x110 [ 1626.098373][T32533] do_syscall_64+0xca/0x1c0 [ 1626.102862][T32533] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1626.112341][T32533] blk-mq: reduced tag depth (128 -> 64) 13:54:02 executing program 0: r0 = getgid() r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) write$FUSE_DIRENTPLUS(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="b0000000f5ffffff", @ANYRES64=0x0, @ANYBLOB="0500000000000000010000000000000006000000000000000200000000000000ff03000000f8ffff0500000000000000000000890000000000000000040000000000000000000000000000ffffffff0008c887000000000000008000000400"/110, @ANYRES32, @ANYRES32=r0, @ANYBLOB="92670000a20f00000000000001000000000000000100000000000000070000000600000026282528267b2800"], 0xb0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r2, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) r3 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LISTALL(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x44, r3, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x2000001}, 0x4000000) 13:54:02 executing program 5: ioctl$HIDIOCGRAWPHYS(0xffffffffffffffff, 0x80404805, &(0x7f0000000000)) r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000180)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x0, @empty}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x2}) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000040)={@empty, @remote}, 0xc) 13:54:02 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) 13:54:02 executing program 3: r0 = getpgrp(0x0) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CLR_FD(r1, 0x4c01) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) capget(&(0x7f0000000080)={0x20080522, r0}, &(0x7f00000000c0)={0x9, 0xfffff001, 0x5, 0x58, 0xcd, 0x80}) r2 = socket$igmp(0x2, 0x3, 0x2) delete_module(&(0x7f0000000040)='::&-\x00', 0x200) setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:02 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 5) 13:54:03 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x8002, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) (async) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) r4 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, r2) (async) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) (async) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) (async) r7 = ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r8 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) (async) r9 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r11 = ioctl$LOOP_CTL_ADD(r9, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r10, 0x4c81, r11) r12 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r13 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r14 = ioctl$LOOP_CTL_ADD(r12, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r13, 0x4c81, r14) (async) r15 = ioctl$LOOP_CTL_ADD(r6, 0x4c80, r4) ioctl$LOOP_CTL_REMOVE(r8, 0x4c81, r15) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r15) syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), r6) 13:54:03 executing program 5: ioctl$HIDIOCGRAWPHYS(0xffffffffffffffff, 0x80404805, &(0x7f0000000000)) r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000180)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x0, @empty}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x2}) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000040)={@empty, @remote}, 0xc) 13:54:03 executing program 5: ioctl$HIDIOCGRAWPHYS(0xffffffffffffffff, 0x80404805, &(0x7f0000000000)) r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000180)={0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x0, @empty}, {0x2, 0x0, @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x2}) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000040)={@empty, @remote}, 0xc) 13:54:03 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) 13:54:03 executing program 5: r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in, @in=@initdev}}, {{@in6=@initdev}, 0x0, @in6=@local}}, &(0x7f0000000140)=0xe8) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x0, 0x0, 0x10001, 0x2}}, 0x20) 13:54:03 executing program 3: r0 = getpgrp(0x0) (async) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CLR_FD(r1, 0x4c01) (async) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) capget(&(0x7f0000000080)={0x20080522, r0}, &(0x7f00000000c0)={0x9, 0xfffff001, 0x5, 0x58, 0xcd, 0x80}) (async) r2 = socket$igmp(0x2, 0x3, 0x2) delete_module(&(0x7f0000000040)='::&-\x00', 0x200) (async) setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) [ 1626.194621][T32553] Module has invalid ELF structures [ 1626.200479][T32552] FAULT_INJECTION: forcing a failure. [ 1626.200479][T32552] name failslab, interval 1, probability 0, space 0, times 0 [ 1626.229268][T32552] CPU: 0 PID: 32552 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1626.237204][T32567] Module has invalid ELF structures [ 1626.237766][T32552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1626.252961][T32552] Call Trace: [ 1626.256243][T32552] dump_stack+0x1d8/0x241 [ 1626.260563][T32552] ? panic+0x73f/0x73f [ 1626.264623][T32552] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1626.270411][T32552] ? __blk_mq_alloc_rq_map+0x70/0x2a0 [ 1626.275779][T32552] ? blk_mq_alloc_tag_set+0x50e/0x890 [ 1626.281134][T32552] ? loop_add+0x231/0x740 [ 1626.285446][T32552] ? loop_control_ioctl+0x448/0x620 [ 1626.290631][T32552] ? __x64_sys_ioctl+0xd4/0x110 [ 1626.295465][T32552] ? do_syscall_64+0xca/0x1c0 [ 1626.300133][T32552] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1626.306183][T32552] should_fail+0x71f/0x880 [ 1626.310589][T32552] ? setup_fault_attr+0x3d0/0x3d0 [ 1626.315598][T32552] ? sbitmap_queue_init_node+0x164/0xf10 [ 1626.321202][T32552] should_failslab+0x5/0x20 [ 1626.325685][T32552] __kmalloc+0x51/0x2b0 [ 1626.329818][T32552] sbitmap_queue_init_node+0x164/0xf10 [ 1626.335249][T32552] ? blk_mq_init_tags+0x74/0x280 [ 1626.340159][T32552] blk_mq_init_tags+0xf1/0x280 [ 1626.344899][T32552] blk_mq_alloc_rq_map+0x95/0x1a0 [ 1626.349908][T32552] __blk_mq_alloc_rq_map+0x70/0x2a0 [ 1626.355088][T32552] ? find_first_bit+0x5b/0xf0 [ 1626.359753][T32552] blk_mq_alloc_rq_maps+0xac/0x410 [ 1626.364841][T32552] blk_mq_alloc_tag_set+0x50e/0x890 [ 1626.370012][T32552] loop_add+0x231/0x740 [ 1626.374140][T32552] ? get_pid_task+0xc3/0xf0 [ 1626.378615][T32552] ? radix_tree_lookup+0x16f/0x1c0 [ 1626.383701][T32552] loop_control_ioctl+0x448/0x620 [ 1626.388698][T32552] ? loop_remove+0xa0/0xa0 [ 1626.393088][T32552] ? memset+0x1f/0x40 [ 1626.397044][T32552] ? fsnotify+0x1280/0x1340 [ 1626.401517][T32552] ? loop_remove+0xa0/0xa0 [ 1626.405919][T32552] do_vfs_ioctl+0x742/0x1720 [ 1626.410491][T32552] ? ioctl_preallocate+0x250/0x250 [ 1626.415573][T32552] ? __fget+0x407/0x490 [ 1626.419702][T32552] ? fget_many+0x20/0x20 [ 1626.423916][T32552] ? debug_smp_processor_id+0x20/0x20 [ 1626.429260][T32552] ? security_file_ioctl+0x7d/0xa0 [ 1626.434343][T32552] __x64_sys_ioctl+0xd4/0x110 [ 1626.438991][T32552] do_syscall_64+0xca/0x1c0 13:54:03 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) [ 1626.443470][T32552] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1626.454364][T32581] Module has invalid ELF structures [ 1626.456078][T32552] blk-mq: reduced tag depth (128 -> 64) [ 1626.467181][ T22] audit: type=1326 audit(1676296443.269:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f7d08d10fab code=0x80000 [ 1626.492637][ T22] audit: type=1326 audit(1676296443.279:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32574 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:03 executing program 0: r0 = getgid() r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async, rerun: 64) write$FUSE_DIRENTPLUS(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="b0000000f5ffffff", @ANYRES64=0x0, @ANYBLOB="0500000000000000010000000000000006000000000000000200000000000000ff03000000f8ffff0500000000000000000000890000000000000000040000000000000000000000000000ffffffff0008c887000000000000008000000400"/110, @ANYRES32, @ANYRES32=r0, @ANYBLOB="92670000a20f00000000000001000000000000000100000000000000070000000600000026282528267b2800"], 0xb0) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async, rerun: 64) getgid() (async, rerun: 64) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r2, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) r3 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LISTALL(r2, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x44, r3, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x44}, 0x1, 0x0, 0x0, 0x2000001}, 0x4000000) 13:54:03 executing program 3: r0 = getpgrp(0x0) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CLR_FD(r1, 0x4c01) (async) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) capget(&(0x7f0000000080)={0x20080522, r0}, &(0x7f00000000c0)={0x9, 0xfffff001, 0x5, 0x58, 0xcd, 0x80}) (async) r2 = socket$igmp(0x2, 0x3, 0x2) delete_module(&(0x7f0000000040)='::&-\x00', 0x200) (async) setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:03 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') 13:54:03 executing program 5: r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) (async) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in, @in=@initdev}}, {{@in6=@initdev}, 0x0, @in6=@local}}, &(0x7f0000000140)=0xe8) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async, rerun: 64) write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x0, 0x0, 0x10001, 0x2}}, 0x20) 13:54:03 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x8002, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r3) (async) r4 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, r2) (async) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) (async) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r6 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r7 = ioctl$LOOP_CTL_ADD(r5, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r8 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r9 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r10 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r11 = ioctl$LOOP_CTL_ADD(r9, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r10, 0x4c81, r11) r12 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r13 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r14 = ioctl$LOOP_CTL_ADD(r12, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r13, 0x4c81, r14) r15 = ioctl$LOOP_CTL_ADD(r6, 0x4c80, r4) ioctl$LOOP_CTL_REMOVE(r8, 0x4c81, r15) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r15) (async) syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), r6) 13:54:03 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 6) 13:54:03 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) 13:54:03 executing program 2: init_module(0x0, 0x0, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') 13:54:03 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async, rerun: 64) r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) 13:54:03 executing program 5: r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) (async, rerun: 64) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000040)={{{@in, @in=@initdev}}, {{@in6=@initdev}, 0x0, @in6=@local}}, &(0x7f0000000140)=0xe8) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async) write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x0, 0x0, 0x10001, 0x2}}, 0x20) [ 1626.684166][T32595] Module has invalid ELF structures 13:54:03 executing program 2: init_module(0x0, 0x0, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') 13:54:03 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2801c2, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) [ 1626.739697][T32596] FAULT_INJECTION: forcing a failure. [ 1626.739697][T32596] name failslab, interval 1, probability 0, space 0, times 0 [ 1626.762497][T32596] CPU: 1 PID: 32596 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1626.770993][T32596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1626.781030][T32596] Call Trace: [ 1626.784308][T32596] dump_stack+0x1d8/0x241 [ 1626.788625][T32596] ? panic+0x73f/0x73f [ 1626.792684][T32596] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1626.798484][T32596] ? pcpu_alloc_area+0x658/0x750 [ 1626.803407][T32596] should_fail+0x71f/0x880 [ 1626.807852][T32596] ? setup_fault_attr+0x3d0/0x3d0 [ 1626.812872][T32596] ? pcpu_alloc+0xb57/0x1050 [ 1626.817463][T32596] ? sbitmap_queue_init_node+0x64b/0xf10 [ 1626.823080][T32596] should_failslab+0x5/0x20 [ 1626.827567][T32596] kmem_cache_alloc_trace+0x28/0x240 [ 1626.832843][T32596] sbitmap_queue_init_node+0x64b/0xf10 [ 1626.838298][T32596] blk_mq_init_tags+0xf1/0x280 [ 1626.843045][T32596] blk_mq_alloc_rq_map+0x95/0x1a0 [ 1626.848052][T32596] __blk_mq_alloc_rq_map+0x70/0x2a0 [ 1626.853234][T32596] ? find_first_bit+0x5b/0xf0 [ 1626.857922][T32596] blk_mq_alloc_rq_maps+0xac/0x410 [ 1626.863018][T32596] blk_mq_alloc_tag_set+0x50e/0x890 [ 1626.868450][T32596] loop_add+0x231/0x740 [ 1626.872578][T32596] ? get_pid_task+0xc3/0xf0 [ 1626.877053][T32596] ? radix_tree_lookup+0x16f/0x1c0 [ 1626.882141][T32596] loop_control_ioctl+0x448/0x620 [ 1626.887140][T32596] ? loop_remove+0xa0/0xa0 [ 1626.891533][T32596] ? memset+0x1f/0x40 [ 1626.895483][T32596] ? fsnotify+0x1280/0x1340 [ 1626.899959][T32596] ? loop_remove+0xa0/0xa0 [ 1626.904345][T32596] do_vfs_ioctl+0x742/0x1720 [ 1626.908906][T32596] ? ioctl_preallocate+0x250/0x250 [ 1626.913986][T32596] ? __fget+0x407/0x490 [ 1626.918112][T32596] ? fget_many+0x20/0x20 [ 1626.922330][T32596] ? debug_smp_processor_id+0x20/0x20 [ 1626.927673][T32596] ? security_file_ioctl+0x7d/0xa0 [ 1626.932757][T32596] __x64_sys_ioctl+0xd4/0x110 [ 1626.937403][T32596] do_syscall_64+0xca/0x1c0 [ 1626.941881][T32596] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1626.955413][T32596] blk-mq: reduced tag depth (128 -> 64) [ 1626.961302][ T22] audit: type=1326 audit(1676296443.769:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32618 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:03 executing program 5: r0 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r0, 0x800, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044000}, 0x44080) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:03 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x3, 0x4, 0xbc}, {0x2, 0x80, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:03 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2801c2, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:03 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) 13:54:03 executing program 2: init_module(0x0, 0x0, &(0x7f0000000280)='\x90\xb2\xcbh\xfbu\xed\xa0\xe7\xaf4P}\x96b\x9d(C]\xd6\xfd\x95g\xfb\vC\xaf\x97\x1f\x97\x06*\xa0\xc5\x1d\xbd=\x1f\xba\xac\xef\xf0<\xdb\x0e\xb3\f\xfd[%O\xeb\x12\xb2\xc6V]>e\xb9@\xcfTS\xfe\x86\xf6\x1d\xb9S\x98\r\x8e~P\xff\xbe\xb6\x9997\x9d\x16\x1a?=\xb6\xf1ogg\b\x1c\xaf\x99\xc2\xaf{\xe1\x16mY%\xe3\xfe\x90\xd6$d~B\x14\x06\x8cb)\xba\'iu\xf3\xd3\xab\x8eBXu\xd6\x81\xfb??G\xa4\xe6G\x1bQ\x0e\xf0>\xc7w\xc5\xa5\x01O\x0eg\x15\x14\xd8h\xc3\xfca\r\x05p\xea\xdebC\xfd\xec\x96^l}\x06\x1dr\b\xba\xd8\xecq#\x90\x1d\xcc\xeeu\xa3x\n\x11z\x80\xaf\xe0\b9<\xde\xb2O\xc8\x16\f\fC\'u\x1d\x82\a~\xf8\x8b\'\vl\xec\xe9\x8f\xb3\xb5\x8d\xd8\x1e\xe1\x88T\x16$\xfb\x18\xac\xa1\xc0\x11Mm\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\vC\xc3\x8eV]\x89\xf0\xbfL(\x89\xb7\xa1\f\xe2TC\xdb\x84\xf8\xcf\x82\x8b!G\x9a2Xux\xc3\xddu\x8c\xa4\xe0<#_\xd9\x8bT\xb8\x14^C\n\xac/n\x9bbT\xa4j\xb9\x88l\xc8\x89\x02\xfd\x88\xe2u\xfd\xb5\xe6\xa3\xda\xa7\xf4\x88\x1a\xbaE2\xa3CU\x03\xd0\x96\xe9\xb5\x10sP\xc2\x14') 13:54:03 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 7) 13:54:03 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = socket$inet_udp(0x2, 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f00000000c0)={0x2020, 0x0, 0x0}, 0x2020) r3 = getuid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000002100)={0x90, 0x0, r2, {0x3, 0x0, 0x7, 0x2, 0x4, 0xc6, {0x5, 0x8, 0xaa8, 0x400000000008, 0x101, 0x80000001, 0x9, 0x3f, 0x3, 0x2000, 0x389bf54a, r3, 0xee00, 0x7f, 0x4}}}, 0x90) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000040)={{0x2, 0x4e23, @loopback}, {0x1, @multicast}, 0x0, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xe}}, 'pimreg0\x00'}) 13:54:03 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:03 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2801c2, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:04 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) r1 = socket$inet_udp(0x2, 0x2, 0x0) (async) read$FUSE(0xffffffffffffffff, &(0x7f00000000c0)={0x2020, 0x0, 0x0}, 0x2020) r3 = getuid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000002100)={0x90, 0x0, r2, {0x3, 0x0, 0x7, 0x2, 0x4, 0xc6, {0x5, 0x8, 0xaa8, 0x400000000008, 0x101, 0x80000001, 0x9, 0x3f, 0x3, 0x2000, 0x389bf54a, r3, 0xee00, 0x7f, 0x4}}}, 0x90) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000040)={{0x2, 0x4e23, @loopback}, {0x1, @multicast}, 0x0, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xe}}, 'pimreg0\x00'}) 13:54:04 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0xc0, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0x0, 0x4) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:04 executing program 5: r0 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r0, 0x800, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044000}, 0x44080) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r0, 0x800, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044000}, 0x44080) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) [ 1627.196876][T32639] Module has invalid ELF structures 13:54:04 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) r1 = socket$inet_udp(0x2, 0x2, 0x0) (async) read$FUSE(0xffffffffffffffff, &(0x7f00000000c0)={0x2020, 0x0, 0x0}, 0x2020) r3 = getuid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000002100)={0x90, 0x0, r2, {0x3, 0x0, 0x7, 0x2, 0x4, 0xc6, {0x5, 0x8, 0xaa8, 0x400000000008, 0x101, 0x80000001, 0x9, 0x3f, 0x3, 0x2000, 0x389bf54a, r3, 0xee00, 0x7f, 0x4}}}, 0x90) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000040)={{0x2, 0x4e23, @loopback}, {0x1, @multicast}, 0x0, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xe}}, 'pimreg0\x00'}) [ 1627.221324][T32637] FAULT_INJECTION: forcing a failure. [ 1627.221324][T32637] name failslab, interval 1, probability 0, space 0, times 0 [ 1627.241883][T32637] CPU: 0 PID: 32637 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1627.250380][T32637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1627.260417][T32637] Call Trace: [ 1627.263693][T32637] dump_stack+0x1d8/0x241 13:54:04 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x3, 0x4, 0xbc}, {0x2, 0x80, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x3, 0x4, 0xbc}, {0x2, 0x80, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) 13:54:04 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) (fail_nth: 1) 13:54:04 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0xc0, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0x0, 0x4) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0xc0, 0x0) (async) setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0x0, 0x4) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) 13:54:04 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x3, 0x4, 0xbc}, {0x2, 0x80, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) getgid() [ 1627.268014][T32637] ? panic+0x73f/0x73f [ 1627.272072][T32637] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1627.277869][T32637] ? pcpu_alloc_area+0x658/0x750 [ 1627.282799][T32637] should_fail+0x71f/0x880 [ 1627.287212][T32637] ? setup_fault_attr+0x3d0/0x3d0 [ 1627.292226][T32637] ? pcpu_alloc+0xb57/0x1050 [ 1627.296818][T32637] ? sbitmap_queue_init_node+0x64b/0xf10 [ 1627.298728][T32666] FAULT_INJECTION: forcing a failure. [ 1627.298728][T32666] name failslab, interval 1, probability 0, space 0, times 0 [ 1627.302437][T32637] should_failslab+0x5/0x20 [ 1627.302448][T32637] kmem_cache_alloc_trace+0x28/0x240 [ 1627.302465][T32637] sbitmap_queue_init_node+0x64b/0xf10 [ 1627.330168][T32637] blk_mq_init_tags+0x156/0x280 [ 1627.335003][T32637] blk_mq_alloc_rq_map+0x95/0x1a0 [ 1627.340012][T32637] __blk_mq_alloc_rq_map+0x70/0x2a0 [ 1627.345186][T32637] ? find_first_bit+0x5b/0xf0 [ 1627.349852][T32637] blk_mq_alloc_rq_maps+0xac/0x410 [ 1627.354949][T32637] blk_mq_alloc_tag_set+0x50e/0x890 [ 1627.360130][T32637] loop_add+0x231/0x740 [ 1627.364272][T32637] ? get_pid_task+0xc3/0xf0 [ 1627.368751][T32637] ? radix_tree_lookup+0x16f/0x1c0 [ 1627.373839][T32637] loop_control_ioctl+0x448/0x620 [ 1627.378866][T32637] ? loop_remove+0xa0/0xa0 [ 1627.383272][T32637] ? memset+0x1f/0x40 [ 1627.387228][T32637] ? fsnotify+0x1280/0x1340 [ 1627.391721][T32637] ? loop_remove+0xa0/0xa0 [ 1627.396119][T32637] do_vfs_ioctl+0x742/0x1720 [ 1627.400695][T32637] ? ioctl_preallocate+0x250/0x250 [ 1627.405786][T32637] ? __fget+0x407/0x490 [ 1627.409919][T32637] ? fget_many+0x20/0x20 [ 1627.414141][T32637] ? debug_smp_processor_id+0x20/0x20 [ 1627.419502][T32637] ? security_file_ioctl+0x7d/0xa0 [ 1627.424598][T32637] __x64_sys_ioctl+0xd4/0x110 [ 1627.429259][T32637] do_syscall_64+0xca/0x1c0 [ 1627.433742][T32637] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1627.439612][T32666] CPU: 1 PID: 32666 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller #0 [ 1627.444224][T32637] blk-mq: reduced tag depth (128 -> 64) [ 1627.448092][T32666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1627.448095][T32666] Call Trace: [ 1627.448108][T32666] dump_stack+0x1d8/0x241 [ 1627.448121][T32666] ? panic+0x73f/0x73f [ 1627.475306][T32666] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1627.481080][T32666] ? avc_has_perm_noaudit+0x2f1/0x3d0 [ 1627.486418][T32666] should_fail+0x71f/0x880 [ 1627.490804][T32666] ? setup_fault_attr+0x3d0/0x3d0 [ 1627.495795][T32666] ? avc_denied+0x1d0/0x1d0 [ 1627.500265][T32666] ? __get_vm_area_node+0x183/0x310 [ 1627.505428][T32666] should_failslab+0x5/0x20 [ 1627.509900][T32666] kmem_cache_alloc_trace+0x28/0x240 [ 1627.515151][T32666] __get_vm_area_node+0x183/0x310 13:54:04 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 8) 13:54:04 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0xc0, 0x0) setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(0xffffffffffffffff, 0x111, 0x5, 0x0, 0x4) (async, rerun: 64) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (rerun: 64) 13:54:04 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) (fail_nth: 2) 13:54:04 executing program 5: r0 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r0, 0x800, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044000}, 0x44080) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:04 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0xb, &(0x7f00000000c0)=[{0x1, 0x20, 0x7b, 0x3}, {0x7, 0xdf, 0x2, 0x2}, {0x0, 0x20, 0x3, 0x3}, {0x8, 0xc, 0x1f, 0x8}, {0x401, 0x7, 0xf3, 0x9}, {0x7, 0x8, 0x81, 0x6}, {0x0, 0x3f, 0x40}, {0x1, 0x5, 0x1, 0x170}, {0x8, 0x7, 0x5, 0x2}, {0x1010, 0x0, 0x85, 0x7e}, {0x20, 0x81, 0x20, 0x2}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:04 executing program 3: io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000001100)=[{&(0x7f0000000040)=""/71, 0x47}, {&(0x7f0000000100)=""/4096, 0x1000}], 0x2) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) [ 1627.520143][T32666] __vmalloc_node_range+0xee/0x710 [ 1627.525218][T32666] ? __se_sys_init_module+0x1ba/0x2b0 [ 1627.530557][T32666] __vmalloc+0x40/0x50 [ 1627.534594][T32666] ? __se_sys_init_module+0x1ba/0x2b0 [ 1627.539932][T32666] __se_sys_init_module+0x1ba/0x2b0 [ 1627.545105][T32666] ? __x64_sys_init_module+0x80/0x80 [ 1627.550369][T32666] ? __ia32_sys_read+0x80/0x80 [ 1627.555102][T32666] ? __do_page_fault+0x725/0xbb0 [ 1627.560006][T32666] do_syscall_64+0xca/0x1c0 [ 1627.564480][T32666] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:04 executing program 3: io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000001100)=[{&(0x7f0000000040)=""/71, 0x47}, {&(0x7f0000000100)=""/4096, 0x1000}], 0x2) (async) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:04 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0xb, &(0x7f00000000c0)=[{0x1, 0x20, 0x7b, 0x3}, {0x7, 0xdf, 0x2, 0x2}, {0x0, 0x20, 0x3, 0x3}, {0x8, 0xc, 0x1f, 0x8}, {0x401, 0x7, 0xf3, 0x9}, {0x7, 0x8, 0x81, 0x6}, {0x0, 0x3f, 0x40}, {0x1, 0x5, 0x1, 0x170}, {0x8, 0x7, 0x5, 0x2}, {0x1010, 0x0, 0x85, 0x7e}, {0x20, 0x81, 0x20, 0x2}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0xb, &(0x7f00000000c0)=[{0x1, 0x20, 0x7b, 0x3}, {0x7, 0xdf, 0x2, 0x2}, {0x0, 0x20, 0x3, 0x3}, {0x8, 0xc, 0x1f, 0x8}, {0x401, 0x7, 0xf3, 0x9}, {0x7, 0x8, 0x81, 0x6}, {0x0, 0x3f, 0x40}, {0x1, 0x5, 0x1, 0x170}, {0x8, 0x7, 0x5, 0x2}, {0x1010, 0x0, 0x85, 0x7e}, {0x20, 0x81, 0x20, 0x2}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) 13:54:04 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) 13:54:04 executing program 3: io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000001100)=[{&(0x7f0000000040)=""/71, 0x47}, {&(0x7f0000000100)=""/4096, 0x1000}], 0x2) (async) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:04 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) 13:54:04 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) (async) [ 1627.595920][T32677] FAULT_INJECTION: forcing a failure. [ 1627.595920][T32677] name failslab, interval 1, probability 0, space 0, times 0 [ 1627.620409][T32677] CPU: 1 PID: 32677 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller #0 [ 1627.628914][T32677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1627.638950][T32677] Call Trace: [ 1627.642233][T32677] dump_stack+0x1d8/0x241 [ 1627.646551][T32677] ? panic+0x73f/0x73f [ 1627.650608][T32677] ? page_counter_uncharge+0x9f/0xc0 [ 1627.655906][T32677] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1627.661695][T32677] should_fail+0x71f/0x880 [ 1627.666109][T32677] ? __kasan_kmalloc+0x199/0x1d0 [ 1627.671037][T32677] ? setup_fault_attr+0x3d0/0x3d0 [ 1627.676056][T32677] ? do_syscall_64+0xca/0x1c0 [ 1627.680727][T32677] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1627.686778][T32677] ? alloc_vmap_area+0x162/0x1ac0 [ 1627.691796][T32677] should_failslab+0x5/0x20 [ 1627.696270][T32677] kmem_cache_alloc+0x24/0x220 [ 1627.701002][T32677] alloc_vmap_area+0x162/0x1ac0 [ 1627.705822][T32677] ? vm_map_ram+0x960/0x960 [ 1627.710292][T32677] ? __get_vm_area_node+0x183/0x310 [ 1627.715457][T32677] __get_vm_area_node+0x1c7/0x310 [ 1627.720447][T32677] __vmalloc_node_range+0xee/0x710 [ 1627.725524][T32677] ? __se_sys_init_module+0x1ba/0x2b0 [ 1627.730862][T32677] __vmalloc+0x40/0x50 [ 1627.734899][T32677] ? __se_sys_init_module+0x1ba/0x2b0 [ 1627.740248][T32677] __se_sys_init_module+0x1ba/0x2b0 [ 1627.745412][T32677] ? __x64_sys_init_module+0x80/0x80 [ 1627.750675][T32677] ? __ia32_sys_read+0x80/0x80 [ 1627.755416][T32677] ? __do_page_fault+0x725/0xbb0 [ 1627.760367][T32677] do_syscall_64+0xca/0x1c0 [ 1627.764848][T32677] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1627.779517][T32699] FAULT_INJECTION: forcing a failure. [ 1627.779517][T32699] name failslab, interval 1, probability 0, space 0, times 0 [ 1627.793500][T32699] CPU: 0 PID: 32699 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1627.801985][T32699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1627.812008][T32699] Call Trace: [ 1627.815267][T32699] dump_stack+0x1d8/0x241 [ 1627.819567][T32699] ? panic+0x73f/0x73f [ 1627.823614][T32699] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1627.829395][T32699] should_fail+0x71f/0x880 [ 1627.833784][T32699] ? setup_fault_attr+0x3d0/0x3d0 [ 1627.838783][T32699] ? sbitmap_queue_init_node+0xaf6/0xf10 [ 1627.844385][T32699] ? blk_mq_alloc_rq_map+0xb5/0x1a0 [ 1627.849551][T32699] should_failslab+0x5/0x20 [ 1627.854023][T32699] __kmalloc+0x51/0x2b0 [ 1627.858147][T32699] blk_mq_alloc_rq_map+0xb5/0x1a0 [ 1627.863140][T32699] __blk_mq_alloc_rq_map+0x70/0x2a0 [ 1627.868308][T32699] ? find_first_bit+0x5b/0xf0 [ 1627.872953][T32699] blk_mq_alloc_rq_maps+0xac/0x410 [ 1627.878051][T32699] blk_mq_alloc_tag_set+0x50e/0x890 [ 1627.883221][T32699] loop_add+0x231/0x740 [ 1627.887366][T32699] ? get_pid_task+0xc3/0xf0 [ 1627.891837][T32699] ? radix_tree_lookup+0x16f/0x1c0 [ 1627.896915][T32699] loop_control_ioctl+0x448/0x620 [ 1627.901904][T32699] ? loop_remove+0xa0/0xa0 [ 1627.906290][T32699] ? memset+0x1f/0x40 [ 1627.910239][T32699] ? fsnotify+0x1280/0x1340 [ 1627.914707][T32699] ? loop_remove+0xa0/0xa0 [ 1627.919091][T32699] do_vfs_ioctl+0x742/0x1720 [ 1627.923651][T32699] ? ioctl_preallocate+0x250/0x250 [ 1627.928729][T32699] ? __fget+0x407/0x490 [ 1627.932852][T32699] ? fget_many+0x20/0x20 [ 1627.937063][T32699] ? debug_smp_processor_id+0x20/0x20 [ 1627.942408][T32699] ? security_file_ioctl+0x7d/0xa0 13:54:04 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 9) 13:54:04 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:04 executing program 5: read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000002040)={0x90, 0x0, r0, {0x2, 0x2, 0x100000001456, 0xfff, 0x9, 0x100, {0x2, 0x4, 0x2, 0x7ff, 0x7, 0x5, 0xbf83, 0x6, 0x9, 0x8000, 0x80, 0xffffffffffffffff, 0x0, 0x8, 0x5}}}, 0x90) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:04 executing program 1: geteuid() r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xa) 13:54:04 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0xb, &(0x7f00000000c0)=[{0x1, 0x20, 0x7b, 0x3}, {0x7, 0xdf, 0x2, 0x2}, {0x0, 0x20, 0x3, 0x3}, {0x8, 0xc, 0x1f, 0x8}, {0x401, 0x7, 0xf3, 0x9}, {0x7, 0x8, 0x81, 0x6}, {0x0, 0x3f, 0x40}, {0x1, 0x5, 0x1, 0x170}, {0x8, 0x7, 0x5, 0x2}, {0x1010, 0x0, 0x85, 0x7e}, {0x20, 0x81, 0x20, 0x2}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() 13:54:04 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) (fail_nth: 3) [ 1627.947485][T32699] __x64_sys_ioctl+0xd4/0x110 [ 1627.952149][T32699] do_syscall_64+0xca/0x1c0 [ 1627.956621][T32699] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1627.963100][T32699] blk-mq: reduced tag depth (128 -> 64) 13:54:04 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000080)={0x8, &(0x7f0000000000)=[{0x821, 0x6c, 0x7f, 0x3}, {0xd6, 0x1, 0x4, 0x4d97}, {0x4, 0x6, 0xf8}, {0x2, 0x8, 0x3}, {0x200, 0xbb, 0x4, 0x7}, {0x200, 0x4, 0x6, 0x8}, {0x3, 0x5, 0x7, 0xff}, {0x9, 0x0, 0x5, 0x6}]}) socket$inet_udplite(0x2, 0x2, 0x88) read$msr(0xffffffffffffffff, &(0x7f00000000c0)=""/240, 0xf0) getgid() 13:54:04 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000080)={0x8, &(0x7f0000000000)=[{0x821, 0x6c, 0x7f, 0x3}, {0xd6, 0x1, 0x4, 0x4d97}, {0x4, 0x6, 0xf8}, {0x2, 0x8, 0x3}, {0x200, 0xbb, 0x4, 0x7}, {0x200, 0x4, 0x6, 0x8}, {0x3, 0x5, 0x7, 0xff}, {0x9, 0x0, 0x5, 0x6}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) read$msr(0xffffffffffffffff, &(0x7f00000000c0)=""/240, 0xf0) (async) getgid() 13:54:04 executing program 5: read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000002040)={0x90, 0x0, r0, {0x2, 0x2, 0x100000001456, 0xfff, 0x9, 0x100, {0x2, 0x4, 0x2, 0x7ff, 0x7, 0x5, 0xbf83, 0x6, 0x9, 0x8000, 0x80, 0xffffffffffffffff, 0x0, 0x8, 0x5}}}, 0x90) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:04 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:04 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) (async) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:04 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000080)={0x8, &(0x7f0000000000)=[{0x821, 0x6c, 0x7f, 0x3}, {0xd6, 0x1, 0x4, 0x4d97}, {0x4, 0x6, 0xf8}, {0x2, 0x8, 0x3}, {0x200, 0xbb, 0x4, 0x7}, {0x200, 0x4, 0x6, 0x8}, {0x3, 0x5, 0x7, 0xff}, {0x9, 0x0, 0x5, 0x6}]}) socket$inet_udplite(0x2, 0x2, 0x88) read$msr(0xffffffffffffffff, &(0x7f00000000c0)=""/240, 0xf0) getgid() [ 1627.991290][T32713] FAULT_INJECTION: forcing a failure. [ 1627.991290][T32713] name failslab, interval 1, probability 0, space 0, times 0 [ 1628.010547][T32713] CPU: 0 PID: 32713 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller #0 [ 1628.019058][T32713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1628.029099][T32713] Call Trace: [ 1628.032379][T32713] dump_stack+0x1d8/0x241 [ 1628.036697][T32713] ? panic+0x73f/0x73f [ 1628.040769][T32713] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1628.046567][T32713] ? alloc_vmap_area+0x19b4/0x1ac0 [ 1628.051659][T32713] should_fail+0x71f/0x880 [ 1628.056049][T32713] ? setup_fault_attr+0x3d0/0x3d0 [ 1628.061082][T32713] ? __get_vm_area_node+0x183/0x310 [ 1628.066264][T32713] ? __vmalloc_node_range+0x2bd/0x710 [ 1628.071605][T32713] should_failslab+0x5/0x20 [ 1628.076077][T32713] __kmalloc+0x51/0x2b0 [ 1628.080225][T32713] __vmalloc_node_range+0x2bd/0x710 [ 1628.085392][T32713] __vmalloc+0x40/0x50 [ 1628.089428][T32713] ? __se_sys_init_module+0x1ba/0x2b0 [ 1628.094770][T32713] __se_sys_init_module+0x1ba/0x2b0 [ 1628.099935][T32713] ? __x64_sys_init_module+0x80/0x80 [ 1628.105191][T32713] ? __ia32_sys_read+0x80/0x80 [ 1628.109921][T32713] ? __do_page_fault+0x725/0xbb0 [ 1628.114827][T32713] do_syscall_64+0xca/0x1c0 [ 1628.119305][T32713] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1628.129091][T32732] FAULT_INJECTION: forcing a failure. [ 1628.129091][T32732] name failslab, interval 1, probability 0, space 0, times 0 [ 1628.141916][T32732] CPU: 0 PID: 32732 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1628.150397][T32732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1628.160430][T32732] Call Trace: [ 1628.163691][T32732] dump_stack+0x1d8/0x241 [ 1628.168005][T32732] ? panic+0x73f/0x73f [ 1628.172093][T32732] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1628.177872][T32732] should_fail+0x71f/0x880 [ 1628.182304][T32732] ? setup_fault_attr+0x3d0/0x3d0 [ 1628.187295][T32732] ? blk_mq_alloc_rq_map+0xeb/0x1a0 [ 1628.192460][T32732] should_failslab+0x5/0x20 [ 1628.196931][T32732] __kmalloc+0x51/0x2b0 [ 1628.201070][T32732] blk_mq_alloc_rq_map+0xeb/0x1a0 [ 1628.206093][T32732] __blk_mq_alloc_rq_map+0x70/0x2a0 [ 1628.211263][T32732] ? find_first_bit+0x5b/0xf0 [ 1628.215907][T32732] blk_mq_alloc_rq_maps+0xac/0x410 [ 1628.220986][T32732] blk_mq_alloc_tag_set+0x50e/0x890 [ 1628.226151][T32732] loop_add+0x231/0x740 [ 1628.230276][T32732] ? get_pid_task+0xc3/0xf0 [ 1628.234780][T32732] ? radix_tree_lookup+0x16f/0x1c0 [ 1628.239865][T32732] loop_control_ioctl+0x448/0x620 [ 1628.244860][T32732] ? loop_remove+0xa0/0xa0 [ 1628.249245][T32732] ? memset+0x1f/0x40 [ 1628.253196][T32732] ? fsnotify+0x1280/0x1340 [ 1628.257667][T32732] ? loop_remove+0xa0/0xa0 [ 1628.262051][T32732] do_vfs_ioctl+0x742/0x1720 [ 1628.266610][T32732] ? ioctl_preallocate+0x250/0x250 [ 1628.271695][T32732] ? __fget+0x407/0x490 [ 1628.275819][T32732] ? fget_many+0x20/0x20 [ 1628.280029][T32732] ? debug_smp_processor_id+0x20/0x20 [ 1628.285366][T32732] ? security_file_ioctl+0x7d/0xa0 13:54:05 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 10) 13:54:05 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) 13:54:05 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = accept$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000080)=0x10) setsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) read$FUSE(r2, &(0x7f00000024c0)={0x2020}, 0x2020) mmap$xdp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4, 0x80010, r2, 0x100000000) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x200200, 0x0) ioctl$PPPIOCGFLAGS(r2, 0x8004745a, &(0x7f0000000140)) io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000100)=r3, 0x1) 13:54:05 executing program 5: read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000002040)={0x90, 0x0, r0, {0x2, 0x2, 0x100000001456, 0xfff, 0x9, 0x100, {0x2, 0x4, 0x2, 0x7ff, 0x7, 0x5, 0xbf83, 0x6, 0x9, 0x8000, 0x80, 0xffffffffffffffff, 0x0, 0x8, 0x5}}}, 0x90) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:05 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) (fail_nth: 4) 13:54:05 executing program 1: geteuid() r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xa) geteuid() (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xa) (async) [ 1628.290464][T32732] __x64_sys_ioctl+0xd4/0x110 [ 1628.295114][T32732] do_syscall_64+0xca/0x1c0 [ 1628.299622][T32732] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1628.306215][T32732] blk-mq: reduced tag depth (128 -> 64) 13:54:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x3, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x1, 0x6, 0xa1, 0x81}, {0x3, 0x12, 0x7, 0x9}]}) [ 1628.331237][ T22] audit: type=1326 audit(1676296445.139:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32733 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1628.336867][T32741] FAULT_INJECTION: forcing a failure. [ 1628.336867][T32741] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1628.368929][T32741] CPU: 1 PID: 32741 Comm: syz-executor.2 Not tainted 5.4.225-syzkaller #0 [ 1628.377412][T32741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1628.387447][T32741] Call Trace: [ 1628.390735][T32741] dump_stack+0x1d8/0x241 [ 1628.395060][T32741] ? panic+0x73f/0x73f [ 1628.399119][T32741] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1628.404924][T32741] ? __kasan_kmalloc+0x199/0x1d0 [ 1628.409847][T32741] should_fail+0x71f/0x880 [ 1628.414244][T32741] ? __vmalloc+0x40/0x50 [ 1628.418475][T32741] ? __se_sys_init_module+0x1ba/0x2b0 [ 1628.423830][T32741] ? setup_fault_attr+0x3d0/0x3d0 [ 1628.428842][T32741] __alloc_pages_nodemask+0x1b4/0x840 [ 1628.434199][T32741] ? gfp_pfmemalloc_allowed+0x120/0x120 13:54:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x3, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x1, 0x6, 0xa1, 0x81}, {0x3, 0x12, 0x7, 0x9}]}) 13:54:05 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = accept$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000080)=0x10) setsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) read$FUSE(r2, &(0x7f00000024c0)={0x2020}, 0x2020) (async) mmap$xdp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4, 0x80010, r2, 0x100000000) (async, rerun: 32) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async, rerun: 32) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x200200, 0x0) ioctl$PPPIOCGFLAGS(r2, 0x8004745a, &(0x7f0000000140)) (async) io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000100)=r3, 0x1) 13:54:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x3, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x1, 0x6, 0xa1, 0x81}, {0x3, 0x12, 0x7, 0x9}]}) [ 1628.439731][T32741] __vmalloc_node_range+0x384/0x710 [ 1628.444914][T32741] __vmalloc+0x40/0x50 [ 1628.448966][T32741] ? __se_sys_init_module+0x1ba/0x2b0 [ 1628.454324][T32741] __se_sys_init_module+0x1ba/0x2b0 [ 1628.459508][T32741] ? __x64_sys_init_module+0x80/0x80 [ 1628.464790][T32741] ? __ia32_sys_read+0x80/0x80 [ 1628.469538][T32741] ? __do_page_fault+0x725/0xbb0 [ 1628.474469][T32741] do_syscall_64+0xca/0x1c0 [ 1628.478960][T32741] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:05 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) (fail_nth: 5) 13:54:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = getpgrp(0x0) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) capget(&(0x7f0000000080)={0x20080522, r0}, &(0x7f00000000c0)={0x8, 0x3, 0x5, 0x100, 0x4, 0x9}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x0, 0x1, 0xff, 0x7ff}, {0x7d, 0x4, 0x6, 0x1}]}) [ 1628.498164][T32746] FAULT_INJECTION: forcing a failure. [ 1628.498164][T32746] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1628.519598][T32767] Module has invalid ELF structures [ 1628.532679][T32746] CPU: 1 PID: 32746 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1628.541170][T32746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1628.551218][T32746] Call Trace: [ 1628.554497][T32746] dump_stack+0x1d8/0x241 [ 1628.558815][T32746] ? panic+0x73f/0x73f [ 1628.562869][T32746] ? stack_trace_save+0x118/0x1c0 [ 1628.567878][T32746] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1628.573669][T32746] ? stack_trace_snprint+0x170/0x170 [ 1628.578943][T32746] should_fail+0x71f/0x880 [ 1628.583346][T32746] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1628.589432][T32746] ? setup_fault_attr+0x3d0/0x3d0 [ 1628.594451][T32746] ? __kasan_kmalloc+0x130/0x1d0 [ 1628.599373][T32746] ? blk_mq_alloc_rq_map+0xeb/0x1a0 [ 1628.604555][T32746] ? blk_mq_alloc_rq_maps+0xac/0x410 [ 1628.609821][T32746] ? blk_mq_alloc_tag_set+0x50e/0x890 [ 1628.615177][T32746] __alloc_pages_nodemask+0x1b4/0x840 [ 1628.620538][T32746] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 1628.626099][T32746] ? find_next_bit+0x7b/0x100 [ 1628.630789][T32746] ? blk_mq_hw_queue_to_node+0xe3/0x100 [ 1628.636319][T32746] blk_mq_alloc_rqs+0x230/0x660 [ 1628.641159][T32746] __blk_mq_alloc_rq_map+0x11e/0x2a0 [ 1628.646458][T32746] blk_mq_alloc_rq_maps+0xac/0x410 [ 1628.651561][T32746] blk_mq_alloc_tag_set+0x50e/0x890 [ 1628.656746][T32746] loop_add+0x231/0x740 [ 1628.660885][T32746] ? get_pid_task+0xc3/0xf0 [ 1628.665387][T32746] ? radix_tree_lookup+0x16f/0x1c0 [ 1628.670482][T32746] loop_control_ioctl+0x448/0x620 [ 1628.675490][T32746] ? loop_remove+0xa0/0xa0 [ 1628.679891][T32746] ? memset+0x1f/0x40 [ 1628.683855][T32746] ? fsnotify+0x1280/0x1340 [ 1628.688341][T32746] ? loop_remove+0xa0/0xa0 [ 1628.692745][T32746] do_vfs_ioctl+0x742/0x1720 13:54:05 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 11) 13:54:05 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = accept$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, &(0x7f0000000080)=0x10) setsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000000)={@multicast2, @local}, 0x8) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) read$FUSE(r2, &(0x7f00000024c0)={0x2020}, 0x2020) mmap$xdp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x4, 0x80010, r2, 0x100000000) (async, rerun: 64) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async, rerun: 64) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x200200, 0x0) ioctl$PPPIOCGFLAGS(r2, 0x8004745a, &(0x7f0000000140)) (async) io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, &(0x7f0000000100)=r3, 0x1) 13:54:05 executing program 1: geteuid() r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xa) geteuid() (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xa) (async) 13:54:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = getpgrp(0x0) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) capget(&(0x7f0000000080)={0x20080522, r0}, &(0x7f00000000c0)={0x8, 0x3, 0x5, 0x100, 0x4, 0x9}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x0, 0x1, 0xff, 0x7ff}, {0x7d, 0x4, 0x6, 0x1}]}) 13:54:05 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:05 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async, rerun: 64) socket$inet_udplite(0x2, 0x2, 0x88) (async, rerun: 64) getgid() (async, rerun: 64) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) (rerun: 64) [ 1628.697324][T32746] ? ioctl_preallocate+0x250/0x250 [ 1628.702426][T32746] ? __fget+0x407/0x490 [ 1628.706571][T32746] ? fget_many+0x20/0x20 [ 1628.710807][T32746] ? debug_smp_processor_id+0x20/0x20 [ 1628.716166][T32746] ? security_file_ioctl+0x7d/0xa0 [ 1628.721264][T32746] __x64_sys_ioctl+0xd4/0x110 [ 1628.725927][T32746] do_syscall_64+0xca/0x1c0 [ 1628.730419][T32746] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = getpgrp(0x0) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) (async) capget(&(0x7f0000000080)={0x20080522, r0}, &(0x7f00000000c0)={0x8, 0x3, 0x5, 0x100, 0x4, 0x9}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x0, 0x1, 0xff, 0x7ff}, {0x7d, 0x4, 0x6, 0x1}]}) 13:54:05 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000000)={@dev={0xac, 0x14, 0x14, 0x29}, @dev={0xac, 0x14, 0x14, 0x30}}, 0x8) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000040)={'broute\x00', 0x0, 0x0, 0x0, [0xfffffffffffffffe, 0x7fffffffffffffff, 0x200, 0x7fffffff, 0x1f, 0xbb]}, &(0x7f00000000c0)=0x78) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000100)={{{@in6, @in=@private}}, {{@in6=@dev}}}, &(0x7f0000000200)=0xe8) r2 = accept4$inet(r1, &(0x7f0000000240)={0x2, 0x0, @local}, &(0x7f0000000280)=0x10, 0x800) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f0000000300)={'broute\x00', 0x0, 0x0, 0x0, [0x8001, 0x1, 0x8, 0x4, 0xffffffff], 0x8, &(0x7f00000002c0)=[{}], 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, 0xf8) 13:54:05 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad)\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1628.785505][ T345] Module has invalid ELF structures 13:54:05 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000000)={@dev={0xac, 0x14, 0x14, 0x29}, @dev={0xac, 0x14, 0x14, 0x30}}, 0x8) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000040)={'broute\x00', 0x0, 0x0, 0x0, [0xfffffffffffffffe, 0x7fffffffffffffff, 0x200, 0x7fffffff, 0x1f, 0xbb]}, &(0x7f00000000c0)=0x78) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000100)={{{@in6, @in=@private}}, {{@in6=@dev}}}, &(0x7f0000000200)=0xe8) r2 = accept4$inet(r1, &(0x7f0000000240)={0x2, 0x0, @local}, &(0x7f0000000280)=0x10, 0x800) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f0000000300)={'broute\x00', 0x0, 0x0, 0x0, [0x8001, 0x1, 0x8, 0x4, 0xffffffff], 0x8, &(0x7f00000002c0)=[{}], 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, 0xf8) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000000)={@dev={0xac, 0x14, 0x14, 0x29}, @dev={0xac, 0x14, 0x14, 0x30}}, 0x8) (async) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000040)={'broute\x00', 0x0, 0x0, 0x0, [0xfffffffffffffffe, 0x7fffffffffffffff, 0x200, 0x7fffffff, 0x1f, 0xbb]}, &(0x7f00000000c0)=0x78) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r1, 0x0, 0x0) (async) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000100)={{{@in6, @in=@private}}, {{@in6=@dev}}}, &(0x7f0000000200)=0xe8) (async) accept4$inet(r1, &(0x7f0000000240)={0x2, 0x0, @local}, &(0x7f0000000280)=0x10, 0x800) (async) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f0000000300)={'broute\x00', 0x0, 0x0, 0x0, [0x8001, 0x1, 0x8, 0x4, 0xffffffff], 0x8, &(0x7f00000002c0)=[{}], 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, 0xf8) (async) 13:54:05 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xadL\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1628.808637][ T348] FAULT_INJECTION: forcing a failure. [ 1628.808637][ T348] name failslab, interval 1, probability 0, space 0, times 0 [ 1628.813285][ T361] Module has invalid ELF structures [ 1628.830108][ T348] CPU: 0 PID: 348 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1628.838426][ T348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1628.848477][ T348] Call Trace: [ 1628.851759][ T348] dump_stack+0x1d8/0x241 [ 1628.856076][ T348] ? panic+0x73f/0x73f [ 1628.860135][ T348] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1628.865930][ T348] ? lo_complete_rq+0x2b0/0x2b0 [ 1628.870767][ T348] ? loop_init_request+0x31/0xa0 [ 1628.875698][ T348] ? blk_mq_alloc_rqs+0x5f5/0x660 [ 1628.880704][ T348] should_fail+0x71f/0x880 [ 1628.885095][ T348] ? setup_fault_attr+0x3d0/0x3d0 [ 1628.890091][ T348] ? __blk_mq_alloc_rq_map+0x236/0x2a0 [ 1628.895525][ T348] ? blk_alloc_queue_node+0x2c/0x580 [ 1628.900783][ T348] should_failslab+0x5/0x20 [ 1628.905256][ T348] kmem_cache_alloc+0x24/0x220 [ 1628.909991][ T348] blk_alloc_queue_node+0x2c/0x580 [ 1628.915076][ T348] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1628.920421][ T348] blk_mq_init_queue+0x34/0xa0 [ 1628.925157][ T348] loop_add+0x25c/0x740 [ 1628.929314][ T348] ? get_pid_task+0xc3/0xf0 [ 1628.933790][ T348] ? radix_tree_lookup+0x16f/0x1c0 [ 1628.938902][ T348] loop_control_ioctl+0x448/0x620 [ 1628.943904][ T348] ? loop_remove+0xa0/0xa0 [ 1628.948330][ T348] ? memset+0x1f/0x40 [ 1628.952284][ T348] ? fsnotify+0x1280/0x1340 13:54:05 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0xf6b4, 0x7f, 0x40}, {0x8, 0x9, 0x7d, 0x3f}, {0xff, 0x80, 0x1, 0x450b0}, {0x7, 0x44, 0x93, 0x7f}, {0x5b8, 0x1, 0x12, 0x2}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x5, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x14, 0x8, 0x1, 0x1}, {0x3, 0x4c, 0x48, 0x18c}, {0x7f, 0x27, 0x3f, 0x3ff}, {0x9, 0x1, 0x6, 0x2}, {0x5, 0xe4, 0x8, 0x28000000}, {0x5bf6, 0x6, 0x80, 0x3}]}) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00'}) [ 1628.956759][ T348] ? loop_remove+0xa0/0xa0 [ 1628.961149][ T348] do_vfs_ioctl+0x742/0x1720 [ 1628.965713][ T348] ? ioctl_preallocate+0x250/0x250 [ 1628.970821][ T348] ? __fget+0x407/0x490 [ 1628.974982][ T348] ? fget_many+0x20/0x20 [ 1628.979196][ T348] ? debug_smp_processor_id+0x20/0x20 [ 1628.984539][ T348] ? security_file_ioctl+0x7d/0xa0 [ 1628.989623][ T348] __x64_sys_ioctl+0xd4/0x110 [ 1628.994270][ T348] do_syscall_64+0xca/0x1c0 [ 1628.998744][ T348] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:05 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 12) 13:54:05 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x02\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1629.011510][ T368] Module has invalid ELF structures [ 1629.017568][ T22] audit: type=1326 audit(1676296445.829:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=369 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1629.038212][ T386] FAULT_INJECTION: forcing a failure. [ 1629.038212][ T386] name failslab, interval 1, probability 0, space 0, times 0 [ 1629.047717][ T387] Module has invalid ELF structures 13:54:05 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1) 13:54:05 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000000)={@dev={0xac, 0x14, 0x14, 0x29}, @dev={0xac, 0x14, 0x14, 0x30}}, 0x8) (async, rerun: 64) getsockopt$EBT_SO_GET_INIT_INFO(0xffffffffffffffff, 0x0, 0x82, &(0x7f0000000040)={'broute\x00', 0x0, 0x0, 0x0, [0xfffffffffffffffe, 0x7fffffffffffffff, 0x200, 0x7fffffff, 0x1f, 0xbb]}, &(0x7f00000000c0)=0x78) (rerun: 64) r1 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r1, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000100)={{{@in6, @in=@private}}, {{@in6=@dev}}}, &(0x7f0000000200)=0xe8) (async) r2 = accept4$inet(r1, &(0x7f0000000240)={0x2, 0x0, @local}, &(0x7f0000000280)=0x10, 0x800) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f0000000300)={'broute\x00', 0x0, 0x0, 0x0, [0x8001, 0x1, 0x8, 0x4, 0xffffffff], 0x8, &(0x7f00000002c0)=[{}], 0x0, [{}, {}, {}, {}, {}, {}, {}, {}]}, 0xf8) 13:54:05 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x03\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1629.066822][ T386] CPU: 0 PID: 386 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1629.075139][ T386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1629.085179][ T386] Call Trace: [ 1629.088462][ T386] dump_stack+0x1d8/0x241 [ 1629.092785][ T386] ? panic+0x73f/0x73f [ 1629.096845][ T386] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1629.102675][ T386] should_fail+0x71f/0x880 [ 1629.107079][ T386] ? setup_fault_attr+0x3d0/0x3d0 [ 1629.112091][ T386] ? ida_alloc_range+0x98f/0xa60 [ 1629.117014][ T386] ? mempool_init_node+0x133/0x4e0 [ 1629.122146][ T386] should_failslab+0x5/0x20 [ 1629.126634][ T386] __kmalloc+0x51/0x2b0 [ 1629.130830][ T386] mempool_init_node+0x133/0x4e0 [ 1629.135755][ T386] ? mutex_lock+0xa5/0x110 [ 1629.140159][ T386] ? mempool_free+0x380/0x380 [ 1629.144818][ T386] ? mempool_alloc_slab+0x20/0x20 [ 1629.149824][ T386] mempool_init+0x35/0x50 [ 1629.154143][ T386] bioset_init+0x432/0x600 [ 1629.158551][ T386] blk_alloc_queue_node+0xc5/0x580 [ 1629.163647][ T386] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1629.169010][ T386] blk_mq_init_queue+0x34/0xa0 [ 1629.173762][ T386] loop_add+0x25c/0x740 [ 1629.177907][ T386] ? get_pid_task+0xc3/0xf0 [ 1629.182395][ T386] ? radix_tree_lookup+0x16f/0x1c0 [ 1629.187494][ T386] loop_control_ioctl+0x448/0x620 [ 1629.192509][ T386] ? loop_remove+0xa0/0xa0 [ 1629.196914][ T386] ? memset+0x1f/0x40 [ 1629.200880][ T386] ? fsnotify+0x1280/0x1340 [ 1629.205367][ T386] ? loop_remove+0xa0/0xa0 [ 1629.209770][ T386] do_vfs_ioctl+0x742/0x1720 [ 1629.214348][ T386] ? ioctl_preallocate+0x250/0x250 [ 1629.219456][ T386] ? __fget+0x407/0x490 [ 1629.223598][ T386] ? fget_many+0x20/0x20 [ 1629.227828][ T386] ? debug_smp_processor_id+0x20/0x20 [ 1629.233184][ T386] ? security_file_ioctl+0x7d/0xa0 [ 1629.238280][ T386] __x64_sys_ioctl+0xd4/0x110 [ 1629.242943][ T386] do_syscall_64+0xca/0x1c0 [ 1629.247441][ T386] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1629.255891][ T395] Module has invalid ELF structures 13:54:06 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async, rerun: 64) getgid() (async, rerun: 64) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) 13:54:06 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0xf6b4, 0x7f, 0x40}, {0x8, 0x9, 0x7d, 0x3f}, {0xff, 0x80, 0x1, 0x450b0}, {0x7, 0x44, 0x93, 0x7f}, {0x5b8, 0x1, 0x12, 0x2}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x5, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x14, 0x8, 0x1, 0x1}, {0x3, 0x4c, 0x48, 0x18c}, {0x7f, 0x27, 0x3f, 0x3ff}, {0x9, 0x1, 0x6, 0x2}, {0x5, 0xe4, 0x8, 0x28000000}, {0x5bf6, 0x6, 0x80, 0x3}]}) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00'}) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0xf6b4, 0x7f, 0x40}, {0x8, 0x9, 0x7d, 0x3f}, {0xff, 0x80, 0x1, 0x450b0}, {0x7, 0x44, 0x93, 0x7f}, {0x5b8, 0x1, 0x12, 0x2}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x5, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x14, 0x8, 0x1, 0x1}, {0x3, 0x4c, 0x48, 0x18c}, {0x7f, 0x27, 0x3f, 0x3ff}, {0x9, 0x1, 0x6, 0x2}, {0x5, 0xe4, 0x8, 0x28000000}, {0x5bf6, 0x6, 0x80, 0x3}]}) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00'}) (async) 13:54:06 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = io_uring_setup(0xa00, &(0x7f0000000040)={0x0, 0x5100, 0x800, 0x1, 0xaf, 0x0, r0}) r2 = socket$inet(0x2, 0x5, 0xe41) ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000002480)={0x0, {0x2, 0x4e20, @empty}, {0x2, 0x4e22, @remote}, {0x2, 0x4e24, @multicast2}, 0x0, 0x0, 0x0, 0x0, 0xc1fd, &(0x7f0000002440)='wg2\x00', 0x6, 0x6, 0xff}) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000002300)={0xfffff5c3, 0x0, &(0x7f0000002240)=[{&(0x7f00000000c0)=""/8, 0x8}, {&(0x7f0000000100)=""/68, 0x44}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000002180)=""/168, 0xa8}], &(0x7f00000022c0)=[0x8, 0xde, 0x7, 0x80, 0x6], 0x5}, 0x20) r3 = syz_io_uring_setup(0x2777, &(0x7f0000002340)={0x0, 0x7e72, 0x800, 0x1, 0x146, 0x0, r1}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000023c0), &(0x7f0000002400)) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r4) 13:54:06 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)) (async, rerun: 64) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (rerun: 64) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1) 13:54:06 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x04\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:06 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 13) 13:54:06 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = io_uring_setup(0xa00, &(0x7f0000000040)={0x0, 0x5100, 0x800, 0x1, 0xaf, 0x0, r0}) r2 = socket$inet(0x2, 0x5, 0xe41) ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000002480)={0x0, {0x2, 0x4e20, @empty}, {0x2, 0x4e22, @remote}, {0x2, 0x4e24, @multicast2}, 0x0, 0x0, 0x0, 0x0, 0xc1fd, &(0x7f0000002440)='wg2\x00', 0x6, 0x6, 0xff}) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000002300)={0xfffff5c3, 0x0, &(0x7f0000002240)=[{&(0x7f00000000c0)=""/8, 0x8}, {&(0x7f0000000100)=""/68, 0x44}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000002180)=""/168, 0xa8}], &(0x7f00000022c0)=[0x8, 0xde, 0x7, 0x80, 0x6], 0x5}, 0x20) r3 = syz_io_uring_setup(0x2777, &(0x7f0000002340)={0x0, 0x7e72, 0x800, 0x1, 0x146, 0x0, r1}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000023c0), &(0x7f0000002400)) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r4) socket$igmp(0x2, 0x3, 0x2) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) io_uring_setup(0xa00, &(0x7f0000000040)={0x0, 0x5100, 0x800, 0x1, 0xaf, 0x0, r0}) (async) socket$inet(0x2, 0x5, 0xe41) (async) ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000002480)={0x0, {0x2, 0x4e20, @empty}, {0x2, 0x4e22, @remote}, {0x2, 0x4e24, @multicast2}, 0x0, 0x0, 0x0, 0x0, 0xc1fd, &(0x7f0000002440)='wg2\x00', 0x6, 0x6, 0xff}) (async) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000002300)={0xfffff5c3, 0x0, &(0x7f0000002240)=[{&(0x7f00000000c0)=""/8, 0x8}, {&(0x7f0000000100)=""/68, 0x44}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000002180)=""/168, 0xa8}], &(0x7f00000022c0)=[0x8, 0xde, 0x7, 0x80, 0x6], 0x5}, 0x20) (async) syz_io_uring_setup(0x2777, &(0x7f0000002340)={0x0, 0x7e72, 0x800, 0x1, 0x146, 0x0, r1}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000023c0), &(0x7f0000002400)) (async) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) (async) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) (async) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r4) (async) 13:54:06 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x05\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1629.392007][ T404] FAULT_INJECTION: forcing a failure. [ 1629.392007][ T404] name failslab, interval 1, probability 0, space 0, times 0 [ 1629.406248][ T408] Module has invalid ELF structures [ 1629.406366][ T404] CPU: 1 PID: 404 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1629.419740][ T404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1629.429778][ T404] Call Trace: [ 1629.433056][ T404] dump_stack+0x1d8/0x241 [ 1629.437374][ T404] ? panic+0x73f/0x73f 13:54:06 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x06\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1629.439836][ T414] Module has invalid ELF structures [ 1629.441428][ T404] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1629.441439][ T404] should_fail+0x71f/0x880 [ 1629.441453][ T404] ? setup_fault_attr+0x3d0/0x3d0 [ 1629.461793][ T404] ? mempool_init_node+0x1ec/0x4e0 [ 1629.466893][ T404] should_failslab+0x5/0x20 [ 1629.471388][ T404] kmem_cache_alloc+0x24/0x220 [ 1629.471500][ T416] Module has invalid ELF structures [ 1629.476134][ T404] ? mempool_free+0x380/0x380 [ 1629.476142][ T404] mempool_init_node+0x1ec/0x4e0 13:54:06 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\a\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:06 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\b\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1629.476156][ T404] ? mempool_free+0x380/0x380 [ 1629.495572][ T404] ? mempool_alloc_slab+0x20/0x20 [ 1629.500583][ T404] mempool_init+0x35/0x50 [ 1629.504911][ T404] bioset_init+0x432/0x600 [ 1629.509320][ T404] blk_alloc_queue_node+0xc5/0x580 [ 1629.512299][ T418] Module has invalid ELF structures [ 1629.514421][ T404] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1629.514437][ T404] blk_mq_init_queue+0x34/0xa0 [ 1629.529690][ T404] loop_add+0x25c/0x740 [ 1629.533835][ T404] ? get_pid_task+0xc3/0xf0 [ 1629.538324][ T404] ? radix_tree_lookup+0x16f/0x1c0 [ 1629.543421][ T404] loop_control_ioctl+0x448/0x620 [ 1629.548419][ T404] ? loop_remove+0xa0/0xa0 [ 1629.552833][ T404] ? memset+0x1f/0x40 [ 1629.556787][ T404] ? fsnotify+0x1280/0x1340 [ 1629.561259][ T404] ? loop_remove+0xa0/0xa0 [ 1629.565656][ T404] do_vfs_ioctl+0x742/0x1720 [ 1629.570229][ T404] ? ioctl_preallocate+0x250/0x250 [ 1629.575310][ T404] ? __fget+0x407/0x490 [ 1629.579437][ T404] ? fget_many+0x20/0x20 [ 1629.583650][ T404] ? debug_smp_processor_id+0x20/0x20 13:54:06 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{0xf6b4, 0x7f, 0x40}, {0x8, 0x9, 0x7d, 0x3f}, {0xff, 0x80, 0x1, 0x450b0}, {0x7, 0x44, 0x93, 0x7f}, {0x5b8, 0x1, 0x12, 0x2}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x5, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0x14, 0x8, 0x1, 0x1}, {0x3, 0x4c, 0x48, 0x18c}, {0x7f, 0x27, 0x3f, 0x3ff}, {0x9, 0x1, 0x6, 0x2}, {0x5, 0xe4, 0x8, 0x28000000}, {0x5bf6, 0x6, 0x80, 0x3}]}) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00'}) [ 1629.588993][ T404] ? security_file_ioctl+0x7d/0xa0 [ 1629.594073][ T404] __x64_sys_ioctl+0xd4/0x110 [ 1629.598722][ T404] do_syscall_64+0xca/0x1c0 [ 1629.603197][ T404] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1629.617003][ T425] Module has invalid ELF structures [ 1629.622507][ T22] audit: type=1326 audit(1676296446.429:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=419 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:06 executing program 0: brk(0x6) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) ioctl$PPPIOCGMRU(r0, 0x80047453, &(0x7f0000000180)) r1 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_int(r1, 0x0, 0xc, &(0x7f0000000100), &(0x7f0000000140)=0x4) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0xc1f6, 0x8, 0x7, 0x80}, {0x2, 0x80, 0x3f, 0x4}, {0x0, 0x85, 0x9}]}) getgid() 13:54:06 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 14) 13:54:06 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\t\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:06 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = io_uring_setup(0xa00, &(0x7f0000000040)={0x0, 0x5100, 0x800, 0x1, 0xaf, 0x0, r0}) (async) r2 = socket$inet(0x2, 0x5, 0xe41) ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000002480)={0x0, {0x2, 0x4e20, @empty}, {0x2, 0x4e22, @remote}, {0x2, 0x4e24, @multicast2}, 0x0, 0x0, 0x0, 0x0, 0xc1fd, &(0x7f0000002440)='wg2\x00', 0x6, 0x6, 0xff}) (async) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000002300)={0xfffff5c3, 0x0, &(0x7f0000002240)=[{&(0x7f00000000c0)=""/8, 0x8}, {&(0x7f0000000100)=""/68, 0x44}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000002180)=""/168, 0xa8}], &(0x7f00000022c0)=[0x8, 0xde, 0x7, 0x80, 0x6], 0x5}, 0x20) (async) r3 = syz_io_uring_setup(0x2777, &(0x7f0000002340)={0x0, 0x7e72, 0x800, 0x1, 0x146, 0x0, r1}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000023c0), &(0x7f0000002400)) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) (async) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r4) 13:54:06 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)) (async) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f00000000c0)=0x1) (async) 13:54:06 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x4c, 0x0, 0x4, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r0}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xa4, 0x0, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x80, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x4}, @NL802154_KEY_ATTR_ID={0x30, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x5}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x7}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "0244ae5ee4ef57a7b369dc146c3717052b7e1860976beffcf7b394b653426133"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x9}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x1}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0xa4}, 0x1, 0x0, 0x0, 0x84000}, 0x91) 13:54:06 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = syz_io_uring_setup(0x4038, &(0x7f0000000040)={0x0, 0x8c63, 0x200, 0x1, 0x139}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000140)=[r2], 0x1) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000180)={{0x2, 0x4e23, @empty}, {0x1}, 0x3a, {0x2, 0x4e22, @private=0xa010101}, 'veth1_to_batadv\x00'}) [ 1629.867796][ T454] FAULT_INJECTION: forcing a failure. [ 1629.867796][ T454] name failslab, interval 1, probability 0, space 0, times 0 [ 1629.868520][ T445] Module has invalid ELF structures [ 1629.883282][ T454] CPU: 1 PID: 454 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1629.893890][ T454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1629.903928][ T454] Call Trace: [ 1629.907209][ T454] dump_stack+0x1d8/0x241 [ 1629.911523][ T454] ? panic+0x73f/0x73f 13:54:06 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) r2 = syz_io_uring_setup(0x4038, &(0x7f0000000040)={0x0, 0x8c63, 0x200, 0x1, 0x139}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000140)=[r2], 0x1) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000180)={{0x2, 0x4e23, @empty}, {0x1}, 0x3a, {0x2, 0x4e22, @private=0xa010101}, 'veth1_to_batadv\x00'}) 13:54:06 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\n\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1629.915580][ T454] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1629.921377][ T454] should_fail+0x71f/0x880 [ 1629.925778][ T454] ? setup_fault_attr+0x3d0/0x3d0 [ 1629.930784][ T454] ? mempool_init_node+0x1ec/0x4e0 [ 1629.935879][ T454] should_failslab+0x5/0x20 [ 1629.940366][ T454] kmem_cache_alloc+0x24/0x220 [ 1629.945119][ T454] ? mempool_free+0x380/0x380 [ 1629.949786][ T454] mempool_init_node+0x1ec/0x4e0 [ 1629.954710][ T454] ? mempool_free+0x380/0x380 [ 1629.959376][ T454] ? mempool_alloc_slab+0x20/0x20 13:54:06 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\v\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:06 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\f\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:06 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = syz_io_uring_setup(0x4038, &(0x7f0000000040)={0x0, 0x8c63, 0x200, 0x1, 0x139}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000140)=[r2], 0x1) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000180)={{0x2, 0x4e23, @empty}, {0x1}, 0x3a, {0x2, 0x4e22, @private=0xa010101}, 'veth1_to_batadv\x00'}) socket$igmp(0x2, 0x3, 0x2) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) syz_io_uring_setup(0x4038, &(0x7f0000000040)={0x0, 0x8c63, 0x200, 0x1, 0x139}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (async) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000140)=[r2], 0x1) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000180)={{0x2, 0x4e23, @empty}, {0x1}, 0x3a, {0x2, 0x4e22, @private=0xa010101}, 'veth1_to_batadv\x00'}) (async) [ 1629.960379][ T461] Module has invalid ELF structures [ 1629.964385][ T454] mempool_init+0x35/0x50 [ 1629.964395][ T454] bioset_init+0x432/0x600 [ 1629.964411][ T454] blk_alloc_queue_node+0xc5/0x580 [ 1629.980545][ T463] Module has invalid ELF structures [ 1629.983361][ T454] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1629.983371][ T454] blk_mq_init_queue+0x34/0xa0 [ 1629.983385][ T454] loop_add+0x25c/0x740 [ 1630.002767][ T454] ? get_pid_task+0xc3/0xf0 [ 1630.005864][ T468] Module has invalid ELF structures [ 1630.007255][ T454] ? radix_tree_lookup+0x16f/0x1c0 [ 1630.007267][ T454] loop_control_ioctl+0x448/0x620 [ 1630.007280][ T454] ? loop_remove+0xa0/0xa0 [ 1630.026922][ T454] ? memset+0x1f/0x40 [ 1630.030885][ T454] ? fsnotify+0x1280/0x1340 [ 1630.035361][ T454] ? loop_remove+0xa0/0xa0 [ 1630.039756][ T454] do_vfs_ioctl+0x742/0x1720 [ 1630.044317][ T454] ? ioctl_preallocate+0x250/0x250 [ 1630.049405][ T454] ? __fget+0x407/0x490 [ 1630.053533][ T454] ? fget_many+0x20/0x20 [ 1630.057761][ T454] ? debug_smp_processor_id+0x20/0x20 [ 1630.063102][ T454] ? security_file_ioctl+0x7d/0xa0 [ 1630.068178][ T454] __x64_sys_ioctl+0xd4/0x110 [ 1630.072822][ T454] do_syscall_64+0xca/0x1c0 [ 1630.077333][ T454] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1630.111422][ T22] audit: type=1326 audit(1676296446.919:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=476 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:07 executing program 0: brk(0x6) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) ioctl$PPPIOCGMRU(r0, 0x80047453, &(0x7f0000000180)) r1 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_int(r1, 0x0, 0xc, &(0x7f0000000100), &(0x7f0000000140)=0x4) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0xc1f6, 0x8, 0x7, 0x80}, {0x2, 0x80, 0x3f, 0x4}, {0x0, 0x85, 0x9}]}) (async) getgid() 13:54:07 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\r\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:07 executing program 3: sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002abd7000fbdbdf2503000000880001000200000008000200020000000800020002000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000000), &(0x7f00000002c0)=0x30) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000280)={@multicast1, @loopback}, 0x8) r2 = socket(0x1, 0x2, 0x80) setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f0000000140)={{0x11, @local, 0x4e23, 0x4, 'none\x00', 0x21, 0x8, 0x20}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e22, 0x2003, 0x7fffffff, 0x200, 0x80000}}, 0x44) write$FUSE_GETXATTR(0xffffffffffffffff, &(0x7f0000000240)={0x18, 0x0, 0x0, {0x8}}, 0x18) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000001c0)={{0x2, @multicast1, 0x4e20, 0x0, 'wrr\x00', 0x4, 0x3, 0x3d}, {@multicast2, 0x4e21, 0x3, 0x8, 0x1000, 0x4}}, 0x44) 13:54:07 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x4c, 0x0, 0x4, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r0}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) (async) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xa4, 0x0, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x80, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x4}, @NL802154_KEY_ATTR_ID={0x30, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x5}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x7}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "0244ae5ee4ef57a7b369dc146c3717052b7e1860976beffcf7b394b653426133"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x9}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x1}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0xa4}, 0x1, 0x0, 0x0, 0x84000}, 0x91) 13:54:07 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f00000001c0)={0xc74, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)=""/57, 0x39}, {&(0x7f0000000080)=""/185, 0xb9}], &(0x7f0000000180)=[0xfffffffffffffc87, 0x1], 0x2}, 0x20) 13:54:07 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 15) 13:54:07 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x0e\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:07 executing program 3: sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002abd7000fbdbdf2503000000880001000200000008000200020000000800020002000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000000), &(0x7f00000002c0)=0x30) (async) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000280)={@multicast1, @loopback}, 0x8) (async) r2 = socket(0x1, 0x2, 0x80) setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f0000000140)={{0x11, @local, 0x4e23, 0x4, 'none\x00', 0x21, 0x8, 0x20}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e22, 0x2003, 0x7fffffff, 0x200, 0x80000}}, 0x44) write$FUSE_GETXATTR(0xffffffffffffffff, &(0x7f0000000240)={0x18, 0x0, 0x0, {0x8}}, 0x18) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000001c0)={{0x2, @multicast1, 0x4e20, 0x0, 'wrr\x00', 0x4, 0x3, 0x3d}, {@multicast2, 0x4e21, 0x3, 0x8, 0x1000, 0x4}}, 0x44) 13:54:07 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f00000001c0)={0xc74, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)=""/57, 0x39}, {&(0x7f0000000080)=""/185, 0xb9}], &(0x7f0000000180)=[0xfffffffffffffc87, 0x1], 0x2}, 0x20) [ 1630.336505][ T481] Module has invalid ELF structures [ 1630.345538][ T483] FAULT_INJECTION: forcing a failure. [ 1630.345538][ T483] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1630.365372][ T483] CPU: 1 PID: 483 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1630.373689][ T483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 13:54:07 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x10\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1630.383727][ T483] Call Trace: [ 1630.387013][ T483] dump_stack+0x1d8/0x241 [ 1630.389738][ T493] Module has invalid ELF structures [ 1630.391369][ T483] ? panic+0x73f/0x73f [ 1630.391379][ T483] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1630.391395][ T483] ? stack_trace_save+0x1c0/0x1c0 [ 1630.411390][ T483] ? arch_stack_walk+0x111/0x140 [ 1630.416318][ T483] should_fail+0x71f/0x880 [ 1630.420725][ T483] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1630.421400][ T495] Module has invalid ELF structures [ 1630.426775][ T483] ? setup_fault_attr+0x3d0/0x3d0 13:54:07 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x11\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:07 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x12\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1630.426784][ T483] ? stack_trace_save+0x118/0x1c0 [ 1630.426798][ T483] ? stack_trace_snprint+0x170/0x170 [ 1630.447225][ T483] __alloc_pages_nodemask+0x1b4/0x840 [ 1630.452585][ T483] ? __kasan_kmalloc+0x199/0x1d0 [ 1630.457511][ T483] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 1630.459189][ T497] Module has invalid ELF structures [ 1630.463040][ T483] ? kmem_cache_alloc+0xd0/0x220 [ 1630.463051][ T483] ? loop_add+0x25c/0x740 [ 1630.463064][ T483] ? loop_control_ioctl+0x448/0x620 [ 1630.481890][ T502] Module has invalid ELF structures [ 1630.482617][ T483] ? do_vfs_ioctl+0x742/0x1720 [ 1630.482632][ T483] ? __x64_sys_ioctl+0xd4/0x110 [ 1630.497370][ T483] ? do_syscall_64+0xca/0x1c0 [ 1630.502037][ T483] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1630.508101][ T483] alloc_slab_page+0x39/0x3c0 [ 1630.512767][ T483] new_slab+0x97/0x440 [ 1630.516821][ T483] ___slab_alloc+0x2fe/0x490 [ 1630.521382][ T483] ? setup_fault_attr+0x3d0/0x3d0 [ 1630.526373][ T483] ? mempool_init_node+0x1ec/0x4e0 [ 1630.531449][ T483] ? mempool_init_node+0x1ec/0x4e0 [ 1630.536526][ T483] __slab_alloc+0x5a/0x90 [ 1630.540822][ T483] ? mempool_init_node+0x1ec/0x4e0 [ 1630.545899][ T483] kmem_cache_alloc+0x100/0x220 [ 1630.550728][ T483] ? mempool_free+0x380/0x380 [ 1630.555370][ T483] mempool_init_node+0x1ec/0x4e0 [ 1630.560274][ T483] ? mempool_free+0x380/0x380 [ 1630.564918][ T483] ? mempool_alloc_slab+0x20/0x20 [ 1630.569908][ T483] mempool_init+0x35/0x50 [ 1630.574207][ T483] bioset_init+0x432/0x600 [ 1630.578590][ T483] blk_alloc_queue_node+0xc5/0x580 [ 1630.583669][ T483] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1630.589008][ T483] blk_mq_init_queue+0x34/0xa0 [ 1630.593741][ T483] loop_add+0x25c/0x740 [ 1630.597874][ T483] ? get_pid_task+0xc3/0xf0 [ 1630.602356][ T483] ? radix_tree_lookup+0x16f/0x1c0 [ 1630.607432][ T483] loop_control_ioctl+0x448/0x620 [ 1630.612425][ T483] ? loop_remove+0xa0/0xa0 [ 1630.616845][ T483] ? memset+0x1f/0x40 [ 1630.620802][ T483] ? fsnotify+0x1280/0x1340 [ 1630.625273][ T483] ? loop_remove+0xa0/0xa0 [ 1630.629658][ T483] do_vfs_ioctl+0x742/0x1720 [ 1630.634218][ T483] ? ioctl_preallocate+0x250/0x250 [ 1630.639297][ T483] ? __fget+0x407/0x490 [ 1630.643418][ T483] ? fget_many+0x20/0x20 [ 1630.647629][ T483] ? debug_smp_processor_id+0x20/0x20 [ 1630.652967][ T483] ? security_file_ioctl+0x7d/0xa0 [ 1630.658043][ T483] __x64_sys_ioctl+0xd4/0x110 [ 1630.662685][ T483] do_syscall_64+0xca/0x1c0 [ 1630.667163][ T483] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1630.705733][ T22] audit: type=1326 audit(1676296447.509:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=506 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:07 executing program 0: brk(0x6) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) ioctl$PPPIOCGMRU(r0, 0x80047453, &(0x7f0000000180)) r1 = socket$igmp(0x2, 0x3, 0x2) getsockopt$inet_int(r1, 0x0, 0xc, &(0x7f0000000100), &(0x7f0000000140)=0x4) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f0000000040)=[{0xc1f6, 0x8, 0x7, 0x80}, {0x2, 0x80, 0x3f, 0x4}, {0x0, 0x85, 0x9}]}) (async) getgid() 13:54:07 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00', 0x0}) sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x4c, 0x0, 0x4, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r0}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xa4, 0x0, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x80, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x4}, @NL802154_KEY_ATTR_ID={0x30, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x5}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x7}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "0244ae5ee4ef57a7b369dc146c3717052b7e1860976beffcf7b394b653426133"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x9}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x1}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0xa4}, 0x1, 0x0, 0x0, 0x84000}, 0x91) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wpan4\x00'}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan3\x00'}) (async) sendmsg$IEEE802154_LLSEC_DEL_DEV(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x4c, 0x0, 0x4, 0x70bd27, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r0}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0002}}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0202}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) (async) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xa4, 0x0, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x80, 0x25, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x4}, @NL802154_KEY_ATTR_ID={0x30, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x24, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6, 0x1, 0xffff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0202}}]}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x1}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x5}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x7}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "0244ae5ee4ef57a7b369dc146c3717052b7e1860976beffcf7b394b653426133"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x9}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x1}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}]}, 0xa4}, 0x1, 0x0, 0x0, 0x84000}, 0x91) (async) 13:54:07 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f00000001c0)={0xc74, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)=""/57, 0x39}, {&(0x7f0000000080)=""/185, 0xb9}], &(0x7f0000000180)=[0xfffffffffffffc87, 0x1], 0x2}, 0x20) 13:54:07 executing program 3: sendmsg$NLBL_CALIPSO_C_LIST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002abd7000fbdbdf2503000000880001000200000008000200020000000800020002000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4000000) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000000), &(0x7f00000002c0)=0x30) r1 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000280)={@multicast1, @loopback}, 0x8) (async) r2 = socket(0x1, 0x2, 0x80) setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f0000000140)={{0x11, @local, 0x4e23, 0x4, 'none\x00', 0x21, 0x8, 0x20}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e22, 0x2003, 0x7fffffff, 0x200, 0x80000}}, 0x44) (async) write$FUSE_GETXATTR(0xffffffffffffffff, &(0x7f0000000240)={0x18, 0x0, 0x0, {0x8}}, 0x18) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000001c0)={{0x2, @multicast1, 0x4e20, 0x0, 'wrr\x00', 0x4, 0x3, 0x3d}, {@multicast2, 0x4e21, 0x3, 0x8, 0x1000, 0x4}}, 0x44) 13:54:07 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 16) 13:54:07 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18%\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:07 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg0\x00'}) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f0000000040)={0x3, {{0x2, 0x4e22, @local}}}, 0x88) 13:54:07 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) setsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f0000000240)={@multicast2, @local, r3}, 0xc) sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c3871554a740b20", @ANYRES16=r1, @ANYBLOB="000225bd7000ffdbdf250200000014000700fe8000000000000000000000000000aa08000b00", @ANYRES32=r3, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x80) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r5) ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) 13:54:07 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18H\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:07 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) ioctl$HIDIOCGRDESCSIZE(r0, 0x80044801, &(0x7f0000000000)) [ 1630.912547][ T522] Module has invalid ELF structures [ 1630.959323][ T518] FAULT_INJECTION: forcing a failure. [ 1630.959323][ T518] name failslab, interval 1, probability 0, space 0, times 0 [ 1630.967637][ T534] Module has invalid ELF structures [ 1630.972704][ T518] CPU: 0 PID: 518 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1630.985424][ T518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1630.995462][ T518] Call Trace: [ 1630.999073][ T518] dump_stack+0x1d8/0x241 [ 1631.003374][ T518] ? panic+0x73f/0x73f [ 1631.007414][ T518] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1631.013192][ T518] should_fail+0x71f/0x880 [ 1631.017579][ T518] ? setup_fault_attr+0x3d0/0x3d0 [ 1631.022576][ T518] ? mempool_init_node+0x1ec/0x4e0 [ 1631.027656][ T518] should_failslab+0x5/0x20 [ 1631.032127][ T518] kmem_cache_alloc+0x24/0x220 [ 1631.036861][ T518] ? mempool_free+0x380/0x380 [ 1631.041510][ T518] mempool_init_node+0x1ec/0x4e0 [ 1631.046419][ T518] ? mempool_free+0x380/0x380 [ 1631.051065][ T518] ? mempool_alloc_slab+0x20/0x20 [ 1631.056057][ T518] mempool_init+0x35/0x50 [ 1631.060366][ T518] bioset_init+0x4d8/0x600 [ 1631.064779][ T518] blk_alloc_queue_node+0xc5/0x580 [ 1631.069861][ T518] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1631.075202][ T518] blk_mq_init_queue+0x34/0xa0 [ 1631.079935][ T518] loop_add+0x25c/0x740 [ 1631.084070][ T518] ? get_pid_task+0xc3/0xf0 [ 1631.088546][ T518] ? radix_tree_lookup+0x16f/0x1c0 [ 1631.093628][ T518] loop_control_ioctl+0x448/0x620 [ 1631.098622][ T518] ? loop_remove+0xa0/0xa0 [ 1631.103017][ T518] ? memset+0x1f/0x40 [ 1631.106967][ T518] ? fsnotify+0x1280/0x1340 [ 1631.111443][ T518] ? loop_remove+0xa0/0xa0 [ 1631.115830][ T518] do_vfs_ioctl+0x742/0x1720 [ 1631.120395][ T518] ? ioctl_preallocate+0x250/0x250 [ 1631.125486][ T518] ? __fget+0x407/0x490 [ 1631.129617][ T518] ? fget_many+0x20/0x20 [ 1631.133833][ T518] ? debug_smp_processor_id+0x20/0x20 [ 1631.139176][ T518] ? security_file_ioctl+0x7d/0xa0 [ 1631.144261][ T518] __x64_sys_ioctl+0xd4/0x110 [ 1631.148910][ T518] do_syscall_64+0xca/0x1c0 [ 1631.153385][ T518] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:07 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 17) 13:54:07 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18L\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:07 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg0\x00'}) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f0000000040)={0x3, {{0x2, 0x4e22, @local}}}, 0x88) [ 1631.165449][ T22] audit: type=1326 audit(1676296447.969:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=536 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1631.183134][ T546] Module has invalid ELF structures [ 1631.196741][ T547] FAULT_INJECTION: forcing a failure. [ 1631.196741][ T547] name failslab, interval 1, probability 0, space 0, times 0 [ 1631.212779][ T547] CPU: 1 PID: 547 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1631.221098][ T547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1631.231132][ T547] Call Trace: [ 1631.234410][ T547] dump_stack+0x1d8/0x241 [ 1631.238724][ T547] ? panic+0x73f/0x73f [ 1631.242784][ T547] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1631.248581][ T547] should_fail+0x71f/0x880 [ 1631.252987][ T547] ? setup_fault_attr+0x3d0/0x3d0 [ 1631.258000][ T547] ? mempool_init_node+0x1ec/0x4e0 [ 1631.263098][ T547] should_failslab+0x5/0x20 [ 1631.267585][ T547] kmem_cache_alloc+0x24/0x220 [ 1631.272332][ T547] ? mempool_free+0x380/0x380 [ 1631.276995][ T547] mempool_init_node+0x1ec/0x4e0 [ 1631.281919][ T547] ? mempool_free+0x380/0x380 [ 1631.286583][ T547] ? mempool_alloc_slab+0x20/0x20 [ 1631.291600][ T547] mempool_init+0x35/0x50 [ 1631.295915][ T547] bioset_init+0x4d8/0x600 [ 1631.300319][ T547] blk_alloc_queue_node+0xc5/0x580 [ 1631.305415][ T547] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1631.310772][ T547] blk_mq_init_queue+0x34/0xa0 [ 1631.315526][ T547] loop_add+0x25c/0x740 [ 1631.319674][ T547] ? get_pid_task+0xc3/0xf0 [ 1631.324162][ T547] ? radix_tree_lookup+0x16f/0x1c0 [ 1631.329264][ T547] loop_control_ioctl+0x448/0x620 [ 1631.334276][ T547] ? loop_remove+0xa0/0xa0 [ 1631.338681][ T547] ? memset+0x1f/0x40 [ 1631.342647][ T547] ? fsnotify+0x1280/0x1340 [ 1631.347131][ T547] ? loop_remove+0xa0/0xa0 [ 1631.351533][ T547] do_vfs_ioctl+0x742/0x1720 [ 1631.356114][ T547] ? ioctl_preallocate+0x250/0x250 [ 1631.361210][ T547] ? __fget+0x407/0x490 [ 1631.365356][ T547] ? fget_many+0x20/0x20 [ 1631.369585][ T547] ? debug_smp_processor_id+0x20/0x20 [ 1631.374941][ T547] ? security_file_ioctl+0x7d/0xa0 [ 1631.380038][ T547] __x64_sys_ioctl+0xd4/0x110 [ 1631.384697][ T547] do_syscall_64+0xca/0x1c0 [ 1631.389187][ T547] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:08 executing program 0: sendmsg$NLBL_CALIPSO_C_LISTALL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}}, 0x81) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:08 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) setsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f0000000240)={@multicast2, @local, r3}, 0xc) sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c3871554a740b20", @ANYRES16=r1, @ANYBLOB="000225bd7000ffdbdf250200000014000700fe8000000000000000000000000000aa08000b00", @ANYRES32=r3, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x80) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r5) ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) (async) syz_genetlink_get_family_id$fou(&(0x7f00000000c0), 0xffffffffffffffff) (async) socket$igmp(0x2, 0x3, 0x2) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'}) (async) setsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f0000000240)={@multicast2, @local, r3}, 0xc) (async) sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c3871554a740b20", @ANYRES16=r1, @ANYBLOB="000225bd7000ffdbdf250200000014000700fe8000000000000000000000000000aa08000b00", @ANYRES32=r3, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x80) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r5) (async) ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) (async) 13:54:08 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) ioctl$HIDIOCGRDESCSIZE(r0, 0x80044801, &(0x7f0000000000)) 13:54:08 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg0\x00'}) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f0000000040)={0x3, {{0x2, 0x4e22, @local}}}, 0x88) socket$igmp(0x2, 0x3, 0x2) (async) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg0\x00'}) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) setsockopt$inet_MCAST_LEAVE_GROUP(r1, 0x0, 0x2d, &(0x7f0000000040)={0x3, {{0x2, 0x4e22, @local}}}, 0x88) (async) 13:54:08 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18`\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:08 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 18) 13:54:08 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), r1) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f0000000240)={0x9, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/64, 0x40}, {&(0x7f0000000080)=""/210, 0xd2}, {&(0x7f0000000180)=""/35, 0x23}], &(0x7f0000000200)=[0x80, 0x7, 0x100], 0x3}, 0x20) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:08 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18h\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1631.475744][ T554] Module has invalid ELF structures [ 1631.488295][ T559] FAULT_INJECTION: forcing a failure. [ 1631.488295][ T559] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1631.505165][ T559] CPU: 0 PID: 559 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1631.511837][ T565] Module has invalid ELF structures [ 1631.513481][ T559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1631.513485][ T559] Call Trace: [ 1631.513500][ T559] dump_stack+0x1d8/0x241 [ 1631.513514][ T559] ? panic+0x73f/0x73f [ 1631.540329][ T559] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1631.546120][ T559] ? stack_trace_save+0x1c0/0x1c0 [ 1631.551130][ T559] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1631.557180][ T559] should_fail+0x71f/0x880 [ 1631.561581][ T559] ? setup_fault_attr+0x3d0/0x3d0 [ 1631.566590][ T559] __alloc_pages_nodemask+0x1b4/0x840 [ 1631.571942][ T559] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 1631.577462][ T559] ? __kasan_kmalloc+0x199/0x1d0 [ 1631.582373][ T559] ? mempool_init_node+0x133/0x4e0 [ 1631.587457][ T559] ? mempool_init+0x35/0x50 [ 1631.591930][ T559] ? bioset_init+0x4d8/0x600 [ 1631.596510][ T559] ? blk_alloc_queue_node+0xc5/0x580 [ 1631.601764][ T559] ? blk_mq_init_queue+0x34/0xa0 [ 1631.606674][ T559] ? loop_add+0x25c/0x740 [ 1631.610974][ T559] ? loop_control_ioctl+0x448/0x620 [ 1631.616144][ T559] ? __x64_sys_ioctl+0xd4/0x110 [ 1631.620974][ T559] ? do_syscall_64+0xca/0x1c0 [ 1631.625649][ T559] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1631.631686][ T559] alloc_slab_page+0x39/0x3c0 [ 1631.636342][ T559] new_slab+0x97/0x440 [ 1631.640386][ T559] ___slab_alloc+0x2fe/0x490 [ 1631.644949][ T559] ? setup_fault_attr+0x3d0/0x3d0 [ 1631.649946][ T559] ? mempool_init_node+0x1ec/0x4e0 [ 1631.655026][ T559] ? mempool_init_node+0x1ec/0x4e0 [ 1631.660108][ T559] __slab_alloc+0x5a/0x90 [ 1631.664412][ T559] ? mempool_init_node+0x1ec/0x4e0 [ 1631.669494][ T559] kmem_cache_alloc+0x100/0x220 [ 1631.674317][ T559] ? mempool_free+0x380/0x380 [ 1631.678970][ T559] mempool_init_node+0x1ec/0x4e0 [ 1631.683881][ T559] ? mempool_free+0x380/0x380 [ 1631.688529][ T559] ? mempool_alloc_slab+0x20/0x20 [ 1631.693530][ T559] mempool_init+0x35/0x50 [ 1631.697832][ T559] bioset_init+0x4d8/0x600 [ 1631.702226][ T559] blk_alloc_queue_node+0xc5/0x580 [ 1631.707311][ T559] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1631.712660][ T559] blk_mq_init_queue+0x34/0xa0 [ 1631.717398][ T559] loop_add+0x25c/0x740 [ 1631.721534][ T559] ? get_pid_task+0xc3/0xf0 [ 1631.726008][ T559] ? radix_tree_lookup+0x16f/0x1c0 [ 1631.731089][ T559] loop_control_ioctl+0x448/0x620 [ 1631.736082][ T559] ? loop_remove+0xa0/0xa0 [ 1631.740472][ T559] ? memset+0x1f/0x40 [ 1631.744429][ T559] ? fsnotify+0x1280/0x1340 [ 1631.748902][ T559] ? loop_remove+0xa0/0xa0 [ 1631.753292][ T559] do_vfs_ioctl+0x742/0x1720 [ 1631.757856][ T559] ? ioctl_preallocate+0x250/0x250 [ 1631.762943][ T559] ? __fget+0x407/0x490 [ 1631.767071][ T559] ? fget_many+0x20/0x20 [ 1631.771289][ T559] ? debug_smp_processor_id+0x20/0x20 13:54:08 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18l\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:08 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async, rerun: 32) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (rerun: 32) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) ioctl$HIDIOCGRDESCSIZE(r0, 0x80044801, &(0x7f0000000000)) 13:54:08 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async, rerun: 32) syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), r1) (async, rerun: 32) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f0000000240)={0x9, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/64, 0x40}, {&(0x7f0000000080)=""/210, 0xd2}, {&(0x7f0000000180)=""/35, 0x23}], &(0x7f0000000200)=[0x80, 0x7, 0x100], 0x3}, 0x20) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) 13:54:08 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 19) [ 1631.776631][ T559] ? security_file_ioctl+0x7d/0xa0 [ 1631.781715][ T559] __x64_sys_ioctl+0xd4/0x110 [ 1631.786367][ T559] do_syscall_64+0xca/0x1c0 [ 1631.790844][ T559] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1631.810668][ T578] Module has invalid ELF structures [ 1631.825093][ T22] audit: type=1326 audit(1676296448.629:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=566 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1631.871009][ T590] FAULT_INJECTION: forcing a failure. [ 1631.871009][ T590] name failslab, interval 1, probability 0, space 0, times 0 [ 1631.888854][ T590] CPU: 1 PID: 590 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1631.897174][ T590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1631.907217][ T590] Call Trace: [ 1631.910497][ T590] dump_stack+0x1d8/0x241 [ 1631.914812][ T590] ? panic+0x73f/0x73f [ 1631.918868][ T590] ? blk_mq_init_queue+0x34/0xa0 [ 1631.923793][ T590] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1631.929592][ T590] ? __x64_sys_ioctl+0xd4/0x110 [ 1631.934434][ T590] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1631.940486][ T590] should_fail+0x71f/0x880 [ 1631.944891][ T590] ? setup_fault_attr+0x3d0/0x3d0 [ 1631.949912][ T590] ? bdi_init+0x19e/0xa90 [ 1631.954234][ T590] should_failslab+0x5/0x20 [ 1631.958723][ T590] kmem_cache_alloc_trace+0x28/0x240 [ 1631.963989][ T590] bdi_init+0x19e/0xa90 [ 1631.968130][ T590] ? bdi_alloc_node+0x69/0xd0 [ 1631.972788][ T590] bdi_alloc_node+0x79/0xd0 [ 1631.977288][ T590] blk_alloc_queue_node+0x10c/0x580 [ 1631.982502][ T590] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1631.987876][ T590] blk_mq_init_queue+0x34/0xa0 [ 1631.992645][ T590] loop_add+0x25c/0x740 [ 1631.996783][ T590] ? get_pid_task+0xc3/0xf0 [ 1632.001277][ T590] ? radix_tree_lookup+0x16f/0x1c0 [ 1632.006390][ T590] loop_control_ioctl+0x448/0x620 [ 1632.011413][ T590] ? loop_remove+0xa0/0xa0 [ 1632.015815][ T590] ? memset+0x1f/0x40 [ 1632.019779][ T590] ? fsnotify+0x1280/0x1340 [ 1632.024265][ T590] ? loop_remove+0xa0/0xa0 [ 1632.028691][ T590] do_vfs_ioctl+0x742/0x1720 [ 1632.033285][ T590] ? ioctl_preallocate+0x250/0x250 [ 1632.038380][ T590] ? __fget+0x407/0x490 [ 1632.042520][ T590] ? fget_many+0x20/0x20 [ 1632.046751][ T590] ? debug_smp_processor_id+0x20/0x20 [ 1632.052109][ T590] ? security_file_ioctl+0x7d/0xa0 [ 1632.057208][ T590] __x64_sys_ioctl+0xd4/0x110 [ 1632.061871][ T590] do_syscall_64+0xca/0x1c0 [ 1632.066362][ T590] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:08 executing program 0: sendmsg$NLBL_CALIPSO_C_LISTALL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}}, 0x81) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() 13:54:08 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), r1) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f0000000240)={0x9, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/64, 0x40}, {&(0x7f0000000080)=""/210, 0xd2}, {&(0x7f0000000180)=""/35, 0x23}], &(0x7f0000000200)=[0x80, 0x7, 0x100], 0x3}, 0x20) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) socket$igmp(0x2, 0x3, 0x2) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) syz_genetlink_get_family_id$l2tp(&(0x7f0000000280), r1) (async) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f0000000240)={0x9, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)=""/64, 0x40}, {&(0x7f0000000080)=""/210, 0xd2}, {&(0x7f0000000180)=""/35, 0x23}], &(0x7f0000000200)=[0x80, 0x7, 0x100], 0x3}, 0x20) (async) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) (async) 13:54:08 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18t\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:08 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000280)={0x1d, &(0x7f0000000240)=[{}, {}]}) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) 13:54:08 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) (async) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0), 0xffffffffffffffff) r2 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) setsockopt$inet_mreqn(r2, 0x0, 0x20, &(0x7f0000000240)={@multicast2, @local, r3}, 0xc) sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c3871554a740b20", @ANYRES16=r1, @ANYBLOB="000225bd7000ffdbdf250200000014000700fe8000000000000000000000000000aa08000b00", @ANYRES32=r3, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x80) (async) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0) (async) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r5) ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) 13:54:08 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 20) 13:54:08 executing program 3: r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast2, @local}, 0x8) r1 = io_uring_setup(0xa00, &(0x7f0000000040)={0x0, 0x5100, 0x800, 0x1, 0xaf, 0x0, r0}) r2 = socket$inet(0x2, 0x5, 0xe41) ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f0000002480)={0x0, {0x2, 0x4e20, @empty}, {0x2, 0x4e22, @remote}, {0x2, 0x4e24, @multicast2}, 0x0, 0x0, 0x0, 0x0, 0xc1fd, &(0x7f0000002440)='wg2\x00', 0x6, 0x6, 0xff}) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000002300)={0xfffff5c3, 0x0, &(0x7f0000002240)=[{&(0x7f00000000c0)=""/8, 0x8}, {&(0x7f0000000100)=""/68, 0x44}, {&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/4096, 0x1000}, {&(0x7f0000002180)=""/168, 0xa8}], &(0x7f00000022c0)=[0x8, 0xde, 0x7, 0x80, 0x6], 0x5}, 0x20) r3 = syz_io_uring_setup(0x2777, &(0x7f0000002340)={0x0, 0x7e72, 0x800, 0x1, 0x146, 0x0, r1}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000023c0), &(0x7f0000002400)) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, r4) 13:54:09 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000280)={0x1d, &(0x7f0000000240)=[{}, {}]}) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) [ 1632.154356][ T605] FAULT_INJECTION: forcing a failure. [ 1632.154356][ T605] name failslab, interval 1, probability 0, space 0, times 0 13:54:09 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000280)={0x1d, &(0x7f0000000240)=[{}, {}]}) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) 13:54:09 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18z\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1632.197623][ T606] Module has invalid ELF structures [ 1632.220385][ T605] CPU: 1 PID: 605 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1632.228710][ T605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1632.238751][ T605] Call Trace: [ 1632.242027][ T605] dump_stack+0x1d8/0x241 [ 1632.246346][ T605] ? panic+0x73f/0x73f [ 1632.250404][ T605] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1632.256199][ T605] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1632.261636][ T605] should_fail+0x71f/0x880 [ 1632.266035][ T605] ? setup_fault_attr+0x3d0/0x3d0 [ 1632.271029][ T605] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1632.276815][ T605] ? __percpu_counter_init+0x1ab/0x1e0 [ 1632.282251][ T605] ? blk_alloc_queue_stats+0x48/0x100 [ 1632.287594][ T605] should_failslab+0x5/0x20 [ 1632.292085][ T605] kmem_cache_alloc_trace+0x28/0x240 [ 1632.297347][ T605] blk_alloc_queue_stats+0x48/0x100 [ 1632.302520][ T605] blk_alloc_queue_node+0x151/0x580 [ 1632.307693][ T605] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1632.313063][ T605] blk_mq_init_queue+0x34/0xa0 [ 1632.317799][ T605] loop_add+0x25c/0x740 [ 1632.321927][ T605] ? get_pid_task+0xc3/0xf0 [ 1632.326439][ T605] ? radix_tree_lookup+0x16f/0x1c0 [ 1632.331523][ T605] loop_control_ioctl+0x448/0x620 [ 1632.336516][ T605] ? loop_remove+0xa0/0xa0 [ 1632.340926][ T605] ? memset+0x1f/0x40 [ 1632.344879][ T605] ? fsnotify+0x1280/0x1340 [ 1632.349351][ T605] ? loop_remove+0xa0/0xa0 [ 1632.353738][ T605] do_vfs_ioctl+0x742/0x1720 [ 1632.358301][ T605] ? ioctl_preallocate+0x250/0x250 [ 1632.363382][ T605] ? __fget+0x407/0x490 13:54:09 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x03\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:09 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) syz_io_uring_setup(0x2df9, &(0x7f0000000140)={0x0, 0x52d9, 0x800, 0x3, 0x100, 0x0, r0}, &(0x7f0000000000/0x4000)=nil, &(0x7f0000ff3000/0xc000)=nil, &(0x7f00000001c0), &(0x7f0000000240)) getsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000040)={@multicast2, @initdev, @initdev}, &(0x7f0000000080)=0xc) accept4$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @empty}, &(0x7f0000000100)=0x10, 0x80000) [ 1632.367513][ T605] ? fget_many+0x20/0x20 [ 1632.371742][ T605] ? debug_smp_processor_id+0x20/0x20 [ 1632.377096][ T605] ? security_file_ioctl+0x7d/0xa0 [ 1632.382207][ T605] __x64_sys_ioctl+0xd4/0x110 [ 1632.386857][ T605] do_syscall_64+0xca/0x1c0 [ 1632.391337][ T605] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1632.398186][ T22] audit: type=1326 audit(1676296449.209:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=617 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1632.411864][ T614] Module has invalid ELF structures [ 1632.426271][ T625] Module has invalid ELF structures [ 1632.439566][ T22] audit: type=1326 audit(1676296449.219:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=617 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f7d08d0dc16 code=0x80000 13:54:09 executing program 0: sendmsg$NLBL_CALIPSO_C_LISTALL(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x800, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x2c}}, 0x81) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() 13:54:09 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) syz_io_uring_setup(0x2df9, &(0x7f0000000140)={0x0, 0x52d9, 0x800, 0x3, 0x100, 0x0, r0}, &(0x7f0000000000/0x4000)=nil, &(0x7f0000ff3000/0xc000)=nil, &(0x7f00000001c0), &(0x7f0000000240)) (async) getsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000040)={@multicast2, @initdev, @initdev}, &(0x7f0000000080)=0xc) (async, rerun: 64) accept4$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @empty}, &(0x7f0000000100)=0x10, 0x80000) (rerun: 64) 13:54:09 executing program 3: geteuid() r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xa) 13:54:09 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_int(r1, 0x88, 0x0, 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000440)={0x2, 'xfrm0\x00', 0x2}, 0x18) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f00000000c0)={'raw\x00', 0x75, "e87ad7e24d71035053c2db9ecf169ab1a47d40636461ed5decfb4dda094caef62678b763267edae392bdd80463de96ffa3f49167e8ee82b27a20e46d551136819413dc0123d479b096810a61e66629c122a2528b7767e9d7b004eabf139d4ed8ae1b723b311ae54e9490c0a180c0dbae1013e9a78d"}, &(0x7f0000000180)=0x99) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) write$FUSE_STATFS(r2, &(0x7f0000000040)={0x60, 0x0, 0x0, {{0x3, 0x800, 0x6, 0xfff, 0x10000, 0x9, 0xffff, 0x845}}}, 0x60) r3 = syz_open_dev$loop(&(0x7f0000000480), 0x3, 0x40000) ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x3b) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@initdev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@dev}}, &(0x7f0000000340)=0xe8) read$FUSE(r2, &(0x7f00000024c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_ATTR(r4, &(0x7f0000000380)={0x78, 0x0, 0x0, {0x1000, 0x3, 0x0, {0x3, 0x8, 0xfffffffffffffffb, 0xf3, 0x6, 0x6, 0x2, 0x8, 0xfffff560, 0x4000, 0x2, r5, r6, 0x1, 0x9}}}, 0x78) r7 = socket$igmp(0x2, 0x3, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000400), r2) accept$inet(r7, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f00000001c0)={0x0, 'syzkaller1\x00'}, 0x18) 13:54:09 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x03Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:09 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 21) 13:54:09 executing program 3: geteuid() r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xa) 13:54:09 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_int(r1, 0x88, 0x0, 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000440)={0x2, 'xfrm0\x00', 0x2}, 0x18) (async) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f00000000c0)={'raw\x00', 0x75, "e87ad7e24d71035053c2db9ecf169ab1a47d40636461ed5decfb4dda094caef62678b763267edae392bdd80463de96ffa3f49167e8ee82b27a20e46d551136819413dc0123d479b096810a61e66629c122a2528b7767e9d7b004eabf139d4ed8ae1b723b311ae54e9490c0a180c0dbae1013e9a78d"}, &(0x7f0000000180)=0x99) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async) write$FUSE_STATFS(r2, &(0x7f0000000040)={0x60, 0x0, 0x0, {{0x3, 0x800, 0x6, 0xfff, 0x10000, 0x9, 0xffff, 0x845}}}, 0x60) (async) r3 = syz_open_dev$loop(&(0x7f0000000480), 0x3, 0x40000) ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x3b) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@initdev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@dev}}, &(0x7f0000000340)=0xe8) (async) read$FUSE(r2, &(0x7f00000024c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_ATTR(r4, &(0x7f0000000380)={0x78, 0x0, 0x0, {0x1000, 0x3, 0x0, {0x3, 0x8, 0xfffffffffffffffb, 0xf3, 0x6, 0x6, 0x2, 0x8, 0xfffff560, 0x4000, 0x2, r5, r6, 0x1, 0x9}}}, 0x78) (async) r7 = socket$igmp(0x2, 0x3, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000400), r2) (async) accept$inet(r7, 0x0, 0x0) (async) setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f00000001c0)={0x0, 'syzkaller1\x00'}, 0x18) 13:54:09 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x05Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1632.651188][ T634] Module has invalid ELF structures [ 1632.657284][ T635] FAULT_INJECTION: forcing a failure. [ 1632.657284][ T635] name failslab, interval 1, probability 0, space 0, times 0 [ 1632.673331][ T635] CPU: 0 PID: 635 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1632.681653][ T635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1632.690202][ T644] Module has invalid ELF structures [ 1632.691688][ T635] Call Trace: 13:54:09 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x06Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:09 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\aY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1632.691705][ T635] dump_stack+0x1d8/0x241 [ 1632.691718][ T635] ? panic+0x73f/0x73f [ 1632.708503][ T635] ? pcpu_block_update_hint_alloc+0x8fe/0xc70 [ 1632.714560][ T635] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1632.720359][ T635] ? pcpu_chunk_relocate+0xdc/0x3a0 [ 1632.721979][ T647] Module has invalid ELF structures [ 1632.725540][ T635] should_fail+0x71f/0x880 [ 1632.725551][ T635] ? setup_fault_attr+0x3d0/0x3d0 [ 1632.725565][ T635] ? cpumask_next+0xc/0x20 [ 1632.744540][ T635] ? blk_mq_poll_stats_fn+0x1a0/0x1a0 13:54:09 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\tY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1632.749898][ T635] ? blk_stat_alloc_callback+0x5c/0x210 [ 1632.755430][ T635] should_failslab+0x5/0x20 [ 1632.759919][ T635] kmem_cache_alloc_trace+0x28/0x240 [ 1632.764881][ T654] Module has invalid ELF structures [ 1632.765216][ T635] ? blk_mq_poll_stats_fn+0x1a0/0x1a0 [ 1632.765224][ T635] ? blk_mq_free_tag_set+0x450/0x450 [ 1632.765238][ T635] blk_stat_alloc_callback+0x5c/0x210 [ 1632.786366][ T635] blk_mq_init_allocated_queue+0x85/0x1470 [ 1632.792165][ T635] ? blk_alloc_queue_node+0x4ec/0x580 [ 1632.797511][ T635] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1632.802852][ T635] blk_mq_init_queue+0x49/0xa0 [ 1632.807593][ T635] loop_add+0x25c/0x740 [ 1632.811723][ T635] ? get_pid_task+0xc3/0xf0 [ 1632.816199][ T635] ? radix_tree_lookup+0x16f/0x1c0 [ 1632.821282][ T635] loop_control_ioctl+0x448/0x620 [ 1632.826275][ T635] ? loop_remove+0xa0/0xa0 [ 1632.830665][ T635] ? memset+0x1f/0x40 [ 1632.834615][ T635] ? fsnotify+0x1280/0x1340 [ 1632.839090][ T635] ? loop_remove+0xa0/0xa0 [ 1632.843514][ T635] do_vfs_ioctl+0x742/0x1720 [ 1632.848079][ T635] ? ioctl_preallocate+0x250/0x250 [ 1632.853161][ T635] ? __fget+0x407/0x490 [ 1632.857285][ T635] ? fget_many+0x20/0x20 [ 1632.861500][ T635] ? debug_smp_processor_id+0x20/0x20 [ 1632.866843][ T635] ? security_file_ioctl+0x7d/0xa0 [ 1632.871923][ T635] __x64_sys_ioctl+0xd4/0x110 [ 1632.876570][ T635] do_syscall_64+0xca/0x1c0 [ 1632.881049][ T635] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1632.888565][ T659] Module has invalid ELF structures [ 1632.900195][ T22] audit: type=1326 audit(1676296449.709:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=655 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1632.947191][ T22] audit: type=1326 audit(1676296449.709:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=655 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=56 compat=0 ip=0x7f7d08d60521 code=0x80000 13:54:09 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:09 executing program 3: geteuid() r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xa) 13:54:09 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\nY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:09 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 22) 13:54:09 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0) syz_io_uring_setup(0x2df9, &(0x7f0000000140)={0x0, 0x52d9, 0x800, 0x3, 0x100, 0x0, r0}, &(0x7f0000000000/0x4000)=nil, &(0x7f0000ff3000/0xc000)=nil, &(0x7f00000001c0), &(0x7f0000000240)) (async) getsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000040)={@multicast2, @initdev, @initdev}, &(0x7f0000000080)=0xc) (async) accept4$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @empty}, &(0x7f0000000100)=0x10, 0x80000) 13:54:09 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_int(r1, 0x88, 0x0, 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000440)={0x2, 'xfrm0\x00', 0x2}, 0x18) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f00000000c0)={'raw\x00', 0x75, "e87ad7e24d71035053c2db9ecf169ab1a47d40636461ed5decfb4dda094caef62678b763267edae392bdd80463de96ffa3f49167e8ee82b27a20e46d551136819413dc0123d479b096810a61e66629c122a2528b7767e9d7b004eabf139d4ed8ae1b723b311ae54e9490c0a180c0dbae1013e9a78d"}, &(0x7f0000000180)=0x99) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) write$FUSE_STATFS(r2, &(0x7f0000000040)={0x60, 0x0, 0x0, {{0x3, 0x800, 0x6, 0xfff, 0x10000, 0x9, 0xffff, 0x845}}}, 0x60) r3 = syz_open_dev$loop(&(0x7f0000000480), 0x3, 0x40000) ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x3b) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@initdev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@dev}}, &(0x7f0000000340)=0xe8) read$FUSE(r2, &(0x7f00000024c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_ATTR(r4, &(0x7f0000000380)={0x78, 0x0, 0x0, {0x1000, 0x3, 0x0, {0x3, 0x8, 0xfffffffffffffffb, 0xf3, 0x6, 0x6, 0x2, 0x8, 0xfffff560, 0x4000, 0x2, r5, r6, 0x1, 0x9}}}, 0x78) r7 = socket$igmp(0x2, 0x3, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000400), r2) accept$inet(r7, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f00000001c0)={0x0, 'syzkaller1\x00'}, 0x18) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) setsockopt$inet_int(r1, 0x88, 0x0, 0x0, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000440)={0x2, 'xfrm0\x00', 0x2}, 0x18) (async) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f00000000c0)={'raw\x00', 0x75, "e87ad7e24d71035053c2db9ecf169ab1a47d40636461ed5decfb4dda094caef62678b763267edae392bdd80463de96ffa3f49167e8ee82b27a20e46d551136819413dc0123d479b096810a61e66629c122a2528b7767e9d7b004eabf139d4ed8ae1b723b311ae54e9490c0a180c0dbae1013e9a78d"}, &(0x7f0000000180)=0x99) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async) write$FUSE_STATFS(r2, &(0x7f0000000040)={0x60, 0x0, 0x0, {{0x3, 0x800, 0x6, 0xfff, 0x10000, 0x9, 0xffff, 0x845}}}, 0x60) (async) syz_open_dev$loop(&(0x7f0000000480), 0x3, 0x40000) (async) ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x3b) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) (async) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@initdev, @in=@loopback}}, {{@in6=@mcast2}, 0x0, @in=@dev}}, &(0x7f0000000340)=0xe8) (async) read$FUSE(r2, &(0x7f00000024c0)={0x2020}, 0x2020) (async) write$FUSE_ATTR(r4, &(0x7f0000000380)={0x78, 0x0, 0x0, {0x1000, 0x3, 0x0, {0x3, 0x8, 0xfffffffffffffffb, 0xf3, 0x6, 0x6, 0x2, 0x8, 0xfffff560, 0x4000, 0x2, r5, r6, 0x1, 0x9}}}, 0x78) (async) socket$igmp(0x2, 0x3, 0x2) (async) syz_genetlink_get_family_id$fou(&(0x7f0000000400), r2) (async) accept$inet(r7, 0x0, 0x0) (async) setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f00000001c0)={0x0, 'syzkaller1\x00'}, 0x18) (async) 13:54:09 executing program 3: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_int(r1, 0x88, 0x0, 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000440)={0x2, 'xfrm0\x00', 0x2}, 0x18) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f00000000c0)={'raw\x00', 0x75, "e87ad7e24d71035053c2db9ecf169ab1a47d40636461ed5decfb4dda094caef62678b763267edae392bdd80463de96ffa3f49167e8ee82b27a20e46d551136819413dc0123d479b096810a61e66629c122a2528b7767e9d7b004eabf139d4ed8ae1b723b311ae54e9490c0a180c0dbae1013e9a78d"}, &(0x7f0000000180)=0x99) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) write$FUSE_STATFS(r2, &(0x7f0000000040)={0x60, 0x0, 0x0, {{0x3, 0x800, 0x6, 0xfff, 0x10000, 0x9, 0xffff, 0x845}}}, 0x60) r3 = syz_open_dev$loop(&(0x7f0000000480), 0x3, 0x40000) ioctl$LOOP_SET_BLOCK_SIZE(r3, 0x4c09, 0x3b) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@initdev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@dev}}, &(0x7f0000000340)=0xe8) read$FUSE(r2, &(0x7f00000024c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_ATTR(r4, &(0x7f0000000380)={0x78, 0x0, 0x0, {0x1000, 0x3, 0x0, {0x3, 0x8, 0xfffffffffffffffb, 0xf3, 0x6, 0x6, 0x2, 0x8, 0xfffff560, 0x4000, 0x2, r5, r6, 0x1, 0x9}}}, 0x78) r7 = socket$igmp(0x2, 0x3, 0x2) syz_genetlink_get_family_id$fou(&(0x7f0000000400), r2) accept$inet(r7, 0x0, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f00000001c0)={0x0, 'syzkaller1\x00'}, 0x18) 13:54:09 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\vY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1633.142890][ T666] FAULT_INJECTION: forcing a failure. [ 1633.142890][ T666] name failslab, interval 1, probability 0, space 0, times 0 [ 1633.155648][ T669] Module has invalid ELF structures [ 1633.164090][ T666] CPU: 0 PID: 666 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1633.172405][ T666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1633.182445][ T666] Call Trace: [ 1633.185724][ T666] dump_stack+0x1d8/0x241 [ 1633.190037][ T666] ? panic+0x73f/0x73f [ 1633.194097][ T666] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1633.199891][ T666] should_fail+0x71f/0x880 [ 1633.204295][ T666] ? setup_fault_attr+0x3d0/0x3d0 [ 1633.209314][ T666] ? blk_mq_poll_stats_fn+0x1a0/0x1a0 [ 1633.214671][ T666] ? blk_stat_alloc_callback+0x95/0x210 [ 1633.220203][ T666] should_failslab+0x5/0x20 [ 1633.224692][ T666] __kmalloc+0x51/0x2b0 [ 1633.228836][ T666] ? kmem_cache_alloc_trace+0xd7/0x240 [ 1633.234273][ T666] ? blk_stat_alloc_callback+0x5c/0x210 [ 1633.239804][ T666] ? blk_mq_poll_stats_fn+0x1a0/0x1a0 [ 1633.245155][ T666] ? blk_mq_free_tag_set+0x450/0x450 [ 1633.250418][ T666] blk_stat_alloc_callback+0x95/0x210 [ 1633.255770][ T666] ? blk_mq_free_tag_set+0x450/0x450 [ 1633.261030][ T666] ? blk_mq_poll_stats_fn+0x1a0/0x1a0 [ 1633.266380][ T666] blk_mq_init_allocated_queue+0x85/0x1470 [ 1633.272172][ T666] ? blk_alloc_queue_node+0x4ec/0x580 [ 1633.277530][ T666] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1633.282875][ T666] blk_mq_init_queue+0x49/0xa0 [ 1633.287610][ T666] loop_add+0x25c/0x740 [ 1633.291740][ T666] ? get_pid_task+0xc3/0xf0 [ 1633.296213][ T666] ? radix_tree_lookup+0x16f/0x1c0 [ 1633.301307][ T666] loop_control_ioctl+0x448/0x620 [ 1633.306307][ T666] ? loop_remove+0xa0/0xa0 [ 1633.310698][ T666] ? memset+0x1f/0x40 [ 1633.314652][ T666] ? fsnotify+0x1280/0x1340 [ 1633.319128][ T666] ? loop_remove+0xa0/0xa0 [ 1633.323518][ T666] do_vfs_ioctl+0x742/0x1720 [ 1633.328084][ T666] ? ioctl_preallocate+0x250/0x250 [ 1633.333167][ T666] ? __fget+0x407/0x490 [ 1633.337300][ T666] ? fget_many+0x20/0x20 13:54:10 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x357001, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:10 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) delete_module(&(0x7f0000000000)='#]\'%\x8c/\x00', 0x100) r0 = syz_open_dev$loop(&(0x7f0000000040), 0x4, 0xce00) ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000080)={r0, 0xfffffffd, {0x0, 0x0, 0x0, 0x200000000000, 0x3, 0x0, 0x5, 0x0, 0x0, "e275d4c768b26f3e8a71dc1e896029b3c91b53f8d72c9b5be6426cf30db3bf113bd5cb50457877248608049e00", "4360f77b002c1fc7d18a72fee38219c51731d3cc64afa09d9f76188d7dea8a61507e50b7b646b24cc0a8945b90ecd4ead9cd12fc28be7ab1433244e0cbaf8a54", "5e4ae545d19e5019ef8405e0b8147ad9fcd0a1662d3380c5ae129de8cd396bdb", [0xffffffffffff8001, 0xa9c]}}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x40, r2, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x1f}]}, 0x40}, 0x1, 0x0, 0x0, 0x40001}, 0x4000) [ 1633.341518][ T666] ? debug_smp_processor_id+0x20/0x20 [ 1633.346862][ T666] ? security_file_ioctl+0x7d/0xa0 [ 1633.351948][ T666] __x64_sys_ioctl+0xd4/0x110 [ 1633.356601][ T666] do_syscall_64+0xca/0x1c0 [ 1633.361086][ T666] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1633.367962][ T674] Module has invalid ELF structures 13:54:10 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) delete_module(&(0x7f0000000000)='#]\'%\x8c/\x00', 0x100) (async) r0 = syz_open_dev$loop(&(0x7f0000000040), 0x4, 0xce00) ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000080)={r0, 0xfffffffd, {0x0, 0x0, 0x0, 0x200000000000, 0x3, 0x0, 0x5, 0x0, 0x0, "e275d4c768b26f3e8a71dc1e896029b3c91b53f8d72c9b5be6426cf30db3bf113bd5cb50457877248608049e00", "4360f77b002c1fc7d18a72fee38219c51731d3cc64afa09d9f76188d7dea8a61507e50b7b646b24cc0a8945b90ecd4ead9cd12fc28be7ab1433244e0cbaf8a54", "5e4ae545d19e5019ef8405e0b8147ad9fcd0a1662d3380c5ae129de8cd396bdb", [0xffffffffffff8001, 0xa9c]}}) (async, rerun: 32) r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x40, r2, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x1f}]}, 0x40}, 0x1, 0x0, 0x0, 0x40001}, 0x4000) 13:54:10 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\fY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1633.374828][ T22] audit: type=1326 audit(1676296450.179:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=695 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1633.406873][ T707] Module has invalid ELF structures 13:54:10 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:10 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\vY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:10 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 23) 13:54:10 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x357001, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:10 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) delete_module(&(0x7f0000000000)='#]\'%\x8c/\x00', 0x100) (async) r0 = syz_open_dev$loop(&(0x7f0000000040), 0x4, 0xce00) ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000000080)={r0, 0xfffffffd, {0x0, 0x0, 0x0, 0x200000000000, 0x3, 0x0, 0x5, 0x0, 0x0, "e275d4c768b26f3e8a71dc1e896029b3c91b53f8d72c9b5be6426cf30db3bf113bd5cb50457877248608049e00", "4360f77b002c1fc7d18a72fee38219c51731d3cc64afa09d9f76188d7dea8a61507e50b7b646b24cc0a8945b90ecd4ead9cd12fc28be7ab1433244e0cbaf8a54", "5e4ae545d19e5019ef8405e0b8147ad9fcd0a1662d3380c5ae129de8cd396bdb", [0xffffffffffff8001, 0xa9c]}}) (async, rerun: 32) r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x40, r2, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_FLAGS={0x8}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x1f}]}, 0x40}, 0x1, 0x0, 0x0, 0x40001}, 0x4000) 13:54:10 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\rY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:10 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x357001, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x357001, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) [ 1633.646178][ T715] FAULT_INJECTION: forcing a failure. [ 1633.646178][ T715] name failslab, interval 1, probability 0, space 0, times 0 [ 1633.650488][ T714] Module has invalid ELF structures [ 1633.658884][ T716] Module has invalid ELF structures [ 1633.680083][ T715] CPU: 0 PID: 715 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 13:54:10 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000026c0)={0xbf9, 0x0, &(0x7f0000002600)=[{&(0x7f00000022c0)=""/115, 0x73}, {&(0x7f0000002340)=""/27, 0x1b}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/116, 0x74}, {&(0x7f0000002480)=""/179, 0xb3}, {&(0x7f0000002540)=""/103, 0x67}, {&(0x7f00000025c0)=""/62, 0x3e}], &(0x7f0000002680)=[0x9, 0x4, 0x9, 0x8000000000000000, 0x5, 0x1ca8], 0x7}, 0x20) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0}, 0x2020) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000002280)={&(0x7f0000002180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002240)={&(0x7f00000021c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000029bd7000ffdbdf250a00000008003a00080000000600280002000000050037000100000008002c0004000000050038000100000008002c000008000005002f000100000008003400060000000800310008000000"], 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x20040000) write$FUSE_LK(r0, &(0x7f0000002080)={0x28, 0xfffffffffffffffe, r1, {{0x10000, 0x6, 0x2}}}, 0x28) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000020c0)={0x0, {}, 0x0, {}, 0x57, 0x12, 0x16, 0xd, "b1c4da192aeb43248cf3f8d9aacfc7a45bd385d0d7f21e88f5038a6095153cd748d97ae643ad08b1dbd4a991557204e08fa1868c5e39d8a3533f3ff05ae1e41f", "b3f75caa8f20843946facafbbbf96220c3cd5f6472b3463295e5782a468c496e", [0xfc3, 0x6]}) eventfd(0x6) [ 1633.688403][ T715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1633.698442][ T715] Call Trace: [ 1633.701739][ T715] dump_stack+0x1d8/0x241 [ 1633.706056][ T715] ? panic+0x73f/0x73f [ 1633.710111][ T715] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1633.715903][ T715] should_fail+0x71f/0x880 [ 1633.720309][ T715] ? setup_fault_attr+0x3d0/0x3d0 [ 1633.725328][ T715] ? blk_mq_poll_stats_fn+0x1a0/0x1a0 [ 1633.730690][ T715] ? blk_stat_alloc_callback+0x95/0x210 [ 1633.736217][ T715] should_failslab+0x5/0x20 [ 1633.740704][ T715] __kmalloc+0x51/0x2b0 [ 1633.744845][ T715] ? kmem_cache_alloc_trace+0xd7/0x240 [ 1633.750283][ T715] ? blk_stat_alloc_callback+0x5c/0x210 [ 1633.755810][ T715] ? blk_mq_poll_stats_fn+0x1a0/0x1a0 [ 1633.761164][ T715] ? blk_mq_free_tag_set+0x450/0x450 [ 1633.766429][ T715] blk_stat_alloc_callback+0x95/0x210 [ 1633.771780][ T715] ? blk_mq_free_tag_set+0x450/0x450 [ 1633.777058][ T715] ? blk_mq_poll_stats_fn+0x1a0/0x1a0 [ 1633.782412][ T715] blk_mq_init_allocated_queue+0x85/0x1470 [ 1633.788195][ T715] ? blk_alloc_queue_node+0x4ec/0x580 [ 1633.793539][ T715] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1633.798881][ T715] blk_mq_init_queue+0x49/0xa0 [ 1633.803618][ T715] loop_add+0x25c/0x740 [ 1633.807746][ T715] ? get_pid_task+0xc3/0xf0 [ 1633.812225][ T715] ? radix_tree_lookup+0x16f/0x1c0 [ 1633.817309][ T715] loop_control_ioctl+0x448/0x620 [ 1633.822306][ T715] ? loop_remove+0xa0/0xa0 [ 1633.826697][ T715] ? memset+0x1f/0x40 [ 1633.830649][ T715] ? fsnotify+0x1280/0x1340 [ 1633.835122][ T715] ? loop_remove+0xa0/0xa0 [ 1633.839520][ T715] do_vfs_ioctl+0x742/0x1720 13:54:10 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x0eY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:10 executing program 5: mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000002, 0x4000010, 0xffffffffffffffff, 0x10000000) [ 1633.844084][ T715] ? ioctl_preallocate+0x250/0x250 [ 1633.849166][ T715] ? __fget+0x407/0x490 [ 1633.853293][ T715] ? fget_many+0x20/0x20 [ 1633.857509][ T715] ? debug_smp_processor_id+0x20/0x20 [ 1633.862853][ T715] ? security_file_ioctl+0x7d/0xa0 [ 1633.867955][ T715] __x64_sys_ioctl+0xd4/0x110 [ 1633.872604][ T715] do_syscall_64+0xca/0x1c0 [ 1633.877099][ T715] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:10 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) (fail_nth: 1) 13:54:10 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000026c0)={0xbf9, 0x0, &(0x7f0000002600)=[{&(0x7f00000022c0)=""/115, 0x73}, {&(0x7f0000002340)=""/27, 0x1b}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/116, 0x74}, {&(0x7f0000002480)=""/179, 0xb3}, {&(0x7f0000002540)=""/103, 0x67}, {&(0x7f00000025c0)=""/62, 0x3e}], &(0x7f0000002680)=[0x9, 0x4, 0x9, 0x8000000000000000, 0x5, 0x1ca8], 0x7}, 0x20) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0}, 0x2020) (async) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000002280)={&(0x7f0000002180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002240)={&(0x7f00000021c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000029bd7000ffdbdf250a00000008003a00080000000600280002000000050037000100000008002c0004000000050038000100000008002c000008000005002f000100000008003400060000000800310008000000"], 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x20040000) write$FUSE_LK(r0, &(0x7f0000002080)={0x28, 0xfffffffffffffffe, r1, {{0x10000, 0x6, 0x2}}}, 0x28) (async) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000020c0)={0x0, {}, 0x0, {}, 0x57, 0x12, 0x16, 0xd, "b1c4da192aeb43248cf3f8d9aacfc7a45bd385d0d7f21e88f5038a6095153cd748d97ae643ad08b1dbd4a991557204e08fa1868c5e39d8a3533f3ff05ae1e41f", "b3f75caa8f20843946facafbbbf96220c3cd5f6472b3463295e5782a468c496e", [0xfc3, 0x6]}) (async) eventfd(0x6) [ 1633.907763][ T732] Module has invalid ELF structures [ 1633.929790][ T736] FAULT_INJECTION: forcing a failure. [ 1633.929790][ T736] name failslab, interval 1, probability 0, space 0, times 0 [ 1633.942486][ T736] CPU: 0 PID: 736 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller #0 [ 1633.950800][ T736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1633.960845][ T736] Call Trace: [ 1633.964125][ T736] dump_stack+0x1d8/0x241 [ 1633.968441][ T736] ? panic+0x73f/0x73f [ 1633.972503][ T736] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1633.978297][ T736] ? avc_has_perm_noaudit+0x2f1/0x3d0 [ 1633.983655][ T736] should_fail+0x71f/0x880 [ 1633.988061][ T736] ? setup_fault_attr+0x3d0/0x3d0 [ 1633.993073][ T736] ? avc_denied+0x1d0/0x1d0 [ 1633.997564][ T736] ? __get_vm_area_node+0x183/0x310 [ 1634.002757][ T736] should_failslab+0x5/0x20 [ 1634.007250][ T736] kmem_cache_alloc_trace+0x28/0x240 [ 1634.012529][ T736] __get_vm_area_node+0x183/0x310 [ 1634.017538][ T736] __vmalloc_node_range+0xee/0x710 [ 1634.022631][ T736] ? __se_sys_init_module+0x1ba/0x2b0 [ 1634.027999][ T736] __vmalloc+0x40/0x50 [ 1634.032054][ T736] ? __se_sys_init_module+0x1ba/0x2b0 [ 1634.037414][ T736] __se_sys_init_module+0x1ba/0x2b0 [ 1634.042596][ T736] ? __x64_sys_init_module+0x80/0x80 [ 1634.047870][ T736] ? __ia32_sys_read+0x80/0x80 [ 1634.052618][ T736] ? __do_page_fault+0x725/0xbb0 [ 1634.057538][ T736] do_syscall_64+0xca/0x1c0 [ 1634.062027][ T736] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:10 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) 13:54:10 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 24) 13:54:10 executing program 5: mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000002, 0x4000010, 0xffffffffffffffff, 0x10000000) 13:54:10 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x11Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:10 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000026c0)={0xbf9, 0x0, &(0x7f0000002600)=[{&(0x7f00000022c0)=""/115, 0x73}, {&(0x7f0000002340)=""/27, 0x1b}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/116, 0x74}, {&(0x7f0000002480)=""/179, 0xb3}, {&(0x7f0000002540)=""/103, 0x67}, {&(0x7f00000025c0)=""/62, 0x3e}], &(0x7f0000002680)=[0x9, 0x4, 0x9, 0x8000000000000000, 0x5, 0x1ca8], 0x7}, 0x20) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0}, 0x2020) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000002280)={&(0x7f0000002180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002240)={&(0x7f00000021c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000029bd7000ffdbdf250a00000008003a00080000000600280002000000050037000100000008002c0004000000050038000100000008002c000008000005002f000100000008003400060000000800310008000000"], 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x20040000) write$FUSE_LK(r0, &(0x7f0000002080)={0x28, 0xfffffffffffffffe, r1, {{0x10000, 0x6, 0x2}}}, 0x28) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000020c0)={0x0, {}, 0x0, {}, 0x57, 0x12, 0x16, 0xd, "b1c4da192aeb43248cf3f8d9aacfc7a45bd385d0d7f21e88f5038a6095153cd748d97ae643ad08b1dbd4a991557204e08fa1868c5e39d8a3533f3ff05ae1e41f", "b3f75caa8f20843946facafbbbf96220c3cd5f6472b3463295e5782a468c496e", [0xfc3, 0x6]}) eventfd(0x6) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f00000026c0)={0xbf9, 0x0, &(0x7f0000002600)=[{&(0x7f00000022c0)=""/115, 0x73}, {&(0x7f0000002340)=""/27, 0x1b}, {&(0x7f0000002380)=""/126, 0x7e}, {&(0x7f0000002400)=""/116, 0x74}, {&(0x7f0000002480)=""/179, 0xb3}, {&(0x7f0000002540)=""/103, 0x67}, {&(0x7f00000025c0)=""/62, 0x3e}], &(0x7f0000002680)=[0x9, 0x4, 0x9, 0x8000000000000000, 0x5, 0x1ca8], 0x7}, 0x20) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020}, 0x2020) (async) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000002280)={&(0x7f0000002180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002240)={&(0x7f00000021c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000029bd7000ffdbdf250a00000008003a00080000000600280002000000050037000100000008002c0004000000050038000100000008002c000008000005002f000100000008003400060000000800310008000000"], 0x5c}, 0x1, 0x0, 0x0, 0x10}, 0x20040000) (async) write$FUSE_LK(r0, &(0x7f0000002080)={0x28, 0xfffffffffffffffe, r1, {{0x10000, 0x6, 0x2}}}, 0x28) (async) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000020c0)={0x0, {}, 0x0, {}, 0x57, 0x12, 0x16, 0xd, "b1c4da192aeb43248cf3f8d9aacfc7a45bd385d0d7f21e88f5038a6095153cd748d97ae643ad08b1dbd4a991557204e08fa1868c5e39d8a3533f3ff05ae1e41f", "b3f75caa8f20843946facafbbbf96220c3cd5f6472b3463295e5782a468c496e", [0xfc3, 0x6]}) (async) eventfd(0x6) (async) 13:54:10 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) (fail_nth: 2) 13:54:10 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:11 executing program 5: mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000002, 0x4000010, 0xffffffffffffffff, 0x10000000) mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x3000002, 0x4000010, 0xffffffffffffffff, 0x10000000) (async) [ 1634.182104][ T755] FAULT_INJECTION: forcing a failure. [ 1634.182104][ T755] name failslab, interval 1, probability 0, space 0, times 0 [ 1634.186255][ T753] Module has invalid ELF structures [ 1634.201828][ T757] FAULT_INJECTION: forcing a failure. [ 1634.201828][ T757] name failslab, interval 1, probability 0, space 0, times 0 [ 1634.220316][ T755] CPU: 1 PID: 755 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1634.228641][ T755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1634.238679][ T755] Call Trace: [ 1634.241957][ T755] dump_stack+0x1d8/0x241 [ 1634.246271][ T755] ? panic+0x73f/0x73f [ 1634.250325][ T755] ? preempt_schedule_common+0xa6/0xd0 [ 1634.255766][ T755] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1634.261653][ T755] ? preempt_schedule+0xd9/0xe0 [ 1634.266478][ T755] ? schedule_preempt_disabled+0x20/0x20 [ 1634.272082][ T755] ? pcpu_alloc_area+0x658/0x750 [ 1634.276988][ T755] ? reschedule_interrupt+0xa/0x20 [ 1634.282071][ T755] should_fail+0x71f/0x880 [ 1634.286464][ T755] ? setup_fault_attr+0x3d0/0x3d0 [ 1634.291481][ T755] ? cpumask_next+0xc/0x20 [ 1634.295870][ T755] ? kobject_init+0x7f/0x1d0 [ 1634.300433][ T755] ? find_next_bit+0xc3/0x100 [ 1634.305087][ T755] ? blk_mq_init_allocated_queue+0x481/0x1470 [ 1634.311129][ T755] should_failslab+0x5/0x20 [ 1634.315606][ T755] __kmalloc+0x51/0x2b0 [ 1634.319742][ T755] blk_mq_init_allocated_queue+0x481/0x1470 [ 1634.325764][ T755] ? blk_alloc_queue_node+0x4ec/0x580 [ 1634.331110][ T755] ? blk_mq_alloc_tag_set+0x67d/0x890 [ 1634.336452][ T755] blk_mq_init_queue+0x49/0xa0 [ 1634.341213][ T755] loop_add+0x25c/0x740 [ 1634.345371][ T755] ? get_pid_task+0xc3/0xf0 [ 1634.349853][ T755] ? radix_tree_lookup+0x16f/0x1c0 [ 1634.354967][ T755] loop_control_ioctl+0x448/0x620 [ 1634.359961][ T755] ? loop_remove+0xa0/0xa0 [ 1634.364361][ T755] ? memset+0x1f/0x40 [ 1634.368313][ T755] ? fsnotify+0x1280/0x1340 [ 1634.372787][ T755] ? loop_remove+0xa0/0xa0 [ 1634.377182][ T755] do_vfs_ioctl+0x742/0x1720 13:54:11 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x12Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1634.381749][ T755] ? ioctl_preallocate+0x250/0x250 [ 1634.386849][ T755] ? __fget+0x407/0x490 [ 1634.390977][ T755] ? fget_many+0x20/0x20 [ 1634.395194][ T755] ? debug_smp_processor_id+0x20/0x20 [ 1634.400538][ T755] ? security_file_ioctl+0x7d/0xa0 [ 1634.405620][ T755] __x64_sys_ioctl+0xd4/0x110 [ 1634.410270][ T755] do_syscall_64+0xca/0x1c0 [ 1634.414749][ T755] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1634.421432][ T757] CPU: 0 PID: 757 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller #0 13:54:11 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 25) [ 1634.429762][ T757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1634.439798][ T757] Call Trace: [ 1634.443084][ T757] dump_stack+0x1d8/0x241 [ 1634.446608][ T768] FAULT_INJECTION: forcing a failure. [ 1634.446608][ T768] name failslab, interval 1, probability 0, space 0, times 0 [ 1634.447397][ T757] ? panic+0x73f/0x73f [ 1634.447408][ T757] ? page_counter_uncharge+0x9f/0xc0 [ 1634.447417][ T757] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1634.447428][ T757] should_fail+0x71f/0x880 13:54:11 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x1fY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1634.447441][ T757] ? __kasan_kmalloc+0x199/0x1d0 [ 1634.484391][ T757] ? setup_fault_attr+0x3d0/0x3d0 [ 1634.489430][ T757] ? do_syscall_64+0xca/0x1c0 [ 1634.491435][ T767] Module has invalid ELF structures [ 1634.494098][ T757] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1634.494108][ T757] ? alloc_vmap_area+0x162/0x1ac0 [ 1634.494122][ T757] should_failslab+0x5/0x20 [ 1634.514795][ T757] kmem_cache_alloc+0x24/0x220 [ 1634.519544][ T757] alloc_vmap_area+0x162/0x1ac0 [ 1634.524375][ T757] ? vm_map_ram+0x960/0x960 [ 1634.528860][ T757] ? __get_vm_area_node+0x183/0x310 [ 1634.534037][ T757] __get_vm_area_node+0x1c7/0x310 [ 1634.539038][ T757] __vmalloc_node_range+0xee/0x710 [ 1634.544124][ T757] ? __se_sys_init_module+0x1ba/0x2b0 [ 1634.549476][ T757] __vmalloc+0x40/0x50 [ 1634.553522][ T757] ? __se_sys_init_module+0x1ba/0x2b0 [ 1634.558865][ T757] __se_sys_init_module+0x1ba/0x2b0 [ 1634.561957][ T770] Module has invalid ELF structures [ 1634.564040][ T757] ? __x64_sys_init_module+0x80/0x80 [ 1634.564053][ T757] ? __ia32_sys_read+0x80/0x80 13:54:11 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00 Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1634.564067][ T757] ? __do_page_fault+0x725/0xbb0 [ 1634.584132][ T757] do_syscall_64+0xca/0x1c0 [ 1634.588622][ T757] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1634.595112][ T768] CPU: 1 PID: 768 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1634.603420][ T768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1634.613462][ T768] Call Trace: [ 1634.616737][ T768] dump_stack+0x1d8/0x241 [ 1634.621049][ T768] ? panic+0x73f/0x73f [ 1634.625103][ T768] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1634.630891][ T768] ? __kasan_kmalloc+0x199/0x1d0 [ 1634.635812][ T768] ? do_vfs_ioctl+0x742/0x1720 [ 1634.640562][ T768] should_fail+0x71f/0x880 [ 1634.645007][ T768] ? __x64_sys_ioctl+0xd4/0x110 [ 1634.649843][ T768] ? do_syscall_64+0xca/0x1c0 [ 1634.654505][ T768] ? setup_fault_attr+0x3d0/0x3d0 [ 1634.659514][ T768] ? _raw_spin_lock+0xa4/0x1b0 [ 1634.664264][ T768] ? _raw_spin_trylock_bh+0x190/0x190 [ 1634.669620][ T768] ? blk_mq_realloc_hw_ctxs+0x303/0x13b0 [ 1634.675237][ T768] should_failslab+0x5/0x20 [ 1634.679722][ T768] __kmalloc+0x51/0x2b0 [ 1634.683869][ T768] ? blk_mq_hw_queue_to_node+0xe3/0x100 [ 1634.689398][ T768] blk_mq_realloc_hw_ctxs+0x303/0x13b0 [ 1634.694851][ T768] blk_mq_init_allocated_queue+0x551/0x1470 [ 1634.700727][ T768] ? blk_alloc_queue_node+0x4ec/0x580 [ 1634.706083][ T768] blk_mq_init_queue+0x49/0xa0 [ 1634.710833][ T768] loop_add+0x25c/0x740 [ 1634.714973][ T768] ? get_pid_task+0xc3/0xf0 [ 1634.719466][ T768] ? radix_tree_lookup+0x16f/0x1c0 [ 1634.724562][ T768] loop_control_ioctl+0x448/0x620 [ 1634.729572][ T768] ? loop_remove+0xa0/0xa0 [ 1634.734004][ T768] ? memset+0x1f/0x40 [ 1634.737978][ T768] ? fsnotify+0x1280/0x1340 [ 1634.742468][ T768] ? loop_remove+0xa0/0xa0 [ 1634.746870][ T768] do_vfs_ioctl+0x742/0x1720 [ 1634.751456][ T768] ? ioctl_preallocate+0x250/0x250 [ 1634.756556][ T768] ? __fget+0x407/0x490 [ 1634.760699][ T768] ? fget_many+0x20/0x20 [ 1634.764938][ T768] ? debug_smp_processor_id+0x20/0x20 [ 1634.770295][ T768] ? security_file_ioctl+0x7d/0xa0 [ 1634.775394][ T768] __x64_sys_ioctl+0xd4/0x110 [ 1634.780057][ T768] do_syscall_64+0xca/0x1c0 [ 1634.784551][ T768] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1634.806465][ T772] Module has invalid ELF structures 13:54:11 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x81, 0x4, 0xa, 0x29}, {0x7, 0x0, 0x3f, 0xbf}, {0x2006, 0x4, 0x3e, 0x80008}, {0xb028, 0x94, 0x80, 0x4}]}) socket$inet_udplite(0x2, 0x2, 0x88) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000000)=[{0x86, 0x9, 0x6, 0x4}, {0x800, 0x0, 0x1, 0x81}, {0x5, 0x5, 0x4, 0x80}, {0x7, 0x3f, 0x56, 0x6}]}) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xa) getgid() 13:54:11 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:11 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) (fail_nth: 3) 13:54:11 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000004}, 0x800) 13:54:11 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00%Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:11 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 26) 13:54:11 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) 13:54:11 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000004}, 0x800) [ 1634.873393][ T776] FAULT_INJECTION: forcing a failure. [ 1634.873393][ T776] name failslab, interval 1, probability 0, space 0, times 0 [ 1634.896247][ T776] CPU: 0 PID: 776 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller #0 [ 1634.901134][ T781] Module has invalid ELF structures [ 1634.904572][ T776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1634.904576][ T776] Call Trace: 13:54:11 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x81, 0x4, 0xa, 0x29}, {0x7, 0x0, 0x3f, 0xbf}, {0x2006, 0x4, 0x3e, 0x80008}, {0xb028, 0x94, 0x80, 0x4}]}) socket$inet_udplite(0x2, 0x2, 0x88) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000000)=[{0x86, 0x9, 0x6, 0x4}, {0x800, 0x0, 0x1, 0x81}, {0x5, 0x5, 0x4, 0x80}, {0x7, 0x3f, 0x56, 0x6}]}) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xa) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x81, 0x4, 0xa, 0x29}, {0x7, 0x0, 0x3f, 0xbf}, {0x2006, 0x4, 0x3e, 0x80008}, {0xb028, 0x94, 0x80, 0x4}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000000)=[{0x86, 0x9, 0x6, 0x4}, {0x800, 0x0, 0x1, 0x81}, {0x5, 0x5, 0x4, 0x80}, {0x7, 0x3f, 0x56, 0x6}]}) (async) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xa) (async) getgid() (async) [ 1634.904593][ T776] dump_stack+0x1d8/0x241 [ 1634.904601][ T776] ? panic+0x73f/0x73f [ 1634.904609][ T776] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1634.904618][ T776] ? alloc_vmap_area+0x19b4/0x1ac0 [ 1634.904631][ T776] should_fail+0x71f/0x880 [ 1634.904642][ T776] ? setup_fault_attr+0x3d0/0x3d0 [ 1634.904651][ T776] ? __get_vm_area_node+0x183/0x310 [ 1634.904661][ T776] ? __vmalloc_node_range+0x2bd/0x710 [ 1634.904669][ T776] should_failslab+0x5/0x20 [ 1634.904678][ T776] __kmalloc+0x51/0x2b0 [ 1634.904691][ T776] __vmalloc_node_range+0x2bd/0x710 [ 1634.976176][ T776] __vmalloc+0x40/0x50 [ 1634.976966][ T783] FAULT_INJECTION: forcing a failure. [ 1634.976966][ T783] name failslab, interval 1, probability 0, space 0, times 0 [ 1634.980230][ T776] ? __se_sys_init_module+0x1ba/0x2b0 [ 1634.980238][ T776] __se_sys_init_module+0x1ba/0x2b0 [ 1634.980248][ T776] ? __x64_sys_init_module+0x80/0x80 [ 1634.980265][ T776] ? __ia32_sys_read+0x80/0x80 [ 1635.013300][ T776] ? __do_page_fault+0x725/0xbb0 [ 1635.018223][ T776] do_syscall_64+0xca/0x1c0 [ 1635.022704][ T776] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1635.028573][ T783] CPU: 1 PID: 783 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1635.036882][ T783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1635.046923][ T783] Call Trace: [ 1635.050198][ T783] dump_stack+0x1d8/0x241 [ 1635.054516][ T783] ? panic+0x73f/0x73f [ 1635.058571][ T783] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1635.064363][ T783] should_fail+0x71f/0x880 [ 1635.068771][ T783] ? setup_fault_attr+0x3d0/0x3d0 13:54:11 executing program 1: r0 = socket$igmp(0x2, 0x3, 0x2) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$BINDER_CTL_ADD(r1, 0xc1086201, &(0x7f0000000280)={'custom0\x00'}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000240)={@multicast2, @local, r2}, 0xc) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@FOU_ATTR_IFINDEX={0x8, 0xb, r2}, @FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x5e}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x8000) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) [ 1635.073780][ T783] ? blk_mq_realloc_hw_ctxs+0x5aa/0x13b0 [ 1635.079390][ T783] should_failslab+0x5/0x20 [ 1635.083866][ T783] __kmalloc+0x51/0x2b0 [ 1635.088014][ T783] ? init_timer_key+0x2d/0x1f0 [ 1635.092749][ T783] blk_mq_realloc_hw_ctxs+0x5aa/0x13b0 [ 1635.098179][ T783] blk_mq_init_allocated_queue+0x551/0x1470 [ 1635.104039][ T783] ? blk_alloc_queue_node+0x4ec/0x580 [ 1635.109394][ T783] blk_mq_init_queue+0x49/0xa0 [ 1635.114141][ T783] loop_add+0x25c/0x740 [ 1635.118265][ T783] ? get_pid_task+0xc3/0xf0 [ 1635.122735][ T783] ? radix_tree_lookup+0x16f/0x1c0 [ 1635.127831][ T783] loop_control_ioctl+0x448/0x620 [ 1635.132844][ T783] ? loop_remove+0xa0/0xa0 [ 1635.137227][ T783] ? memset+0x1f/0x40 [ 1635.141179][ T783] ? fsnotify+0x1280/0x1340 [ 1635.145647][ T783] ? loop_remove+0xa0/0xa0 [ 1635.150039][ T783] do_vfs_ioctl+0x742/0x1720 [ 1635.154606][ T783] ? ioctl_preallocate+0x250/0x250 [ 1635.159685][ T783] ? __fget+0x407/0x490 [ 1635.163808][ T783] ? fget_many+0x20/0x20 [ 1635.168020][ T783] ? debug_smp_processor_id+0x20/0x20 13:54:12 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) (fail_nth: 4) 13:54:12 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00@Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:12 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0x81, 0x4, 0xa, 0x29}, {0x7, 0x0, 0x3f, 0xbf}, {0x2006, 0x4, 0x3e, 0x80008}, {0xb028, 0x94, 0x80, 0x4}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000000)=[{0x86, 0x9, 0x6, 0x4}, {0x800, 0x0, 0x1, 0x81}, {0x5, 0x5, 0x4, 0x80}, {0x7, 0x3f, 0x56, 0x6}]}) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xa) getgid() 13:54:12 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000004}, 0x800) 13:54:12 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00HY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1635.173357][ T783] ? security_file_ioctl+0x7d/0xa0 [ 1635.178433][ T783] __x64_sys_ioctl+0xd4/0x110 [ 1635.183076][ T783] do_syscall_64+0xca/0x1c0 [ 1635.187551][ T783] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1635.202048][ T802] Module has invalid ELF structures 13:54:12 executing program 1: r0 = socket$igmp(0x2, 0x3, 0x2) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$BINDER_CTL_ADD(r1, 0xc1086201, &(0x7f0000000280)={'custom0\x00'}) (async, rerun: 64) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) (rerun: 64) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000240)={@multicast2, @local, r2}, 0xc) (async) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@FOU_ATTR_IFINDEX={0x8, 0xb, r2}, @FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x5e}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x8000) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) 13:54:12 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 27) 13:54:12 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00LY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1635.222423][ T809] Module has invalid ELF structures [ 1635.232444][ T800] FAULT_INJECTION: forcing a failure. [ 1635.232444][ T800] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1635.240005][ T816] FAULT_INJECTION: forcing a failure. [ 1635.240005][ T816] name failslab, interval 1, probability 0, space 0, times 0 [ 1635.253246][ T800] CPU: 0 PID: 800 Comm: syz-executor.3 Not tainted 5.4.225-syzkaller #0 [ 1635.262307][ T817] Module has invalid ELF structures [ 1635.266600][ T800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1635.266603][ T800] Call Trace: [ 1635.266618][ T800] dump_stack+0x1d8/0x241 [ 1635.266631][ T800] ? panic+0x73f/0x73f [ 1635.291412][ T820] Module has invalid ELF structures [ 1635.293449][ T800] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1635.293457][ T800] ? __kasan_kmalloc+0x199/0x1d0 [ 1635.293473][ T800] should_fail+0x71f/0x880 [ 1635.313737][ T800] ? __vmalloc+0x40/0x50 [ 1635.317967][ T800] ? __se_sys_init_module+0x1ba/0x2b0 13:54:12 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000000)=0x858, 0x4) 13:54:12 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() socket$inet_udplite(0x2, 0x2, 0x88) 13:54:12 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00`Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:12 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00hY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1635.323338][ T800] ? setup_fault_attr+0x3d0/0x3d0 [ 1635.328346][ T800] __alloc_pages_nodemask+0x1b4/0x840 [ 1635.330685][ T823] Module has invalid ELF structures [ 1635.333701][ T800] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 1635.333712][ T800] __vmalloc_node_range+0x384/0x710 [ 1635.333725][ T800] __vmalloc+0x40/0x50 [ 1635.353640][ T800] ? __se_sys_init_module+0x1ba/0x2b0 [ 1635.358996][ T800] __se_sys_init_module+0x1ba/0x2b0 [ 1635.364224][ T800] ? __x64_sys_init_module+0x80/0x80 [ 1635.369512][ T800] ? __ia32_sys_read+0x80/0x80 [ 1635.374263][ T800] ? __do_page_fault+0x725/0xbb0 [ 1635.379188][ T800] do_syscall_64+0xca/0x1c0 [ 1635.383670][ T800] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1635.389544][ T816] CPU: 1 PID: 816 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1635.397849][ T816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1635.407878][ T816] Call Trace: [ 1635.411146][ T816] dump_stack+0x1d8/0x241 [ 1635.415448][ T816] ? panic+0x73f/0x73f [ 1635.419489][ T816] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1635.425265][ T816] ? __x64_sys_ioctl+0xd4/0x110 [ 1635.430089][ T816] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1635.436134][ T816] should_fail+0x71f/0x880 [ 1635.440531][ T816] ? setup_fault_attr+0x3d0/0x3d0 [ 1635.445529][ T816] ? sbitmap_init_node+0x14a/0x380 [ 1635.450613][ T816] should_failslab+0x5/0x20 [ 1635.455090][ T816] __kmalloc+0x51/0x2b0 [ 1635.459241][ T816] sbitmap_init_node+0x14a/0x380 [ 1635.464159][ T816] blk_mq_realloc_hw_ctxs+0x61c/0x13b0 [ 1635.469615][ T816] blk_mq_init_allocated_queue+0x551/0x1470 [ 1635.475515][ T816] ? blk_alloc_queue_node+0x4ec/0x580 [ 1635.480871][ T816] blk_mq_init_queue+0x49/0xa0 [ 1635.485609][ T816] loop_add+0x25c/0x740 [ 1635.489737][ T816] ? get_pid_task+0xc3/0xf0 [ 1635.494229][ T816] ? radix_tree_lookup+0x16f/0x1c0 [ 1635.499319][ T816] loop_control_ioctl+0x448/0x620 [ 1635.504321][ T816] ? loop_remove+0xa0/0xa0 [ 1635.508713][ T816] ? memset+0x1f/0x40 [ 1635.512665][ T816] ? fsnotify+0x1280/0x1340 [ 1635.517157][ T816] ? loop_remove+0xa0/0xa0 [ 1635.521546][ T816] do_vfs_ioctl+0x742/0x1720 [ 1635.526111][ T816] ? ioctl_preallocate+0x250/0x250 [ 1635.531194][ T816] ? __fget+0x407/0x490 [ 1635.535328][ T816] ? fget_many+0x20/0x20 [ 1635.539543][ T816] ? debug_smp_processor_id+0x20/0x20 [ 1635.544887][ T816] ? security_file_ioctl+0x7d/0xa0 [ 1635.549980][ T816] __x64_sys_ioctl+0xd4/0x110 [ 1635.554641][ T816] do_syscall_64+0xca/0x1c0 [ 1635.559123][ T816] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1635.570224][ T22] kauditd_printk_skb: 3 callbacks suppressed 13:54:12 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) (fail_nth: 5) 13:54:12 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00lY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:12 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000000)=0x858, 0x4) 13:54:12 executing program 1: r0 = socket$igmp(0x2, 0x3, 0x2) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$BINDER_CTL_ADD(r1, 0xc1086201, &(0x7f0000000280)={'custom0\x00'}) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000240)={@multicast2, @local, r2}, 0xc) (async) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@FOU_ATTR_IFINDEX={0x8, 0xb, r2}, @FOU_ATTR_TYPE={0x5, 0x4, 0x2}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x5e}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x8000) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) 13:54:12 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 28) 13:54:12 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000000)=0x858, 0x4) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f0000000000)=0x858, 0x4) (async) [ 1635.570233][ T22] audit: type=1326 audit(1676296452.379:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=824 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1635.619224][ T835] FAULT_INJECTION: forcing a failure. [ 1635.619224][ T835] name failslab, interval 1, probability 0, space 0, times 0 [ 1635.624184][ T832] Module has invalid ELF structures [ 1635.633844][ T835] CPU: 0 PID: 835 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1635.639469][ T839] Module has invalid ELF structures [ 1635.645333][ T835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1635.645336][ T835] Call Trace: [ 1635.645353][ T835] dump_stack+0x1d8/0x241 [ 1635.645366][ T835] ? panic+0x73f/0x73f [ 1635.672169][ T835] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1635.677964][ T835] should_fail+0x71f/0x880 [ 1635.682370][ T835] ? setup_fault_attr+0x3d0/0x3d0 [ 1635.687381][ T835] ? blk_alloc_flush_queue+0x72/0x250 [ 1635.692742][ T835] should_failslab+0x5/0x20 [ 1635.697233][ T835] kmem_cache_alloc_trace+0x28/0x240 [ 1635.702507][ T835] blk_alloc_flush_queue+0x72/0x250 [ 1635.707692][ T835] blk_mq_realloc_hw_ctxs+0x99b/0x13b0 [ 1635.713146][ T835] blk_mq_init_allocated_queue+0x551/0x1470 13:54:12 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00tY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:12 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1635.719031][ T835] ? blk_alloc_queue_node+0x4ec/0x580 [ 1635.724431][ T835] blk_mq_init_queue+0x49/0xa0 [ 1635.729180][ T835] loop_add+0x25c/0x740 [ 1635.733388][ T835] ? get_pid_task+0xc3/0xf0 [ 1635.737880][ T835] ? radix_tree_lookup+0x16f/0x1c0 [ 1635.742979][ T835] loop_control_ioctl+0x448/0x620 [ 1635.747987][ T835] ? loop_remove+0xa0/0xa0 [ 1635.752506][ T835] ? memset+0x1f/0x40 [ 1635.756472][ T835] ? fsnotify+0x1280/0x1340 [ 1635.760961][ T835] ? loop_remove+0xa0/0xa0 [ 1635.765363][ T835] do_vfs_ioctl+0x742/0x1720 13:54:12 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad)\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1635.769946][ T835] ? ioctl_preallocate+0x250/0x250 [ 1635.775042][ T835] ? __fget+0x407/0x490 [ 1635.779186][ T835] ? fget_many+0x20/0x20 [ 1635.780998][ T845] Module has invalid ELF structures [ 1635.783411][ T835] ? debug_smp_processor_id+0x20/0x20 [ 1635.783422][ T835] ? security_file_ioctl+0x7d/0xa0 [ 1635.783439][ T835] __x64_sys_ioctl+0xd4/0x110 [ 1635.803697][ T835] do_syscall_64+0xca/0x1c0 [ 1635.808201][ T835] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1635.818498][ T847] Module has invalid ELF structures [ 1635.820548][ T848] Module has invalid ELF structures 13:54:12 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) socket$inet_udplite(0x2, 0x2, 0x88) 13:54:12 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) modify_ldt$read_default(0x2, &(0x7f0000000100)=""/173, 0xad) r0 = socket$igmp(0x2, 0x3, 0x2) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x4, &(0x7f00000001c0)=[{0x3, 0x5, 0xc0, 0x401}, {0x9e3, 0x16, 0x1f}, {0x0, 0x0, 0x6}, {0xf32, 0x1, 0x4, 0xa584}]}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x800, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xd32}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4000) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000240)=ANY=[@ANYRESHEX=r1], &(0x7f00000000c0)=0x87) 13:54:12 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00zY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:12 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 29) 13:54:12 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:12 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x02\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:12 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:12 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x02Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:12 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) modify_ldt$read_default(0x2, &(0x7f0000000100)=""/173, 0xad) r0 = socket$igmp(0x2, 0x3, 0x2) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x4, &(0x7f00000001c0)=[{0x3, 0x5, 0xc0, 0x401}, {0x9e3, 0x16, 0x1f}, {0x0, 0x0, 0x6}, {0xf32, 0x1, 0x4, 0xa584}]}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x800, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xd32}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4000) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000240)=ANY=[@ANYRESHEX=r1], &(0x7f00000000c0)=0x87) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) modify_ldt$read_default(0x2, &(0x7f0000000100)=""/173, 0xad) (async) socket$igmp(0x2, 0x3, 0x2) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x4, &(0x7f00000001c0)=[{0x3, 0x5, 0xc0, 0x401}, {0x9e3, 0x16, 0x1f}, {0x0, 0x0, 0x6}, {0xf32, 0x1, 0x4, 0xa584}]}) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x800, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xd32}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4000) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000240)=ANY=[@ANYRESHEX=r1], &(0x7f00000000c0)=0x87) (async) [ 1635.968979][ T856] Module has invalid ELF structures [ 1635.969880][ T854] Module has invalid ELF structures [ 1635.986574][ T857] FAULT_INJECTION: forcing a failure. [ 1635.986574][ T857] name failslab, interval 1, probability 0, space 0, times 0 13:54:12 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x03\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1636.017094][ T857] CPU: 0 PID: 857 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1636.017214][ T862] Module has invalid ELF structures [ 1636.025414][ T857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1636.025417][ T857] Call Trace: [ 1636.025435][ T857] dump_stack+0x1d8/0x241 [ 1636.025443][ T857] ? panic+0x73f/0x73f [ 1636.025452][ T857] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1636.025465][ T857] should_fail+0x71f/0x880 [ 1636.025475][ T857] ? setup_fault_attr+0x3d0/0x3d0 [ 1636.025486][ T857] ? blk_alloc_flush_queue+0xd4/0x250 [ 1636.025495][ T857] should_failslab+0x5/0x20 [ 1636.025504][ T857] __kmalloc+0x51/0x2b0 [ 1636.025512][ T857] ? blk_alloc_flush_queue+0x72/0x250 [ 1636.025520][ T857] blk_alloc_flush_queue+0xd4/0x250 [ 1636.025531][ T857] blk_mq_realloc_hw_ctxs+0x99b/0x13b0 [ 1636.025546][ T857] blk_mq_init_allocated_queue+0x551/0x1470 [ 1636.025557][ T857] ? blk_alloc_queue_node+0x4ec/0x580 [ 1636.025567][ T857] blk_mq_init_queue+0x49/0xa0 13:54:12 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:12 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 30) [ 1636.025577][ T857] loop_add+0x25c/0x740 [ 1636.025590][ T857] ? get_pid_task+0xc3/0xf0 [ 1636.025599][ T857] ? radix_tree_lookup+0x16f/0x1c0 [ 1636.025608][ T857] loop_control_ioctl+0x448/0x620 [ 1636.025617][ T857] ? loop_remove+0xa0/0xa0 [ 1636.025628][ T857] ? memset+0x1f/0x40 [ 1636.025636][ T857] ? fsnotify+0x1280/0x1340 [ 1636.025644][ T857] ? loop_remove+0xa0/0xa0 [ 1636.025655][ T857] do_vfs_ioctl+0x742/0x1720 [ 1636.025667][ T857] ? ioctl_preallocate+0x250/0x250 [ 1636.025676][ T857] ? __fget+0x407/0x490 [ 1636.025685][ T857] ? fget_many+0x20/0x20 [ 1636.025695][ T857] ? debug_smp_processor_id+0x20/0x20 [ 1636.025704][ T857] ? security_file_ioctl+0x7d/0xa0 [ 1636.025714][ T857] __x64_sys_ioctl+0xd4/0x110 [ 1636.025723][ T857] do_syscall_64+0xca/0x1c0 [ 1636.025734][ T857] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1636.036707][ T873] Module has invalid ELF structures [ 1636.121140][ T22] audit: type=1326 audit(1676296452.929:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=874 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1636.201220][ T879] FAULT_INJECTION: forcing a failure. [ 1636.201220][ T879] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.238001][ T879] CPU: 0 PID: 879 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1636.246319][ T879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1636.256356][ T879] Call Trace: [ 1636.259654][ T879] dump_stack+0x1d8/0x241 [ 1636.263971][ T879] ? panic+0x73f/0x73f [ 1636.268024][ T879] ? sbitmap_resize+0x399/0x430 [ 1636.272863][ T879] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1636.278688][ T879] ? find_next_and_bit+0xba/0x190 [ 1636.283702][ T879] should_fail+0x71f/0x880 [ 1636.288107][ T879] ? setup_fault_attr+0x3d0/0x3d0 [ 1636.293117][ T879] ? __alloc_disk_node+0x76/0x5a0 [ 1636.298135][ T879] should_failslab+0x5/0x20 [ 1636.302622][ T879] kmem_cache_alloc_trace+0x28/0x240 [ 1636.307895][ T879] __alloc_disk_node+0x76/0x5a0 [ 1636.312730][ T879] loop_add+0x315/0x740 [ 1636.316876][ T879] loop_control_ioctl+0x448/0x620 [ 1636.321889][ T879] ? loop_remove+0xa0/0xa0 [ 1636.326294][ T879] ? memset+0x1f/0x40 [ 1636.330261][ T879] ? fsnotify+0x1280/0x1340 [ 1636.334752][ T879] ? loop_remove+0xa0/0xa0 [ 1636.339166][ T879] do_vfs_ioctl+0x742/0x1720 [ 1636.343757][ T879] ? ioctl_preallocate+0x250/0x250 [ 1636.348854][ T879] ? __fget+0x407/0x490 [ 1636.352995][ T879] ? fget_many+0x20/0x20 [ 1636.357265][ T879] ? debug_smp_processor_id+0x20/0x20 [ 1636.362662][ T879] ? security_file_ioctl+0x7d/0xa0 13:54:13 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() socket$inet_udplite(0x2, 0x2, 0x88) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) 13:54:13 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 31) 13:54:13 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x03Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:13 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) modify_ldt$read_default(0x2, &(0x7f0000000100)=""/173, 0xad) r0 = socket$igmp(0x2, 0x3, 0x2) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000200)={0x4, &(0x7f00000001c0)=[{0x3, 0x5, 0xc0, 0x401}, {0x9e3, 0x16, 0x1f}, {0x0, 0x0, 0x6}, {0xf32, 0x1, 0x4, 0xa584}]}) (async, rerun: 32) r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x800, 0x70bd2b, 0x25dfdbfc, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xd32}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4000) (async) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r1, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000240)=ANY=[@ANYRESHEX=r1], &(0x7f00000000c0)=0x87) 13:54:13 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x04\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1636.367758][ T879] __x64_sys_ioctl+0xd4/0x110 [ 1636.372420][ T879] do_syscall_64+0xca/0x1c0 [ 1636.376910][ T879] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1636.436015][ T885] Module has invalid ELF structures [ 1636.445107][ T886] FAULT_INJECTION: forcing a failure. [ 1636.445107][ T886] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.466424][ T888] Module has invalid ELF structures [ 1636.476836][ T886] CPU: 0 PID: 886 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1636.485154][ T886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1636.495191][ T886] Call Trace: [ 1636.498470][ T886] dump_stack+0x1d8/0x241 [ 1636.502786][ T886] ? panic+0x73f/0x73f [ 1636.506841][ T886] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1636.507754][ T894] Module has invalid ELF structures [ 1636.512631][ T886] ? pcpu_alloc_area+0x658/0x750 [ 1636.512642][ T886] should_fail+0x71f/0x880 [ 1636.512656][ T886] ? setup_fault_attr+0x3d0/0x3d0 [ 1636.532149][ T886] ? __alloc_disk_node+0x31e/0x5a0 [ 1636.537246][ T886] should_failslab+0x5/0x20 [ 1636.541740][ T886] kmem_cache_alloc_trace+0x28/0x240 [ 1636.547011][ T886] __alloc_disk_node+0x31e/0x5a0 [ 1636.551933][ T886] loop_add+0x315/0x740 [ 1636.556072][ T886] loop_control_ioctl+0x448/0x620 [ 1636.561078][ T886] ? loop_remove+0xa0/0xa0 [ 1636.565479][ T886] ? memset+0x1f/0x40 [ 1636.569442][ T886] ? fsnotify+0x1280/0x1340 [ 1636.573928][ T886] ? loop_remove+0xa0/0xa0 [ 1636.578330][ T886] do_vfs_ioctl+0x742/0x1720 13:54:13 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x05\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:13 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x04Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:13 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x05Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1636.582912][ T886] ? ioctl_preallocate+0x250/0x250 [ 1636.587998][ T886] ? __fget+0x407/0x490 [ 1636.592138][ T886] ? fget_many+0x20/0x20 [ 1636.596354][ T886] ? debug_smp_processor_id+0x20/0x20 [ 1636.601698][ T886] ? security_file_ioctl+0x7d/0xa0 [ 1636.606780][ T886] __x64_sys_ioctl+0xd4/0x110 [ 1636.611430][ T886] do_syscall_64+0xca/0x1c0 [ 1636.615910][ T886] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:13 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 32) 13:54:13 executing program 1: read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0}, 0x2020) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) write$FUSE_IOCTL(r1, &(0x7f00000020c0)={0x20, 0x0, r0, {0x400, 0x0, 0x8, 0x4d0}}, 0x1c) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r5 = ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r5) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x2) 13:54:13 executing program 5: socket(0x1a, 0x3, 0x81) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) modify_ldt$read_default(0x2, &(0x7f0000000000)=""/19, 0x13) modify_ldt$read_default(0x2, &(0x7f0000000040)=""/204, 0xcc) 13:54:13 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x06\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1636.622489][ T22] audit: type=1326 audit(1676296453.429:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=895 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1636.637822][ T899] Module has invalid ELF structures [ 1636.654715][ T897] Module has invalid ELF structures [ 1636.675766][ T902] FAULT_INJECTION: forcing a failure. [ 1636.675766][ T902] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.692807][ T902] CPU: 1 PID: 902 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1636.697887][ T907] Module has invalid ELF structures [ 1636.701123][ T902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1636.701126][ T902] Call Trace: [ 1636.701141][ T902] dump_stack+0x1d8/0x241 [ 1636.701154][ T902] ? panic+0x73f/0x73f [ 1636.727971][ T902] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1636.733771][ T902] should_fail+0x71f/0x880 [ 1636.738176][ T902] ? find_next_bit+0xc3/0x100 [ 1636.742840][ T902] ? setup_fault_attr+0x3d0/0x3d0 [ 1636.747861][ T902] ? rand_initialize_disk+0x4b/0xa3 [ 1636.753051][ T902] should_failslab+0x5/0x20 [ 1636.757579][ T902] kmem_cache_alloc_trace+0x28/0x240 [ 1636.762877][ T902] rand_initialize_disk+0x4b/0xa3 [ 1636.767885][ T902] __alloc_disk_node+0x3fd/0x5a0 [ 1636.772812][ T902] loop_add+0x315/0x740 [ 1636.776955][ T902] loop_control_ioctl+0x448/0x620 [ 1636.781973][ T902] ? loop_remove+0xa0/0xa0 [ 1636.786376][ T902] ? memset+0x1f/0x40 [ 1636.790340][ T902] ? fsnotify+0x1280/0x1340 [ 1636.794831][ T902] ? loop_remove+0xa0/0xa0 [ 1636.799240][ T902] do_vfs_ioctl+0x742/0x1720 [ 1636.803817][ T902] ? ioctl_preallocate+0x250/0x250 [ 1636.808912][ T902] ? __fget+0x407/0x490 [ 1636.813052][ T902] ? fget_many+0x20/0x20 [ 1636.817284][ T902] ? debug_smp_processor_id+0x20/0x20 [ 1636.822642][ T902] ? security_file_ioctl+0x7d/0xa0 [ 1636.827740][ T902] __x64_sys_ioctl+0xd4/0x110 [ 1636.832409][ T902] do_syscall_64+0xca/0x1c0 [ 1636.836904][ T902] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:13 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) get_robust_list(0x0, &(0x7f00000000c0)=&(0x7f0000000040), &(0x7f0000000100)=0x18) getgid() 13:54:13 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x06Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:13 executing program 5: socket(0x1a, 0x3, 0x81) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) modify_ldt$read_default(0x2, &(0x7f0000000000)=""/19, 0x13) modify_ldt$read_default(0x2, &(0x7f0000000040)=""/204, 0xcc) socket(0x1a, 0x3, 0x81) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) modify_ldt$read_default(0x2, &(0x7f0000000000)=""/19, 0x13) (async) modify_ldt$read_default(0x2, &(0x7f0000000040)=""/204, 0xcc) (async) 13:54:13 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\a\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:13 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 33) 13:54:13 executing program 1: read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0}, 0x2020) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) write$FUSE_IOCTL(r1, &(0x7f00000020c0)={0x20, 0x0, r0, {0x400, 0x0, 0x8, 0x4d0}}, 0x1c) (async) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r5 = ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) (async) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r5) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x2) 13:54:13 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\aY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:13 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\b\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1636.941129][ T912] Module has invalid ELF structures [ 1636.956512][ T917] FAULT_INJECTION: forcing a failure. [ 1636.956512][ T917] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.959187][ T922] Module has invalid ELF structures [ 1636.974461][ T923] Module has invalid ELF structures 13:54:13 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\bY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:13 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\tY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1636.991146][ T917] CPU: 1 PID: 917 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1636.996487][ T928] Module has invalid ELF structures [ 1636.999463][ T917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1636.999467][ T917] Call Trace: [ 1636.999483][ T917] dump_stack+0x1d8/0x241 [ 1636.999497][ T917] ? panic+0x73f/0x73f [ 1637.007591][ T929] Module has invalid ELF structures [ 1637.014713][ T917] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1637.014735][ T917] should_fail+0x71f/0x880 13:54:13 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\nY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:13 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\vY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1637.040365][ T931] Module has invalid ELF structures [ 1637.041670][ T917] ? find_next_bit+0xc3/0x100 [ 1637.041686][ T917] ? setup_fault_attr+0x3d0/0x3d0 [ 1637.056502][ T917] ? rand_initialize_disk+0x4b/0xa3 [ 1637.061689][ T917] should_failslab+0x5/0x20 [ 1637.066181][ T917] kmem_cache_alloc_trace+0x28/0x240 [ 1637.069542][ T933] Module has invalid ELF structures [ 1637.071478][ T917] rand_initialize_disk+0x4b/0xa3 [ 1637.071488][ T917] __alloc_disk_node+0x3fd/0x5a0 [ 1637.071503][ T917] loop_add+0x315/0x740 [ 1637.090710][ T917] loop_control_ioctl+0x448/0x620 [ 1637.095731][ T917] ? loop_remove+0xa0/0xa0 [ 1637.100134][ T917] ? memset+0x1f/0x40 [ 1637.102568][ T935] Module has invalid ELF structures [ 1637.104099][ T917] ? fsnotify+0x1280/0x1340 [ 1637.104107][ T917] ? loop_remove+0xa0/0xa0 [ 1637.104122][ T917] do_vfs_ioctl+0x742/0x1720 [ 1637.122728][ T917] ? ioctl_preallocate+0x250/0x250 [ 1637.127822][ T917] ? __fget+0x407/0x490 [ 1637.131959][ T917] ? fget_many+0x20/0x20 [ 1637.136185][ T917] ? debug_smp_processor_id+0x20/0x20 [ 1637.141547][ T917] ? security_file_ioctl+0x7d/0xa0 [ 1637.146629][ T917] __x64_sys_ioctl+0xd4/0x110 [ 1637.151280][ T917] do_syscall_64+0xca/0x1c0 [ 1637.155758][ T917] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1637.162582][ T22] audit: type=1326 audit(1676296453.969:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=936 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:14 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) get_robust_list(0x0, &(0x7f00000000c0)=&(0x7f0000000040), &(0x7f0000000100)=0x18) (async) getgid() 13:54:14 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\fY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:14 executing program 5: socket(0x1a, 0x3, 0x81) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) modify_ldt$read_default(0x2, &(0x7f0000000000)=""/19, 0x13) modify_ldt$read_default(0x2, &(0x7f0000000040)=""/204, 0xcc) socket(0x1a, 0x3, 0x81) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) modify_ldt$read_default(0x2, &(0x7f0000000000)=""/19, 0x13) (async) modify_ldt$read_default(0x2, &(0x7f0000000040)=""/204, 0xcc) (async) 13:54:14 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\t\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:14 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 34) 13:54:14 executing program 1: read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0}, 0x2020) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async, rerun: 32) write$FUSE_IOCTL(r1, &(0x7f00000020c0)={0x20, 0x0, r0, {0x400, 0x0, 0x8, 0x4d0}}, 0x1c) (async, rerun: 32) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) r5 = ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, r5) (async) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r5) (async) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, 0x2) 13:54:14 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\n\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1637.415261][ T944] Module has invalid ELF structures [ 1637.420987][ T947] FAULT_INJECTION: forcing a failure. [ 1637.420987][ T947] name failslab, interval 1, probability 0, space 0, times 0 [ 1637.424080][ T950] Module has invalid ELF structures [ 1637.440914][ T947] CPU: 0 PID: 947 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1637.447236][ T954] Module has invalid ELF structures [ 1637.449238][ T947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 13:54:14 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\v\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1637.449242][ T947] Call Trace: [ 1637.449259][ T947] dump_stack+0x1d8/0x241 [ 1637.449268][ T947] ? panic+0x73f/0x73f [ 1637.449277][ T947] ? arch_stack_walk+0x111/0x140 [ 1637.449286][ T947] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1637.449298][ T947] should_fail+0x71f/0x880 [ 1637.449309][ T947] ? setup_fault_attr+0x3d0/0x3d0 [ 1637.449324][ T947] ? _raw_spin_unlock_irqrestore+0x57/0x80 [ 1637.502026][ T947] ? init_wait_entry+0xd0/0xd0 [ 1637.506778][ T947] ? blk_mq_init_tags+0x74/0x280 [ 1637.511702][ T947] should_failslab+0x5/0x20 [ 1637.516209][ T947] kmem_cache_alloc_trace+0x28/0x240 [ 1637.521482][ T947] blk_mq_init_tags+0x74/0x280 [ 1637.526235][ T947] ? blk_mq_hw_queue_to_node+0xe3/0x100 [ 1637.531768][ T947] blk_mq_alloc_rq_map+0x95/0x1a0 [ 1637.536766][ T947] blk_mq_init_sched+0x1d6/0xaf0 [ 1637.541681][ T947] elevator_init_mq+0x2cc/0x3e0 [ 1637.546503][ T947] __device_add_disk+0xf2/0x1220 [ 1637.551411][ T947] ? sprintf+0xd6/0x120 [ 1637.555537][ T947] ? hrtimer_init+0xc0/0x340 [ 1637.560096][ T947] ? device_add_disk+0x30/0x30 [ 1637.564831][ T947] ? vsprintf+0x30/0x30 [ 1637.568958][ T947] ? __alloc_disk_node+0x459/0x5a0 [ 1637.574043][ T947] loop_add+0x573/0x740 [ 1637.578176][ T947] loop_control_ioctl+0x448/0x620 [ 1637.583176][ T947] ? loop_remove+0xa0/0xa0 [ 1637.587566][ T947] ? memset+0x1f/0x40 [ 1637.591520][ T947] ? fsnotify+0x1280/0x1340 [ 1637.595994][ T947] ? loop_remove+0xa0/0xa0 [ 1637.600381][ T947] do_vfs_ioctl+0x742/0x1720 [ 1637.604943][ T947] ? ioctl_preallocate+0x250/0x250 [ 1637.610024][ T947] ? __fget+0x407/0x490 13:54:14 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\rY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:14 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0xffff, 0x9, 0x7, 0x518}, {0x100, 0x6, 0x7, 0x1}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x5, 0xff, 0x1, 0x400}, {0x1, 0x3f, 0x6, 0x5}, {0xe4, 0x7, 0x81, 0x1000}]}) eventfd(0x80) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000080)={0x1, 'ip6erspan0\x00', 0x2}, 0x18) geteuid() r0 = getpgrp(0x0) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) ptrace$poke(0x4, r0, &(0x7f0000000140), 0x1) membarrier(0x4, 0x0) [ 1637.614150][ T947] ? fget_many+0x20/0x20 [ 1637.618365][ T947] ? debug_smp_processor_id+0x20/0x20 [ 1637.623707][ T947] ? security_file_ioctl+0x7d/0xa0 [ 1637.628787][ T947] __x64_sys_ioctl+0xd4/0x110 [ 1637.633436][ T947] do_syscall_64+0xca/0x1c0 [ 1637.637914][ T947] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1637.643955][ T956] Module has invalid ELF structures 13:54:14 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x0eY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:14 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\f\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1637.651525][ T22] audit: type=1326 audit(1676296454.459:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=957 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1637.661258][ T963] Module has invalid ELF structures [ 1637.678088][ T22] audit: type=1326 audit(1676296454.459:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=957 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=230 compat=0 ip=0x7f7d08d83e21 code=0x80000 [ 1637.713937][ T947] "mq-deadline" elevator initialization failed, falling back to "none" [ 1637.722675][ T967] Module has invalid ELF structures [ 1637.725642][ T968] Module has invalid ELF structures 13:54:14 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) get_robust_list(0x0, &(0x7f00000000c0)=&(0x7f0000000040), &(0x7f0000000100)=0x18) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) get_robust_list(0x0, &(0x7f00000000c0)=&(0x7f0000000040), &(0x7f0000000100)=0x18) (async) getgid() (async) 13:54:14 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0xffff, 0x9, 0x7, 0x518}, {0x100, 0x6, 0x7, 0x1}]}) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x5, 0xff, 0x1, 0x400}, {0x1, 0x3f, 0x6, 0x5}, {0xe4, 0x7, 0x81, 0x1000}]}) (async) eventfd(0x80) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000080)={0x1, 'ip6erspan0\x00', 0x2}, 0x18) (async) geteuid() (async) r0 = getpgrp(0x0) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) ptrace$poke(0x4, r0, &(0x7f0000000140), 0x1) (async, rerun: 64) membarrier(0x4, 0x0) (rerun: 64) 13:54:14 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\r\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:14 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 35) 13:54:14 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x10Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:14 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$HIDIOCGRDESC(r1, 0x90044802, &(0x7f0000000040)={0x4d6, "3d02bddc9159d68788b14d7194faf27e9298dee9659f2977ccb7651346b8e5ab58564a5d15a6dfb957cd8ce34f88f6146c15d907c24cca9d2d943487e2f16a2b37d873497195fd8cf3a2ee9c7f811a9452a16ed04f8f78fd6ec8a643ccbfea79a9e2bd12c7f8afabf7421abeed47106d35ad547035bad5e6f979d26bf3f1acd54acdca6ffdb3278b0ea44f234476649dcfae5d2af7f968788ab6852d4996be4f4ac6d6dc5c1116e8c3e9a820ede6e5071ae94f009a36f9adc7f0f1fe4a06662079363b140bb5a66504bcd2481ae9711f18e95e1a552d62b09186afa9c264c7203ee93f6e4b3409410f09dbba9f4a814376c8cf624f56d3041f98f3a2809b0c2ed1226096793226c16d1af00aa8e8d3646376bfe69bb97c439e3f8966c999e73d170961772b1b13d5eb99ef9341a50cd3917e1da39ef8e6e5a9cbc8021584bda4870006e12fa315f5b5c9c2fe1b1a3ab94c10b7e236d9f55c27ff58aa03d2ff23010f9ea9367646188142ad802e469aac5f84ff856d39b34935266af663464a1d2337a701d3d8cbc581f112bf131c6620d22a5c2c543b81728225da9ed8cd96e768517e343375ea8ad90e1f5e16b7c047efe32bd5d70ec6d378b7c544d7212ecca04cb9cdaa3b9960195bc714ddbe38da9b9711069888f3f55e6ad8bb165e86fc811dceb79fed59980ab16bfa39a7ccb42c6f0adbcdcdeb3c7123933f70196e7dc8ece3e95685f1cb1fadb0f00e97e614d695bf2024045fd64d6b80edf7200796ac662112e2ac527474a890bf89e6e0c88310b67498fea6ba2982f10fae026ef89b2e50c4473ce3398061c9f8cf8a5599b98108984ac3caa90cc03f64c6684a77bc09ed493b0c607e0d7470eca5f65092bce0f8034860ee12d0e755f33814f2f203a9e1142c4df20b17c10ab97e5a5ab633fd3e694d9e75f859b579f5b17e489df94573cec152c7741471c25920f262e988d622cdc4ac7258538052eb1e01316929acf6f3ce87b9bd169376b28be88f647af5bdee887f2192d9ecc7bb05899382a766070eb9bf14029aae8e1d327bfb56aade47c6b10866e34e90dfb491f8f7167b034b66ede4b5af261a4380265520886617ec7e1f5032b8bb11acfaf675b8604b12a9cad6ca6963931fb39bd6693f1f7f0b81773f455ce4fb2452532350071eb1c37e01a9a23fb6c3043c91592f46e5c16a909f1b1a4102d173034a93dbb927bc1a1882ca718537c4fdcbe84d9acdaeee7cef8902b74ffebd97db3a858d33689b1e57241f5c35d9acbf7a969945e78370204d7f0c13329cd6dfc3203d3cffe1b639de6e0d63932ac21cb4940feb3794aeb127aaa7b7aeef746c1bc62c201664f8278059440ac4f49b00008032b8ae90ed2832642c81d0eee4808adaf9d506b29b21f790c65345a384ecabdad76caa66ad04925b4a3a329728744d66ebc86264a728127b3c9b9240f26deef66c513fe6faa6d82275b3b72e66ec5e1aa25421c1d520e597bab8b04b14832589b82f4f54f85c184153cac0c8ce6bdbcaf95d65c03d4ec3206599dd6796661f8cfaef05338ebc9f4ccf95dfb1d95744acaac7ad0ed1a554e7240ce660b0826412e27aef90bc7b3b3c862947d2a344eac30854307914108ed235552cc4a74e5664216655b7795192f022c6165e5b9ecf2899073e82b2c1e594bcef4cb2fd9fd793aa93d5b863bfd12932d70d9feb02817afc5963f49d9cfa63b70835bc63e559c1bc7db2d245f12ac9b932"}) 13:54:14 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x11Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:14 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0xffff, 0x9, 0x7, 0x518}, {0x100, 0x6, 0x7, 0x1}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x5, 0xff, 0x1, 0x400}, {0x1, 0x3f, 0x6, 0x5}, {0xe4, 0x7, 0x81, 0x1000}]}) (async) eventfd(0x80) (async) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000080)={0x1, 'ip6erspan0\x00', 0x2}, 0x18) geteuid() (async) r0 = getpgrp(0x0) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) ptrace$poke(0x4, r0, &(0x7f0000000140), 0x1) (async) membarrier(0x4, 0x0) [ 1637.928108][ T977] Module has invalid ELF structures [ 1637.928625][ T980] Module has invalid ELF structures [ 1637.939129][ T978] FAULT_INJECTION: forcing a failure. [ 1637.939129][ T978] name failslab, interval 1, probability 0, space 0, times 0 [ 1637.966450][ T978] CPU: 0 PID: 978 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1637.973893][ T984] Module has invalid ELF structures [ 1637.974773][ T978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1637.974777][ T978] Call Trace: [ 1637.974797][ T978] dump_stack+0x1d8/0x241 [ 1637.997585][ T978] ? panic+0x73f/0x73f [ 1638.001654][ T978] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1638.007445][ T978] ? pcpu_chunk_relocate+0xdc/0x3a0 [ 1638.012665][ T978] ? pcpu_alloc_area+0x658/0x750 [ 1638.017590][ T978] should_fail+0x71f/0x880 [ 1638.021984][ T978] ? setup_fault_attr+0x3d0/0x3d0 [ 1638.026980][ T978] ? cpumask_next+0xc/0x20 [ 1638.031368][ T978] ? pcpu_alloc+0xb57/0x1050 [ 1638.035932][ T978] ? sbitmap_queue_init_node+0x64b/0xf10 [ 1638.041534][ T978] should_failslab+0x5/0x20 [ 1638.046009][ T978] kmem_cache_alloc_trace+0x28/0x240 [ 1638.051269][ T978] sbitmap_queue_init_node+0x64b/0xf10 [ 1638.056704][ T978] blk_mq_init_tags+0xf1/0x280 [ 1638.061443][ T978] blk_mq_alloc_rq_map+0x95/0x1a0 [ 1638.066441][ T978] blk_mq_init_sched+0x1d6/0xaf0 [ 1638.071355][ T978] elevator_init_mq+0x2cc/0x3e0 [ 1638.076179][ T978] __device_add_disk+0xf2/0x1220 [ 1638.081090][ T978] ? sprintf+0xd6/0x120 [ 1638.085218][ T978] ? hrtimer_init+0xc0/0x340 [ 1638.089779][ T978] ? device_add_disk+0x30/0x30 [ 1638.094529][ T978] ? vsprintf+0x30/0x30 [ 1638.098688][ T978] ? __alloc_disk_node+0x459/0x5a0 [ 1638.103787][ T978] loop_add+0x573/0x740 [ 1638.107915][ T978] loop_control_ioctl+0x448/0x620 [ 1638.112929][ T978] ? loop_remove+0xa0/0xa0 [ 1638.117318][ T978] ? memset+0x1f/0x40 [ 1638.121272][ T978] ? fsnotify+0x1280/0x1340 13:54:14 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x12Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:14 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x0e\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1638.125744][ T978] ? loop_remove+0xa0/0xa0 [ 1638.130234][ T978] do_vfs_ioctl+0x742/0x1720 [ 1638.134801][ T978] ? ioctl_preallocate+0x250/0x250 [ 1638.139883][ T978] ? __fget+0x407/0x490 [ 1638.144012][ T978] ? fget_many+0x20/0x20 [ 1638.148226][ T978] ? debug_smp_processor_id+0x20/0x20 [ 1638.153580][ T978] ? security_file_ioctl+0x7d/0xa0 [ 1638.158665][ T978] __x64_sys_ioctl+0xd4/0x110 [ 1638.163357][ T978] do_syscall_64+0xca/0x1c0 [ 1638.167921][ T978] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:15 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x5, 0x4, 0xdf, 0x5}, {0x800, 0xc4, 0xbd, 0x9}]}) 13:54:15 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00%Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1638.179841][ T22] audit: type=1326 audit(1676296454.989:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=986 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1638.182823][ T995] Module has invalid ELF structures [ 1638.205311][ T996] Module has invalid ELF structures [ 1638.213877][ T978] "mq-deadline" elevator initialization failed, falling back to "none" [ 1638.232581][ T22] audit: type=1326 audit(1676296454.989:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=986 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=273 compat=0 ip=0x7f7d08d0dc16 code=0x80000 [ 1638.255695][ T1000] Module has invalid ELF structures 13:54:15 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x4e24, @broadcast}, {0x1, @local}, 0x4, {0x2, 0x4e21, @broadcast}, 'veth0_to_bridge\x00'}) getgid() 13:54:15 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x10\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:15 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 36) 13:54:15 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x5, 0x4, 0xdf, 0x5}, {0x800, 0xc4, 0xbd, 0x9}]}) 13:54:15 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00HY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:15 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$HIDIOCGRDESC(r1, 0x90044802, &(0x7f0000000040)={0x4d6, "3d02bddc9159d68788b14d7194faf27e9298dee9659f2977ccb7651346b8e5ab58564a5d15a6dfb957cd8ce34f88f6146c15d907c24cca9d2d943487e2f16a2b37d873497195fd8cf3a2ee9c7f811a9452a16ed04f8f78fd6ec8a643ccbfea79a9e2bd12c7f8afabf7421abeed47106d35ad547035bad5e6f979d26bf3f1acd54acdca6ffdb3278b0ea44f234476649dcfae5d2af7f968788ab6852d4996be4f4ac6d6dc5c1116e8c3e9a820ede6e5071ae94f009a36f9adc7f0f1fe4a06662079363b140bb5a66504bcd2481ae9711f18e95e1a552d62b09186afa9c264c7203ee93f6e4b3409410f09dbba9f4a814376c8cf624f56d3041f98f3a2809b0c2ed1226096793226c16d1af00aa8e8d3646376bfe69bb97c439e3f8966c999e73d170961772b1b13d5eb99ef9341a50cd3917e1da39ef8e6e5a9cbc8021584bda4870006e12fa315f5b5c9c2fe1b1a3ab94c10b7e236d9f55c27ff58aa03d2ff23010f9ea9367646188142ad802e469aac5f84ff856d39b34935266af663464a1d2337a701d3d8cbc581f112bf131c6620d22a5c2c543b81728225da9ed8cd96e768517e343375ea8ad90e1f5e16b7c047efe32bd5d70ec6d378b7c544d7212ecca04cb9cdaa3b9960195bc714ddbe38da9b9711069888f3f55e6ad8bb165e86fc811dceb79fed59980ab16bfa39a7ccb42c6f0adbcdcdeb3c7123933f70196e7dc8ece3e95685f1cb1fadb0f00e97e614d695bf2024045fd64d6b80edf7200796ac662112e2ac527474a890bf89e6e0c88310b67498fea6ba2982f10fae026ef89b2e50c4473ce3398061c9f8cf8a5599b98108984ac3caa90cc03f64c6684a77bc09ed493b0c607e0d7470eca5f65092bce0f8034860ee12d0e755f33814f2f203a9e1142c4df20b17c10ab97e5a5ab633fd3e694d9e75f859b579f5b17e489df94573cec152c7741471c25920f262e988d622cdc4ac7258538052eb1e01316929acf6f3ce87b9bd169376b28be88f647af5bdee887f2192d9ecc7bb05899382a766070eb9bf14029aae8e1d327bfb56aade47c6b10866e34e90dfb491f8f7167b034b66ede4b5af261a4380265520886617ec7e1f5032b8bb11acfaf675b8604b12a9cad6ca6963931fb39bd6693f1f7f0b81773f455ce4fb2452532350071eb1c37e01a9a23fb6c3043c91592f46e5c16a909f1b1a4102d173034a93dbb927bc1a1882ca718537c4fdcbe84d9acdaeee7cef8902b74ffebd97db3a858d33689b1e57241f5c35d9acbf7a969945e78370204d7f0c13329cd6dfc3203d3cffe1b639de6e0d63932ac21cb4940feb3794aeb127aaa7b7aeef746c1bc62c201664f8278059440ac4f49b00008032b8ae90ed2832642c81d0eee4808adaf9d506b29b21f790c65345a384ecabdad76caa66ad04925b4a3a329728744d66ebc86264a728127b3c9b9240f26deef66c513fe6faa6d82275b3b72e66ec5e1aa25421c1d520e597bab8b04b14832589b82f4f54f85c184153cac0c8ce6bdbcaf95d65c03d4ec3206599dd6796661f8cfaef05338ebc9f4ccf95dfb1d95744acaac7ad0ed1a554e7240ce660b0826412e27aef90bc7b3b3c862947d2a344eac30854307914108ed235552cc4a74e5664216655b7795192f022c6165e5b9ecf2899073e82b2c1e594bcef4cb2fd9fd793aa93d5b863bfd12932d70d9feb02817afc5963f49d9cfa63b70835bc63e559c1bc7db2d245f12ac9b932"}) 13:54:15 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x5, 0x4, 0xdf, 0x5}, {0x800, 0xc4, 0xbd, 0x9}]}) 13:54:15 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00LY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:15 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_ATTR(r0, &(0x7f0000002080)={0x78, 0x0, r1, {0x1, 0x5, 0x0, {0x3, 0x0, 0x200, 0x7, 0xf422185, 0x79bf, 0x0, 0x9, 0x9, 0x8000, 0x4a8, 0x0, 0xee00, 0xffff0001, 0x556e}}}, 0x78) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:15 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$HIDIOCGRDESC(r1, 0x90044802, &(0x7f0000000040)={0x4d6, "3d02bddc9159d68788b14d7194faf27e9298dee9659f2977ccb7651346b8e5ab58564a5d15a6dfb957cd8ce34f88f6146c15d907c24cca9d2d943487e2f16a2b37d873497195fd8cf3a2ee9c7f811a9452a16ed04f8f78fd6ec8a643ccbfea79a9e2bd12c7f8afabf7421abeed47106d35ad547035bad5e6f979d26bf3f1acd54acdca6ffdb3278b0ea44f234476649dcfae5d2af7f968788ab6852d4996be4f4ac6d6dc5c1116e8c3e9a820ede6e5071ae94f009a36f9adc7f0f1fe4a06662079363b140bb5a66504bcd2481ae9711f18e95e1a552d62b09186afa9c264c7203ee93f6e4b3409410f09dbba9f4a814376c8cf624f56d3041f98f3a2809b0c2ed1226096793226c16d1af00aa8e8d3646376bfe69bb97c439e3f8966c999e73d170961772b1b13d5eb99ef9341a50cd3917e1da39ef8e6e5a9cbc8021584bda4870006e12fa315f5b5c9c2fe1b1a3ab94c10b7e236d9f55c27ff58aa03d2ff23010f9ea9367646188142ad802e469aac5f84ff856d39b34935266af663464a1d2337a701d3d8cbc581f112bf131c6620d22a5c2c543b81728225da9ed8cd96e768517e343375ea8ad90e1f5e16b7c047efe32bd5d70ec6d378b7c544d7212ecca04cb9cdaa3b9960195bc714ddbe38da9b9711069888f3f55e6ad8bb165e86fc811dceb79fed59980ab16bfa39a7ccb42c6f0adbcdcdeb3c7123933f70196e7dc8ece3e95685f1cb1fadb0f00e97e614d695bf2024045fd64d6b80edf7200796ac662112e2ac527474a890bf89e6e0c88310b67498fea6ba2982f10fae026ef89b2e50c4473ce3398061c9f8cf8a5599b98108984ac3caa90cc03f64c6684a77bc09ed493b0c607e0d7470eca5f65092bce0f8034860ee12d0e755f33814f2f203a9e1142c4df20b17c10ab97e5a5ab633fd3e694d9e75f859b579f5b17e489df94573cec152c7741471c25920f262e988d622cdc4ac7258538052eb1e01316929acf6f3ce87b9bd169376b28be88f647af5bdee887f2192d9ecc7bb05899382a766070eb9bf14029aae8e1d327bfb56aade47c6b10866e34e90dfb491f8f7167b034b66ede4b5af261a4380265520886617ec7e1f5032b8bb11acfaf675b8604b12a9cad6ca6963931fb39bd6693f1f7f0b81773f455ce4fb2452532350071eb1c37e01a9a23fb6c3043c91592f46e5c16a909f1b1a4102d173034a93dbb927bc1a1882ca718537c4fdcbe84d9acdaeee7cef8902b74ffebd97db3a858d33689b1e57241f5c35d9acbf7a969945e78370204d7f0c13329cd6dfc3203d3cffe1b639de6e0d63932ac21cb4940feb3794aeb127aaa7b7aeef746c1bc62c201664f8278059440ac4f49b00008032b8ae90ed2832642c81d0eee4808adaf9d506b29b21f790c65345a384ecabdad76caa66ad04925b4a3a329728744d66ebc86264a728127b3c9b9240f26deef66c513fe6faa6d82275b3b72e66ec5e1aa25421c1d520e597bab8b04b14832589b82f4f54f85c184153cac0c8ce6bdbcaf95d65c03d4ec3206599dd6796661f8cfaef05338ebc9f4ccf95dfb1d95744acaac7ad0ed1a554e7240ce660b0826412e27aef90bc7b3b3c862947d2a344eac30854307914108ed235552cc4a74e5664216655b7795192f022c6165e5b9ecf2899073e82b2c1e594bcef4cb2fd9fd793aa93d5b863bfd12932d70d9feb02817afc5963f49d9cfa63b70835bc63e559c1bc7db2d245f12ac9b932"}) 13:54:15 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x11\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:15 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00`Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1638.444907][ T1008] Module has invalid ELF structures [ 1638.458476][ T1004] FAULT_INJECTION: forcing a failure. [ 1638.458476][ T1004] name failslab, interval 1, probability 0, space 0, times 0 [ 1638.463619][ T1017] Module has invalid ELF structures [ 1638.477037][ T1015] Module has invalid ELF structures [ 1638.502197][ T1004] CPU: 0 PID: 1004 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1638.510604][ T1004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1638.513779][ T1024] Module has invalid ELF structures [ 1638.520648][ T1004] Call Trace: [ 1638.520665][ T1004] dump_stack+0x1d8/0x241 [ 1638.520672][ T1004] ? panic+0x73f/0x73f [ 1638.520687][ T1004] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1638.543298][ T1004] ? pcpu_chunk_relocate+0xdc/0x3a0 [ 1638.548492][ T1004] ? pcpu_alloc_area+0x658/0x750 [ 1638.553413][ T1004] should_fail+0x71f/0x880 [ 1638.557816][ T1004] ? setup_fault_attr+0x3d0/0x3d0 [ 1638.562820][ T1004] ? cpumask_next+0xc/0x20 [ 1638.567216][ T1004] ? pcpu_alloc+0xb57/0x1050 [ 1638.571790][ T1004] ? sbitmap_queue_init_node+0x64b/0xf10 [ 1638.577429][ T1004] should_failslab+0x5/0x20 [ 1638.581912][ T1004] kmem_cache_alloc_trace+0x28/0x240 [ 1638.587206][ T1004] sbitmap_queue_init_node+0x64b/0xf10 [ 1638.592642][ T1004] blk_mq_init_tags+0x156/0x280 [ 1638.597463][ T1004] blk_mq_alloc_rq_map+0x95/0x1a0 [ 1638.602461][ T1004] blk_mq_init_sched+0x1d6/0xaf0 [ 1638.607381][ T1004] elevator_init_mq+0x2cc/0x3e0 [ 1638.612211][ T1004] __device_add_disk+0xf2/0x1220 [ 1638.617123][ T1004] ? sprintf+0xd6/0x120 [ 1638.621248][ T1004] ? hrtimer_init+0xc0/0x340 [ 1638.625862][ T1004] ? device_add_disk+0x30/0x30 [ 1638.630605][ T1004] ? vsprintf+0x30/0x30 [ 1638.634744][ T1004] ? __alloc_disk_node+0x459/0x5a0 [ 1638.639845][ T1004] loop_add+0x573/0x740 [ 1638.643974][ T1004] loop_control_ioctl+0x448/0x620 [ 1638.648970][ T1004] ? loop_remove+0xa0/0xa0 [ 1638.653359][ T1004] ? memset+0x1f/0x40 [ 1638.657314][ T1004] ? fsnotify+0x1280/0x1340 [ 1638.661788][ T1004] ? loop_remove+0xa0/0xa0 [ 1638.666185][ T1004] do_vfs_ioctl+0x742/0x1720 [ 1638.670762][ T1004] ? ioctl_preallocate+0x250/0x250 [ 1638.675849][ T1004] ? __fget+0x407/0x490 [ 1638.679979][ T1004] ? fget_many+0x20/0x20 [ 1638.684193][ T1004] ? debug_smp_processor_id+0x20/0x20 [ 1638.689538][ T1004] ? security_file_ioctl+0x7d/0xa0 [ 1638.694639][ T1004] __x64_sys_ioctl+0xd4/0x110 [ 1638.699292][ T1004] do_syscall_64+0xca/0x1c0 [ 1638.703771][ T1004] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1638.714119][ T22] audit: type=1326 audit(1676296455.519:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1025 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f7d08d10fab code=0x80000 [ 1638.739166][ T22] audit: type=1326 audit(1676296455.519:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1025 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1638.742037][ T1030] Module has invalid ELF structures [ 1638.765473][ T1004] "mq-deadline" elevator initialization failed, falling back to "none" 13:54:15 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x4e24, @broadcast}, {0x1, @local}, 0x4, {0x2, 0x4e21, @broadcast}, 'veth0_to_bridge\x00'}) (async, rerun: 64) getgid() (rerun: 64) 13:54:15 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_ATTR(r0, &(0x7f0000002080)={0x78, 0x0, r1, {0x1, 0x5, 0x0, {0x3, 0x0, 0x200, 0x7, 0xf422185, 0x79bf, 0x0, 0x9, 0x9, 0x8000, 0x4a8, 0x0, 0xee00, 0xffff0001, 0x556e}}}, 0x78) (async) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) (async, rerun: 64) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (rerun: 64) 13:54:15 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x12\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:15 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x54, "ad12af4708ebcd6e594db1eb3acaf6d627aff4e5c044590cf79ebb6893f099a7a92f70cec2dd9fea0332b99cb6920e6d17dc4b8a37db3e2a124cb2f6baff6ad20168cc5a765d890d45f5b3109f85157429cb7d2b"}, &(0x7f00000000c0)=0x78) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={0x0, {0x2, 0x4e24, @rand_addr=0x64010101}, {0x2, 0x4e24, @remote}, {0x2, 0x4e20, @private=0xa010102}, 0x5, 0x0, 0x0, 0x0, 0x6511, &(0x7f0000000100)='bridge_slave_1\x00', 0x8, 0x100000001, 0x5}) 13:54:15 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 37) 13:54:15 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00hY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:15 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00lY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:15 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18%\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:15 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_ATTR(r0, &(0x7f0000002080)={0x78, 0x0, r1, {0x1, 0x5, 0x0, {0x3, 0x0, 0x200, 0x7, 0xf422185, 0x79bf, 0x0, 0x9, 0x9, 0x8000, 0x4a8, 0x0, 0xee00, 0xffff0001, 0x556e}}}, 0x78) (async) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x200002, 0x0) (async, rerun: 32) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (rerun: 32) 13:54:15 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00tY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:15 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x54, "ad12af4708ebcd6e594db1eb3acaf6d627aff4e5c044590cf79ebb6893f099a7a92f70cec2dd9fea0332b99cb6920e6d17dc4b8a37db3e2a124cb2f6baff6ad20168cc5a765d890d45f5b3109f85157429cb7d2b"}, &(0x7f00000000c0)=0x78) (async) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={0x0, {0x2, 0x4e24, @rand_addr=0x64010101}, {0x2, 0x4e24, @remote}, {0x2, 0x4e20, @private=0xa010102}, 0x5, 0x0, 0x0, 0x0, 0x6511, &(0x7f0000000100)='bridge_slave_1\x00', 0x8, 0x100000001, 0x5}) [ 1638.986776][ T1039] Module has invalid ELF structures [ 1638.995469][ T1040] Module has invalid ELF structures [ 1639.011549][ T1044] Module has invalid ELF structures [ 1639.022323][ T1047] Module has invalid ELF structures 13:54:15 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18H\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1639.037432][ T1037] FAULT_INJECTION: forcing a failure. [ 1639.037432][ T1037] name failslab, interval 1, probability 0, space 0, times 0 [ 1639.068538][ T1055] Module has invalid ELF structures [ 1639.068943][ T1037] CPU: 0 PID: 1037 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1639.082125][ T1037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1639.092197][ T1037] Call Trace: [ 1639.095473][ T1037] dump_stack+0x1d8/0x241 [ 1639.099787][ T1037] ? panic+0x73f/0x73f [ 1639.103837][ T1037] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1639.109626][ T1037] ? pcpu_chunk_relocate+0xdc/0x3a0 [ 1639.114811][ T1037] ? pcpu_alloc_area+0x658/0x750 [ 1639.119737][ T1037] should_fail+0x71f/0x880 [ 1639.124162][ T1037] ? setup_fault_attr+0x3d0/0x3d0 [ 1639.129161][ T1037] ? cpumask_next+0xc/0x20 [ 1639.133551][ T1037] ? pcpu_alloc+0xb57/0x1050 [ 1639.138144][ T1037] ? sbitmap_queue_init_node+0x64b/0xf10 [ 1639.143752][ T1037] should_failslab+0x5/0x20 [ 1639.148235][ T1037] kmem_cache_alloc_trace+0x28/0x240 [ 1639.153587][ T1037] sbitmap_queue_init_node+0x64b/0xf10 [ 1639.159021][ T1037] blk_mq_init_tags+0x156/0x280 [ 1639.163845][ T1037] blk_mq_alloc_rq_map+0x95/0x1a0 [ 1639.168868][ T1037] blk_mq_init_sched+0x1d6/0xaf0 [ 1639.173792][ T1037] elevator_init_mq+0x2cc/0x3e0 [ 1639.178627][ T1037] __device_add_disk+0xf2/0x1220 [ 1639.183554][ T1037] ? sprintf+0xd6/0x120 [ 1639.187680][ T1037] ? hrtimer_init+0xc0/0x340 [ 1639.192241][ T1037] ? device_add_disk+0x30/0x30 [ 1639.196974][ T1037] ? vsprintf+0x30/0x30 [ 1639.201102][ T1037] ? __alloc_disk_node+0x459/0x5a0 [ 1639.206184][ T1037] loop_add+0x573/0x740 [ 1639.210312][ T1037] loop_control_ioctl+0x448/0x620 [ 1639.215308][ T1037] ? loop_remove+0xa0/0xa0 [ 1639.219698][ T1037] ? memset+0x1f/0x40 [ 1639.223649][ T1037] ? fsnotify+0x1280/0x1340 [ 1639.228121][ T1037] ? loop_remove+0xa0/0xa0 [ 1639.232512][ T1037] do_vfs_ioctl+0x742/0x1720 [ 1639.237100][ T1037] ? ioctl_preallocate+0x250/0x250 [ 1639.242185][ T1037] ? __fget+0x407/0x490 [ 1639.246314][ T1037] ? fget_many+0x20/0x20 [ 1639.250543][ T1037] ? debug_smp_processor_id+0x20/0x20 [ 1639.255890][ T1037] ? security_file_ioctl+0x7d/0xa0 [ 1639.260978][ T1037] __x64_sys_ioctl+0xd4/0x110 [ 1639.265662][ T1037] do_syscall_64+0xca/0x1c0 [ 1639.270150][ T1037] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1639.281777][ T1056] Module has invalid ELF structures [ 1639.283177][ T1037] "mq-deadline" elevator initialization failed, falling back to "none" 13:54:16 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x4e24, @broadcast}, {0x1, @local}, 0x4, {0x2, 0x4e21, @broadcast}, 'veth0_to_bridge\x00'}) getgid() 13:54:16 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00zY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:16 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0}, 0x2020) r2 = geteuid() r3 = getgid() write$FUSE_ATTR(r0, &(0x7f0000002040)={0x78, 0x0, r1, {0x925, 0x51, 0x0, {0x1, 0x7f, 0xffffffff, 0x3f, 0x8, 0xd587, 0xfffffffb, 0x3, 0x6, 0x8000, 0x2, r2, r3, 0x3, 0x1000}}}, 0x78) 13:54:16 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18L\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:16 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 38) 13:54:16 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2202, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x54, "ad12af4708ebcd6e594db1eb3acaf6d627aff4e5c044590cf79ebb6893f099a7a92f70cec2dd9fea0332b99cb6920e6d17dc4b8a37db3e2a124cb2f6baff6ad20168cc5a765d890d45f5b3109f85157429cb7d2b"}, &(0x7f00000000c0)=0x78) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={0x0, {0x2, 0x4e24, @rand_addr=0x64010101}, {0x2, 0x4e24, @remote}, {0x2, 0x4e20, @private=0xa010102}, 0x5, 0x0, 0x0, 0x0, 0x6511, &(0x7f0000000100)='bridge_slave_1\x00', 0x8, 0x100000001, 0x5}) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2202, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x54, "ad12af4708ebcd6e594db1eb3acaf6d627aff4e5c044590cf79ebb6893f099a7a92f70cec2dd9fea0332b99cb6920e6d17dc4b8a37db3e2a124cb2f6baff6ad20168cc5a765d890d45f5b3109f85157429cb7d2b"}, &(0x7f00000000c0)=0x78) (async) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000140)={0x0, {0x2, 0x4e24, @rand_addr=0x64010101}, {0x2, 0x4e24, @remote}, {0x2, 0x4e20, @private=0xa010102}, 0x5, 0x0, 0x0, 0x0, 0x6511, &(0x7f0000000100)='bridge_slave_1\x00', 0x8, 0x100000001, 0x5}) (async) 13:54:16 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0}, 0x2020) r2 = geteuid() r3 = getgid() write$FUSE_ATTR(r0, &(0x7f0000002040)={0x78, 0x0, r1, {0x925, 0x51, 0x0, {0x1, 0x7f, 0xffffffff, 0x3f, 0x8, 0xd587, 0xfffffffb, 0x3, 0x6, 0x8000, 0x2, r2, r3, 0x3, 0x1000}}}, 0x78) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020}, 0x2020) (async) geteuid() (async) getgid() (async) write$FUSE_ATTR(r0, &(0x7f0000002040)={0x78, 0x0, r1, {0x925, 0x51, 0x0, {0x1, 0x7f, 0xffffffff, 0x3f, 0x8, 0xd587, 0xfffffffb, 0x3, 0x6, 0x8000, 0x2, r2, r3, 0x3, 0x1000}}}, 0x78) (async) 13:54:16 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000000100)={0x1, 0x1, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)=""/13, 0xd}], &(0x7f00000000c0)=[0xaad]}, 0x20) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x305001, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 13:54:16 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x02\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:16 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18`\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1639.509055][ T1067] Module has invalid ELF structures [ 1639.516081][ T1071] FAULT_INJECTION: forcing a failure. [ 1639.516081][ T1071] name failslab, interval 1, probability 0, space 0, times 0 [ 1639.519150][ T1077] Module has invalid ELF structures 13:54:16 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18h\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1639.556736][ T1071] CPU: 1 PID: 1071 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1639.559313][ T1087] Module has invalid ELF structures [ 1639.565145][ T1071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1639.565150][ T1071] Call Trace: [ 1639.565166][ T1071] dump_stack+0x1d8/0x241 [ 1639.565181][ T1071] ? panic+0x73f/0x73f [ 1639.576465][ T1085] Module has invalid ELF structures [ 1639.580406][ T1071] ? nf_ct_l4proto_log_invalid+0x258/0x258 13:54:16 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18l\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1639.580418][ T1071] should_fail+0x71f/0x880 [ 1639.580428][ T1071] ? setup_fault_attr+0x3d0/0x3d0 [ 1639.580447][ T1071] ? blk_mq_alloc_rq_map+0xeb/0x1a0 [ 1639.594130][ T1089] Module has invalid ELF structures [ 1639.597222][ T1071] should_failslab+0x5/0x20 [ 1639.597232][ T1071] __kmalloc+0x51/0x2b0 [ 1639.597250][ T1071] blk_mq_alloc_rq_map+0xeb/0x1a0 [ 1639.636356][ T1071] blk_mq_init_sched+0x1d6/0xaf0 [ 1639.641284][ T1071] elevator_init_mq+0x2cc/0x3e0 [ 1639.646120][ T1071] __device_add_disk+0xf2/0x1220 [ 1639.651040][ T1071] ? sprintf+0xd6/0x120 [ 1639.655180][ T1071] ? hrtimer_init+0xc0/0x340 [ 1639.659752][ T1071] ? device_add_disk+0x30/0x30 [ 1639.664490][ T1071] ? vsprintf+0x30/0x30 [ 1639.668618][ T1071] ? __alloc_disk_node+0x459/0x5a0 [ 1639.673703][ T1071] loop_add+0x573/0x740 [ 1639.677840][ T1071] loop_control_ioctl+0x448/0x620 [ 1639.682833][ T1071] ? loop_remove+0xa0/0xa0 [ 1639.687225][ T1071] ? memset+0x1f/0x40 [ 1639.691178][ T1071] ? fsnotify+0x1280/0x1340 [ 1639.695650][ T1071] ? loop_remove+0xa0/0xa0 [ 1639.700044][ T1071] do_vfs_ioctl+0x742/0x1720 [ 1639.704620][ T1071] ? ioctl_preallocate+0x250/0x250 [ 1639.709711][ T1071] ? __fget+0x407/0x490 [ 1639.713846][ T1071] ? fget_many+0x20/0x20 [ 1639.718065][ T1071] ? debug_smp_processor_id+0x20/0x20 [ 1639.723412][ T1071] ? security_file_ioctl+0x7d/0xa0 [ 1639.728498][ T1071] __x64_sys_ioctl+0xd4/0x110 [ 1639.733148][ T1071] do_syscall_64+0xca/0x1c0 [ 1639.737647][ T1071] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1639.745534][ T1071] "mq-deadline" elevator initialization failed, falling back to "none" [ 1639.754240][ T1095] Module has invalid ELF structures 13:54:16 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x8c0) 13:54:16 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0}, 0x2020) (async) r2 = geteuid() (async) r3 = getgid() write$FUSE_ATTR(r0, &(0x7f0000002040)={0x78, 0x0, r1, {0x925, 0x51, 0x0, {0x1, 0x7f, 0xffffffff, 0x3f, 0x8, 0xd587, 0xfffffffb, 0x3, 0x6, 0x8000, 0x2, r2, r3, 0x3, 0x1000}}}, 0x78) 13:54:16 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000000100)={0x1, 0x1, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)=""/13, 0xd}], &(0x7f00000000c0)=[0xaad]}, 0x20) (async) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x305001, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 13:54:16 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x03\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:16 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 39) 13:54:16 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18t\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:16 executing program 1: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000000100)={0x1, 0x1, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)=""/13, 0xd}], &(0x7f00000000c0)=[0xaad]}, 0x20) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x305001, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000000100)={0x1, 0x1, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)=""/13, 0xd}], &(0x7f00000000c0)=[0xaad]}, 0x20) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x305001, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) (async) 13:54:16 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18z\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:16 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x04\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1639.953346][ T1103] Module has invalid ELF structures [ 1639.962209][ T1108] Module has invalid ELF structures [ 1639.996675][ T1114] Module has invalid ELF structures [ 1640.008829][ T1106] FAULT_INJECTION: forcing a failure. [ 1640.008829][ T1106] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1640.018337][ T1116] Module has invalid ELF structures [ 1640.042454][ T1106] CPU: 0 PID: 1106 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1640.050865][ T1106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1640.060902][ T1106] Call Trace: [ 1640.064180][ T1106] dump_stack+0x1d8/0x241 [ 1640.068515][ T1106] ? panic+0x73f/0x73f [ 1640.072570][ T1106] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1640.078359][ T1106] ? stack_trace_save+0x118/0x1c0 [ 1640.083369][ T1106] ? __kasan_kmalloc+0x199/0x1d0 [ 1640.088297][ T1106] ? blk_mq_alloc_rq_map+0x95/0x1a0 [ 1640.093483][ T1106] ? stack_trace_snprint+0x170/0x170 [ 1640.098753][ T1106] ? sbitmap_queue_init_node+0x64b/0xf10 [ 1640.104367][ T1106] should_fail+0x71f/0x880 [ 1640.108767][ T1106] ? __kasan_kmalloc+0x199/0x1d0 [ 1640.113691][ T1106] ? setup_fault_attr+0x3d0/0x3d0 [ 1640.118705][ T1106] ? __kasan_kmalloc+0x199/0x1d0 [ 1640.123623][ T1106] ? loop_add+0x573/0x740 [ 1640.127934][ T1106] ? blk_mq_alloc_rq_map+0xeb/0x1a0 [ 1640.133105][ T1106] ? blk_mq_init_sched+0x1d6/0xaf0 [ 1640.138219][ T1106] __alloc_pages_nodemask+0x1b4/0x840 [ 1640.143591][ T1106] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 1640.149114][ T1106] ? find_next_bit+0x7b/0x100 [ 1640.153769][ T1106] ? blk_mq_hw_queue_to_node+0xe3/0x100 [ 1640.159286][ T1106] blk_mq_alloc_rqs+0x230/0x660 [ 1640.164114][ T1106] blk_mq_init_sched+0x245/0xaf0 [ 1640.169024][ T1106] elevator_init_mq+0x2cc/0x3e0 [ 1640.173849][ T1106] __device_add_disk+0xf2/0x1220 [ 1640.178759][ T1106] ? sprintf+0xd6/0x120 [ 1640.182887][ T1106] ? hrtimer_init+0xc0/0x340 [ 1640.187457][ T1106] ? device_add_disk+0x30/0x30 [ 1640.192197][ T1106] ? vsprintf+0x30/0x30 [ 1640.196327][ T1106] ? __alloc_disk_node+0x459/0x5a0 [ 1640.201411][ T1106] loop_add+0x573/0x740 [ 1640.205544][ T1106] loop_control_ioctl+0x448/0x620 [ 1640.210546][ T1106] ? loop_remove+0xa0/0xa0 [ 1640.214939][ T1106] ? memset+0x1f/0x40 [ 1640.218900][ T1106] ? fsnotify+0x1280/0x1340 [ 1640.223378][ T1106] ? loop_remove+0xa0/0xa0 [ 1640.227776][ T1106] do_vfs_ioctl+0x742/0x1720 [ 1640.232344][ T1106] ? ioctl_preallocate+0x250/0x250 [ 1640.237427][ T1106] ? __fget+0x407/0x490 [ 1640.241556][ T1106] ? fget_many+0x20/0x20 13:54:16 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x03Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:16 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:16 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x05\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1640.245790][ T1106] ? debug_smp_processor_id+0x20/0x20 [ 1640.251310][ T1106] ? security_file_ioctl+0x7d/0xa0 [ 1640.256396][ T1106] __x64_sys_ioctl+0xd4/0x110 [ 1640.261046][ T1106] do_syscall_64+0xca/0x1c0 [ 1640.265527][ T1106] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1640.279082][ T1122] Module has invalid ELF structures [ 1640.292751][ T1127] Module has invalid ELF structures 13:54:17 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x8c0) 13:54:17 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x4c56, 0xb5, 0x3f, 0x1}, {0x4, 0x6, 0x5, 0x7}, {0x0, 0x1f, 0xa7, 0x6}, {0xffff, 0x20, 0x5, 0x7fffffff}]}) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40004) 13:54:17 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x06\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:17 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 40) 13:54:17 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x05Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:17 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:17 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x4c56, 0xb5, 0x3f, 0x1}, {0x4, 0x6, 0x5, 0x7}, {0x0, 0x1f, 0xa7, 0x6}, {0xffff, 0x20, 0x5, 0x7fffffff}]}) (async, rerun: 32) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) (rerun: 32) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40004) 13:54:17 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) 13:54:17 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x06Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:17 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\a\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1640.530204][ T1136] Module has invalid ELF structures [ 1640.531118][ T1130] Module has invalid ELF structures [ 1640.544190][ T1138] FAULT_INJECTION: forcing a failure. [ 1640.544190][ T1138] name failslab, interval 1, probability 0, space 0, times 0 [ 1640.574282][ T1149] Module has invalid ELF structures 13:54:17 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x4c56, 0xb5, 0x3f, 0x1}, {0x4, 0x6, 0x5, 0x7}, {0x0, 0x1f, 0xa7, 0x6}, {0xffff, 0x20, 0x5, 0x7fffffff}]}) r0 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40004) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x4c56, 0xb5, 0x3f, 0x1}, {0x4, 0x6, 0x5, 0x7}, {0x0, 0x1f, 0xa7, 0x6}, {0xffff, 0x20, 0x5, 0x7fffffff}]}) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff) (async) sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40004) (async) [ 1640.579759][ T1148] Module has invalid ELF structures [ 1640.585891][ T1138] CPU: 0 PID: 1138 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1640.594285][ T1138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1640.604321][ T1138] Call Trace: [ 1640.607605][ T1138] dump_stack+0x1d8/0x241 [ 1640.611920][ T1138] ? panic+0x73f/0x73f [ 1640.615975][ T1138] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1640.621770][ T1138] should_fail+0x71f/0x880 [ 1640.626179][ T1138] ? setup_fault_attr+0x3d0/0x3d0 [ 1640.631189][ T1138] ? blk_mq_alloc_rq_map+0xeb/0x1a0 [ 1640.636398][ T1138] should_failslab+0x5/0x20 [ 1640.640883][ T1138] __kmalloc+0x51/0x2b0 [ 1640.645023][ T1138] blk_mq_alloc_rq_map+0xeb/0x1a0 [ 1640.650037][ T1138] blk_mq_init_sched+0x1d6/0xaf0 [ 1640.654962][ T1138] elevator_init_mq+0x2cc/0x3e0 [ 1640.659791][ T1138] __device_add_disk+0xf2/0x1220 [ 1640.664700][ T1138] ? sprintf+0xd6/0x120 [ 1640.668827][ T1138] ? hrtimer_init+0xc0/0x340 [ 1640.673393][ T1138] ? device_add_disk+0x30/0x30 [ 1640.678126][ T1138] ? vsprintf+0x30/0x30 [ 1640.682260][ T1138] ? __alloc_disk_node+0x459/0x5a0 [ 1640.687348][ T1138] loop_add+0x573/0x740 [ 1640.691485][ T1138] loop_control_ioctl+0x448/0x620 [ 1640.696490][ T1138] ? loop_remove+0xa0/0xa0 [ 1640.700888][ T1138] ? memset+0x1f/0x40 [ 1640.704848][ T1138] ? fsnotify+0x1280/0x1340 [ 1640.709321][ T1138] ? loop_remove+0xa0/0xa0 [ 1640.713711][ T1138] do_vfs_ioctl+0x742/0x1720 [ 1640.718276][ T1138] ? ioctl_preallocate+0x250/0x250 [ 1640.723361][ T1138] ? __fget+0x407/0x490 13:54:17 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\b\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1640.727489][ T1138] ? fget_many+0x20/0x20 [ 1640.731706][ T1138] ? debug_smp_processor_id+0x20/0x20 [ 1640.737053][ T1138] ? security_file_ioctl+0x7d/0xa0 [ 1640.742138][ T1138] __x64_sys_ioctl+0xd4/0x110 [ 1640.746792][ T1138] do_syscall_64+0xca/0x1c0 [ 1640.751268][ T1138] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1640.765274][ T22] kauditd_printk_skb: 4 callbacks suppressed [ 1640.765283][ T22] audit: type=1326 audit(1676296457.569:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1158 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1640.767978][ T1138] "mq-deadline" elevator initialization failed, falling back to "none" [ 1640.778272][ T22] audit: type=1326 audit(1676296457.569:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1158 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f7d08d10fab code=0x80000 [ 1640.796808][ T1163] Module has invalid ELF structures 13:54:17 executing program 5: prctl$PR_GET_TIMERSLACK(0x1e) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:17 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\aY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:17 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 41) 13:54:17 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x402000, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) r1 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xc) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 13:54:17 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\t\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:17 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x8c0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x2c, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x8c0) (async) 13:54:17 executing program 5: prctl$PR_GET_TIMERSLACK(0x1e) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) [ 1641.014475][ T1169] Module has invalid ELF structures [ 1641.024621][ T1172] FAULT_INJECTION: forcing a failure. [ 1641.024621][ T1172] name failslab, interval 1, probability 0, space 0, times 0 [ 1641.029371][ T1174] Module has invalid ELF structures [ 1641.041359][ T1172] CPU: 0 PID: 1172 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1641.050820][ T1172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1641.060855][ T1172] Call Trace: [ 1641.064133][ T1172] dump_stack+0x1d8/0x241 [ 1641.068455][ T1172] ? panic+0x73f/0x73f [ 1641.072516][ T1172] ? __alloc_pages_nodemask+0x393/0x840 [ 1641.078049][ T1172] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1641.083839][ T1172] should_fail+0x71f/0x880 [ 1641.088241][ T1172] ? setup_fault_attr+0x3d0/0x3d0 [ 1641.093251][ T1172] ? lo_complete_rq+0x2b0/0x2b0 [ 1641.098088][ T1172] ? loop_init_request+0x31/0xa0 [ 1641.103009][ T1172] ? elevator_alloc+0x4b/0xc0 [ 1641.107674][ T1172] should_failslab+0x5/0x20 [ 1641.112166][ T1172] kmem_cache_alloc_trace+0x28/0x240 [ 1641.117460][ T1172] elevator_alloc+0x4b/0xc0 [ 1641.121946][ T1172] dd_init_queue+0x1f/0x330 [ 1641.126427][ T1172] blk_mq_init_sched+0x45a/0xaf0 [ 1641.131360][ T1172] elevator_init_mq+0x2cc/0x3e0 [ 1641.136184][ T1172] __device_add_disk+0xf2/0x1220 [ 1641.141093][ T1172] ? sprintf+0xd6/0x120 [ 1641.145220][ T1172] ? hrtimer_init+0xc0/0x340 [ 1641.149786][ T1172] ? device_add_disk+0x30/0x30 [ 1641.154523][ T1172] ? vsprintf+0x30/0x30 [ 1641.158673][ T1172] ? __alloc_disk_node+0x459/0x5a0 [ 1641.163758][ T1172] loop_add+0x573/0x740 [ 1641.167888][ T1172] loop_control_ioctl+0x448/0x620 [ 1641.172882][ T1172] ? loop_remove+0xa0/0xa0 [ 1641.177275][ T1172] ? memset+0x1f/0x40 [ 1641.181232][ T1172] ? fsnotify+0x1280/0x1340 [ 1641.185707][ T1172] ? loop_remove+0xa0/0xa0 [ 1641.190097][ T1172] do_vfs_ioctl+0x742/0x1720 [ 1641.194662][ T1172] ? ioctl_preallocate+0x250/0x250 [ 1641.199749][ T1172] ? __fget+0x407/0x490 [ 1641.203894][ T1172] ? fget_many+0x20/0x20 [ 1641.208111][ T1172] ? debug_smp_processor_id+0x20/0x20 13:54:18 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x402000, 0x0) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) r1 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xc) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 13:54:18 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\tY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:18 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\n\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:18 executing program 5: prctl$PR_GET_TIMERSLACK(0x1e) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) [ 1641.213457][ T1172] ? security_file_ioctl+0x7d/0xa0 [ 1641.218541][ T1172] __x64_sys_ioctl+0xd4/0x110 [ 1641.223191][ T1172] do_syscall_64+0xca/0x1c0 [ 1641.227667][ T1172] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1641.238621][ T1172] "mq-deadline" elevator initialization failed, falling back to "none" 13:54:18 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x402000, 0x0) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) r1 = ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0xc) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1) 13:54:18 executing program 5: r0 = socket$pppl2tp(0x18, 0x1, 0x1) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x0, 0x1) r1 = socket$pppl2tp(0x18, 0x1, 0x1) setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r1, 0x111, 0x5, 0x80000001, 0x4) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000000)=0x100005, 0x4) [ 1641.250295][ T22] audit: type=1326 audit(1676296458.059:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1177 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1641.258645][ T1186] Module has invalid ELF structures [ 1641.289139][ T22] audit: type=1326 audit(1676296458.059:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1177 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=230 compat=0 ip=0x7f7d08d83e21 code=0x80000 [ 1641.310964][ T1190] Module has invalid ELF structures 13:54:18 executing program 5: r0 = socket$pppl2tp(0x18, 0x1, 0x1) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x0, 0x1) r1 = socket$pppl2tp(0x18, 0x1, 0x1) setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r1, 0x111, 0x5, 0x80000001, 0x4) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000000)=0x100005, 0x4) socket$pppl2tp(0x18, 0x1, 0x1) (async) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x0, 0x1) (async) socket$pppl2tp(0x18, 0x1, 0x1) (async) setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r1, 0x111, 0x5, 0x80000001, 0x4) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async) setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000000)=0x100005, 0x4) (async) 13:54:18 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000040)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) 13:54:18 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\nY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:18 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 42) 13:54:18 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\v\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:18 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\vY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:18 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) r0 = getgid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f00000000c0)={0x90, 0x0, 0x0, {0x6, 0x0, 0x8, 0xa259, 0x0, 0x732, {0x4, 0x8, 0x0, 0x7ff, 0x7ff, 0x6, 0x5, 0x5, 0x8, 0xa000, 0x1ff, 0x0, r0, 0x10, 0x9155}}}, 0x90) 13:54:18 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\f\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:18 executing program 5: r0 = socket$pppl2tp(0x18, 0x1, 0x1) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x0, 0x1) (async) r1 = socket$pppl2tp(0x18, 0x1, 0x1) setsockopt$pppl2tp_PPPOL2TP_SO_REORDERTO(r1, 0x111, 0x5, 0x80000001, 0x4) (async) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async) setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000000)=0x100005, 0x4) 13:54:18 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\fY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1641.527346][ T1204] Module has invalid ELF structures [ 1641.527458][ T1205] Module has invalid ELF structures [ 1641.553479][ T1212] Module has invalid ELF structures 13:54:18 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\r\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:18 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000040)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) 13:54:18 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\rY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1641.575871][ T1215] Module has invalid ELF structures [ 1641.586134][ T1217] Module has invalid ELF structures [ 1641.601392][ T1218] FAULT_INJECTION: forcing a failure. [ 1641.601392][ T1218] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1641.603564][ T1223] Module has invalid ELF structures 13:54:18 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x0e\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1641.619670][ T1218] CPU: 1 PID: 1218 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1641.628157][ T1218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1641.638194][ T1218] Call Trace: [ 1641.641480][ T1218] dump_stack+0x1d8/0x241 [ 1641.645796][ T1218] ? panic+0x73f/0x73f [ 1641.649856][ T1218] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1641.655649][ T1218] ? get_page_from_freelist+0x2ce8/0x2d70 [ 1641.659513][ T1230] Module has invalid ELF structures [ 1641.661358][ T1218] should_fail+0x71f/0x880 [ 1641.661369][ T1218] ? setup_fault_attr+0x3d0/0x3d0 [ 1641.661386][ T1218] __alloc_pages_nodemask+0x1b4/0x840 [ 1641.681271][ T1218] ? __kasan_kmalloc+0x199/0x1d0 [ 1641.686185][ T1218] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 1641.691703][ T1218] ? blk_mq_alloc_rq_map+0xeb/0x1a0 [ 1641.696872][ T1218] ? blk_mq_init_sched+0x1d6/0xaf0 [ 1641.701956][ T1218] alloc_slab_page+0x39/0x3c0 [ 1641.706605][ T1218] new_slab+0x97/0x440 [ 1641.710651][ T1218] ? check_preemption_disabled+0x153/0x320 [ 1641.716427][ T1218] ___slab_alloc+0x2fe/0x490 [ 1641.720988][ T1218] ? setup_fault_attr+0x3d0/0x3d0 [ 1641.725982][ T1218] ? elevator_alloc+0x4b/0xc0 [ 1641.730629][ T1218] ? elevator_alloc+0x4b/0xc0 [ 1641.735276][ T1218] __slab_alloc+0x5a/0x90 [ 1641.739582][ T1218] kmem_cache_alloc_trace+0x128/0x240 [ 1641.744924][ T1218] ? elevator_alloc+0x4b/0xc0 [ 1641.749572][ T1218] elevator_alloc+0x4b/0xc0 [ 1641.754050][ T1218] dd_init_queue+0x1f/0x330 [ 1641.758528][ T1218] blk_mq_init_sched+0x45a/0xaf0 [ 1641.763438][ T1218] elevator_init_mq+0x2cc/0x3e0 [ 1641.768261][ T1218] __device_add_disk+0xf2/0x1220 [ 1641.773169][ T1218] ? sprintf+0xd6/0x120 [ 1641.777298][ T1218] ? hrtimer_init+0xc0/0x340 [ 1641.781858][ T1218] ? device_add_disk+0x30/0x30 [ 1641.786590][ T1218] ? vsprintf+0x30/0x30 [ 1641.790722][ T1218] ? __alloc_disk_node+0x459/0x5a0 [ 1641.795804][ T1218] loop_add+0x573/0x740 [ 1641.799937][ T1218] loop_control_ioctl+0x448/0x620 [ 1641.804933][ T1218] ? loop_remove+0xa0/0xa0 [ 1641.809324][ T1218] ? memset+0x1f/0x40 [ 1641.813277][ T1218] ? fsnotify+0x1280/0x1340 [ 1641.817751][ T1218] ? loop_remove+0xa0/0xa0 [ 1641.822139][ T1218] do_vfs_ioctl+0x742/0x1720 13:54:18 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x10\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1641.826703][ T1218] ? ioctl_preallocate+0x250/0x250 [ 1641.831813][ T1218] ? __fget+0x407/0x490 [ 1641.835943][ T1218] ? fget_many+0x20/0x20 [ 1641.840156][ T1218] ? debug_smp_processor_id+0x20/0x20 [ 1641.845502][ T1218] ? security_file_ioctl+0x7d/0xa0 [ 1641.850583][ T1218] __x64_sys_ioctl+0xd4/0x110 [ 1641.855231][ T1218] do_syscall_64+0xca/0x1c0 [ 1641.859707][ T1218] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1641.867711][ T1232] Module has invalid ELF structures 13:54:18 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 43) 13:54:18 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x88041) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000040)) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:18 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x0eY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1641.883667][ T1235] Module has invalid ELF structures [ 1641.884520][ T22] audit: type=1326 audit(1676296458.689:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1229 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1641.928948][ T1239] Module has invalid ELF structures [ 1641.967737][ T1241] FAULT_INJECTION: forcing a failure. [ 1641.967737][ T1241] name failslab, interval 1, probability 0, space 0, times 0 [ 1641.980705][ T1241] CPU: 0 PID: 1241 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1641.989144][ T1241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1641.999178][ T1241] Call Trace: [ 1642.002466][ T1241] dump_stack+0x1d8/0x241 [ 1642.006780][ T1241] ? panic+0x73f/0x73f [ 1642.010868][ T1241] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1642.016710][ T1241] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1642.022780][ T1241] should_fail+0x71f/0x880 [ 1642.027188][ T1241] ? setup_fault_attr+0x3d0/0x3d0 [ 1642.032194][ T1241] ? number+0xf89/0x1200 [ 1642.036422][ T1241] ? device_create_vargs+0x7d/0x210 [ 1642.041603][ T1241] should_failslab+0x5/0x20 [ 1642.046129][ T1241] kmem_cache_alloc_trace+0x28/0x240 [ 1642.051412][ T1241] device_create_vargs+0x7d/0x210 [ 1642.056423][ T1241] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1642.062471][ T1241] device_create+0xea/0x130 [ 1642.066966][ T1241] ? device_create_vargs+0x210/0x210 [ 1642.072244][ T1241] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1642.077947][ T1241] bdi_register_va+0x84/0x600 [ 1642.082610][ T1241] bdi_register+0xd1/0x120 [ 1642.087039][ T1241] ? __device_add_disk+0x551/0x1220 [ 1642.092221][ T1241] ? bdi_register_va+0x600/0x600 [ 1642.097145][ T1241] ? percpu_ref_resurrect+0x113/0x190 [ 1642.102498][ T1241] bdi_register_owner+0x55/0xf0 [ 1642.107334][ T1241] __device_add_disk+0x5d1/0x1220 [ 1642.112346][ T1241] ? device_add_disk+0x30/0x30 [ 1642.117095][ T1241] ? vsprintf+0x30/0x30 [ 1642.121236][ T1241] ? __alloc_disk_node+0x459/0x5a0 [ 1642.126329][ T1241] loop_add+0x573/0x740 [ 1642.130483][ T1241] loop_control_ioctl+0x448/0x620 [ 1642.135495][ T1241] ? loop_remove+0xa0/0xa0 [ 1642.139901][ T1241] ? memset+0x1f/0x40 [ 1642.143868][ T1241] ? fsnotify+0x1280/0x1340 [ 1642.148355][ T1241] ? loop_remove+0xa0/0xa0 [ 1642.152759][ T1241] do_vfs_ioctl+0x742/0x1720 [ 1642.157336][ T1241] ? ioctl_preallocate+0x250/0x250 [ 1642.162431][ T1241] ? __fget+0x407/0x490 [ 1642.166573][ T1241] ? fget_many+0x20/0x20 [ 1642.170803][ T1241] ? debug_smp_processor_id+0x20/0x20 [ 1642.176164][ T1241] ? security_file_ioctl+0x7d/0xa0 [ 1642.181261][ T1241] __x64_sys_ioctl+0xd4/0x110 [ 1642.185926][ T1241] do_syscall_64+0xca/0x1c0 [ 1642.190421][ T1241] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1642.199538][ T1241] ------------[ cut here ]------------ [ 1642.205006][ T1241] WARNING: CPU: 0 PID: 1241 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1642.213998][ T1241] Modules linked in: [ 1642.217881][ T1241] CPU: 0 PID: 1241 Comm: syz-executor.4 Not tainted 5.4.225-syzkaller #0 [ 1642.226270][ T1241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1642.236313][ T1241] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1642.242102][ T1241] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1642.261677][ T1241] RSP: 0018:ffff8881e9f67a20 EFLAGS: 00010246 [ 1642.267712][ T1241] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1642.275653][ T1241] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1642.283598][ T1241] RBP: ffff8881e9f67b58 R08: ffffffff821a576c R09: fffffbfff0b6c49f [ 1642.291579][ T1241] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881ef3e9000 [ 1642.299636][ T1241] R13: dffffc0000000000 R14: ffff8881ef3e9070 R15: 1ffff1103de7d29d [ 1642.307581][ T1241] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1642.316493][ T1241] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1642.323043][ T1241] CR2: 00007f9bcb683ff8 CR3: 00000001e578c000 CR4: 00000000003406f0 [ 1642.330983][ T1241] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1642.338940][ T1241] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1642.346895][ T1241] Call Trace: [ 1642.350160][ T1241] ? device_add_disk+0x30/0x30 [ 1642.354893][ T1241] ? vsprintf+0x30/0x30 [ 1642.359018][ T1241] ? __alloc_disk_node+0x459/0x5a0 [ 1642.364100][ T1241] loop_add+0x573/0x740 [ 1642.368231][ T1241] loop_control_ioctl+0x448/0x620 [ 1642.373234][ T1241] ? loop_remove+0xa0/0xa0 [ 1642.377623][ T1241] ? memset+0x1f/0x40 [ 1642.381571][ T1241] ? fsnotify+0x1280/0x1340 [ 1642.386044][ T1241] ? loop_remove+0xa0/0xa0 [ 1642.390431][ T1241] do_vfs_ioctl+0x742/0x1720 [ 1642.394991][ T1241] ? ioctl_preallocate+0x250/0x250 [ 1642.400079][ T1241] ? __fget+0x407/0x490 [ 1642.404204][ T1241] ? fget_many+0x20/0x20 [ 1642.408413][ T1241] ? debug_smp_processor_id+0x20/0x20 [ 1642.413750][ T1241] ? security_file_ioctl+0x7d/0xa0 13:54:19 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) r0 = getgid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f00000000c0)={0x90, 0x0, 0x0, {0x6, 0x0, 0x8, 0xa259, 0x0, 0x732, {0x4, 0x8, 0x0, 0x7ff, 0x7ff, 0x6, 0x5, 0x5, 0x8, 0xa000, 0x1ff, 0x0, r0, 0x10, 0x9155}}}, 0x90) 13:54:19 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x11\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:19 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x88041) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000040)) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:19 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x11Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:19 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000040)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000040)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) (async) 13:54:19 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 44) [ 1642.418827][ T1241] __x64_sys_ioctl+0xd4/0x110 [ 1642.423472][ T1241] do_syscall_64+0xca/0x1c0 [ 1642.427944][ T1241] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1642.433817][ T1241] ---[ end trace bc12ee340783dbdc ]--- 13:54:19 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x12Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:19 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x88041) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000040)) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x88041) (async) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000040)) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) 13:54:19 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x1fY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:19 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x12\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1642.460537][ T1250] Module has invalid ELF structures [ 1642.462814][ T1247] Module has invalid ELF structures [ 1642.476835][ T1254] Module has invalid ELF structures [ 1642.483700][ T1252] FAULT_INJECTION: forcing a failure. [ 1642.483700][ T1252] name failslab, interval 1, probability 0, space 0, times 0 [ 1642.502596][ T1262] Module has invalid ELF structures 13:54:19 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00 Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:19 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y%\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1642.514141][ T1264] Module has invalid ELF structures [ 1642.522294][ T1252] CPU: 1 PID: 1252 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1642.532082][ T1252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1642.533938][ T1267] Module has invalid ELF structures [ 1642.542117][ T1252] Call Trace: [ 1642.542133][ T1252] dump_stack+0x1d8/0x241 [ 1642.542142][ T1252] ? panic+0x73f/0x73f [ 1642.542151][ T1252] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1642.542160][ T1252] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1642.542175][ T1252] should_fail+0x71f/0x880 [ 1642.547463][ T1268] Module has invalid ELF structures [ 1642.550612][ T1252] ? setup_fault_attr+0x3d0/0x3d0 [ 1642.550620][ T1252] ? number+0xf89/0x1200 [ 1642.550635][ T1252] ? device_create_vargs+0x7d/0x210 [ 1642.594744][ T1252] should_failslab+0x5/0x20 [ 1642.599235][ T1252] kmem_cache_alloc_trace+0x28/0x240 [ 1642.604508][ T1252] device_create_vargs+0x7d/0x210 [ 1642.609520][ T1252] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1642.615568][ T1252] device_create+0xea/0x130 [ 1642.620057][ T1252] ? device_create_vargs+0x210/0x210 [ 1642.625337][ T1252] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1642.631044][ T1252] bdi_register_va+0x84/0x600 [ 1642.635710][ T1252] bdi_register+0xd1/0x120 [ 1642.640117][ T1252] ? __device_add_disk+0x551/0x1220 [ 1642.645297][ T1252] ? bdi_register_va+0x600/0x600 [ 1642.650210][ T1252] ? percpu_ref_resurrect+0x113/0x190 [ 1642.655555][ T1252] bdi_register_owner+0x55/0xf0 [ 1642.660377][ T1252] __device_add_disk+0x5d1/0x1220 [ 1642.665375][ T1252] ? device_add_disk+0x30/0x30 [ 1642.670108][ T1252] ? vsprintf+0x30/0x30 [ 1642.674239][ T1252] ? __alloc_disk_node+0x459/0x5a0 [ 1642.679338][ T1252] loop_add+0x573/0x740 [ 1642.683466][ T1252] loop_control_ioctl+0x448/0x620 [ 1642.688462][ T1252] ? loop_remove+0xa0/0xa0 [ 1642.692850][ T1252] ? memset+0x1f/0x40 [ 1642.696800][ T1252] ? fsnotify+0x1280/0x1340 [ 1642.701273][ T1252] ? loop_remove+0xa0/0xa0 [ 1642.705659][ T1252] do_vfs_ioctl+0x742/0x1720 [ 1642.710226][ T1252] ? ioctl_preallocate+0x250/0x250 [ 1642.715307][ T1252] ? __fget+0x407/0x490 [ 1642.719434][ T1252] ? fget_many+0x20/0x20 [ 1642.723650][ T1252] ? debug_smp_processor_id+0x20/0x20 [ 1642.729008][ T1252] ? security_file_ioctl+0x7d/0xa0 [ 1642.734119][ T1252] __x64_sys_ioctl+0xd4/0x110 [ 1642.738770][ T1252] do_syscall_64+0xca/0x1c0 [ 1642.743245][ T1252] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1642.750335][ T22] audit: type=1326 audit(1676296459.559:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1269 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1642.751555][ T1252] ------------[ cut here ]------------ [ 1642.779375][ T1252] WARNING: CPU: 1 PID: 1252 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1642.788368][ T1252] Modules linked in: [ 1642.792254][ T1252] CPU: 1 PID: 1252 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1642.798770][ T22] audit: type=1326 audit(1676296459.589:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1269 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f7d08d10fab code=0x80000 [ 1642.802053][ T1252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1642.802066][ T1252] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1642.802080][ T1252] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1642.860863][ T1252] RSP: 0018:ffff8881e14cfa20 EFLAGS: 00010246 [ 1642.866911][ T1252] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1642.874866][ T1252] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1642.882820][ T1252] RBP: ffff8881e14cfb58 R08: ffffffff821a576c R09: fffffbfff0b6c49f [ 1642.890775][ T1252] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881df9c3000 [ 1642.898727][ T1252] R13: dffffc0000000000 R14: ffff8881df9c3070 R15: 1ffff1103bf3869d [ 1642.906693][ T1252] FS: 00007f9bcb684700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 1642.915604][ T1252] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1642.922169][ T1252] CR2: 00007fffefef1c08 CR3: 00000001eecd6000 CR4: 00000000003406e0 [ 1642.930126][ T1252] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1642.938082][ T1252] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1642.946051][ T1252] Call Trace: [ 1642.949330][ T1252] ? device_add_disk+0x30/0x30 [ 1642.954087][ T1252] ? vsprintf+0x30/0x30 [ 1642.958240][ T1252] ? __alloc_disk_node+0x459/0x5a0 [ 1642.963367][ T1252] loop_add+0x573/0x740 [ 1642.967514][ T1252] loop_control_ioctl+0x448/0x620 [ 1642.972540][ T1252] ? loop_remove+0xa0/0xa0 [ 1642.976945][ T1252] ? memset+0x1f/0x40 [ 1642.980923][ T1252] ? fsnotify+0x1280/0x1340 [ 1642.985410][ T1252] ? loop_remove+0xa0/0xa0 [ 1642.989812][ T1252] do_vfs_ioctl+0x742/0x1720 [ 1642.994394][ T1252] ? ioctl_preallocate+0x250/0x250 [ 1642.999493][ T1252] ? __fget+0x407/0x490 [ 1643.003631][ T1252] ? fget_many+0x20/0x20 [ 1643.007862][ T1252] ? debug_smp_processor_id+0x20/0x20 [ 1643.013217][ T1252] ? security_file_ioctl+0x7d/0xa0 [ 1643.018346][ T1252] __x64_sys_ioctl+0xd4/0x110 [ 1643.023005][ T1252] do_syscall_64+0xca/0x1c0 [ 1643.027499][ T1252] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1643.033371][ T1252] ---[ end trace bc12ee340783dbdd ]--- 13:54:19 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) r0 = getgid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f00000000c0)={0x90, 0x0, 0x0, {0x6, 0x0, 0x8, 0xa259, 0x0, 0x732, {0x4, 0x8, 0x0, 0x7ff, 0x7ff, 0x6, 0x5, 0x5, 0x8, 0xa000, 0x1ff, 0x0, r0, 0x10, 0x9155}}}, 0x90) 13:54:19 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 45) 13:54:19 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00YH\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:19 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00%Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:19 executing program 5: read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) read$FUSE(0xffffffffffffffff, &(0x7f0000002040)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) r3 = getuid() read$FUSE(0xffffffffffffffff, &(0x7f0000004080)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000006240)={0x158, 0xffffffffffffffda, r0, [{{0x4, 0x0, 0xfffffffffffffffa, 0x4, 0x44e6, 0xff, {0x1, 0x20, 0x7, 0x10000, 0x2, 0x81, 0x472985f9, 0x125, 0x5bd8, 0x2000, 0x8, 0xee00, r2, 0x75, 0x10001}}, {0x6, 0x2, 0xd, 0x1fe000, '#,+*):$:\')&-]'}}, {{0x2, 0x1, 0x400, 0x47f2, 0x200, 0x3, {0x4, 0x3ff, 0x8000, 0x0, 0xbe, 0x8, 0x8, 0x1, 0x9, 0xc000, 0xcf23, r3, r4, 0x6, 0x4}}, {0x6, 0x7c, 0x5, 0x1, '+,*]}'}}]}, 0x158) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000060c0), 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f00000063c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_LK(r5, &(0x7f0000006100)={0x28, 0xffffffffffffffda, r6, {{0x101, 0x8000000000000000, 0x2, r1}}}, 0x28) 13:54:19 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540), 0xc, &(0x7f00000025c0)={0x0, 0x2}, 0x8}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r2, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r2) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x4400, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="00000000000002000000000085f3798a22e0b9029030acc4190035574fa2bf71e4e9658938797fe8b2d086d01d8c86704a8ba8c580adea2c9f84a495a30d341a4a8906980e3a5f02f5465e94f97d51a597b9a3887ead869eb000000000000000", @ANYRES16=0x0, @ANYBLOB="10072abd7000ffdbdf25040000000800340000000004"], 0x1c}}, 0xc4014) [ 1643.125149][ T1274] FAULT_INJECTION: forcing a failure. [ 1643.125149][ T1274] name failslab, interval 1, probability 0, space 0, times 0 [ 1643.132202][ T1279] Module has invalid ELF structures [ 1643.138031][ T1274] CPU: 1 PID: 1274 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1643.147242][ T1278] Module has invalid ELF structures [ 1643.152720][ T1274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1643.167913][ T1274] Call Trace: [ 1643.171196][ T1274] dump_stack+0x1d8/0x241 [ 1643.175534][ T1274] ? panic+0x73f/0x73f [ 1643.179596][ T1274] ? bdi_register_va+0x84/0x600 [ 1643.184433][ T1274] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1643.190228][ T1274] ? loop_add+0x573/0x740 [ 1643.194542][ T1274] ? do_vfs_ioctl+0x742/0x1720 [ 1643.199292][ T1274] ? __x64_sys_ioctl+0xd4/0x110 [ 1643.204162][ T1274] ? do_syscall_64+0xca/0x1c0 [ 1643.208827][ T1274] should_fail+0x71f/0x880 [ 1643.213231][ T1274] ? setup_fault_attr+0x3d0/0x3d0 [ 1643.218242][ T1274] ? _raw_spin_lock+0x1b0/0x1b0 [ 1643.223069][ T1274] ? kobject_set_name_vargs+0x5d/0x110 [ 1643.228497][ T1274] should_failslab+0x5/0x20 [ 1643.232972][ T1274] __kmalloc_track_caller+0x4f/0x290 [ 1643.238230][ T1274] kstrdup_const+0x51/0x90 [ 1643.242619][ T1274] kobject_set_name_vargs+0x5d/0x110 [ 1643.247875][ T1274] device_create_vargs+0x183/0x210 [ 1643.252965][ T1274] device_create+0xea/0x130 [ 1643.257439][ T1274] ? device_create_vargs+0x210/0x210 [ 1643.262699][ T1274] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1643.268404][ T1274] bdi_register_va+0x84/0x600 [ 1643.273080][ T1274] bdi_register+0xd1/0x120 [ 1643.277480][ T1274] ? __device_add_disk+0x551/0x1220 [ 1643.282671][ T1274] ? bdi_register_va+0x600/0x600 [ 1643.287588][ T1274] ? percpu_ref_resurrect+0x113/0x190 [ 1643.292943][ T1274] bdi_register_owner+0x55/0xf0 [ 1643.297773][ T1274] __device_add_disk+0x5d1/0x1220 [ 1643.302772][ T1274] ? device_add_disk+0x30/0x30 [ 1643.307509][ T1274] ? vsprintf+0x30/0x30 [ 1643.311644][ T1274] ? __alloc_disk_node+0x459/0x5a0 [ 1643.316740][ T1274] loop_add+0x573/0x740 [ 1643.320872][ T1274] loop_control_ioctl+0x448/0x620 [ 1643.325867][ T1274] ? loop_remove+0xa0/0xa0 [ 1643.330259][ T1274] ? memset+0x1f/0x40 [ 1643.334220][ T1274] ? fsnotify+0x1280/0x1340 [ 1643.338695][ T1274] ? loop_remove+0xa0/0xa0 [ 1643.343083][ T1274] do_vfs_ioctl+0x742/0x1720 [ 1643.347651][ T1274] ? ioctl_preallocate+0x250/0x250 [ 1643.352736][ T1274] ? __fget+0x407/0x490 [ 1643.356864][ T1274] ? fget_many+0x20/0x20 [ 1643.361078][ T1274] ? debug_smp_processor_id+0x20/0x20 [ 1643.366421][ T1274] ? security_file_ioctl+0x7d/0xa0 [ 1643.371505][ T1274] __x64_sys_ioctl+0xd4/0x110 13:54:20 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00YL\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:20 executing program 5: read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000002040)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) (async, rerun: 64) r3 = getuid() (rerun: 64) read$FUSE(0xffffffffffffffff, &(0x7f0000004080)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000006240)={0x158, 0xffffffffffffffda, r0, [{{0x4, 0x0, 0xfffffffffffffffa, 0x4, 0x44e6, 0xff, {0x1, 0x20, 0x7, 0x10000, 0x2, 0x81, 0x472985f9, 0x125, 0x5bd8, 0x2000, 0x8, 0xee00, r2, 0x75, 0x10001}}, {0x6, 0x2, 0xd, 0x1fe000, '#,+*):$:\')&-]'}}, {{0x2, 0x1, 0x400, 0x47f2, 0x200, 0x3, {0x4, 0x3ff, 0x8000, 0x0, 0xbe, 0x8, 0x8, 0x1, 0x9, 0xc000, 0xcf23, r3, r4, 0x6, 0x4}}, {0x6, 0x7c, 0x5, 0x1, '+,*]}'}}]}, 0x158) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000060c0), 0x2, 0x0) (async) read$FUSE(0xffffffffffffffff, &(0x7f00000063c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_LK(r5, &(0x7f0000006100)={0x28, 0xffffffffffffffda, r6, {{0x101, 0x8000000000000000, 0x2, r1}}}, 0x28) 13:54:20 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00@Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1643.376158][ T1274] do_syscall_64+0xca/0x1c0 [ 1643.380639][ T1274] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1643.391505][ T22] audit: type=1326 audit(1676296460.199:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1643.398377][ T1274] ------------[ cut here ]------------ [ 1643.420672][ T1274] WARNING: CPU: 1 PID: 1274 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1643.429683][ T1274] Modules linked in: [ 1643.433586][ T1274] CPU: 1 PID: 1274 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1643.442294][ T22] audit: type=1326 audit(1676296460.229:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f7d08d10fab code=0x80000 [ 1643.443361][ T1274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1643.443375][ T1274] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1643.443388][ T1274] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1643.471939][ T1287] Module has invalid ELF structures [ 1643.476812][ T1274] RSP: 0018:ffff8881e43cfa20 EFLAGS: 00010246 [ 1643.476820][ T1274] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1643.476824][ T1274] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1643.476829][ T1274] RBP: ffff8881e43cfb58 R08: ffffffff821a576c R09: ffffea0007bdde00 [ 1643.476840][ T1274] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881f0dbb000 [ 1643.545228][ T1274] R13: dffffc0000000000 R14: ffff8881f0dbb070 R15: 1ffff1103e1b769d [ 1643.553188][ T1274] FS: 00007f9bcb684700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 1643.562099][ T1274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1643.568670][ T1274] CR2: 00007fb0a9cbae10 CR3: 00000001f3bc1000 CR4: 00000000003406e0 [ 1643.576634][ T1274] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1643.584593][ T1274] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1643.592574][ T1274] Call Trace: [ 1643.595860][ T1274] ? device_add_disk+0x30/0x30 [ 1643.600611][ T1274] ? vsprintf+0x30/0x30 [ 1643.604755][ T1274] ? __alloc_disk_node+0x459/0x5a0 [ 1643.609855][ T1274] loop_add+0x573/0x740 [ 1643.611613][ T1289] Module has invalid ELF structures [ 1643.613997][ T1274] loop_control_ioctl+0x448/0x620 13:54:20 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00HY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1643.614012][ T1274] ? loop_remove+0xa0/0xa0 [ 1643.628574][ T1274] ? memset+0x1f/0x40 [ 1643.632543][ T1274] ? fsnotify+0x1280/0x1340 [ 1643.637034][ T1274] ? loop_remove+0xa0/0xa0 [ 1643.641476][ T1274] do_vfs_ioctl+0x742/0x1720 [ 1643.646056][ T1274] ? ioctl_preallocate+0x250/0x250 [ 1643.651191][ T1274] ? __fget+0x407/0x490 [ 1643.655338][ T1274] ? fget_many+0x20/0x20 [ 1643.659565][ T1274] ? debug_smp_processor_id+0x20/0x20 [ 1643.664924][ T1274] ? security_file_ioctl+0x7d/0xa0 [ 1643.670019][ T1274] __x64_sys_ioctl+0xd4/0x110 13:54:20 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y`\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:20 executing program 5: read$FUSE(0xffffffffffffffff, &(0x7f0000000000)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000002040)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) (async) r3 = getuid() (async) read$FUSE(0xffffffffffffffff, &(0x7f0000004080)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000006240)={0x158, 0xffffffffffffffda, r0, [{{0x4, 0x0, 0xfffffffffffffffa, 0x4, 0x44e6, 0xff, {0x1, 0x20, 0x7, 0x10000, 0x2, 0x81, 0x472985f9, 0x125, 0x5bd8, 0x2000, 0x8, 0xee00, r2, 0x75, 0x10001}}, {0x6, 0x2, 0xd, 0x1fe000, '#,+*):$:\')&-]'}}, {{0x2, 0x1, 0x400, 0x47f2, 0x200, 0x3, {0x4, 0x3ff, 0x8000, 0x0, 0xbe, 0x8, 0x8, 0x1, 0x9, 0xc000, 0xcf23, r3, r4, 0x6, 0x4}}, {0x6, 0x7c, 0x5, 0x1, '+,*]}'}}]}, 0x158) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000060c0), 0x2, 0x0) (async) read$FUSE(0xffffffffffffffff, &(0x7f00000063c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_LK(r5, &(0x7f0000006100)={0x28, 0xffffffffffffffda, r6, {{0x101, 0x8000000000000000, 0x2, r1}}}, 0x28) [ 1643.674681][ T1274] do_syscall_64+0xca/0x1c0 [ 1643.679215][ T1274] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1643.681824][ T1291] Module has invalid ELF structures [ 1643.685123][ T1274] ---[ end trace bc12ee340783dbde ]--- [ 1643.699921][ T1298] Module has invalid ELF structures 13:54:20 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) socket(0x26, 0x3, 0xc) getgid() 13:54:20 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00LY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:20 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Yh\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:20 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 46) 13:54:20 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{0x9, 0x1, 0x1, 0x40}, {0x8, 0x3f, 0x2f, 0x5}, {0x6, 0x4, 0x4, 0x5}, {0xfff, 0x40, 0x5, 0xf5d}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x401, 0x3, 0x4, 0x8}, {0x8, 0x3, 0xe1, 0x2}]}) 13:54:20 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540), 0xc, &(0x7f00000025c0)={0x0, 0x2}, 0x8}, 0x0) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r2, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r2) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x4400, 0x0) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="00000000000002000000000085f3798a22e0b9029030acc4190035574fa2bf71e4e9658938797fe8b2d086d01d8c86704a8ba8c580adea2c9f84a495a30d341a4a8906980e3a5f02f5465e94f97d51a597b9a3887ead869eb000000000000000", @ANYRES16=0x0, @ANYBLOB="10072abd7000ffdbdf25040000000800340000000004"], 0x1c}}, 0xc4014) 13:54:20 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Yl\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:20 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{0x9, 0x1, 0x1, 0x40}, {0x8, 0x3f, 0x2f, 0x5}, {0x6, 0x4, 0x4, 0x5}, {0xfff, 0x40, 0x5, 0xf5d}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x401, 0x3, 0x4, 0x8}, {0x8, 0x3, 0xe1, 0x2}]}) 13:54:20 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00`Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1643.782879][ T1307] Module has invalid ELF structures [ 1643.796405][ T1305] Module has invalid ELF structures [ 1643.812401][ T1313] FAULT_INJECTION: forcing a failure. [ 1643.812401][ T1313] name failslab, interval 1, probability 0, space 0, times 0 [ 1643.816188][ T1317] Module has invalid ELF structures [ 1643.829063][ T1313] CPU: 1 PID: 1313 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1643.839983][ T1313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1643.850021][ T1313] Call Trace: [ 1643.853300][ T1313] dump_stack+0x1d8/0x241 [ 1643.857612][ T1313] ? panic+0x73f/0x73f [ 1643.861665][ T1313] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1643.867454][ T1313] should_fail+0x71f/0x880 [ 1643.871858][ T1313] ? setup_fault_attr+0x3d0/0x3d0 [ 1643.876866][ T1313] ? device_add+0xb6/0xbb0 [ 1643.881269][ T1313] should_failslab+0x5/0x20 [ 1643.885758][ T1313] kmem_cache_alloc_trace+0x28/0x240 [ 1643.891027][ T1313] device_add+0xb6/0xbb0 [ 1643.895305][ T1313] device_create_vargs+0x1b9/0x210 [ 1643.900391][ T1313] device_create+0xea/0x130 [ 1643.904868][ T1313] ? device_create_vargs+0x210/0x210 [ 1643.910132][ T1313] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1643.915823][ T1313] bdi_register_va+0x84/0x600 [ 1643.920473][ T1313] bdi_register+0xd1/0x120 [ 1643.924883][ T1313] ? __device_add_disk+0x551/0x1220 [ 1643.930084][ T1313] ? bdi_register_va+0x600/0x600 [ 1643.935000][ T1313] ? percpu_ref_resurrect+0x113/0x190 [ 1643.940349][ T1313] bdi_register_owner+0x55/0xf0 [ 1643.945170][ T1313] __device_add_disk+0x5d1/0x1220 [ 1643.950170][ T1313] ? device_add_disk+0x30/0x30 [ 1643.954914][ T1313] ? vsprintf+0x30/0x30 [ 1643.959043][ T1313] ? __alloc_disk_node+0x459/0x5a0 [ 1643.964136][ T1313] loop_add+0x573/0x740 [ 1643.968272][ T1313] loop_control_ioctl+0x448/0x620 [ 1643.973268][ T1313] ? loop_remove+0xa0/0xa0 [ 1643.977675][ T1313] ? memset+0x1f/0x40 [ 1643.981631][ T1313] ? fsnotify+0x1280/0x1340 [ 1643.986108][ T1313] ? loop_remove+0xa0/0xa0 [ 1643.990506][ T1313] do_vfs_ioctl+0x742/0x1720 [ 1643.995070][ T1313] ? ioctl_preallocate+0x250/0x250 [ 1644.000156][ T1313] ? __fget+0x407/0x490 [ 1644.004290][ T1313] ? fget_many+0x20/0x20 [ 1644.008506][ T1313] ? debug_smp_processor_id+0x20/0x20 [ 1644.013852][ T1313] ? security_file_ioctl+0x7d/0xa0 [ 1644.018959][ T1313] __x64_sys_ioctl+0xd4/0x110 [ 1644.023640][ T1313] do_syscall_64+0xca/0x1c0 [ 1644.028119][ T1313] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:20 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540), 0xc, &(0x7f00000025c0)={0x0, 0x2}, 0x8}, 0x0) (async) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r2, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), r2) (async, rerun: 32) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x4400, 0x0) (rerun: 32) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="00000000000002000000000085f3798a22e0b9029030acc4190035574fa2bf71e4e9658938797fe8b2d086d01d8c86704a8ba8c580adea2c9f84a495a30d341a4a8906980e3a5f02f5465e94f97d51a597b9a3887ead869eb000000000000000", @ANYRES16=0x0, @ANYBLOB="10072abd7000ffdbdf25040000000800340000000004"], 0x1c}}, 0xc4014) 13:54:20 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Yt\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:20 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{0x9, 0x1, 0x1, 0x40}, {0x8, 0x3f, 0x2f, 0x5}, {0x6, 0x4, 0x4, 0x5}, {0xfff, 0x40, 0x5, 0xf5d}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x401, 0x3, 0x4, 0x8}, {0x8, 0x3, 0xe1, 0x2}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x4, &(0x7f0000000080)=[{0x9, 0x1, 0x1, 0x40}, {0x8, 0x3f, 0x2f, 0x5}, {0x6, 0x4, 0x4, 0x5}, {0xfff, 0x40, 0x5, 0xf5d}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x401, 0x3, 0x4, 0x8}, {0x8, 0x3, 0xe1, 0x2}]}) (async) [ 1644.035901][ T1324] Module has invalid ELF structures [ 1644.053671][ T1313] ------------[ cut here ]------------ [ 1644.056374][ T1329] Module has invalid ELF structures [ 1644.059152][ T1313] WARNING: CPU: 0 PID: 1313 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1644.059154][ T1313] Modules linked in: [ 1644.059166][ T1313] CPU: 0 PID: 1313 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1644.059177][ T1313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1644.096981][ T1313] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1644.102758][ T1313] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1644.122334][ T1313] RSP: 0018:ffff8881e0457a20 EFLAGS: 00010246 [ 1644.128372][ T1313] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1644.136341][ T1313] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1644.144289][ T1313] RBP: ffff8881e0457b58 R08: ffffffff821a576c R09: ffffea0007869c00 [ 1644.152240][ T1313] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881e4098000 [ 1644.160187][ T1313] R13: dffffc0000000000 R14: ffff8881e4098070 R15: 1ffff1103c81309d [ 1644.168133][ T1313] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1644.177035][ T1313] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1644.183592][ T1313] CR2: 00007fc704b52000 CR3: 00000001f38f3000 CR4: 00000000003406f0 [ 1644.191539][ T1313] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1644.199487][ T1313] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1644.207433][ T1313] Call Trace: [ 1644.210707][ T1313] ? device_add_disk+0x30/0x30 [ 1644.215469][ T1313] ? vsprintf+0x30/0x30 [ 1644.219601][ T1313] ? __alloc_disk_node+0x459/0x5a0 [ 1644.224685][ T1313] loop_add+0x573/0x740 [ 1644.228816][ T1313] loop_control_ioctl+0x448/0x620 [ 1644.233811][ T1313] ? loop_remove+0xa0/0xa0 [ 1644.238205][ T1313] ? memset+0x1f/0x40 [ 1644.242161][ T1313] ? fsnotify+0x1280/0x1340 [ 1644.246635][ T1313] ? loop_remove+0xa0/0xa0 [ 1644.251120][ T1313] do_vfs_ioctl+0x742/0x1720 [ 1644.255683][ T1313] ? ioctl_preallocate+0x250/0x250 [ 1644.260764][ T1313] ? __fget+0x407/0x490 [ 1644.264891][ T1313] ? fget_many+0x20/0x20 [ 1644.269114][ T1313] ? debug_smp_processor_id+0x20/0x20 [ 1644.274466][ T1313] ? security_file_ioctl+0x7d/0xa0 [ 1644.279553][ T1313] __x64_sys_ioctl+0xd4/0x110 [ 1644.284206][ T1313] do_syscall_64+0xca/0x1c0 [ 1644.288684][ T1313] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1644.294547][ T1313] ---[ end trace bc12ee340783dbdf ]--- [ 1644.307660][ T22] audit: type=1326 audit(1676296461.119:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1321 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:21 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Yz\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:21 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) socket(0x26, 0x3, 0xc) getgid() 13:54:21 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00hY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:21 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = getpgrp(0x0) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) ptrace$setopts(0x4206, r0, 0x800, 0x2) ptrace$setopts(0x4200, r0, 0x7f, 0x100000) r1 = getpgrp(0x0) get_robust_list(r1, &(0x7f0000000200)=0x0, &(0x7f0000000240)) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x8) 13:54:21 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 47) 13:54:21 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r2, 0x200, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xdb3}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x48}, @BATADV_ATTR_GW_SEL_CLASS={0x8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0xc8}, 0xc002018) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f00000003c0)={0x7ff, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)=""/192, 0xc0}, {&(0x7f0000000240)=""/180, 0xb4}, {&(0x7f0000000300)=""/6, 0x6}], &(0x7f0000000380)=[0x4d, 0x8000000000000001, 0x8], 0x3}, 0x20) 13:54:21 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = getpgrp(0x0) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) ptrace$setopts(0x4206, r0, 0x800, 0x2) ptrace$setopts(0x4200, r0, 0x7f, 0x100000) r1 = getpgrp(0x0) get_robust_list(r1, &(0x7f0000000200)=0x0, &(0x7f0000000240)) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x8) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) getpgrp(0x0) (async) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) (async) ptrace$setopts(0x4206, r0, 0x800, 0x2) (async) ptrace$setopts(0x4200, r0, 0x7f, 0x100000) (async) getpgrp(0x0) (async) get_robust_list(r1, &(0x7f0000000200)=0x0, &(0x7f0000000240)) (async) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x8) (async) 13:54:21 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac\n\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:21 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00lY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1644.576102][ T1343] Module has invalid ELF structures [ 1644.576282][ T1341] Module has invalid ELF structures [ 1644.591436][ T1344] FAULT_INJECTION: forcing a failure. [ 1644.591436][ T1344] name failslab, interval 1, probability 0, space 0, times 0 [ 1644.614492][ T1344] CPU: 0 PID: 1344 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1644.624336][ T1344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1644.628935][ T1359] Module has invalid ELF structures [ 1644.634370][ T1344] Call Trace: [ 1644.634386][ T1344] dump_stack+0x1d8/0x241 [ 1644.634400][ T1344] ? panic+0x73f/0x73f [ 1644.651189][ T1344] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1644.656986][ T1344] should_fail+0x71f/0x880 [ 1644.661391][ T1344] ? setup_fault_attr+0x3d0/0x3d0 [ 1644.666402][ T1344] ? __kernfs_new_node+0xdb/0x6e0 [ 1644.671408][ T1344] should_failslab+0x5/0x20 [ 1644.675896][ T1344] kmem_cache_alloc+0x24/0x220 [ 1644.680643][ T1344] __kernfs_new_node+0xdb/0x6e0 [ 1644.685477][ T1344] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1644.691541][ T1344] ? kernfs_new_node+0x160/0x160 [ 1644.696463][ T1344] ? stack_trace_save+0x118/0x1c0 [ 1644.701460][ T1344] ? stack_trace_snprint+0x170/0x170 [ 1644.706715][ T1344] ? stack_trace_save+0x118/0x1c0 [ 1644.711710][ T1344] kernfs_create_dir_ns+0x90/0x220 [ 1644.716793][ T1344] sysfs_create_dir_ns+0x185/0x390 [ 1644.721876][ T1344] ? sysfs_warn_dup+0xa0/0xa0 [ 1644.726525][ T1344] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1644.732566][ T1344] kobject_add_internal+0x6b7/0xca0 [ 1644.737740][ T1344] kobject_add+0x14e/0x210 [ 1644.742132][ T1344] ? _raw_spin_lock+0xa4/0x1b0 [ 1644.746865][ T1344] ? kobject_init+0x1d0/0x1d0 [ 1644.751512][ T1344] ? mutex_unlock+0x18/0x40 [ 1644.756006][ T1344] ? get_device_parent+0x293/0x400 [ 1644.761091][ T1344] device_add+0x3eb/0xbb0 [ 1644.765392][ T1344] device_create_vargs+0x1b9/0x210 [ 1644.770475][ T1344] device_create+0xea/0x130 [ 1644.774951][ T1344] ? device_create_vargs+0x210/0x210 [ 1644.780216][ T1344] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1644.785905][ T1344] bdi_register_va+0x84/0x600 [ 1644.790576][ T1344] bdi_register+0xd1/0x120 [ 1644.794965][ T1344] ? __device_add_disk+0x551/0x1220 [ 1644.800138][ T1344] ? bdi_register_va+0x600/0x600 [ 1644.805048][ T1344] ? percpu_ref_resurrect+0x113/0x190 [ 1644.810391][ T1344] bdi_register_owner+0x55/0xf0 [ 1644.815214][ T1344] __device_add_disk+0x5d1/0x1220 [ 1644.820212][ T1344] ? device_add_disk+0x30/0x30 [ 1644.824945][ T1344] ? vsprintf+0x30/0x30 [ 1644.829071][ T1344] ? __alloc_disk_node+0x459/0x5a0 [ 1644.834154][ T1344] loop_add+0x573/0x740 [ 1644.838285][ T1344] loop_control_ioctl+0x448/0x620 [ 1644.843279][ T1344] ? loop_remove+0xa0/0xa0 [ 1644.847670][ T1344] ? memset+0x1f/0x40 [ 1644.851624][ T1344] ? fsnotify+0x1280/0x1340 [ 1644.856103][ T1344] ? loop_remove+0xa0/0xa0 [ 1644.860494][ T1344] do_vfs_ioctl+0x742/0x1720 [ 1644.865065][ T1344] ? ioctl_preallocate+0x250/0x250 [ 1644.870148][ T1344] ? __fget+0x407/0x490 13:54:21 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async, rerun: 32) r0 = getpgrp(0x0) (rerun: 32) get_robust_list(r0, &(0x7f0000000200)=0x0, &(0x7f0000000240)) (async) ptrace$setopts(0x4206, r0, 0x800, 0x2) ptrace$setopts(0x4200, r0, 0x7f, 0x100000) (async, rerun: 32) r1 = getpgrp(0x0) (rerun: 32) get_robust_list(r1, &(0x7f0000000200)=0x0, &(0x7f0000000240)) (async) sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x8) 13:54:21 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00tY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1644.874275][ T1344] ? fget_many+0x20/0x20 [ 1644.878490][ T1344] ? debug_smp_processor_id+0x20/0x20 [ 1644.883832][ T1344] ? security_file_ioctl+0x7d/0xa0 [ 1644.888914][ T1344] __x64_sys_ioctl+0xd4/0x110 [ 1644.893561][ T1344] do_syscall_64+0xca/0x1c0 [ 1644.898041][ T1344] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1644.906891][ T1344] kobject_add_internal failed for 7:0 (error: -12 parent: bdi) [ 1644.910096][ T1358] Module has invalid ELF structures [ 1644.920169][ T1344] ------------[ cut here ]------------ [ 1644.920342][ T1368] Module has invalid ELF structures [ 1644.925641][ T1344] WARNING: CPU: 1 PID: 1344 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1644.925643][ T1344] Modules linked in: [ 1644.925660][ T1344] CPU: 1 PID: 1344 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1644.953426][ T1344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1644.963461][ T1344] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1644.969254][ T1344] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1644.988849][ T1344] RSP: 0018:ffff8881caca7a20 EFLAGS: 00010246 [ 1644.994886][ T1344] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1645.002829][ T1344] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1645.010769][ T1344] RBP: ffff8881caca7b58 R08: ffffffff821a576c R09: ffffea0007b135c0 [ 1645.018710][ T1344] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881ef394000 [ 1645.026650][ T1344] R13: dffffc0000000000 R14: ffff8881ef394070 R15: 1ffff1103de7289d [ 1645.034593][ T1344] FS: 00007f9bcb684700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 1645.043491][ T1344] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1645.050049][ T1344] CR2: 00007fc704b57988 CR3: 00000001d1e51000 CR4: 00000000003406e0 [ 1645.057991][ T1344] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1645.065936][ T1344] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1645.073875][ T1344] Call Trace: [ 1645.077152][ T1344] ? device_add_disk+0x30/0x30 [ 1645.081888][ T1344] ? vsprintf+0x30/0x30 [ 1645.086041][ T1344] ? __alloc_disk_node+0x459/0x5a0 [ 1645.091132][ T1344] loop_add+0x573/0x740 [ 1645.095262][ T1344] loop_control_ioctl+0x448/0x620 [ 1645.100274][ T1344] ? loop_remove+0xa0/0xa0 [ 1645.104662][ T1344] ? memset+0x1f/0x40 [ 1645.108612][ T1344] ? fsnotify+0x1280/0x1340 [ 1645.113085][ T1344] ? loop_remove+0xa0/0xa0 [ 1645.117472][ T1344] do_vfs_ioctl+0x742/0x1720 [ 1645.122037][ T1344] ? ioctl_preallocate+0x250/0x250 13:54:21 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0xfff, 0x1, 0x9f, 0x8001}, {0x0, 0x6e, 0x20, 0xfffffffc}, {0xf89, 0x0, 0xff}, {0x1, 0x9, 0x1, 0x1ff}]}) arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) 13:54:21 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00zY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1645.127121][ T1344] ? __fget+0x407/0x490 [ 1645.131249][ T1344] ? fget_many+0x20/0x20 [ 1645.135470][ T1344] ? debug_smp_processor_id+0x20/0x20 [ 1645.140813][ T1344] ? security_file_ioctl+0x7d/0xa0 [ 1645.145932][ T1344] __x64_sys_ioctl+0xd4/0x110 [ 1645.150579][ T1344] do_syscall_64+0xca/0x1c0 [ 1645.155060][ T1344] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1645.160923][ T1344] ---[ end trace bc12ee340783dbe0 ]--- [ 1645.196969][ T1371] Module has invalid ELF structures 13:54:22 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) socket(0x26, 0x3, 0xc) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) socket(0x26, 0x3, 0xc) (async) getgid() (async) 13:54:22 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac#\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:22 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 48) 13:54:22 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0xfff, 0x1, 0x9f, 0x8001}, {0x0, 0x6e, 0x20, 0xfffffffc}, {0xf89, 0x0, 0xff}, {0x1, 0x9, 0x1, 0x1ff}]}) arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0xfff, 0x1, 0x9f, 0x8001}, {0x0, 0x6e, 0x20, 0xfffffffc}, {0xf89, 0x0, 0xff}, {0x1, 0x9, 0x1, 0x1ff}]}) (async) arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) (async) 13:54:22 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x02Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:22 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r2, 0x200, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xdb3}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x48}, @BATADV_ATTR_GW_SEL_CLASS={0x8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0xc8}, 0xc002018) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f00000003c0)={0x7ff, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)=""/192, 0xc0}, {&(0x7f0000000240)=""/180, 0xb4}, {&(0x7f0000000300)=""/6, 0x6}], &(0x7f0000000380)=[0x4d, 0x8000000000000001, 0x8], 0x3}, 0x20) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r2, 0x200, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xdb3}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x48}, @BATADV_ATTR_GW_SEL_CLASS={0x8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0xc8}, 0xc002018) (async) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f00000003c0)={0x7ff, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)=""/192, 0xc0}, {&(0x7f0000000240)=""/180, 0xb4}, {&(0x7f0000000300)=""/6, 0x6}], &(0x7f0000000380)=[0x4d, 0x8000000000000001, 0x8], 0x3}, 0x20) (async) 13:54:22 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x03Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1645.385478][ T1377] Module has invalid ELF structures [ 1645.402306][ T1380] FAULT_INJECTION: forcing a failure. [ 1645.402306][ T1380] name failslab, interval 1, probability 0, space 0, times 0 [ 1645.403960][ T1384] Module has invalid ELF structures [ 1645.414919][ T1380] CPU: 0 PID: 1380 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1645.414924][ T1380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1645.414927][ T1380] Call Trace: [ 1645.414942][ T1380] dump_stack+0x1d8/0x241 [ 1645.414950][ T1380] ? panic+0x73f/0x73f [ 1645.414958][ T1380] ? stack_trace_save+0x1c0/0x1c0 [ 1645.414966][ T1380] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1645.414975][ T1380] ? arch_stack_walk+0x111/0x140 [ 1645.414986][ T1380] should_fail+0x71f/0x880 [ 1645.414996][ T1380] ? setup_fault_attr+0x3d0/0x3d0 [ 1645.415009][ T1380] ? unwind_next_frame+0x181e/0x1ea0 [ 1645.425834][ T1386] Module has invalid ELF structures [ 1645.429962][ T1380] ? radix_tree_node_alloc+0x190/0x380 [ 1645.429972][ T1380] should_failslab+0x5/0x20 [ 1645.429981][ T1380] kmem_cache_alloc+0x24/0x220 [ 1645.429990][ T1380] radix_tree_node_alloc+0x190/0x380 [ 1645.429998][ T1380] ? kernfs_create_dir_ns+0x90/0x220 [ 1645.430006][ T1380] ? sysfs_create_dir_ns+0x185/0x390 [ 1645.430013][ T1380] ? kobject_add_internal+0x6b7/0xca0 [ 1645.430026][ T1380] ? kobject_add+0x14e/0x210 [ 1645.527451][ T1380] idr_get_free+0x26b/0x850 [ 1645.531932][ T1380] idr_alloc_cyclic+0x1dc/0x5d0 [ 1645.536753][ T1380] ? idr_alloc+0x2f0/0x2f0 [ 1645.541140][ T1380] ? _raw_spin_lock+0xa4/0x1b0 [ 1645.545879][ T1380] ? __radix_tree_preload+0x212/0x260 [ 1645.551246][ T1380] __kernfs_new_node+0x122/0x6e0 [ 1645.556156][ T1380] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1645.562193][ T1380] ? kernfs_new_node+0x160/0x160 [ 1645.567100][ T1380] ? stack_trace_save+0x118/0x1c0 [ 1645.572095][ T1380] ? stack_trace_snprint+0x170/0x170 [ 1645.577357][ T1380] ? stack_trace_save+0x118/0x1c0 [ 1645.582351][ T1380] kernfs_create_dir_ns+0x90/0x220 [ 1645.587433][ T1380] sysfs_create_dir_ns+0x185/0x390 [ 1645.592530][ T1380] ? sysfs_warn_dup+0xa0/0xa0 [ 1645.597182][ T1380] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1645.603220][ T1380] kobject_add_internal+0x6b7/0xca0 [ 1645.608387][ T1380] kobject_add+0x14e/0x210 [ 1645.612783][ T1380] ? _raw_spin_lock+0xa4/0x1b0 [ 1645.617518][ T1380] ? kobject_init+0x1d0/0x1d0 [ 1645.622182][ T1380] ? mutex_unlock+0x18/0x40 [ 1645.626654][ T1380] ? get_device_parent+0x293/0x400 [ 1645.631751][ T1380] device_add+0x3eb/0xbb0 [ 1645.636057][ T1380] device_create_vargs+0x1b9/0x210 [ 1645.641144][ T1380] device_create+0xea/0x130 [ 1645.645618][ T1380] ? device_create_vargs+0x210/0x210 [ 1645.650873][ T1380] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1645.656565][ T1380] bdi_register_va+0x84/0x600 [ 1645.661234][ T1380] bdi_register+0xd1/0x120 [ 1645.665654][ T1380] ? __device_add_disk+0x551/0x1220 [ 1645.670828][ T1380] ? bdi_register_va+0x600/0x600 [ 1645.675736][ T1380] ? percpu_ref_resurrect+0x113/0x190 [ 1645.681076][ T1380] bdi_register_owner+0x55/0xf0 [ 1645.685907][ T1380] __device_add_disk+0x5d1/0x1220 [ 1645.690910][ T1380] ? device_add_disk+0x30/0x30 [ 1645.695643][ T1380] ? vsprintf+0x30/0x30 [ 1645.699769][ T1380] ? __alloc_disk_node+0x459/0x5a0 [ 1645.704851][ T1380] loop_add+0x573/0x740 [ 1645.708980][ T1380] loop_control_ioctl+0x448/0x620 [ 1645.713973][ T1380] ? loop_remove+0xa0/0xa0 [ 1645.718361][ T1380] ? memset+0x1f/0x40 [ 1645.722314][ T1380] ? fsnotify+0x1280/0x1340 [ 1645.726784][ T1380] ? loop_remove+0xa0/0xa0 [ 1645.731169][ T1380] do_vfs_ioctl+0x742/0x1720 13:54:22 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x04Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:22 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0xfff, 0x1, 0x9f, 0x8001}, {0x0, 0x6e, 0x20, 0xfffffffc}, {0xf89, 0x0, 0xff}, {0x1, 0x9, 0x1, 0x1ff}]}) arch_prctl$ARCH_SET_CPUID(0x1012, 0x1) 13:54:22 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac%\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1645.735730][ T1380] ? ioctl_preallocate+0x250/0x250 [ 1645.740810][ T1380] ? __fget+0x407/0x490 [ 1645.744937][ T1380] ? fget_many+0x20/0x20 [ 1645.749151][ T1380] ? debug_smp_processor_id+0x20/0x20 [ 1645.754496][ T1380] ? security_file_ioctl+0x7d/0xa0 [ 1645.759578][ T1380] __x64_sys_ioctl+0xd4/0x110 [ 1645.764243][ T1380] do_syscall_64+0xca/0x1c0 [ 1645.768720][ T1380] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:22 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 49) 13:54:22 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) [ 1645.792540][ T1401] Module has invalid ELF structures [ 1645.803053][ T22] kauditd_printk_skb: 2 callbacks suppressed [ 1645.803062][ T22] audit: type=1326 audit(1676296462.609:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1387 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1645.849351][ T1405] FAULT_INJECTION: forcing a failure. [ 1645.849351][ T1405] name failslab, interval 1, probability 0, space 0, times 0 [ 1645.854519][ T1404] Module has invalid ELF structures [ 1645.864659][ T1405] CPU: 0 PID: 1405 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1645.876944][ T1405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1645.886987][ T1405] Call Trace: [ 1645.890266][ T1405] dump_stack+0x1d8/0x241 [ 1645.894584][ T1405] ? panic+0x73f/0x73f [ 1645.898642][ T1405] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1645.904433][ T1405] ? idr_alloc+0x2f0/0x2f0 [ 1645.908834][ T1405] should_fail+0x71f/0x880 [ 1645.913237][ T1405] ? setup_fault_attr+0x3d0/0x3d0 [ 1645.918245][ T1405] ? mutex_lock+0xa5/0x110 [ 1645.922645][ T1405] ? __kernfs_new_node+0xdb/0x6e0 [ 1645.927652][ T1405] should_failslab+0x5/0x20 [ 1645.932186][ T1405] kmem_cache_alloc+0x24/0x220 [ 1645.936935][ T1405] __kernfs_new_node+0xdb/0x6e0 [ 1645.941776][ T1405] ? mutex_unlock+0x18/0x40 [ 1645.946271][ T1405] ? kernfs_new_node+0x160/0x160 [ 1645.951197][ T1405] ? kernfs_create_dir_ns+0x1e0/0x220 [ 1645.956556][ T1405] ? sysfs_create_dir_ns+0x185/0x390 [ 1645.961828][ T1405] ? sysfs_create_dir_ns+0x1cb/0x390 [ 1645.967101][ T1405] kernfs_new_node+0x95/0x160 [ 1645.971767][ T1405] __kernfs_create_file+0x45/0x260 [ 1645.976866][ T1405] sysfs_add_file_mode_ns+0x292/0x340 [ 1645.982227][ T1405] sysfs_create_file_ns+0x196/0x2a0 [ 1645.987412][ T1405] ? sysfs_add_file_mode_ns+0x340/0x340 [ 1645.992944][ T1405] ? dev_fwnode+0x4c/0x80 [ 1645.997257][ T1405] ? device_create_file+0xea/0x1b0 [ 1646.002353][ T1405] device_add+0x4b2/0xbb0 [ 1646.006674][ T1405] device_create_vargs+0x1b9/0x210 [ 1646.011772][ T1405] device_create+0xea/0x130 [ 1646.016262][ T1405] ? device_create_vargs+0x210/0x210 [ 1646.021534][ T1405] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1646.027235][ T1405] bdi_register_va+0x84/0x600 [ 1646.031895][ T1405] bdi_register+0xd1/0x120 [ 1646.036298][ T1405] ? __device_add_disk+0x551/0x1220 [ 1646.041480][ T1405] ? bdi_register_va+0x600/0x600 [ 1646.046405][ T1405] ? percpu_ref_resurrect+0x113/0x190 [ 1646.051764][ T1405] bdi_register_owner+0x55/0xf0 [ 1646.056712][ T1405] __device_add_disk+0x5d1/0x1220 [ 1646.061726][ T1405] ? device_add_disk+0x30/0x30 [ 1646.066474][ T1405] ? vsprintf+0x30/0x30 [ 1646.070617][ T1405] ? __alloc_disk_node+0x459/0x5a0 [ 1646.075722][ T1405] loop_add+0x573/0x740 [ 1646.079872][ T1405] loop_control_ioctl+0x448/0x620 [ 1646.084882][ T1405] ? loop_remove+0xa0/0xa0 [ 1646.089289][ T1405] ? memset+0x1f/0x40 [ 1646.093260][ T1405] ? fsnotify+0x1280/0x1340 [ 1646.097754][ T1405] ? loop_remove+0xa0/0xa0 [ 1646.102163][ T1405] do_vfs_ioctl+0x742/0x1720 [ 1646.106748][ T1405] ? ioctl_preallocate+0x250/0x250 [ 1646.111855][ T1405] ? __fget+0x407/0x490 [ 1646.116003][ T1405] ? fget_many+0x20/0x20 [ 1646.120237][ T1405] ? debug_smp_processor_id+0x20/0x20 [ 1646.125599][ T1405] ? security_file_ioctl+0x7d/0xa0 [ 1646.130691][ T1405] __x64_sys_ioctl+0xd4/0x110 [ 1646.135339][ T1405] do_syscall_64+0xca/0x1c0 [ 1646.139817][ T1405] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1646.155214][ T1405] ------------[ cut here ]------------ [ 1646.160678][ T1405] WARNING: CPU: 1 PID: 1405 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1646.169661][ T1405] Modules linked in: [ 1646.173555][ T1405] CPU: 1 PID: 1405 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1646.183321][ T1405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1646.193366][ T1405] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1646.199143][ T1405] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1646.218719][ T1405] RSP: 0018:ffff8881cc76fa20 EFLAGS: 00010246 [ 1646.224754][ T1405] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1646.232697][ T1405] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1646.240641][ T1405] RBP: ffff8881cc76fb58 R08: ffffffff821a576c R09: ffffea0007b93d80 [ 1646.248583][ T1405] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881f26f1000 [ 1646.256525][ T1405] R13: dffffc0000000000 R14: ffff8881f26f1070 R15: 1ffff1103e4de29d [ 1646.264468][ T1405] FS: 00007f9bcb684700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 1646.273370][ T1405] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1646.279927][ T1405] CR2: 00007fb0a9cbf0c0 CR3: 00000001e5d1e000 CR4: 00000000003406e0 [ 1646.287872][ T1405] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1646.295815][ T1405] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1646.303764][ T1405] Call Trace: [ 1646.307033][ T1405] ? device_add_disk+0x30/0x30 [ 1646.311768][ T1405] ? vsprintf+0x30/0x30 [ 1646.315897][ T1405] ? __alloc_disk_node+0x459/0x5a0 [ 1646.320980][ T1405] loop_add+0x573/0x740 [ 1646.325108][ T1405] loop_control_ioctl+0x448/0x620 [ 1646.330115][ T1405] ? loop_remove+0xa0/0xa0 [ 1646.334503][ T1405] ? memset+0x1f/0x40 [ 1646.338456][ T1405] ? fsnotify+0x1280/0x1340 [ 1646.342931][ T1405] ? loop_remove+0xa0/0xa0 [ 1646.347319][ T1405] do_vfs_ioctl+0x742/0x1720 13:54:22 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f00000000c0)={'filter\x00', 0xd2, "a09316033cfb953135f4d634281f95894cea3a5e6c0a81b2a7387084c904dd7e56c0126e2a421cb90ff279f1a5050f42c57d9a98da311bec5a3bd5b188d7332bd4ba2067514b31d6f1310587e2aba61499dd8b1e1cf64a4a3401f604f3f255e4c054ec50170dd7831c67af2a11945fdcd5709a6eccc0c0cb9fc3591e39f21c36fdd30019c2a76c52a79da208590c390bc68937fe2e9fb149747d5a9e40a71428679425b7e9b50fd86dd8d2cce2e19425225db68b8b658167044c2bf0c02a6f7644fbc2a4980f99388c0ce1a589f7618b55ef"}, &(0x7f0000000040)=0xf6) 13:54:22 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r2, 0x200, 0x70bd26, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xdb3}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x48}, @BATADV_ATTR_GW_SEL_CLASS={0x8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0xc8}, 0xc002018) (async) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f00000003c0)={0x7ff, 0x0, &(0x7f0000000340)=[{&(0x7f0000000180)=""/192, 0xc0}, {&(0x7f0000000240)=""/180, 0xb4}, {&(0x7f0000000300)=""/6, 0x6}], &(0x7f0000000380)=[0x4d, 0x8000000000000001, 0x8], 0x3}, 0x20) 13:54:22 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x05Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:22 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac*\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:22 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) [ 1646.351890][ T1405] ? ioctl_preallocate+0x250/0x250 [ 1646.356973][ T1405] ? __fget+0x407/0x490 [ 1646.361102][ T1405] ? fget_many+0x20/0x20 [ 1646.365316][ T1405] ? debug_smp_processor_id+0x20/0x20 [ 1646.370663][ T1405] ? security_file_ioctl+0x7d/0xa0 [ 1646.375747][ T1405] __x64_sys_ioctl+0xd4/0x110 [ 1646.380398][ T1405] do_syscall_64+0xca/0x1c0 [ 1646.384878][ T1405] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1646.390741][ T1405] ---[ end trace bc12ee340783dbe1 ]--- 13:54:23 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async) 13:54:23 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 50) 13:54:23 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$FUSE_STATFS(r0, &(0x7f0000000040)={0x60, 0x0, 0x0, {{0x6, 0x94, 0xea9, 0x0, 0x0, 0x2, 0x1000000, 0x7}}}, 0x60) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:23 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x06Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:23 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac+\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:23 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$FUSE_STATFS(r0, &(0x7f0000000040)={0x60, 0x0, 0x0, {{0x6, 0x94, 0xea9, 0x0, 0x0, 0x2, 0x1000000, 0x7}}}, 0x60) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:23 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac-\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1646.403215][ T1416] Module has invalid ELF structures [ 1646.413028][ T1417] Module has invalid ELF structures [ 1646.446146][ T1426] Module has invalid ELF structures [ 1646.459052][ T1424] FAULT_INJECTION: forcing a failure. [ 1646.459052][ T1424] name failslab, interval 1, probability 0, space 0, times 0 [ 1646.469661][ T1432] Module has invalid ELF structures [ 1646.483196][ T1428] Module has invalid ELF structures [ 1646.489200][ T1424] CPU: 1 PID: 1424 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1646.498993][ T1424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1646.509034][ T1424] Call Trace: [ 1646.512321][ T1424] dump_stack+0x1d8/0x241 [ 1646.516640][ T1424] ? panic+0x73f/0x73f [ 1646.520689][ T1424] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1646.526492][ T1424] ? idr_alloc+0x2f0/0x2f0 [ 1646.530881][ T1424] should_fail+0x71f/0x880 [ 1646.535272][ T1424] ? setup_fault_attr+0x3d0/0x3d0 [ 1646.540271][ T1424] ? mutex_lock+0xa5/0x110 [ 1646.544659][ T1424] ? __kernfs_new_node+0xdb/0x6e0 [ 1646.549657][ T1424] should_failslab+0x5/0x20 [ 1646.554134][ T1424] kmem_cache_alloc+0x24/0x220 [ 1646.558872][ T1424] __kernfs_new_node+0xdb/0x6e0 [ 1646.563693][ T1424] ? mutex_unlock+0x18/0x40 [ 1646.568166][ T1424] ? kernfs_new_node+0x160/0x160 [ 1646.573109][ T1424] ? kernfs_create_dir_ns+0x1e0/0x220 [ 1646.578452][ T1424] ? sysfs_create_dir_ns+0x185/0x390 [ 1646.583710][ T1424] ? sysfs_create_dir_ns+0x1cb/0x390 [ 1646.588966][ T1424] kernfs_new_node+0x95/0x160 [ 1646.593618][ T1424] __kernfs_create_file+0x45/0x260 [ 1646.598701][ T1424] sysfs_add_file_mode_ns+0x292/0x340 [ 1646.604046][ T1424] sysfs_create_file_ns+0x196/0x2a0 [ 1646.609214][ T1424] ? sysfs_add_file_mode_ns+0x340/0x340 [ 1646.614731][ T1424] ? dev_fwnode+0x4c/0x80 [ 1646.619032][ T1424] ? device_create_file+0xea/0x1b0 [ 1646.624114][ T1424] device_add+0x4b2/0xbb0 [ 1646.628418][ T1424] device_create_vargs+0x1b9/0x210 [ 1646.633501][ T1424] device_create+0xea/0x130 [ 1646.637980][ T1424] ? device_create_vargs+0x210/0x210 [ 1646.643237][ T1424] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1646.648932][ T1424] bdi_register_va+0x84/0x600 [ 1646.653582][ T1424] bdi_register+0xd1/0x120 [ 1646.657969][ T1424] ? __device_add_disk+0x551/0x1220 [ 1646.663135][ T1424] ? bdi_register_va+0x600/0x600 [ 1646.668049][ T1424] ? percpu_ref_resurrect+0x113/0x190 [ 1646.673393][ T1424] bdi_register_owner+0x55/0xf0 [ 1646.678213][ T1424] __device_add_disk+0x5d1/0x1220 [ 1646.683211][ T1424] ? device_add_disk+0x30/0x30 [ 1646.687967][ T1424] ? vsprintf+0x30/0x30 [ 1646.692098][ T1424] ? __alloc_disk_node+0x459/0x5a0 [ 1646.697182][ T1424] loop_add+0x573/0x740 [ 1646.701311][ T1424] loop_control_ioctl+0x448/0x620 [ 1646.706308][ T1424] ? loop_remove+0xa0/0xa0 [ 1646.710699][ T1424] ? memset+0x1f/0x40 [ 1646.714669][ T1424] ? fsnotify+0x1280/0x1340 [ 1646.719143][ T1424] ? loop_remove+0xa0/0xa0 [ 1646.723530][ T1424] do_vfs_ioctl+0x742/0x1720 [ 1646.728095][ T1424] ? ioctl_preallocate+0x250/0x250 [ 1646.733176][ T1424] ? __fget+0x407/0x490 [ 1646.737307][ T1424] ? fget_many+0x20/0x20 [ 1646.741524][ T1424] ? debug_smp_processor_id+0x20/0x20 [ 1646.746897][ T1424] ? security_file_ioctl+0x7d/0xa0 [ 1646.751979][ T1424] __x64_sys_ioctl+0xd4/0x110 [ 1646.756629][ T1424] do_syscall_64+0xca/0x1c0 [ 1646.761106][ T1424] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1646.768126][ T22] audit: type=1326 audit(1676296463.579:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1433 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1646.768985][ T1424] ------------[ cut here ]------------ [ 1646.797173][ T1424] WARNING: CPU: 0 PID: 1424 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1646.806163][ T1424] Modules linked in: [ 1646.810046][ T1424] CPU: 0 PID: 1424 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1646.819824][ T1424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1646.829873][ T1424] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1646.835658][ T1424] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1646.855249][ T1424] RSP: 0018:ffff8881caccfa20 EFLAGS: 00010246 [ 1646.861296][ T1424] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1646.869248][ T1424] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1646.877203][ T1424] RBP: ffff8881caccfb58 R08: ffffffff821a576c R09: ffffea0007810740 [ 1646.885155][ T1424] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881e0ff2000 [ 1646.893110][ T1424] R13: dffffc0000000000 R14: ffff8881e0ff2070 R15: 1ffff1103c1fe49d [ 1646.901069][ T1424] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1646.909978][ T1424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1646.916542][ T1424] CR2: 00007f7d07ab1718 CR3: 00000001eb2f4000 CR4: 00000000003406f0 [ 1646.924497][ T1424] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1646.932450][ T1424] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1646.940407][ T1424] Call Trace: [ 1646.943691][ T1424] ? device_add_disk+0x30/0x30 [ 1646.948441][ T1424] ? vsprintf+0x30/0x30 [ 1646.952584][ T1424] ? __alloc_disk_node+0x459/0x5a0 [ 1646.957678][ T1424] loop_add+0x573/0x740 [ 1646.961827][ T1424] loop_control_ioctl+0x448/0x620 [ 1646.966842][ T1424] ? loop_remove+0xa0/0xa0 [ 1646.971262][ T1424] ? memset+0x1f/0x40 [ 1646.975241][ T1424] ? fsnotify+0x1280/0x1340 [ 1646.979724][ T1424] ? loop_remove+0xa0/0xa0 [ 1646.984124][ T1424] do_vfs_ioctl+0x742/0x1720 [ 1646.988701][ T1424] ? ioctl_preallocate+0x250/0x250 [ 1646.993802][ T1424] ? __fget+0x407/0x490 [ 1646.997939][ T1424] ? fget_many+0x20/0x20 [ 1647.002166][ T1424] ? debug_smp_processor_id+0x20/0x20 [ 1647.007520][ T1424] ? security_file_ioctl+0x7d/0xa0 [ 1647.012614][ T1424] __x64_sys_ioctl+0xd4/0x110 [ 1647.017276][ T1424] do_syscall_64+0xca/0x1c0 [ 1647.021764][ T1424] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1647.027639][ T1424] ---[ end trace bc12ee340783dbe2 ]--- 13:54:23 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) getgid() (async) r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f00000000c0)={'filter\x00', 0xd2, "a09316033cfb953135f4d634281f95894cea3a5e6c0a81b2a7387084c904dd7e56c0126e2a421cb90ff279f1a5050f42c57d9a98da311bec5a3bd5b188d7332bd4ba2067514b31d6f1310587e2aba61499dd8b1e1cf64a4a3401f604f3f255e4c054ec50170dd7831c67af2a11945fdcd5709a6eccc0c0cb9fc3591e39f21c36fdd30019c2a76c52a79da208590c390bc68937fe2e9fb149747d5a9e40a71428679425b7e9b50fd86dd8d2cce2e19425225db68b8b658167044c2bf0c02a6f7644fbc2a4980f99388c0ce1a589f7618b55ef"}, &(0x7f0000000040)=0xf6) 13:54:23 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r1) sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x6}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x20}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x8040) io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f0000000040), 0x1) 13:54:23 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac.\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:23 executing program 5: r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$FUSE_STATFS(r0, &(0x7f0000000040)={0x60, 0x0, 0x0, {{0x6, 0x94, 0xea9, 0x0, 0x0, 0x2, 0x1000000, 0x7}}}, 0x60) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:23 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\aY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:23 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 51) 13:54:23 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000040)=""/73, &(0x7f00000000c0)=0x49) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), r1) 13:54:23 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000040)=""/73, &(0x7f00000000c0)=0x49) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), r1) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000040)=""/73, &(0x7f00000000c0)=0x49) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), r1) (async) 13:54:23 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\bY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:23 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac0\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:23 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacL\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:23 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000040)=""/73, &(0x7f00000000c0)=0x49) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), r1) [ 1647.120110][ T1447] Module has invalid ELF structures [ 1647.122464][ T1445] Module has invalid ELF structures [ 1647.145098][ T1453] Module has invalid ELF structures [ 1647.152042][ T1454] Module has invalid ELF structures [ 1647.172800][ T1446] FAULT_INJECTION: forcing a failure. [ 1647.172800][ T1446] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.175053][ T1461] Module has invalid ELF structures [ 1647.191479][ T1446] CPU: 0 PID: 1446 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1647.201534][ T1446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1647.211573][ T1446] Call Trace: [ 1647.214849][ T1446] dump_stack+0x1d8/0x241 [ 1647.219168][ T1446] ? panic+0x73f/0x73f [ 1647.223226][ T1446] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1647.229022][ T1446] ? mutex_unlock+0x18/0x40 [ 1647.233510][ T1446] ? kernfs_xattr_get+0x81/0x90 [ 1647.238340][ T1446] should_fail+0x71f/0x880 [ 1647.242740][ T1446] ? setup_fault_attr+0x3d0/0x3d0 [ 1647.247762][ T1446] ? idr_alloc+0x2f0/0x2f0 [ 1647.252165][ T1446] ? __kernfs_new_node+0x99/0x6e0 [ 1647.257168][ T1446] should_failslab+0x5/0x20 [ 1647.261648][ T1446] __kmalloc_track_caller+0x4f/0x290 [ 1647.266908][ T1446] kstrdup_const+0x51/0x90 [ 1647.271295][ T1446] __kernfs_new_node+0x99/0x6e0 [ 1647.276119][ T1446] ? kernfs_new_node+0x160/0x160 [ 1647.281026][ T1446] ? mutex_lock+0xa5/0x110 [ 1647.285422][ T1446] ? mutex_trylock+0xa0/0xa0 [ 1647.289983][ T1446] ? kernfs_activate+0x2fe/0x320 [ 1647.294894][ T1446] kernfs_new_node+0x95/0x160 [ 1647.299542][ T1446] kernfs_create_link+0x9e/0x1f0 [ 1647.304450][ T1446] sysfs_do_create_link_sd+0x85/0x100 [ 1647.309795][ T1446] device_add_class_symlinks+0x211/0x2a0 [ 1647.315412][ T1446] device_add+0x4d3/0xbb0 [ 1647.319725][ T1446] device_create_vargs+0x1b9/0x210 [ 1647.324853][ T1446] device_create+0xea/0x130 [ 1647.329334][ T1446] ? device_create_vargs+0x210/0x210 [ 1647.334593][ T1446] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1647.340284][ T1446] bdi_register_va+0x84/0x600 [ 1647.344934][ T1446] bdi_register+0xd1/0x120 [ 1647.349332][ T1446] ? __device_add_disk+0x551/0x1220 [ 1647.354527][ T1446] ? bdi_register_va+0x600/0x600 [ 1647.359442][ T1446] ? percpu_ref_resurrect+0x113/0x190 [ 1647.364789][ T1446] bdi_register_owner+0x55/0xf0 [ 1647.369633][ T1446] __device_add_disk+0x5d1/0x1220 [ 1647.374634][ T1446] ? device_add_disk+0x30/0x30 [ 1647.379369][ T1446] ? vsprintf+0x30/0x30 [ 1647.383497][ T1446] ? __alloc_disk_node+0x459/0x5a0 [ 1647.388590][ T1446] loop_add+0x573/0x740 [ 1647.392745][ T1446] loop_control_ioctl+0x448/0x620 [ 1647.397743][ T1446] ? loop_remove+0xa0/0xa0 [ 1647.402136][ T1446] ? memset+0x1f/0x40 [ 1647.406090][ T1446] ? fsnotify+0x1280/0x1340 [ 1647.410565][ T1446] ? loop_remove+0xa0/0xa0 [ 1647.414953][ T1446] do_vfs_ioctl+0x742/0x1720 [ 1647.419515][ T1446] ? ioctl_preallocate+0x250/0x250 [ 1647.424601][ T1446] ? __fget+0x407/0x490 [ 1647.428733][ T1446] ? fget_many+0x20/0x20 [ 1647.432979][ T1446] ? debug_smp_processor_id+0x20/0x20 [ 1647.438331][ T1446] ? security_file_ioctl+0x7d/0xa0 [ 1647.443413][ T1446] __x64_sys_ioctl+0xd4/0x110 [ 1647.448063][ T1446] do_syscall_64+0xca/0x1c0 [ 1647.452554][ T1446] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1647.460540][ T22] audit: type=1326 audit(1676296464.269:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1466 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1647.472433][ T1446] ------------[ cut here ]------------ [ 1647.489581][ T1446] WARNING: CPU: 0 PID: 1446 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1647.498576][ T1446] Modules linked in: [ 1647.502729][ T1446] CPU: 0 PID: 1446 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1647.510867][ T22] audit: type=1326 audit(1676296464.299:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1466 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f7d08d10fab code=0x80000 [ 1647.512503][ T1446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1647.512516][ T1446] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1647.512529][ T1446] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1647.571314][ T1446] RSP: 0018:ffff8881e2c97a20 EFLAGS: 00010246 [ 1647.577363][ T1446] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1647.585322][ T1446] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1647.593279][ T1446] RBP: ffff8881e2c97b58 R08: ffffffff821a576c R09: ffffea0007cfb8c0 [ 1647.601234][ T1446] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881d0493000 [ 1647.609188][ T1446] R13: dffffc0000000000 R14: ffff8881d0493070 R15: 1ffff1103a09269d [ 1647.617150][ T1446] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1647.626060][ T1446] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1647.632636][ T1446] CR2: 00007fffefef1c08 CR3: 00000001ce663000 CR4: 00000000003406f0 [ 1647.640627][ T1446] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1647.648581][ T1446] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1647.656535][ T1446] Call Trace: [ 1647.659820][ T1446] ? device_add_disk+0x30/0x30 [ 1647.664600][ T1446] ? vsprintf+0x30/0x30 [ 1647.668743][ T1446] ? __alloc_disk_node+0x459/0x5a0 [ 1647.673839][ T1446] loop_add+0x573/0x740 [ 1647.677992][ T1446] loop_control_ioctl+0x448/0x620 [ 1647.683002][ T1446] ? loop_remove+0xa0/0xa0 [ 1647.687413][ T1446] ? memset+0x1f/0x40 [ 1647.691378][ T1446] ? fsnotify+0x1280/0x1340 [ 1647.695864][ T1446] ? loop_remove+0xa0/0xa0 [ 1647.700269][ T1446] do_vfs_ioctl+0x742/0x1720 [ 1647.704847][ T1446] ? ioctl_preallocate+0x250/0x250 [ 1647.709943][ T1446] ? __fget+0x407/0x490 [ 1647.714191][ T1446] ? fget_many+0x20/0x20 [ 1647.718434][ T1446] ? debug_smp_processor_id+0x20/0x20 [ 1647.723828][ T1446] ? security_file_ioctl+0x7d/0xa0 [ 1647.728959][ T1446] __x64_sys_ioctl+0xd4/0x110 [ 1647.733634][ T1446] do_syscall_64+0xca/0x1c0 [ 1647.738126][ T1446] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1647.743998][ T1446] ---[ end trace bc12ee340783dbe3 ]--- 13:54:24 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\tY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:24 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() r0 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r0, 0x0, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f00000000c0)={'filter\x00', 0xd2, "a09316033cfb953135f4d634281f95894cea3a5e6c0a81b2a7387084c904dd7e56c0126e2a421cb90ff279f1a5050f42c57d9a98da311bec5a3bd5b188d7332bd4ba2067514b31d6f1310587e2aba61499dd8b1e1cf64a4a3401f604f3f255e4c054ec50170dd7831c67af2a11945fdcd5709a6eccc0c0cb9fc3591e39f21c36fdd30019c2a76c52a79da208590c390bc68937fe2e9fb149747d5a9e40a71428679425b7e9b50fd86dd8d2cce2e19425225db68b8b658167044c2bf0c02a6f7644fbc2a4980f99388c0ce1a589f7618b55ef"}, &(0x7f0000000040)=0xf6) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r0, 0x0, 0x0) (async) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f00000000c0)={'filter\x00', 0xd2, "a09316033cfb953135f4d634281f95894cea3a5e6c0a81b2a7387084c904dd7e56c0126e2a421cb90ff279f1a5050f42c57d9a98da311bec5a3bd5b188d7332bd4ba2067514b31d6f1310587e2aba61499dd8b1e1cf64a4a3401f604f3f255e4c054ec50170dd7831c67af2a11945fdcd5709a6eccc0c0cb9fc3591e39f21c36fdd30019c2a76c52a79da208590c390bc68937fe2e9fb149747d5a9e40a71428679425b7e9b50fd86dd8d2cce2e19425225db68b8b658167044c2bf0c02a6f7644fbc2a4980f99388c0ce1a589f7618b55ef"}, &(0x7f0000000040)=0xf6) (async) 13:54:24 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000000), 0x7ffffdfffffffffc, 0x400081) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) 13:54:24 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r1) sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x6}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x20}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x8040) io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f0000000040), 0x1) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r1) (async) sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x6}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x20}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x8040) (async) io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f0000000040), 0x1) (async) 13:54:24 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacX\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:24 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 52) 13:54:24 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async) r0 = syz_open_dev$loop(&(0x7f0000000000), 0x7ffffdfffffffffc, 0x400081) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) (async) ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) 13:54:24 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacd\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:24 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\nY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1647.797915][ T1477] Module has invalid ELF structures [ 1647.806040][ T1479] Module has invalid ELF structures [ 1647.827336][ T1476] FAULT_INJECTION: forcing a failure. [ 1647.827336][ T1476] name failslab, interval 1, probability 0, space 0, times 0 [ 1647.839357][ T1486] Module has invalid ELF structures 13:54:24 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\vY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1647.842886][ T1476] CPU: 0 PID: 1476 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1647.848430][ T1487] Module has invalid ELF structures [ 1647.854862][ T1476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1647.854866][ T1476] Call Trace: [ 1647.854881][ T1476] dump_stack+0x1d8/0x241 [ 1647.854894][ T1476] ? panic+0x73f/0x73f [ 1647.881701][ T1476] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1647.887495][ T1476] should_fail+0x71f/0x880 [ 1647.891902][ T1476] ? setup_fault_attr+0x3d0/0x3d0 13:54:24 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\fY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1647.896917][ T1476] ? __kernfs_new_node+0xdb/0x6e0 [ 1647.901927][ T1476] should_failslab+0x5/0x20 [ 1647.902762][ T1489] Module has invalid ELF structures [ 1647.906414][ T1476] kmem_cache_alloc+0x24/0x220 [ 1647.906424][ T1476] __kernfs_new_node+0xdb/0x6e0 [ 1647.906438][ T1476] ? kernfs_new_node+0x160/0x160 [ 1647.926080][ T1476] ? mutex_lock+0xa5/0x110 [ 1647.930477][ T1476] ? mutex_trylock+0xa0/0xa0 [ 1647.935043][ T1476] ? kernfs_activate+0x2fe/0x320 [ 1647.939955][ T1476] kernfs_new_node+0x95/0x160 [ 1647.944606][ T1476] kernfs_create_link+0x9e/0x1f0 [ 1647.949538][ T1476] sysfs_do_create_link_sd+0x85/0x100 [ 1647.954884][ T1476] device_add_class_symlinks+0x211/0x2a0 [ 1647.960508][ T1476] device_add+0x4d3/0xbb0 [ 1647.964813][ T1476] device_create_vargs+0x1b9/0x210 [ 1647.969894][ T1476] device_create+0xea/0x130 [ 1647.974383][ T1476] ? device_create_vargs+0x210/0x210 [ 1647.979641][ T1476] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1647.985333][ T1476] bdi_register_va+0x84/0x600 [ 1647.989992][ T1476] bdi_register+0xd1/0x120 [ 1647.994380][ T1476] ? __device_add_disk+0x551/0x1220 [ 1647.999547][ T1476] ? bdi_register_va+0x600/0x600 [ 1648.004712][ T1476] ? percpu_ref_resurrect+0x113/0x190 [ 1648.010067][ T1476] bdi_register_owner+0x55/0xf0 [ 1648.014899][ T1476] __device_add_disk+0x5d1/0x1220 [ 1648.019899][ T1476] ? device_add_disk+0x30/0x30 [ 1648.024672][ T1476] ? vsprintf+0x30/0x30 [ 1648.028824][ T1476] ? __alloc_disk_node+0x459/0x5a0 [ 1648.033908][ T1476] loop_add+0x573/0x740 [ 1648.038036][ T1476] loop_control_ioctl+0x448/0x620 [ 1648.043031][ T1476] ? loop_remove+0xa0/0xa0 [ 1648.047422][ T1476] ? memset+0x1f/0x40 [ 1648.051374][ T1476] ? fsnotify+0x1280/0x1340 [ 1648.055846][ T1476] ? loop_remove+0xa0/0xa0 [ 1648.060234][ T1476] do_vfs_ioctl+0x742/0x1720 [ 1648.064796][ T1476] ? ioctl_preallocate+0x250/0x250 [ 1648.069886][ T1476] ? __fget+0x407/0x490 [ 1648.074013][ T1476] ? fget_many+0x20/0x20 [ 1648.078237][ T1476] ? debug_smp_processor_id+0x20/0x20 [ 1648.083725][ T1476] ? security_file_ioctl+0x7d/0xa0 [ 1648.088816][ T1476] __x64_sys_ioctl+0xd4/0x110 [ 1648.093469][ T1476] do_syscall_64+0xca/0x1c0 13:54:24 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async) r0 = syz_open_dev$loop(&(0x7f0000000000), 0x7ffffdfffffffffc, 0x400081) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00'}) (async, rerun: 32) ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) (rerun: 32) 13:54:24 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xach\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1648.097964][ T1476] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1648.105652][ T1476] ------------[ cut here ]------------ [ 1648.111126][ T1476] WARNING: CPU: 0 PID: 1476 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1648.119753][ T1503] Module has invalid ELF structures [ 1648.120127][ T1476] Modules linked in: [ 1648.129178][ T1476] CPU: 0 PID: 1476 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1648.138956][ T1476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1648.148994][ T1476] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1648.154769][ T1476] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1648.174342][ T1476] RSP: 0018:ffff8881e2e2fa20 EFLAGS: 00010246 [ 1648.180396][ T1476] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1648.188338][ T1476] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1648.196280][ T1476] RBP: ffff8881e2e2fb58 R08: ffffffff821a576c R09: ffffea000739fec0 [ 1648.204224][ T1476] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881e05dd000 [ 1648.212166][ T1476] R13: dffffc0000000000 R14: ffff8881e05dd070 R15: 1ffff1103c0bba9d [ 1648.220114][ T1476] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1648.229015][ T1476] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1648.235567][ T1476] CR2: 00007fb0a8914ff8 CR3: 00000001f52e8000 CR4: 00000000003406f0 [ 1648.243520][ T1476] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1648.251465][ T1476] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1648.259404][ T1476] Call Trace: [ 1648.262675][ T1476] ? device_add_disk+0x30/0x30 [ 1648.267408][ T1476] ? vsprintf+0x30/0x30 [ 1648.271537][ T1476] ? __alloc_disk_node+0x459/0x5a0 [ 1648.276641][ T1476] loop_add+0x573/0x740 [ 1648.280788][ T1476] loop_control_ioctl+0x448/0x620 [ 1648.285785][ T1476] ? loop_remove+0xa0/0xa0 [ 1648.290179][ T1476] ? memset+0x1f/0x40 [ 1648.294202][ T1476] ? fsnotify+0x1280/0x1340 [ 1648.298694][ T1476] ? loop_remove+0xa0/0xa0 [ 1648.303084][ T1476] do_vfs_ioctl+0x742/0x1720 [ 1648.307649][ T1476] ? ioctl_preallocate+0x250/0x250 [ 1648.312736][ T1476] ? __fget+0x407/0x490 [ 1648.316874][ T1476] ? fget_many+0x20/0x20 [ 1648.321094][ T1476] ? debug_smp_processor_id+0x20/0x20 [ 1648.326438][ T1476] ? security_file_ioctl+0x7d/0xa0 [ 1648.331521][ T1476] __x64_sys_ioctl+0xd4/0x110 [ 1648.336170][ T1476] do_syscall_64+0xca/0x1c0 [ 1648.340649][ T1476] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1648.346511][ T1476] ---[ end trace bc12ee340783dbe4 ]--- [ 1648.353812][ T1504] Module has invalid ELF structures [ 1648.361783][ T22] audit: type=1326 audit(1676296465.169:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1497 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:25 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\rY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:25 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7f, 0x0, 0x4, 0xba}, {0x6, 0x13, 0x3, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:25 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xaci\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:25 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r1) sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x6}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x20}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x8040) io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f0000000040), 0x1) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r1) (async) sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, r2, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x4}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x6}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x20}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x8040) (async) io_uring_register$IORING_REGISTER_EVENTFD(r1, 0x4, &(0x7f0000000040), 0x1) (async) 13:54:25 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 53) 13:54:25 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LISTALL(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r2, 0x22, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x40) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) 13:54:25 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacl\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:25 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x0eY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:25 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LISTALL(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r2, 0x22, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x40) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) 13:54:25 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x10Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:25 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xaco\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1648.595858][ T1519] Module has invalid ELF structures [ 1648.595870][ T1518] Module has invalid ELF structures [ 1648.624576][ T1525] Module has invalid ELF structures [ 1648.634290][ T1528] Module has invalid ELF structures [ 1648.652678][ T1520] FAULT_INJECTION: forcing a failure. [ 1648.652678][ T1520] name failslab, interval 1, probability 0, space 0, times 0 [ 1648.654297][ T1537] Module has invalid ELF structures [ 1648.667193][ T1520] CPU: 0 PID: 1520 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1648.680225][ T1520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1648.690259][ T1520] Call Trace: [ 1648.693533][ T1520] dump_stack+0x1d8/0x241 [ 1648.697849][ T1520] ? panic+0x73f/0x73f 13:54:25 executing program 1: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) 13:54:25 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) (async, rerun: 64) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) sendmsg$IEEE802154_LLSEC_DEL_DEV(r1, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) r2 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_LISTALL(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r2, 0x22, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x40) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) 13:54:25 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7f, 0x0, 0x4, 0xba}, {0x6, 0x13, 0x3, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7f, 0x0, 0x4, 0xba}, {0x6, 0x13, 0x3, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) 13:54:25 executing program 1: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) (async) socket$xdp(0x2c, 0x3, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) (async) [ 1648.701912][ T1520] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1648.707710][ T1520] ? mutex_lock+0xa5/0x110 [ 1648.712121][ T1520] should_fail+0x71f/0x880 [ 1648.716528][ T1520] ? kstrdup_const+0x51/0x90 [ 1648.721107][ T1520] ? setup_fault_attr+0x3d0/0x3d0 [ 1648.726120][ T1520] ? mutex_lock+0xa5/0x110 [ 1648.730526][ T1520] ? mutex_trylock+0xa0/0xa0 [ 1648.735104][ T1520] ? __kernfs_new_node+0xdb/0x6e0 [ 1648.740121][ T1520] should_failslab+0x5/0x20 [ 1648.740145][ T1539] Module has invalid ELF structures 13:54:25 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r1, 0x20, 0x80000000, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x8090) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x2, 0x0) [ 1648.744607][ T1520] kmem_cache_alloc+0x24/0x220 [ 1648.744617][ T1520] __kernfs_new_node+0xdb/0x6e0 [ 1648.744632][ T1520] ? idr_alloc_cyclic+0x369/0x5d0 [ 1648.764394][ T1520] ? kernfs_new_node+0x160/0x160 [ 1648.769318][ T1520] ? selinux_path_notify+0x6d0/0x6d0 [ 1648.774586][ T1520] ? idr_alloc+0x2f0/0x2f0 [ 1648.778996][ T1520] ? _raw_spin_lock+0xa4/0x1b0 [ 1648.783754][ T1520] kernfs_new_node+0x95/0x160 [ 1648.788423][ T1520] __kernfs_create_file+0x45/0x260 [ 1648.793523][ T1520] sysfs_add_file_mode_ns+0x292/0x340 [ 1648.798895][ T1520] internal_create_group+0x573/0xf00 [ 1648.804172][ T1520] ? mutex_unlock+0x18/0x40 [ 1648.808687][ T1520] ? sysfs_create_group+0x20/0x20 [ 1648.813680][ T1520] sysfs_create_groups+0x52/0x110 [ 1648.818672][ T1520] device_add_attrs+0x87/0x370 [ 1648.823404][ T1520] device_add+0x4f4/0xbb0 [ 1648.827703][ T1520] device_create_vargs+0x1b9/0x210 [ 1648.832786][ T1520] device_create+0xea/0x130 [ 1648.837256][ T1520] ? device_create_vargs+0x210/0x210 [ 1648.842526][ T1520] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1648.848226][ T1520] bdi_register_va+0x84/0x600 [ 1648.852892][ T1520] bdi_register+0xd1/0x120 [ 1648.857298][ T1520] ? __device_add_disk+0x551/0x1220 [ 1648.862467][ T1520] ? bdi_register_va+0x600/0x600 [ 1648.867375][ T1520] ? percpu_ref_resurrect+0x113/0x190 [ 1648.872722][ T1520] bdi_register_owner+0x55/0xf0 [ 1648.877545][ T1520] __device_add_disk+0x5d1/0x1220 [ 1648.882536][ T1520] ? device_add_disk+0x30/0x30 [ 1648.887267][ T1520] ? vsprintf+0x30/0x30 [ 1648.891390][ T1520] ? __alloc_disk_node+0x459/0x5a0 [ 1648.896468][ T1520] loop_add+0x573/0x740 [ 1648.900590][ T1520] loop_control_ioctl+0x448/0x620 [ 1648.905593][ T1520] ? loop_remove+0xa0/0xa0 [ 1648.909976][ T1520] ? memset+0x1f/0x40 [ 1648.914017][ T1520] ? fsnotify+0x1280/0x1340 [ 1648.918487][ T1520] ? loop_remove+0xa0/0xa0 [ 1648.922867][ T1520] do_vfs_ioctl+0x742/0x1720 [ 1648.927425][ T1520] ? ioctl_preallocate+0x250/0x250 [ 1648.932501][ T1520] ? __fget+0x407/0x490 [ 1648.936623][ T1520] ? fget_many+0x20/0x20 [ 1648.940834][ T1520] ? debug_smp_processor_id+0x20/0x20 [ 1648.946170][ T1520] ? security_file_ioctl+0x7d/0xa0 [ 1648.951256][ T1520] __x64_sys_ioctl+0xd4/0x110 [ 1648.955901][ T1520] do_syscall_64+0xca/0x1c0 [ 1648.960374][ T1520] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1648.969450][ T1520] ------------[ cut here ]------------ [ 1648.974908][ T1520] WARNING: CPU: 1 PID: 1520 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1648.983887][ T1520] Modules linked in: [ 1648.987751][ T1520] CPU: 1 PID: 1520 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1648.997515][ T1520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1649.007553][ T1520] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1649.013324][ T1520] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1649.032895][ T1520] RSP: 0018:ffff8881e6a67a20 EFLAGS: 00010246 [ 1649.038927][ T1520] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1649.046869][ T1520] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1649.054824][ T1520] RBP: ffff8881e6a67b58 R08: ffffffff821a576c R09: ffffea000795b980 [ 1649.062774][ T1520] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881d0713000 [ 1649.070734][ T1520] R13: dffffc0000000000 R14: ffff8881d0713070 R15: 1ffff1103a0e269d [ 1649.078679][ T1520] FS: 00007f9bcb684700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 1649.087585][ T1520] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1649.094133][ T1520] CR2: 00007ffca1239ff8 CR3: 00000001d0e97000 CR4: 00000000003406e0 [ 1649.102074][ T1520] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1649.110018][ T1520] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1649.117964][ T1520] Call Trace: [ 1649.121232][ T1520] ? device_add_disk+0x30/0x30 [ 1649.125965][ T1520] ? vsprintf+0x30/0x30 [ 1649.130112][ T1520] ? __alloc_disk_node+0x459/0x5a0 [ 1649.135195][ T1520] loop_add+0x573/0x740 [ 1649.139347][ T1520] loop_control_ioctl+0x448/0x620 [ 1649.144344][ T1520] ? loop_remove+0xa0/0xa0 [ 1649.148747][ T1520] ? memset+0x1f/0x40 [ 1649.152702][ T1520] ? fsnotify+0x1280/0x1340 [ 1649.157178][ T1520] ? loop_remove+0xa0/0xa0 [ 1649.161573][ T1520] do_vfs_ioctl+0x742/0x1720 [ 1649.166153][ T1520] ? ioctl_preallocate+0x250/0x250 [ 1649.171237][ T1520] ? __fget+0x407/0x490 [ 1649.175370][ T1520] ? fget_many+0x20/0x20 [ 1649.179583][ T1520] ? debug_smp_processor_id+0x20/0x20 [ 1649.184925][ T1520] ? security_file_ioctl+0x7d/0xa0 [ 1649.190005][ T1520] __x64_sys_ioctl+0xd4/0x110 [ 1649.194672][ T1520] do_syscall_64+0xca/0x1c0 [ 1649.199152][ T1520] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:26 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 54) 13:54:26 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7f, 0x0, 0x4, 0xba}, {0x6, 0x13, 0x3, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() 13:54:26 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r1, 0x20, 0x80000000, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x8090) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x2, 0x0) 13:54:26 executing program 1: ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0) r0 = socket$xdp(0x2c, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000000)) 13:54:26 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacp\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:26 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x11Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1649.205012][ T1520] ---[ end trace bc12ee340783dbe5 ]--- 13:54:26 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x333000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:26 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x12Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:26 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) socket$igmp(0x2, 0x3, 0x2) socket$igmp(0x2, 0x3, 0x2) r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @empty}, &(0x7f00000001c0)=0x10, 0x800) accept$inet(r0, 0x0, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c08000000000000000000000000000000000000000000000000000000005bfdffff84912f3bb0cd33acfd634df97c2bac322ca61d7e4b8451f987b5cc15c2d45025c3972e66990d8e47758d256eefd9150c4cccd042ad98969f2868895d99392d8c0f63fb3278afa5069b4b2b902efe1b39b8586b0b0beb1f5459ab15350dc02a10b419f6c4a50adeb19af678c31b6d83f3085e324714011b3bd50aa6ed696e"], &(0x7f0000000040)=0xa2) getgid() 13:54:26 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r1, 0x20, 0x80000000, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x8090) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r1, 0x20, 0x80000000, 0x25dfdbff, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x8090) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x2, 0x0) (async) 13:54:26 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacs\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:26 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x333000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x333000, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) [ 1649.232881][ T1569] Module has invalid ELF structures [ 1649.233649][ T1566] Module has invalid ELF structures [ 1649.256880][ T1574] Module has invalid ELF structures [ 1649.270438][ T1580] Module has invalid ELF structures [ 1649.279399][ T1568] FAULT_INJECTION: forcing a failure. [ 1649.279399][ T1568] name failslab, interval 1, probability 0, space 0, times 0 [ 1649.297738][ T22] audit: type=1326 audit(1676296466.109:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1576 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1649.333221][ T1568] CPU: 0 PID: 1568 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1649.343024][ T1568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1649.353070][ T1568] Call Trace: [ 1649.356349][ T1568] dump_stack+0x1d8/0x241 [ 1649.360669][ T1568] ? panic+0x73f/0x73f [ 1649.364729][ T1568] ? mutex_unlock+0x18/0x40 [ 1649.369217][ T1568] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1649.375008][ T1568] ? selinux_kernfs_init_security+0x14e/0x730 [ 1649.381055][ T1568] ? idr_alloc_cyclic+0x369/0x5d0 [ 1649.386071][ T1568] should_fail+0x71f/0x880 [ 1649.390476][ T1568] ? setup_fault_attr+0x3d0/0x3d0 [ 1649.395483][ T1568] ? _raw_spin_lock+0xa4/0x1b0 [ 1649.400240][ T1568] ? __kernfs_new_node+0xdb/0x6e0 [ 1649.405394][ T1568] should_failslab+0x5/0x20 [ 1649.409882][ T1568] kmem_cache_alloc+0x24/0x220 [ 1649.414629][ T1568] __kernfs_new_node+0xdb/0x6e0 [ 1649.419493][ T1568] ? kernfs_new_node+0x160/0x160 [ 1649.424411][ T1568] ? mutex_lock+0xa5/0x110 [ 1649.428812][ T1568] ? mutex_trylock+0xa0/0xa0 [ 1649.433386][ T1568] ? kernfs_activate+0x2fe/0x320 [ 1649.438318][ T1568] kernfs_new_node+0x95/0x160 [ 1649.442982][ T1568] __kernfs_create_file+0x45/0x260 [ 1649.448080][ T1568] sysfs_add_file_mode_ns+0x292/0x340 [ 1649.453439][ T1568] internal_create_group+0x573/0xf00 [ 1649.458715][ T1568] ? mutex_unlock+0x18/0x40 [ 1649.463203][ T1568] ? sysfs_create_group+0x20/0x20 [ 1649.468212][ T1568] sysfs_create_groups+0x52/0x110 [ 1649.473242][ T1568] device_add_attrs+0x87/0x370 [ 1649.477991][ T1568] device_add+0x4f4/0xbb0 [ 1649.482304][ T1568] device_create_vargs+0x1b9/0x210 [ 1649.487401][ T1568] device_create+0xea/0x130 [ 1649.491888][ T1568] ? device_create_vargs+0x210/0x210 [ 1649.497159][ T1568] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1649.502860][ T1568] bdi_register_va+0x84/0x600 [ 1649.507524][ T1568] bdi_register+0xd1/0x120 [ 1649.511923][ T1568] ? __device_add_disk+0x551/0x1220 [ 1649.517111][ T1568] ? bdi_register_va+0x600/0x600 [ 1649.522056][ T1568] ? percpu_ref_resurrect+0x113/0x190 [ 1649.527409][ T1568] bdi_register_owner+0x55/0xf0 [ 1649.532245][ T1568] __device_add_disk+0x5d1/0x1220 [ 1649.537256][ T1568] ? device_add_disk+0x30/0x30 [ 1649.542000][ T1568] ? vsprintf+0x30/0x30 [ 1649.546142][ T1568] ? __alloc_disk_node+0x459/0x5a0 [ 1649.551245][ T1568] loop_add+0x573/0x740 [ 1649.555395][ T1568] loop_control_ioctl+0x448/0x620 [ 1649.560404][ T1568] ? loop_remove+0xa0/0xa0 [ 1649.564808][ T1568] ? memset+0x1f/0x40 [ 1649.568775][ T1568] ? fsnotify+0x1280/0x1340 [ 1649.573259][ T1568] ? loop_remove+0xa0/0xa0 [ 1649.577704][ T1568] do_vfs_ioctl+0x742/0x1720 [ 1649.582281][ T1568] ? ioctl_preallocate+0x250/0x250 [ 1649.587383][ T1568] ? __fget+0x407/0x490 [ 1649.591525][ T1568] ? fget_many+0x20/0x20 [ 1649.595760][ T1568] ? debug_smp_processor_id+0x20/0x20 [ 1649.601120][ T1568] ? security_file_ioctl+0x7d/0xa0 [ 1649.606219][ T1568] __x64_sys_ioctl+0xd4/0x110 [ 1649.610888][ T1568] do_syscall_64+0xca/0x1c0 [ 1649.615385][ T1568] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1649.623039][ T1568] ------------[ cut here ]------------ [ 1649.628509][ T1568] WARNING: CPU: 0 PID: 1568 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1649.637501][ T1568] Modules linked in: [ 1649.641385][ T1568] CPU: 0 PID: 1568 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1649.651160][ T1568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1649.661198][ T1568] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1649.666975][ T1568] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1649.686552][ T1568] RSP: 0018:ffff8881e519fa20 EFLAGS: 00010246 [ 1649.692593][ T1568] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1649.700570][ T1568] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1649.708535][ T1568] RBP: ffff8881e519fb58 R08: ffffffff821a576c R09: ffffea000788f340 [ 1649.716502][ T1568] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881ee028000 [ 1649.724448][ T1568] R13: dffffc0000000000 R14: ffff8881ee028070 R15: 1ffff1103dc0509d [ 1649.732422][ T1568] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1649.741357][ T1568] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1649.747913][ T1568] CR2: 00007ffca1239ff8 CR3: 00000001ef6e3000 CR4: 00000000003406f0 [ 1649.755857][ T1568] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1649.763802][ T1568] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1649.771756][ T1568] Call Trace: [ 1649.775032][ T1568] ? device_add_disk+0x30/0x30 [ 1649.779773][ T1568] ? vsprintf+0x30/0x30 [ 1649.783901][ T1568] ? __alloc_disk_node+0x459/0x5a0 [ 1649.788989][ T1568] loop_add+0x573/0x740 [ 1649.793117][ T1568] loop_control_ioctl+0x448/0x620 [ 1649.798112][ T1568] ? loop_remove+0xa0/0xa0 [ 1649.802511][ T1568] ? memset+0x1f/0x40 [ 1649.806463][ T1568] ? fsnotify+0x1280/0x1340 [ 1649.810938][ T1568] ? loop_remove+0xa0/0xa0 [ 1649.815325][ T1568] do_vfs_ioctl+0x742/0x1720 [ 1649.819890][ T1568] ? ioctl_preallocate+0x250/0x250 [ 1649.824972][ T1568] ? __fget+0x407/0x490 [ 1649.829105][ T1568] ? fget_many+0x20/0x20 13:54:26 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xact\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:26 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) socket$igmp(0x2, 0x3, 0x2) (async) socket$igmp(0x2, 0x3, 0x2) (async) r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @empty}, &(0x7f00000001c0)=0x10, 0x800) accept$inet(r0, 0x0, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c08000000000000000000000000000000000000000000000000000000005bfdffff84912f3bb0cd33acfd634df97c2bac322ca61d7e4b8451f987b5cc15c2d45025c3972e66990d8e47758d256eefd9150c4cccd042ad98969f2868895d99392d8c0f63fb3278afa5069b4b2b902efe1b39b8586b0b0beb1f5459ab15350dc02a10b419f6c4a50adeb19af678c31b6d83f3085e324714011b3bd50aa6ed696e"], &(0x7f0000000040)=0xa2) (async) getgid() 13:54:26 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00%Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:26 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 55) 13:54:26 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) 13:54:26 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x333000, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x333000, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) [ 1649.833323][ T1568] ? debug_smp_processor_id+0x20/0x20 [ 1649.838674][ T1568] ? security_file_ioctl+0x7d/0xa0 [ 1649.843756][ T1568] __x64_sys_ioctl+0xd4/0x110 [ 1649.848419][ T1568] do_syscall_64+0xca/0x1c0 [ 1649.852905][ T1568] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1649.858823][ T1568] ---[ end trace bc12ee340783dbe6 ]--- 13:54:26 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00HY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:26 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async) 13:54:26 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x602002, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:26 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00LY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1649.891579][ T1590] Module has invalid ELF structures [ 1649.894388][ T1591] Module has invalid ELF structures [ 1649.917222][ T1599] Module has invalid ELF structures [ 1649.923094][ T1593] FAULT_INJECTION: forcing a failure. [ 1649.923094][ T1593] name failslab, interval 1, probability 0, space 0, times 0 13:54:26 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async) [ 1649.941704][ T1593] CPU: 0 PID: 1593 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1649.951502][ T1593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1649.961663][ T1593] Call Trace: [ 1649.964947][ T1593] dump_stack+0x1d8/0x241 [ 1649.969264][ T1593] ? panic+0x73f/0x73f [ 1649.973315][ T1593] ? mutex_unlock+0x18/0x40 [ 1649.977803][ T1593] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1649.983592][ T1593] ? selinux_kernfs_init_security+0x14e/0x730 [ 1649.989645][ T1593] ? idr_alloc_cyclic+0x369/0x5d0 [ 1649.994656][ T1593] should_fail+0x71f/0x880 [ 1649.999047][ T1593] ? setup_fault_attr+0x3d0/0x3d0 [ 1650.004045][ T1593] ? _raw_spin_lock+0xa4/0x1b0 [ 1650.008809][ T1593] ? __kernfs_new_node+0xdb/0x6e0 [ 1650.013806][ T1593] should_failslab+0x5/0x20 [ 1650.018280][ T1593] kmem_cache_alloc+0x24/0x220 [ 1650.023020][ T1593] __kernfs_new_node+0xdb/0x6e0 [ 1650.027841][ T1593] ? kernfs_new_node+0x160/0x160 [ 1650.032747][ T1593] ? mutex_lock+0xa5/0x110 [ 1650.037135][ T1593] ? mutex_trylock+0xa0/0xa0 [ 1650.041701][ T1593] ? kernfs_activate+0x2fe/0x320 [ 1650.046609][ T1593] kernfs_new_node+0x95/0x160 [ 1650.051265][ T1593] __kernfs_create_file+0x45/0x260 [ 1650.056349][ T1593] sysfs_add_file_mode_ns+0x292/0x340 [ 1650.061708][ T1593] internal_create_group+0x573/0xf00 [ 1650.066965][ T1593] ? mutex_unlock+0x18/0x40 [ 1650.071456][ T1593] ? sysfs_create_group+0x20/0x20 [ 1650.076493][ T1593] sysfs_create_groups+0x52/0x110 [ 1650.081491][ T1593] device_add_attrs+0x87/0x370 [ 1650.086231][ T1593] device_add+0x4f4/0xbb0 [ 1650.090536][ T1593] device_create_vargs+0x1b9/0x210 [ 1650.095618][ T1593] device_create+0xea/0x130 [ 1650.100095][ T1593] ? device_create_vargs+0x210/0x210 [ 1650.105359][ T1593] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1650.111051][ T1593] bdi_register_va+0x84/0x600 [ 1650.115699][ T1593] bdi_register+0xd1/0x120 [ 1650.120108][ T1593] ? __device_add_disk+0x551/0x1220 [ 1650.125281][ T1593] ? bdi_register_va+0x600/0x600 [ 1650.130202][ T1593] ? percpu_ref_resurrect+0x113/0x190 [ 1650.135577][ T1593] bdi_register_owner+0x55/0xf0 [ 1650.140406][ T1593] __device_add_disk+0x5d1/0x1220 [ 1650.145406][ T1593] ? device_add_disk+0x30/0x30 [ 1650.150140][ T1593] ? vsprintf+0x30/0x30 [ 1650.154268][ T1593] ? __alloc_disk_node+0x459/0x5a0 [ 1650.159366][ T1593] loop_add+0x573/0x740 [ 1650.163500][ T1593] loop_control_ioctl+0x448/0x620 [ 1650.168502][ T1593] ? loop_remove+0xa0/0xa0 [ 1650.172898][ T1593] ? memset+0x1f/0x40 [ 1650.176855][ T1593] ? fsnotify+0x1280/0x1340 [ 1650.181341][ T1593] ? loop_remove+0xa0/0xa0 [ 1650.185738][ T1593] do_vfs_ioctl+0x742/0x1720 13:54:27 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x602002, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x602002, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) 13:54:27 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacu\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1650.190303][ T1593] ? ioctl_preallocate+0x250/0x250 [ 1650.195420][ T1593] ? __fget+0x407/0x490 [ 1650.199547][ T1593] ? fget_many+0x20/0x20 [ 1650.203763][ T1593] ? debug_smp_processor_id+0x20/0x20 [ 1650.209105][ T1593] ? security_file_ioctl+0x7d/0xa0 [ 1650.214189][ T1593] __x64_sys_ioctl+0xd4/0x110 [ 1650.218837][ T1593] do_syscall_64+0xca/0x1c0 [ 1650.223333][ T1593] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1650.234937][ T1601] Module has invalid ELF structures [ 1650.237528][ T1614] Module has invalid ELF structures [ 1650.258014][ T1593] ------------[ cut here ]------------ [ 1650.263480][ T1593] WARNING: CPU: 0 PID: 1593 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1650.267353][ T22] audit: type=1326 audit(1676296467.069:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1605 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1650.272484][ T1593] Modules linked in: [ 1650.299932][ T1593] CPU: 0 PID: 1593 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1650.309708][ T1593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1650.319758][ T1593] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1650.325548][ T1593] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1650.345132][ T1593] RSP: 0018:ffff8881ee247a20 EFLAGS: 00010246 [ 1650.351179][ T1593] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1650.359133][ T1593] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1650.367086][ T1593] RBP: ffff8881ee247b58 R08: ffffffff821a576c R09: ffffea000739fec0 [ 1650.375042][ T1593] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881e4d69000 [ 1650.382994][ T1593] R13: dffffc0000000000 R14: ffff8881e4d69070 R15: 1ffff1103c9ad29d [ 1650.390951][ T1593] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1650.399861][ T1593] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1650.406427][ T1593] CR2: 0000555556f5b728 CR3: 00000001cf847000 CR4: 00000000003406f0 [ 1650.414392][ T1593] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1650.422350][ T1593] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1650.430300][ T1593] Call Trace: [ 1650.433622][ T1593] ? device_add_disk+0x30/0x30 [ 1650.438370][ T1593] ? vsprintf+0x30/0x30 [ 1650.442514][ T1593] ? __alloc_disk_node+0x459/0x5a0 [ 1650.447611][ T1593] loop_add+0x573/0x740 [ 1650.451754][ T1593] loop_control_ioctl+0x448/0x620 [ 1650.456762][ T1593] ? loop_remove+0xa0/0xa0 [ 1650.461169][ T1593] ? memset+0x1f/0x40 [ 1650.465134][ T1593] ? fsnotify+0x1280/0x1340 [ 1650.469635][ T1593] ? loop_remove+0xa0/0xa0 [ 1650.474079][ T1593] do_vfs_ioctl+0x742/0x1720 [ 1650.478657][ T1593] ? ioctl_preallocate+0x250/0x250 [ 1650.483794][ T1593] ? __fget+0x407/0x490 [ 1650.487933][ T1593] ? fget_many+0x20/0x20 13:54:27 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 56) [ 1650.492159][ T1593] ? debug_smp_processor_id+0x20/0x20 [ 1650.497523][ T1593] ? security_file_ioctl+0x7d/0xa0 [ 1650.502647][ T1593] __x64_sys_ioctl+0xd4/0x110 [ 1650.507316][ T1593] do_syscall_64+0xca/0x1c0 [ 1650.511812][ T1593] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1650.517687][ T1593] ---[ end trace bc12ee340783dbe7 ]--- 13:54:27 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) socket$igmp(0x2, 0x3, 0x2) (async) socket$igmp(0x2, 0x3, 0x2) (async) r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @empty}, &(0x7f00000001c0)=0x10, 0x800) accept$inet(r0, 0x0, 0x0) (async) getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c08000000000000000000000000000000000000000000000000000000005bfdffff84912f3bb0cd33acfd634df97c2bac322ca61d7e4b8451f987b5cc15c2d45025c3972e66990d8e47758d256eefd9150c4cccd042ad98969f2868895d99392d8c0f63fb3278afa5069b4b2b902efe1b39b8586b0b0beb1f5459ab15350dc02a10b419f6c4a50adeb19af678c31b6d83f3085e324714011b3bd50aa6ed696e"], &(0x7f0000000040)=0xa2) (async) getgid() 13:54:27 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x602002, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:27 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00`Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:27 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) ptrace$getsig(0x4202, 0x0, 0xfffffffffffffff7, &(0x7f0000000040)) modify_ldt$write2(0x11, &(0x7f0000000000)={0x81, 0x1000, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x10) 13:54:27 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacx\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1650.568297][ T1618] FAULT_INJECTION: forcing a failure. [ 1650.568297][ T1618] name failslab, interval 1, probability 0, space 0, times 0 [ 1650.581016][ T1618] CPU: 0 PID: 1618 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1650.590796][ T1618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1650.597207][ T1621] Module has invalid ELF structures [ 1650.600831][ T1618] Call Trace: [ 1650.600848][ T1618] dump_stack+0x1d8/0x241 [ 1650.600856][ T1618] ? panic+0x73f/0x73f 13:54:27 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacz\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:27 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3\n\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1650.600865][ T1618] ? mutex_unlock+0x18/0x40 [ 1650.600873][ T1618] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1650.600883][ T1618] ? selinux_kernfs_init_security+0x14e/0x730 [ 1650.600892][ T1618] ? idr_alloc_cyclic+0x369/0x5d0 [ 1650.600903][ T1618] should_fail+0x71f/0x880 [ 1650.600918][ T1618] ? setup_fault_attr+0x3d0/0x3d0 [ 1650.633521][ T1623] Module has invalid ELF structures [ 1650.634012][ T1618] ? _raw_spin_lock+0xa4/0x1b0 [ 1650.634028][ T1618] ? __kernfs_new_node+0xdb/0x6e0 [ 1650.663347][ T1618] should_failslab+0x5/0x20 [ 1650.667834][ T1618] kmem_cache_alloc+0x24/0x220 [ 1650.672581][ T1618] __kernfs_new_node+0xdb/0x6e0 [ 1650.677420][ T1618] ? kernfs_new_node+0x160/0x160 [ 1650.682342][ T1618] ? mutex_lock+0xa5/0x110 [ 1650.686750][ T1618] ? mutex_trylock+0xa0/0xa0 [ 1650.691354][ T1618] ? kernfs_activate+0x2fe/0x320 [ 1650.696278][ T1618] kernfs_new_node+0x95/0x160 [ 1650.700946][ T1618] __kernfs_create_file+0x45/0x260 [ 1650.706031][ T1618] sysfs_add_file_mode_ns+0x292/0x340 [ 1650.711382][ T1618] internal_create_group+0x573/0xf00 [ 1650.716648][ T1618] ? mutex_unlock+0x18/0x40 [ 1650.721128][ T1618] ? sysfs_create_group+0x20/0x20 [ 1650.726131][ T1618] sysfs_create_groups+0x52/0x110 [ 1650.731128][ T1618] device_add_attrs+0x87/0x370 [ 1650.735865][ T1618] device_add+0x4f4/0xbb0 [ 1650.740168][ T1618] device_create_vargs+0x1b9/0x210 [ 1650.745249][ T1618] device_create+0xea/0x130 [ 1650.749730][ T1618] ? device_create_vargs+0x210/0x210 [ 1650.755004][ T1618] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1650.760709][ T1618] bdi_register_va+0x84/0x600 [ 1650.765395][ T1618] bdi_register+0xd1/0x120 [ 1650.769785][ T1618] ? __device_add_disk+0x551/0x1220 [ 1650.774952][ T1618] ? bdi_register_va+0x600/0x600 [ 1650.779863][ T1618] ? percpu_ref_resurrect+0x113/0x190 [ 1650.785204][ T1618] bdi_register_owner+0x55/0xf0 [ 1650.790031][ T1618] __device_add_disk+0x5d1/0x1220 [ 1650.795026][ T1618] ? device_add_disk+0x30/0x30 [ 1650.799762][ T1618] ? vsprintf+0x30/0x30 [ 1650.803888][ T1618] ? __alloc_disk_node+0x459/0x5a0 [ 1650.808969][ T1618] loop_add+0x573/0x740 [ 1650.813097][ T1618] loop_control_ioctl+0x448/0x620 [ 1650.818106][ T1618] ? loop_remove+0xa0/0xa0 [ 1650.822672][ T1618] ? memset+0x1f/0x40 [ 1650.826642][ T1618] ? fsnotify+0x1280/0x1340 [ 1650.831137][ T1618] ? loop_remove+0xa0/0xa0 [ 1650.835526][ T1618] do_vfs_ioctl+0x742/0x1720 [ 1650.840089][ T1618] ? ioctl_preallocate+0x250/0x250 [ 1650.845178][ T1618] ? __fget+0x407/0x490 [ 1650.849319][ T1618] ? fget_many+0x20/0x20 [ 1650.853556][ T1618] ? debug_smp_processor_id+0x20/0x20 [ 1650.858912][ T1618] ? security_file_ioctl+0x7d/0xa0 [ 1650.864004][ T1618] __x64_sys_ioctl+0xd4/0x110 [ 1650.868657][ T1618] do_syscall_64+0xca/0x1c0 [ 1650.873132][ T1618] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1650.883979][ T1618] ------------[ cut here ]------------ [ 1650.887625][ T1625] Module has invalid ELF structures [ 1650.889446][ T1618] WARNING: CPU: 1 PID: 1618 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1650.889454][ T1618] Modules linked in: [ 1650.901795][ T1636] Module has invalid ELF structures 13:54:27 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) ptrace$getsig(0x4202, 0x0, 0xfffffffffffffff7, &(0x7f0000000040)) modify_ldt$write2(0x11, &(0x7f0000000000)={0x81, 0x1000, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x10) 13:54:27 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00hY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:27 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00lY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:27 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) ptrace$getsig(0x4202, 0x0, 0xfffffffffffffff7, &(0x7f0000000040)) modify_ldt$write2(0x11, &(0x7f0000000000)={0x81, 0x1000, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x10) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) ptrace$getsig(0x4202, 0x0, 0xfffffffffffffff7, &(0x7f0000000040)) (async) modify_ldt$write2(0x11, &(0x7f0000000000)={0x81, 0x1000, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1}, 0x10) (async) [ 1650.903621][ T1618] CPU: 1 PID: 1618 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1650.903626][ T1618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1650.903645][ T1618] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1650.921291][ T1641] Module has invalid ELF structures [ 1650.922445][ T1618] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1650.922451][ T1618] RSP: 0018:ffff8881eac3fa20 EFLAGS: 00010246 [ 1650.950173][ T1645] Module has invalid ELF structures [ 1650.963019][ T1618] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1650.963025][ T1618] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1650.963030][ T1618] RBP: ffff8881eac3fb58 R08: ffffffff821a576c R09: ffffea0007d73ac0 [ 1650.963034][ T1618] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881d06ee000 [ 1650.963039][ T1618] R13: dffffc0000000000 R14: ffff8881d06ee070 R15: 1ffff1103a0ddc9d [ 1650.963046][ T1618] FS: 00007f9bcb684700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 1650.963057][ T1618] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1651.029403][ T1618] CR2: 00007f7d07a0bdc0 CR3: 00000001cf847000 CR4: 00000000003406e0 [ 1651.037347][ T1618] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1651.045287][ T1618] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1651.053223][ T1618] Call Trace: [ 1651.056485][ T1618] ? device_add_disk+0x30/0x30 [ 1651.061212][ T1618] ? vsprintf+0x30/0x30 [ 1651.065334][ T1618] ? __alloc_disk_node+0x459/0x5a0 [ 1651.070410][ T1618] loop_add+0x573/0x740 [ 1651.074536][ T1618] loop_control_ioctl+0x448/0x620 [ 1651.079635][ T1618] ? loop_remove+0xa0/0xa0 [ 1651.084021][ T1618] ? memset+0x1f/0x40 [ 1651.087972][ T1618] ? fsnotify+0x1280/0x1340 [ 1651.092444][ T1618] ? loop_remove+0xa0/0xa0 [ 1651.096829][ T1618] do_vfs_ioctl+0x742/0x1720 [ 1651.101391][ T1618] ? ioctl_preallocate+0x250/0x250 [ 1651.106476][ T1618] ? __fget+0x407/0x490 [ 1651.110601][ T1618] ? fget_many+0x20/0x20 [ 1651.114814][ T1618] ? debug_smp_processor_id+0x20/0x20 13:54:27 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 57) 13:54:27 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00tY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:27 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r0, 0x0, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7924}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x101}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) sendmsg$BATADV_CMD_GET_VLAN(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x3c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3ff}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48801}, 0x4004004) 13:54:27 executing program 1: r0 = ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xb) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140), 0x10600, 0x0) ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000180)={0x0, {}, 0x0, {}, 0x0, 0x6, 0x1c, 0x8, "8bb3f4254a33bd8dbd10a0523a3d61d23f3c41cdecd413d1c71afbf3c231f2391ec77f731dd6affc2d6c408f3c76b3dd7a0a471d5e9bc7e9952c758c177a1334", "b3d85e149fcc97ad0853ed16a766a72050eb16219424c00df8c8093b1d717e03", [0x4, 0x40]}) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xff}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xc0}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000094) 13:54:27 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x29}, {0x3, 0x0, 0x4, 0xbc}, {0xfff, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:27 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3%\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1651.120157][ T1618] ? security_file_ioctl+0x7d/0xa0 [ 1651.125235][ T1618] __x64_sys_ioctl+0xd4/0x110 [ 1651.129882][ T1618] do_syscall_64+0xca/0x1c0 [ 1651.134359][ T1618] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1651.140223][ T1618] ---[ end trace bc12ee340783dbe8 ]--- 13:54:28 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async, rerun: 32) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async, rerun: 32) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r0, 0x0, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7924}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x101}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) sendmsg$BATADV_CMD_GET_VLAN(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x3c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3ff}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48801}, 0x4004004) 13:54:28 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x29}, {0x3, 0x0, 0x4, 0xbc}, {0xfff, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() 13:54:28 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xda\n\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:28 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00zY\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:28 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x81, 0x4, 0x8, 0x29}, {0x3, 0x0, 0x4, 0xbc}, {0xfff, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:28 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xda%\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1651.171052][ T1658] Module has invalid ELF structures [ 1651.171382][ T1657] Module has invalid ELF structures [ 1651.206613][ T1672] Module has invalid ELF structures [ 1651.209705][ T1671] Module has invalid ELF structures [ 1651.224200][ T1676] Module has invalid ELF structures [ 1651.239544][ T1660] FAULT_INJECTION: forcing a failure. [ 1651.239544][ T1660] name failslab, interval 1, probability 0, space 0, times 0 [ 1651.252213][ T1660] CPU: 1 PID: 1660 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1651.261988][ T1660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1651.272015][ T1660] Call Trace: [ 1651.275277][ T1660] dump_stack+0x1d8/0x241 [ 1651.279573][ T1660] ? panic+0x73f/0x73f [ 1651.283746][ T1660] ? idr_alloc_cyclic+0x369/0x5d0 [ 1651.288740][ T1660] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1651.294533][ T1660] ? selinux_path_notify+0x6d0/0x6d0 [ 1651.299785][ T1660] should_fail+0x71f/0x880 [ 1651.304175][ T1660] ? setup_fault_attr+0x3d0/0x3d0 [ 1651.309169][ T1660] ? security_kernfs_init_security+0x75/0x90 [ 1651.315116][ T1660] ? __kernfs_new_node+0xdb/0x6e0 [ 1651.320106][ T1660] should_failslab+0x5/0x20 [ 1651.324578][ T1660] kmem_cache_alloc+0x24/0x220 [ 1651.329320][ T1660] __kernfs_new_node+0xdb/0x6e0 [ 1651.334146][ T1660] ? kernfs_new_node+0x160/0x160 [ 1651.339050][ T1660] ? kernfs_activate+0x2fe/0x320 [ 1651.343954][ T1660] ? mutex_unlock+0x18/0x40 [ 1651.348423][ T1660] ? kernfs_add_one+0x49a/0x5b0 [ 1651.353243][ T1660] kernfs_create_dir_ns+0x90/0x220 [ 1651.358322][ T1660] internal_create_group+0x2c2/0xf00 [ 1651.363575][ T1660] ? sysfs_create_group+0x20/0x20 [ 1651.368570][ T1660] ? device_create_file+0xea/0x1b0 [ 1651.373650][ T1660] ? bus_add_device+0x92/0x3f0 [ 1651.378380][ T1660] dpm_sysfs_add+0x65/0x270 [ 1651.382851][ T1660] device_add+0x536/0xbb0 [ 1651.387152][ T1660] device_create_vargs+0x1b9/0x210 [ 1651.392235][ T1660] device_create+0xea/0x130 [ 1651.396719][ T1660] ? device_create_vargs+0x210/0x210 [ 1651.401981][ T1660] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1651.407667][ T1660] bdi_register_va+0x84/0x600 [ 1651.412329][ T1660] bdi_register+0xd1/0x120 [ 1651.416721][ T1660] ? __device_add_disk+0x551/0x1220 [ 1651.421911][ T1660] ? bdi_register_va+0x600/0x600 [ 1651.426836][ T1660] ? percpu_ref_resurrect+0x113/0x190 [ 1651.432174][ T1660] bdi_register_owner+0x55/0xf0 [ 1651.437009][ T1660] __device_add_disk+0x5d1/0x1220 [ 1651.442011][ T1660] ? device_add_disk+0x30/0x30 [ 1651.446743][ T1660] ? vsprintf+0x30/0x30 [ 1651.450873][ T1660] ? __alloc_disk_node+0x459/0x5a0 [ 1651.455951][ T1660] loop_add+0x573/0x740 [ 1651.460077][ T1660] loop_control_ioctl+0x448/0x620 [ 1651.465083][ T1660] ? loop_remove+0xa0/0xa0 [ 1651.469467][ T1660] ? memset+0x1f/0x40 [ 1651.473429][ T1660] ? fsnotify+0x1280/0x1340 [ 1651.477898][ T1660] ? loop_remove+0xa0/0xa0 [ 1651.482283][ T1660] do_vfs_ioctl+0x742/0x1720 [ 1651.486841][ T1660] ? ioctl_preallocate+0x250/0x250 [ 1651.491923][ T1660] ? __fget+0x407/0x490 [ 1651.496072][ T1660] ? fget_many+0x20/0x20 [ 1651.500282][ T1660] ? debug_smp_processor_id+0x20/0x20 [ 1651.505622][ T1660] ? security_file_ioctl+0x7d/0xa0 [ 1651.510700][ T1660] __x64_sys_ioctl+0xd4/0x110 [ 1651.515344][ T1660] do_syscall_64+0xca/0x1c0 [ 1651.519817][ T1660] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1651.526221][ T1660] ------------[ cut here ]------------ [ 1651.531674][ T1660] WARNING: CPU: 1 PID: 1660 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1651.540654][ T1660] Modules linked in: [ 1651.544532][ T1660] CPU: 1 PID: 1660 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1651.554291][ T1660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1651.564336][ T1660] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1651.570127][ T1660] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1651.589699][ T1660] RSP: 0018:ffff8881ed077a20 EFLAGS: 00010246 [ 1651.595733][ T1660] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1651.603671][ T1660] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1651.611609][ T1660] RBP: ffff8881ed077b58 R08: ffffffff821a576c R09: ffffea0007a7c2c0 [ 1651.619550][ T1660] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881f2de1000 [ 1651.627504][ T1660] R13: dffffc0000000000 R14: ffff8881f2de1070 R15: 1ffff1103e5bc29d [ 1651.635449][ T1660] FS: 00007f9bcb684700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 1651.644350][ T1660] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1651.650904][ T1660] CR2: 00007f9bcb683ff8 CR3: 00000001e4b47000 CR4: 00000000003406e0 [ 1651.658846][ T1660] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1651.666784][ T1660] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1651.674722][ T1660] Call Trace: [ 1651.677984][ T1660] ? device_add_disk+0x30/0x30 [ 1651.682729][ T1660] ? vsprintf+0x30/0x30 [ 1651.686852][ T1660] ? __alloc_disk_node+0x459/0x5a0 [ 1651.691946][ T1660] loop_add+0x573/0x740 [ 1651.696076][ T1660] loop_control_ioctl+0x448/0x620 [ 1651.701072][ T1660] ? loop_remove+0xa0/0xa0 [ 1651.705460][ T1660] ? memset+0x1f/0x40 [ 1651.709409][ T1660] ? fsnotify+0x1280/0x1340 [ 1651.713877][ T1660] ? loop_remove+0xa0/0xa0 [ 1651.718260][ T1660] do_vfs_ioctl+0x742/0x1720 13:54:28 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 58) 13:54:28 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_SET_VLAN(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x54, r0, 0x0, 0x70bd2c, 0x25dfdbfc, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x7924}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x101}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x0) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) sendmsg$BATADV_CMD_GET_VLAN(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x3c, 0x0, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x2}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x3ff}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x48801}, 0x4004004) 13:54:28 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x02\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:28 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = getgid() r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000008, 0x2010, 0xffffffffffffffff, 0x0) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000180)={@rand_addr=0x64010101, @local}, 0x10) write$FUSE_CREATE_OPEN(r2, &(0x7f00000000c0)={0xa0, 0x0, 0x0, {{0x5, 0x2, 0x6, 0x2, 0x7ff, 0x6, {0x2, 0xff, 0x7, 0x7, 0x7, 0x1200000000, 0x1000, 0x269, 0x0, 0xc000, 0x7, 0x0, r1, 0x6, 0x800}}, {0x0, 0x4}}}, 0xa0) 13:54:28 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf7\n\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:28 executing program 1: r0 = ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xb) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140), 0x10600, 0x0) ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000180)={0x0, {}, 0x0, {}, 0x0, 0x6, 0x1c, 0x8, "8bb3f4254a33bd8dbd10a0523a3d61d23f3c41cdecd413d1c71afbf3c231f2391ec77f731dd6affc2d6c408f3c76b3dd7a0a471d5e9bc7e9952c758c177a1334", "b3d85e149fcc97ad0853ed16a766a72050eb16219424c00df8c8093b1d717e03", [0x4, 0x40]}) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xff}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xc0}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000094) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x1) (async) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r0) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) (async) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) (async) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xb) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000000140), 0x10600, 0x0) (async) ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000180)={0x0, {}, 0x0, {}, 0x0, 0x6, 0x1c, 0x8, "8bb3f4254a33bd8dbd10a0523a3d61d23f3c41cdecd413d1c71afbf3c231f2391ec77f731dd6affc2d6c408f3c76b3dd7a0a471d5e9bc7e9952c758c177a1334", "b3d85e149fcc97ad0853ed16a766a72050eb16219424c00df8c8093b1d717e03", [0x4, 0x40]}) (async) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xff}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xc0}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000094) (async) [ 1651.722820][ T1660] ? ioctl_preallocate+0x250/0x250 [ 1651.727900][ T1660] ? __fget+0x407/0x490 [ 1651.732024][ T1660] ? fget_many+0x20/0x20 [ 1651.736235][ T1660] ? debug_smp_processor_id+0x20/0x20 [ 1651.741576][ T1660] ? security_file_ioctl+0x7d/0xa0 [ 1651.746656][ T1660] __x64_sys_ioctl+0xd4/0x110 [ 1651.751304][ T1660] do_syscall_64+0xca/0x1c0 [ 1651.755781][ T1660] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1651.761640][ T1660] ---[ end trace bc12ee340783dbe9 ]--- 13:54:28 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf7#\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:28 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) [ 1651.788302][ T1683] Module has invalid ELF structures [ 1651.790666][ T1684] Module has invalid ELF structures [ 1651.803604][ T22] audit: type=1326 audit(1676296468.609:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1679 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:28 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x03\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:28 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf7+\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1651.836269][ T1691] Module has invalid ELF structures 13:54:28 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x04\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:28 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) [ 1651.866665][ T1698] Module has invalid ELF structures [ 1651.873069][ T1693] FAULT_INJECTION: forcing a failure. [ 1651.873069][ T1693] name failslab, interval 1, probability 0, space 0, times 0 [ 1651.883790][ T1699] Module has invalid ELF structures [ 1651.899128][ T1693] CPU: 0 PID: 1693 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1651.908925][ T1693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1651.918967][ T1693] Call Trace: [ 1651.922246][ T1693] dump_stack+0x1d8/0x241 [ 1651.926562][ T1693] ? panic+0x73f/0x73f [ 1651.930620][ T1693] ? idr_alloc_cyclic+0x369/0x5d0 [ 1651.935636][ T1693] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1651.941426][ T1693] ? selinux_path_notify+0x6d0/0x6d0 [ 1651.946697][ T1693] should_fail+0x71f/0x880 [ 1651.951102][ T1693] ? setup_fault_attr+0x3d0/0x3d0 [ 1651.956110][ T1693] ? security_kernfs_init_security+0x75/0x90 [ 1651.962074][ T1693] ? __kernfs_new_node+0xdb/0x6e0 [ 1651.967082][ T1693] should_failslab+0x5/0x20 [ 1651.971567][ T1693] kmem_cache_alloc+0x24/0x220 [ 1651.976315][ T1693] __kernfs_new_node+0xdb/0x6e0 [ 1651.981151][ T1693] ? kernfs_new_node+0x160/0x160 [ 1651.986073][ T1693] ? kernfs_activate+0x2fe/0x320 [ 1651.990994][ T1693] ? mutex_unlock+0x18/0x40 [ 1651.995480][ T1693] ? kernfs_add_one+0x49a/0x5b0 [ 1652.000315][ T1693] kernfs_create_dir_ns+0x90/0x220 [ 1652.005415][ T1693] internal_create_group+0x2c2/0xf00 [ 1652.010701][ T1693] ? sysfs_create_group+0x20/0x20 [ 1652.015715][ T1693] ? device_create_file+0xea/0x1b0 [ 1652.020841][ T1693] ? bus_add_device+0x92/0x3f0 [ 1652.025592][ T1693] dpm_sysfs_add+0x65/0x270 [ 1652.030088][ T1693] device_add+0x536/0xbb0 [ 1652.034413][ T1693] device_create_vargs+0x1b9/0x210 [ 1652.039514][ T1693] device_create+0xea/0x130 [ 1652.044006][ T1693] ? device_create_vargs+0x210/0x210 [ 1652.049280][ T1693] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1652.054983][ T1693] bdi_register_va+0x84/0x600 [ 1652.059647][ T1693] bdi_register+0xd1/0x120 [ 1652.064050][ T1693] ? __device_add_disk+0x551/0x1220 [ 1652.069240][ T1693] ? bdi_register_va+0x600/0x600 [ 1652.074160][ T1693] ? percpu_ref_resurrect+0x113/0x190 [ 1652.079518][ T1693] bdi_register_owner+0x55/0xf0 [ 1652.084352][ T1693] __device_add_disk+0x5d1/0x1220 [ 1652.089362][ T1693] ? device_add_disk+0x30/0x30 [ 1652.094111][ T1693] ? vsprintf+0x30/0x30 [ 1652.098252][ T1693] ? __alloc_disk_node+0x459/0x5a0 [ 1652.103348][ T1693] loop_add+0x573/0x740 [ 1652.107492][ T1693] loop_control_ioctl+0x448/0x620 [ 1652.112503][ T1693] ? loop_remove+0xa0/0xa0 [ 1652.116905][ T1693] ? memset+0x1f/0x40 [ 1652.120878][ T1693] ? fsnotify+0x1280/0x1340 [ 1652.125371][ T1693] ? loop_remove+0xa0/0xa0 [ 1652.129771][ T1693] do_vfs_ioctl+0x742/0x1720 [ 1652.134349][ T1693] ? ioctl_preallocate+0x250/0x250 [ 1652.139450][ T1693] ? __fget+0x407/0x490 [ 1652.143591][ T1693] ? fget_many+0x20/0x20 [ 1652.147825][ T1693] ? debug_smp_processor_id+0x20/0x20 [ 1652.153187][ T1693] ? security_file_ioctl+0x7d/0xa0 [ 1652.158283][ T1693] __x64_sys_ioctl+0xd4/0x110 [ 1652.162946][ T1693] do_syscall_64+0xca/0x1c0 [ 1652.167438][ T1693] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1652.189980][ T1703] Module has invalid ELF structures [ 1652.195797][ T1693] ------------[ cut here ]------------ [ 1652.201262][ T1693] WARNING: CPU: 0 PID: 1693 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1652.210254][ T1693] Modules linked in: [ 1652.214143][ T1693] CPU: 0 PID: 1693 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1652.223925][ T1693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1652.233972][ T1693] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1652.239758][ T1693] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1652.259336][ T1693] RSP: 0018:ffff8881e721fa20 EFLAGS: 00010246 [ 1652.265373][ T1693] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1652.273317][ T1693] RDX: ffffc9000315c000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1652.281469][ T1693] RBP: ffff8881e721fb58 R08: ffffffff821a576c R09: ffffea0007b8db40 [ 1652.289413][ T1693] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881e7b9a000 [ 1652.297357][ T1693] R13: dffffc0000000000 R14: ffff8881e7b9a070 R15: 1ffff1103cf7349d [ 1652.305304][ T1693] FS: 00007f9bcb663700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1652.314236][ T1693] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1652.320794][ T1693] CR2: 00007fc959c3b000 CR3: 00000001e5cd9000 CR4: 00000000003406f0 [ 1652.328742][ T1693] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1652.336696][ T1693] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1652.344644][ T1693] Call Trace: [ 1652.347916][ T1693] ? device_add_disk+0x30/0x30 [ 1652.352654][ T1693] ? vsprintf+0x30/0x30 [ 1652.356794][ T1693] ? __alloc_disk_node+0x459/0x5a0 [ 1652.361880][ T1693] loop_add+0x573/0x740 [ 1652.366011][ T1693] loop_control_ioctl+0x448/0x620 [ 1652.371005][ T1693] ? loop_remove+0xa0/0xa0 [ 1652.375398][ T1693] ? memset+0x1f/0x40 [ 1652.379353][ T1693] ? fsnotify+0x1280/0x1340 [ 1652.383828][ T1693] ? loop_remove+0xa0/0xa0 13:54:29 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 59) 13:54:29 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf7-\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) 13:54:29 executing program 1: r0 = ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x1) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, r0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) (async) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x2) (async) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0xb) (async) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140), 0x10600, 0x0) ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000180)={0x0, {}, 0x0, {}, 0x0, 0x6, 0x1c, 0x8, "8bb3f4254a33bd8dbd10a0523a3d61d23f3c41cdecd413d1c71afbf3c231f2391ec77f731dd6affc2d6c408f3c76b3dd7a0a471d5e9bc7e9952c758c177a1334", "b3d85e149fcc97ad0853ed16a766a72050eb16219424c00df8c8093b1d717e03", [0x4, 0x40]}) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0xff}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x2}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xc0}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x2}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000094) 13:54:29 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = getgid() r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000008, 0x2010, 0xffffffffffffffff, 0x0) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000180)={@rand_addr=0x64010101, @local}, 0x10) write$FUSE_CREATE_OPEN(r2, &(0x7f00000000c0)={0xa0, 0x0, 0x0, {{0x5, 0x2, 0x6, 0x2, 0x7ff, 0x6, {0x2, 0xff, 0x7, 0x7, 0x7, 0x1200000000, 0x1000, 0x269, 0x0, 0xc000, 0x7, 0x0, r1, 0x6, 0x800}}, {0x0, 0x4}}}, 0xa0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000008, 0x2010, 0xffffffffffffffff, 0x0) (async) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000180)={@rand_addr=0x64010101, @local}, 0x10) (async) write$FUSE_CREATE_OPEN(r2, &(0x7f00000000c0)={0xa0, 0x0, 0x0, {{0x5, 0x2, 0x6, 0x2, 0x7ff, 0x6, {0x2, 0xff, 0x7, 0x7, 0x7, 0x1200000000, 0x1000, 0x269, 0x0, 0xc000, 0x7, 0x0, r1, 0x6, 0x800}}, {0x0, 0x4}}}, 0xa0) (async) 13:54:29 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x05\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1652.388216][ T1693] do_vfs_ioctl+0x742/0x1720 [ 1652.392781][ T1693] ? ioctl_preallocate+0x250/0x250 [ 1652.397882][ T1693] ? __fget+0x407/0x490 [ 1652.402013][ T1693] ? fget_many+0x20/0x20 [ 1652.406230][ T1693] ? debug_smp_processor_id+0x20/0x20 [ 1652.411584][ T1693] ? security_file_ioctl+0x7d/0xa0 [ 1652.416690][ T1693] __x64_sys_ioctl+0xd4/0x110 [ 1652.421341][ T1693] do_syscall_64+0xca/0x1c0 [ 1652.425821][ T1693] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1652.431684][ T1693] ---[ end trace bc12ee340783dbea ]--- 13:54:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x5, 0x1, 0x8, 0x9}, {0x5, 0x2, 0x8, 0x9}, {0x3f, 0x86, 0x6, 0xeabd}, {0x3, 0x2, 0x1, 0x5}, {0x72, 0x9, 0xd6, 0x2}, {0x72, 0x8, 0x7, 0xa41}, {0x1, 0x1, 0x2, 0x4}, {0x5, 0xb8, 0x0, 0x8000}]}) 13:54:29 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x06\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:29 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf70\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1652.461029][ T1720] Module has invalid ELF structures [ 1652.466602][ T1724] Module has invalid ELF structures [ 1652.491680][ T1725] FAULT_INJECTION: forcing a failure. [ 1652.491680][ T1725] name failslab, interval 1, probability 0, space 0, times 0 [ 1652.494772][ T1730] Module has invalid ELF structures 13:54:29 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) 13:54:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x5, 0x1, 0x8, 0x9}, {0x5, 0x2, 0x8, 0x9}, {0x3f, 0x86, 0x6, 0xeabd}, {0x3, 0x2, 0x1, 0x5}, {0x72, 0x9, 0xd6, 0x2}, {0x72, 0x8, 0x7, 0xa41}, {0x1, 0x1, 0x2, 0x4}, {0x5, 0xb8, 0x0, 0x8000}]}) 13:54:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{0x5, 0x1, 0x8, 0x9}, {0x5, 0x2, 0x8, 0x9}, {0x3f, 0x86, 0x6, 0xeabd}, {0x3, 0x2, 0x1, 0x5}, {0x72, 0x9, 0xd6, 0x2}, {0x72, 0x8, 0x7, 0xa41}, {0x1, 0x1, 0x2, 0x4}, {0x5, 0xb8, 0x0, 0x8000}]}) [ 1652.514011][ T1731] Module has invalid ELF structures [ 1652.519461][ T1725] CPU: 0 PID: 1725 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1652.529249][ T1725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1652.539285][ T1725] Call Trace: [ 1652.542565][ T1725] dump_stack+0x1d8/0x241 [ 1652.546883][ T1725] ? panic+0x73f/0x73f [ 1652.550948][ T1725] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1652.556743][ T1725] ? mutex_unlock+0x18/0x40 [ 1652.561231][ T1725] should_fail+0x71f/0x880 [ 1652.565639][ T1725] ? setup_fault_attr+0x3d0/0x3d0 [ 1652.570651][ T1725] ? idr_alloc+0x2f0/0x2f0 [ 1652.575065][ T1725] ? __kernfs_new_node+0xdb/0x6e0 [ 1652.580077][ T1725] should_failslab+0x5/0x20 [ 1652.584566][ T1725] kmem_cache_alloc+0x24/0x220 [ 1652.589320][ T1725] __kernfs_new_node+0xdb/0x6e0 [ 1652.594153][ T1725] ? kernfs_new_node+0x160/0x160 [ 1652.599063][ T1725] ? mutex_lock+0xa5/0x110 [ 1652.603449][ T1725] ? mutex_trylock+0xa0/0xa0 [ 1652.608020][ T1725] kernfs_new_node+0x95/0x160 [ 1652.612671][ T1725] __kernfs_create_file+0x45/0x260 [ 1652.617756][ T1725] sysfs_add_file_mode_ns+0x292/0x340 [ 1652.623108][ T1725] sysfs_merge_group+0x1fe/0x450 [ 1652.628022][ T1725] ? sysfs_remove_groups+0xa0/0xa0 [ 1652.633108][ T1725] ? device_create_file+0xea/0x1b0 [ 1652.638190][ T1725] ? bus_add_device+0x92/0x3f0 [ 1652.642925][ T1725] dpm_sysfs_add+0xcf/0x270 [ 1652.647403][ T1725] device_add+0x536/0xbb0 [ 1652.651708][ T1725] device_create_vargs+0x1b9/0x210 [ 1652.656791][ T1725] device_create+0xea/0x130 [ 1652.661266][ T1725] ? device_create_vargs+0x210/0x210 [ 1652.666542][ T1725] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1652.672264][ T1725] bdi_register_va+0x84/0x600 [ 1652.676919][ T1725] bdi_register+0xd1/0x120 [ 1652.681347][ T1725] ? __device_add_disk+0x551/0x1220 [ 1652.686516][ T1725] ? bdi_register_va+0x600/0x600 [ 1652.691424][ T1725] ? percpu_ref_resurrect+0x113/0x190 [ 1652.696766][ T1725] bdi_register_owner+0x55/0xf0 [ 1652.701594][ T1725] __device_add_disk+0x5d1/0x1220 [ 1652.706598][ T1725] ? device_add_disk+0x30/0x30 [ 1652.711332][ T1725] ? vsprintf+0x30/0x30 [ 1652.715459][ T1725] ? __alloc_disk_node+0x459/0x5a0 [ 1652.720540][ T1725] loop_add+0x573/0x740 [ 1652.724669][ T1725] loop_control_ioctl+0x448/0x620 [ 1652.729663][ T1725] ? loop_remove+0xa0/0xa0 [ 1652.734051][ T1725] ? memset+0x1f/0x40 [ 1652.738005][ T1725] ? fsnotify+0x1280/0x1340 [ 1652.742483][ T1725] ? loop_remove+0xa0/0xa0 [ 1652.746874][ T1725] do_vfs_ioctl+0x742/0x1720 [ 1652.751448][ T1725] ? ioctl_preallocate+0x250/0x250 [ 1652.756531][ T1725] ? __fget+0x407/0x490 [ 1652.760656][ T1725] ? fget_many+0x20/0x20 [ 1652.764869][ T1725] ? debug_smp_processor_id+0x20/0x20 [ 1652.770219][ T1725] ? security_file_ioctl+0x7d/0xa0 [ 1652.775302][ T1725] __x64_sys_ioctl+0xd4/0x110 [ 1652.779952][ T1725] do_syscall_64+0xca/0x1c0 [ 1652.784435][ T1725] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1652.794362][ T1725] ------------[ cut here ]------------ [ 1652.799849][ T1725] WARNING: CPU: 1 PID: 1725 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1652.808834][ T1725] Modules linked in: [ 1652.812702][ T1725] CPU: 1 PID: 1725 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1652.822468][ T1725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1652.832498][ T1725] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1652.838277][ T1725] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1652.857851][ T1725] RSP: 0018:ffff8881e2d27a20 EFLAGS: 00010246 [ 1652.863885][ T1725] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1652.871831][ T1725] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1652.879780][ T1725] RBP: ffff8881e2d27b58 R08: ffffffff821a576c R09: ffffea00077a4c00 [ 1652.887722][ T1725] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881de0fb000 [ 1652.895664][ T1725] R13: dffffc0000000000 R14: ffff8881de0fb070 R15: 1ffff1103bc1f69d [ 1652.903606][ T1725] FS: 00007f9bcb684700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 1652.912502][ T1725] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1652.919057][ T1725] CR2: 00007f7d079eadc0 CR3: 00000001e5cd9000 CR4: 00000000003406e0 [ 1652.927003][ T1725] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1652.934944][ T1725] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1652.942882][ T1725] Call Trace: [ 1652.946162][ T1725] ? device_add_disk+0x30/0x30 [ 1652.950897][ T1725] ? vsprintf+0x30/0x30 [ 1652.955023][ T1725] ? __alloc_disk_node+0x459/0x5a0 [ 1652.960104][ T1725] loop_add+0x573/0x740 [ 1652.964257][ T1725] loop_control_ioctl+0x448/0x620 [ 1652.969253][ T1725] ? loop_remove+0xa0/0xa0 [ 1652.974076][ T1725] ? memset+0x1f/0x40 [ 1652.978033][ T1725] ? fsnotify+0x1280/0x1340 [ 1652.982505][ T1725] ? loop_remove+0xa0/0xa0 [ 1652.986894][ T1725] do_vfs_ioctl+0x742/0x1720 [ 1652.991457][ T1725] ? ioctl_preallocate+0x250/0x250 [ 1652.996542][ T1725] ? __fget+0x407/0x490 [ 1653.000669][ T1725] ? fget_many+0x20/0x20 [ 1653.004883][ T1725] ? debug_smp_processor_id+0x20/0x20 [ 1653.010228][ T1725] ? security_file_ioctl+0x7d/0xa0 13:54:29 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 60) 13:54:29 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\a\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000040)=""/226, &(0x7f0000000140)=0xe2) ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, &(0x7f0000000180)) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) r1 = openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) write$cgroup_type(r1, &(0x7f0000000000), 0x2f) 13:54:29 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x02\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:29 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) r0 = socket$inet_udplite(0x2, 0x2, 0x88) (async) r1 = getgid() (async) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000008, 0x2010, 0xffffffffffffffff, 0x0) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000180)={@rand_addr=0x64010101, @local}, 0x10) (async) write$FUSE_CREATE_OPEN(r2, &(0x7f00000000c0)={0xa0, 0x0, 0x0, {{0x5, 0x2, 0x6, 0x2, 0x7ff, 0x6, {0x2, 0xff, 0x7, 0x7, 0x7, 0x1200000000, 0x1000, 0x269, 0x0, 0xc000, 0x7, 0x0, r1, 0x6, 0x800}}, {0x0, 0x4}}}, 0xa0) 13:54:29 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) [ 1653.015316][ T1725] __x64_sys_ioctl+0xd4/0x110 [ 1653.019988][ T1725] do_syscall_64+0xca/0x1c0 [ 1653.024469][ T1725] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1653.030330][ T1725] ---[ end trace bc12ee340783dbeb ]--- 13:54:29 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) 13:54:29 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x03\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000040)=""/226, &(0x7f0000000140)=0xe2) (async) ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, &(0x7f0000000180)) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) r1 = openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) write$cgroup_type(r1, &(0x7f0000000000), 0x2f) 13:54:29 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\b\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1653.062806][ T1752] Module has invalid ELF structures [ 1653.065582][ T1755] Module has invalid ELF structures [ 1653.079279][ T22] audit: type=1326 audit(1676296469.889:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1753 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:29 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r2) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:29 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000040)=""/226, &(0x7f0000000140)=0xe2) ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, &(0x7f0000000180)) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) r1 = openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) write$cgroup_type(r1, &(0x7f0000000000), 0x2f) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000040)=""/226, &(0x7f0000000140)=0xe2) (async) ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, &(0x7f0000000180)) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) openat$cgroup_type(r0, &(0x7f00000001c0), 0x2, 0x0) (async) write$cgroup_type(r1, &(0x7f0000000000), 0x2f) (async) [ 1653.114529][ T1769] Module has invalid ELF structures [ 1653.137132][ T1776] Module has invalid ELF structures [ 1653.148714][ T1774] FAULT_INJECTION: forcing a failure. [ 1653.148714][ T1774] name failslab, interval 1, probability 0, space 0, times 0 [ 1653.162774][ T1774] CPU: 0 PID: 1774 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1653.172560][ T1774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1653.182613][ T1774] Call Trace: [ 1653.185893][ T1774] dump_stack+0x1d8/0x241 [ 1653.190209][ T1774] ? panic+0x73f/0x73f [ 1653.194275][ T1774] ? mutex_unlock+0x18/0x40 [ 1653.198764][ T1774] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1653.204558][ T1774] ? selinux_kernfs_init_security+0x14e/0x730 [ 1653.210609][ T1774] ? idr_alloc_cyclic+0x369/0x5d0 [ 1653.215619][ T1774] should_fail+0x71f/0x880 [ 1653.220021][ T1774] ? setup_fault_attr+0x3d0/0x3d0 [ 1653.225066][ T1774] ? _raw_spin_lock+0xa4/0x1b0 [ 1653.229813][ T1774] ? __kernfs_new_node+0xdb/0x6e0 [ 1653.234820][ T1774] should_failslab+0x5/0x20 [ 1653.239311][ T1774] kmem_cache_alloc+0x24/0x220 [ 1653.244062][ T1774] __kernfs_new_node+0xdb/0x6e0 [ 1653.248902][ T1774] ? kernfs_new_node+0x160/0x160 [ 1653.253823][ T1774] ? mutex_lock+0xa5/0x110 [ 1653.258229][ T1774] ? mutex_trylock+0xa0/0xa0 [ 1653.262805][ T1774] ? kernfs_activate+0x2fe/0x320 [ 1653.267728][ T1774] kernfs_new_node+0x95/0x160 [ 1653.272392][ T1774] __kernfs_create_file+0x45/0x260 [ 1653.277496][ T1774] sysfs_add_file_mode_ns+0x292/0x340 [ 1653.282900][ T1774] sysfs_merge_group+0x1fe/0x450 [ 1653.287823][ T1774] ? sysfs_remove_groups+0xa0/0xa0 [ 1653.292918][ T1774] ? device_create_file+0xea/0x1b0 [ 1653.298028][ T1774] ? bus_add_device+0x92/0x3f0 [ 1653.302779][ T1774] dpm_sysfs_add+0xcf/0x270 [ 1653.307271][ T1774] device_add+0x536/0xbb0 [ 1653.311590][ T1774] device_create_vargs+0x1b9/0x210 [ 1653.316683][ T1774] device_create+0xea/0x130 [ 1653.321173][ T1774] ? device_create_vargs+0x210/0x210 [ 1653.326449][ T1774] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1653.332153][ T1774] bdi_register_va+0x84/0x600 [ 1653.336837][ T1774] bdi_register+0xd1/0x120 [ 1653.341249][ T1774] ? __device_add_disk+0x551/0x1220 [ 1653.346456][ T1774] ? bdi_register_va+0x600/0x600 [ 1653.351378][ T1774] ? percpu_ref_resurrect+0x113/0x190 [ 1653.356737][ T1774] bdi_register_owner+0x55/0xf0 [ 1653.361576][ T1774] __device_add_disk+0x5d1/0x1220 [ 1653.366607][ T1774] ? device_add_disk+0x30/0x30 [ 1653.371361][ T1774] ? vsprintf+0x30/0x30 [ 1653.375514][ T1774] ? __alloc_disk_node+0x459/0x5a0 [ 1653.380639][ T1774] loop_add+0x573/0x740 [ 1653.384782][ T1774] loop_control_ioctl+0x448/0x620 [ 1653.389797][ T1774] ? loop_remove+0xa0/0xa0 [ 1653.394208][ T1774] ? memset+0x1f/0x40 [ 1653.398186][ T1774] ? fsnotify+0x1280/0x1340 [ 1653.402677][ T1774] ? loop_remove+0xa0/0xa0 [ 1653.407074][ T1774] do_vfs_ioctl+0x742/0x1720 [ 1653.411662][ T1774] ? ioctl_preallocate+0x250/0x250 [ 1653.416759][ T1774] ? __fget+0x407/0x490 [ 1653.420902][ T1774] ? fget_many+0x20/0x20 [ 1653.425133][ T1774] ? debug_smp_processor_id+0x20/0x20 [ 1653.430486][ T1774] ? security_file_ioctl+0x7d/0xa0 [ 1653.435569][ T1774] __x64_sys_ioctl+0xd4/0x110 [ 1653.440224][ T1774] do_syscall_64+0xca/0x1c0 [ 1653.444700][ T1774] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1653.458263][ T1774] ------------[ cut here ]------------ [ 1653.463724][ T1774] WARNING: CPU: 0 PID: 1774 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1653.472718][ T1774] Modules linked in: [ 1653.476602][ T1774] CPU: 0 PID: 1774 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1653.486378][ T1774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1653.496422][ T1774] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1653.502215][ T1774] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1653.521800][ T1774] RSP: 0018:ffff8881e858fa20 EFLAGS: 00010246 [ 1653.527844][ T1774] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1653.535799][ T1774] RDX: ffffc9000315c000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1653.543754][ T1774] RBP: ffff8881e858fb58 R08: ffffffff821a576c R09: ffffea00077a4c00 [ 1653.551708][ T1774] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881d15b7000 [ 1653.559660][ T1774] R13: dffffc0000000000 R14: ffff8881d15b7070 R15: 1ffff1103a2b6e9d [ 1653.567615][ T1774] FS: 00007f9bcb663700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1653.576527][ T1774] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1653.583092][ T1774] CR2: 00007ffc3768bff8 CR3: 00000001eddb8000 CR4: 00000000003406f0 [ 1653.591051][ T1774] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1653.599006][ T1774] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1653.606955][ T1774] Call Trace: [ 1653.610232][ T1774] ? device_add_disk+0x30/0x30 [ 1653.614978][ T1774] ? vsprintf+0x30/0x30 [ 1653.619120][ T1774] ? __alloc_disk_node+0x459/0x5a0 [ 1653.624217][ T1774] loop_add+0x573/0x740 [ 1653.628354][ T1774] loop_control_ioctl+0x448/0x620 [ 1653.633361][ T1774] ? loop_remove+0xa0/0xa0 [ 1653.637756][ T1774] ? memset+0x1f/0x40 [ 1653.641720][ T1774] ? fsnotify+0x1280/0x1340 [ 1653.646212][ T1774] ? loop_remove+0xa0/0xa0 [ 1653.650599][ T1774] do_vfs_ioctl+0x742/0x1720 [ 1653.655159][ T1774] ? ioctl_preallocate+0x250/0x250 [ 1653.660246][ T1774] ? __fget+0x407/0x490 [ 1653.664369][ T1774] ? fget_many+0x20/0x20 [ 1653.668580][ T1774] ? debug_smp_processor_id+0x20/0x20 [ 1653.673921][ T1774] ? security_file_ioctl+0x7d/0xa0 [ 1653.679007][ T1774] __x64_sys_ioctl+0xd4/0x110 [ 1653.683653][ T1774] do_syscall_64+0xca/0x1c0 13:54:30 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 61) 13:54:30 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x05\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:30 executing program 5: socket(0xa, 0x2, 0xff) r0 = socket$inet(0x2, 0x2, 0x95) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000100)={'filter\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000000)={'broute\x00', 0x0, 0x0, 0x0, [0x80000000, 0x74, 0x80, 0x3, 0x7f, 0x5]}, &(0x7f0000000080)=0x78) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000180)) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r2, 0x0, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f00000000c0)=ANY=[@ANYRES32=r1], 0x68) 13:54:30 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\t\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:30 executing program 0: ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan3\x00', 0x0}) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x90, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_LEVEL={0x2c, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x2}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_LEVEL={0x4}]}, 0x90}, 0x1, 0x0, 0x0, 0x20040801}, 0x8041) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:30 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\n\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:30 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x06\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1653.688126][ T1774] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1653.693983][ T1774] ---[ end trace bc12ee340783dbec ]--- [ 1653.715773][ T1791] Module has invalid ELF structures [ 1653.717422][ T1794] Module has invalid ELF structures 13:54:30 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) ioctl$LOOP_SET_FD(r1, 0x4c00, r2) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:30 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\a\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:30 executing program 5: socket(0xa, 0x2, 0xff) r0 = socket$inet(0x2, 0x2, 0x95) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000100)={'filter\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000000)={'broute\x00', 0x0, 0x0, 0x0, [0x80000000, 0x74, 0x80, 0x3, 0x7f, 0x5]}, &(0x7f0000000080)=0x78) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000180)) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r2, 0x0, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f00000000c0)=ANY=[@ANYRES32=r1], 0x68) socket(0xa, 0x2, 0xff) (async) socket$inet(0x2, 0x2, 0x95) (async) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000100)={'filter\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) (async) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000000)={'broute\x00', 0x0, 0x0, 0x0, [0x80000000, 0x74, 0x80, 0x3, 0x7f, 0x5]}, &(0x7f0000000080)=0x78) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000180)) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r2, 0x0, 0x0) (async) setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f00000000c0)=ANY=[@ANYRES32=r1], 0x68) (async) [ 1653.731165][ T22] audit: type=1326 audit(1676296470.539:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1790 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1653.746946][ T1798] Module has invalid ELF structures [ 1653.761261][ T1799] Module has invalid ELF structures [ 1653.766863][ T1793] FAULT_INJECTION: forcing a failure. [ 1653.766863][ T1793] name failslab, interval 1, probability 0, space 0, times 0 13:54:30 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\b\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1653.790670][ T1793] CPU: 0 PID: 1793 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1653.800323][ T1805] Module has invalid ELF structures [ 1653.800465][ T1793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1653.815662][ T1793] Call Trace: [ 1653.818941][ T1793] dump_stack+0x1d8/0x241 [ 1653.823258][ T1793] ? panic+0x73f/0x73f [ 1653.827314][ T1793] ? mutex_unlock+0x18/0x40 [ 1653.831808][ T1793] ? nf_ct_l4proto_log_invalid+0x258/0x258 13:54:30 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\t\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1653.837535][ T1810] Module has invalid ELF structures [ 1653.837598][ T1793] ? selinux_kernfs_init_security+0x14e/0x730 [ 1653.848803][ T1793] ? idr_alloc_cyclic+0x369/0x5d0 [ 1653.853819][ T1793] should_fail+0x71f/0x880 [ 1653.858237][ T1793] ? setup_fault_attr+0x3d0/0x3d0 [ 1653.863254][ T1793] ? _raw_spin_lock+0xa4/0x1b0 [ 1653.868002][ T1793] ? __kernfs_new_node+0xdb/0x6e0 [ 1653.873014][ T1793] should_failslab+0x5/0x20 [ 1653.876277][ T1812] Module has invalid ELF structures [ 1653.877499][ T1793] kmem_cache_alloc+0x24/0x220 [ 1653.877510][ T1793] __kernfs_new_node+0xdb/0x6e0 [ 1653.877525][ T1793] ? kernfs_new_node+0x160/0x160 [ 1653.897170][ T1793] ? mutex_lock+0xa5/0x110 [ 1653.901566][ T1793] ? mutex_trylock+0xa0/0xa0 [ 1653.906142][ T1793] ? kernfs_activate+0x2fe/0x320 [ 1653.911060][ T1793] kernfs_new_node+0x95/0x160 [ 1653.915723][ T1793] __kernfs_create_file+0x45/0x260 [ 1653.920820][ T1793] sysfs_add_file_mode_ns+0x292/0x340 [ 1653.926177][ T1793] sysfs_merge_group+0x1fe/0x450 [ 1653.931098][ T1793] ? sysfs_remove_groups+0xa0/0xa0 [ 1653.936252][ T1793] ? device_create_file+0xea/0x1b0 [ 1653.941390][ T1793] ? bus_add_device+0x92/0x3f0 [ 1653.946171][ T1793] dpm_sysfs_add+0xcf/0x270 [ 1653.950659][ T1793] device_add+0x536/0xbb0 [ 1653.954973][ T1793] device_create_vargs+0x1b9/0x210 [ 1653.960088][ T1793] device_create+0xea/0x130 [ 1653.964577][ T1793] ? device_create_vargs+0x210/0x210 [ 1653.969849][ T1793] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1653.975549][ T1793] bdi_register_va+0x84/0x600 [ 1653.980219][ T1793] bdi_register+0xd1/0x120 [ 1653.984620][ T1793] ? __device_add_disk+0x551/0x1220 [ 1653.989799][ T1793] ? bdi_register_va+0x600/0x600 [ 1653.994718][ T1793] ? percpu_ref_resurrect+0x113/0x190 [ 1654.000074][ T1793] bdi_register_owner+0x55/0xf0 [ 1654.004909][ T1793] __device_add_disk+0x5d1/0x1220 [ 1654.009918][ T1793] ? device_add_disk+0x30/0x30 [ 1654.014666][ T1793] ? vsprintf+0x30/0x30 [ 1654.018807][ T1793] ? __alloc_disk_node+0x459/0x5a0 [ 1654.023900][ T1793] loop_add+0x573/0x740 [ 1654.028040][ T1793] loop_control_ioctl+0x448/0x620 [ 1654.033045][ T1793] ? loop_remove+0xa0/0xa0 [ 1654.037449][ T1793] ? memset+0x1f/0x40 [ 1654.041429][ T1793] ? fsnotify+0x1280/0x1340 [ 1654.045919][ T1793] ? loop_remove+0xa0/0xa0 [ 1654.050321][ T1793] do_vfs_ioctl+0x742/0x1720 [ 1654.054898][ T1793] ? ioctl_preallocate+0x250/0x250 [ 1654.060004][ T1793] ? __fget+0x407/0x490 [ 1654.064156][ T1793] ? fget_many+0x20/0x20 [ 1654.068381][ T1793] ? debug_smp_processor_id+0x20/0x20 [ 1654.073736][ T1793] ? security_file_ioctl+0x7d/0xa0 [ 1654.078831][ T1793] __x64_sys_ioctl+0xd4/0x110 [ 1654.083494][ T1793] do_syscall_64+0xca/0x1c0 [ 1654.087984][ T1793] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1654.094907][ T1793] ------------[ cut here ]------------ [ 1654.100469][ T1793] WARNING: CPU: 0 PID: 1793 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1654.109460][ T1793] Modules linked in: [ 1654.113347][ T1793] CPU: 0 PID: 1793 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1654.123296][ T1793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1654.133347][ T1793] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1654.139137][ T1793] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1654.158722][ T1793] RSP: 0018:ffff8881ea50fa20 EFLAGS: 00010246 [ 1654.164775][ T1793] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1654.172734][ T1793] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1654.180694][ T1793] RBP: ffff8881ea50fb58 R08: ffffffff821a576c R09: ffffea00077a4c00 [ 1654.188650][ T1793] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881f2bcd000 [ 1654.196612][ T1793] R13: dffffc0000000000 R14: ffff8881f2bcd070 R15: 1ffff1103e579a9d [ 1654.204565][ T1793] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1654.213463][ T1793] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1654.220014][ T1793] CR2: 00007fc958871718 CR3: 00000001eddb8000 CR4: 00000000003406f0 [ 1654.228045][ T1793] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1654.236009][ T1793] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1654.243949][ T1793] Call Trace: [ 1654.247232][ T1793] ? device_add_disk+0x30/0x30 [ 1654.251964][ T1793] ? vsprintf+0x30/0x30 [ 1654.256086][ T1793] ? __alloc_disk_node+0x459/0x5a0 [ 1654.261164][ T1793] loop_add+0x573/0x740 [ 1654.265291][ T1793] loop_control_ioctl+0x448/0x620 [ 1654.270288][ T1793] ? loop_remove+0xa0/0xa0 [ 1654.274674][ T1793] ? memset+0x1f/0x40 [ 1654.278645][ T1793] ? fsnotify+0x1280/0x1340 [ 1654.283119][ T1793] ? loop_remove+0xa0/0xa0 [ 1654.287504][ T1793] do_vfs_ioctl+0x742/0x1720 13:54:31 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 62) 13:54:31 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\n\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:31 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) ioctl$LOOP_SET_FD(r1, 0x4c00, r2) (async, rerun: 64) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (rerun: 64) 13:54:31 executing program 0: ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan1\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan1\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan3\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x90, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_LEVEL={0x2c, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x2}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_LEVEL={0x4}]}, 0x90}, 0x1, 0x0, 0x0, 0x20040801}, 0x8041) (async, rerun: 32) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async, rerun: 32) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:31 executing program 5: socket(0xa, 0x2, 0xff) r0 = socket$inet(0x2, 0x2, 0x95) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000100)={'filter\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000000)={'broute\x00', 0x0, 0x0, 0x0, [0x80000000, 0x74, 0x80, 0x3, 0x7f, 0x5]}, &(0x7f0000000080)=0x78) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000180)) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) r2 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r2, 0x0, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f00000000c0)=ANY=[@ANYRES32=r1], 0x68) socket(0xa, 0x2, 0xff) (async) socket$inet(0x2, 0x2, 0x95) (async) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000100)={'filter\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) (async) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000000)={'broute\x00', 0x0, 0x0, 0x0, [0x80000000, 0x74, 0x80, 0x3, 0x7f, 0x5]}, &(0x7f0000000080)=0x78) (async) socket$inet_udp(0x2, 0x2, 0x0) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000180)) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) accept$inet(r2, 0x0, 0x0) (async) setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f00000000c0)=ANY=[@ANYRES32=r1], 0x68) (async) 13:54:31 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\v\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1654.292073][ T1793] ? ioctl_preallocate+0x250/0x250 [ 1654.297171][ T1793] ? __fget+0x407/0x490 [ 1654.301305][ T1793] ? fget_many+0x20/0x20 [ 1654.305521][ T1793] ? debug_smp_processor_id+0x20/0x20 [ 1654.310876][ T1793] ? security_file_ioctl+0x7d/0xa0 [ 1654.315961][ T1793] __x64_sys_ioctl+0xd4/0x110 [ 1654.320608][ T1793] do_syscall_64+0xca/0x1c0 [ 1654.325082][ T1793] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1654.330941][ T1793] ---[ end trace bc12ee340783dbed ]--- 13:54:31 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\v\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:31 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\f\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1654.369908][ T1829] Module has invalid ELF structures [ 1654.375628][ T1830] Module has invalid ELF structures 13:54:31 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) 13:54:31 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 13:54:31 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) (async) 13:54:31 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\f\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1654.410928][ T1839] Module has invalid ELF structures [ 1654.419556][ T1831] FAULT_INJECTION: forcing a failure. [ 1654.419556][ T1831] name failslab, interval 1, probability 0, space 0, times 0 [ 1654.436603][ T1842] Module has invalid ELF structures [ 1654.448271][ T1831] CPU: 0 PID: 1831 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1654.451682][ T1849] Module has invalid ELF structures [ 1654.458060][ T1831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1654.458064][ T1831] Call Trace: [ 1654.458080][ T1831] dump_stack+0x1d8/0x241 [ 1654.458088][ T1831] ? panic+0x73f/0x73f [ 1654.458103][ T1831] ? mutex_unlock+0x18/0x40 [ 1654.489406][ T1831] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1654.495204][ T1831] ? selinux_kernfs_init_security+0x14e/0x730 [ 1654.501256][ T1831] ? idr_alloc_cyclic+0x369/0x5d0 [ 1654.506258][ T1831] should_fail+0x71f/0x880 [ 1654.510651][ T1831] ? setup_fault_attr+0x3d0/0x3d0 [ 1654.515662][ T1831] ? _raw_spin_lock+0xa4/0x1b0 [ 1654.520403][ T1831] ? __kernfs_new_node+0xdb/0x6e0 [ 1654.525434][ T1831] should_failslab+0x5/0x20 [ 1654.529940][ T1831] kmem_cache_alloc+0x24/0x220 [ 1654.534678][ T1831] __kernfs_new_node+0xdb/0x6e0 [ 1654.539502][ T1831] ? kernfs_new_node+0x160/0x160 [ 1654.544409][ T1831] ? mutex_lock+0xa5/0x110 [ 1654.548795][ T1831] ? mutex_trylock+0xa0/0xa0 [ 1654.553357][ T1831] ? kernfs_activate+0x2fe/0x320 [ 1654.558265][ T1831] kernfs_new_node+0x95/0x160 [ 1654.562915][ T1831] __kernfs_create_file+0x45/0x260 [ 1654.568021][ T1831] sysfs_add_file_mode_ns+0x292/0x340 [ 1654.573367][ T1831] sysfs_merge_group+0x1fe/0x450 [ 1654.578277][ T1831] ? sysfs_remove_groups+0xa0/0xa0 [ 1654.583358][ T1831] ? device_create_file+0xea/0x1b0 [ 1654.588438][ T1831] ? bus_add_device+0x92/0x3f0 [ 1654.593195][ T1831] dpm_sysfs_add+0xcf/0x270 [ 1654.597680][ T1831] device_add+0x536/0xbb0 [ 1654.602001][ T1831] device_create_vargs+0x1b9/0x210 [ 1654.607099][ T1831] device_create+0xea/0x130 [ 1654.611582][ T1831] ? device_create_vargs+0x210/0x210 [ 1654.616845][ T1831] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1654.622545][ T1831] bdi_register_va+0x84/0x600 [ 1654.627205][ T1831] bdi_register+0xd1/0x120 [ 1654.631599][ T1831] ? __device_add_disk+0x551/0x1220 [ 1654.636771][ T1831] ? bdi_register_va+0x600/0x600 [ 1654.641684][ T1831] ? percpu_ref_resurrect+0x113/0x190 [ 1654.647027][ T1831] bdi_register_owner+0x55/0xf0 [ 1654.651850][ T1831] __device_add_disk+0x5d1/0x1220 [ 1654.656846][ T1831] ? device_add_disk+0x30/0x30 [ 1654.661582][ T1831] ? vsprintf+0x30/0x30 [ 1654.665710][ T1831] ? __alloc_disk_node+0x459/0x5a0 [ 1654.670800][ T1831] loop_add+0x573/0x740 [ 1654.674929][ T1831] loop_control_ioctl+0x448/0x620 [ 1654.679939][ T1831] ? loop_remove+0xa0/0xa0 [ 1654.684330][ T1831] ? memset+0x1f/0x40 [ 1654.688305][ T1831] ? fsnotify+0x1280/0x1340 [ 1654.692778][ T1831] ? loop_remove+0xa0/0xa0 [ 1654.697169][ T1831] do_vfs_ioctl+0x742/0x1720 [ 1654.701748][ T1831] ? ioctl_preallocate+0x250/0x250 [ 1654.706841][ T1831] ? __fget+0x407/0x490 [ 1654.710972][ T1831] ? fget_many+0x20/0x20 [ 1654.715195][ T1831] ? debug_smp_processor_id+0x20/0x20 [ 1654.720543][ T1831] ? security_file_ioctl+0x7d/0xa0 [ 1654.725655][ T1831] __x64_sys_ioctl+0xd4/0x110 [ 1654.730314][ T1831] do_syscall_64+0xca/0x1c0 [ 1654.734798][ T1831] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1654.742630][ T1831] ------------[ cut here ]------------ [ 1654.748089][ T1831] WARNING: CPU: 0 PID: 1831 at block/genhd.c:742 __device_add_disk+0xea1/0x1220 [ 1654.757091][ T1831] Modules linked in: [ 1654.760960][ T1831] CPU: 0 PID: 1831 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1654.770725][ T1831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1654.780755][ T1831] RIP: 0010:__device_add_disk+0xea1/0x1220 [ 1654.786531][ T1831] Code: ff ff e8 72 d6 48 ff 0f 0b e9 52 f3 ff ff e8 66 d6 48 ff 0f 0b 42 80 3c 2b 00 0f 85 ac f8 ff ff e9 af f8 ff ff e8 4f d6 48 ff <0f> 0b e9 41 f7 ff ff e8 43 d6 48 ff e9 18 ff ff ff 44 89 f9 80 e1 [ 1654.806136][ T1831] RSP: 0018:ffff8881ead0fa20 EFLAGS: 00010246 [ 1654.812175][ T1831] RAX: ffffffff821a6031 RBX: 00000000fffffff4 RCX: 0000000000040000 [ 1654.820118][ T1831] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1654.828071][ T1831] RBP: ffff8881ead0fb58 R08: ffffffff821a576c R09: ffffea00073c0540 [ 1654.836012][ T1831] R10: ffffffff84600000 R11: dffffc0000000000 R12: ffff8881e7e6c000 [ 1654.843965][ T1831] R13: dffffc0000000000 R14: ffff8881e7e6c070 R15: 1ffff1103cfcd89d [ 1654.851921][ T1831] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1654.860818][ T1831] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1654.867372][ T1831] CR2: 00007fb0a9cbae10 CR3: 00000001f35df000 CR4: 00000000003406f0 [ 1654.875315][ T1831] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1654.883258][ T1831] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1654.891206][ T1831] Call Trace: [ 1654.894477][ T1831] ? device_add_disk+0x30/0x30 [ 1654.899210][ T1831] ? vsprintf+0x30/0x30 [ 1654.903362][ T1831] ? __alloc_disk_node+0x459/0x5a0 [ 1654.908444][ T1831] loop_add+0x573/0x740 [ 1654.912571][ T1831] loop_control_ioctl+0x448/0x620 [ 1654.917565][ T1831] ? loop_remove+0xa0/0xa0 [ 1654.921958][ T1831] ? memset+0x1f/0x40 [ 1654.925912][ T1831] ? fsnotify+0x1280/0x1340 [ 1654.930385][ T1831] ? loop_remove+0xa0/0xa0 [ 1654.934775][ T1831] do_vfs_ioctl+0x742/0x1720 [ 1654.939366][ T1831] ? ioctl_preallocate+0x250/0x250 [ 1654.944469][ T1831] ? __fget+0x407/0x490 [ 1654.948602][ T1831] ? fget_many+0x20/0x20 [ 1654.952829][ T1831] ? debug_smp_processor_id+0x20/0x20 [ 1654.958214][ T1831] ? security_file_ioctl+0x7d/0xa0 [ 1654.963308][ T1831] __x64_sys_ioctl+0xd4/0x110 [ 1654.967960][ T1831] do_syscall_64+0xca/0x1c0 [ 1654.972440][ T1831] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1654.978307][ T1831] ---[ end trace bc12ee340783dbee ]--- [ 1654.985037][ T22] audit: type=1326 audit(1676296471.789:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1850 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=230 compat=0 ip=0x7f7d08d83e21 code=0x80000 13:54:31 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 63) 13:54:31 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\r\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:31 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\r\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1655.012288][ T22] audit: type=1326 audit(1676296471.799:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1850 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=317 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1655.043316][ T1862] Module has invalid ELF structures [ 1655.050791][ T1863] Module has invalid ELF structures [ 1655.061047][ T1864] FAULT_INJECTION: forcing a failure. [ 1655.061047][ T1864] name failslab, interval 1, probability 0, space 0, times 0 [ 1655.073700][ T1864] CPU: 1 PID: 1864 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1655.083478][ T1864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1655.093515][ T1864] Call Trace: [ 1655.096791][ T1864] dump_stack+0x1d8/0x241 [ 1655.101119][ T1864] ? panic+0x73f/0x73f [ 1655.105178][ T1864] ? stack_trace_save+0x1c0/0x1c0 [ 1655.110186][ T1864] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1655.115977][ T1864] ? arch_stack_walk+0x111/0x140 [ 1655.120903][ T1864] should_fail+0x71f/0x880 [ 1655.125313][ T1864] ? setup_fault_attr+0x3d0/0x3d0 [ 1655.130324][ T1864] ? stack_trace_save+0x118/0x1c0 [ 1655.135334][ T1864] ? stack_trace_snprint+0x170/0x170 [ 1655.140605][ T1864] ? radix_tree_node_alloc+0x190/0x380 [ 1655.146050][ T1864] should_failslab+0x5/0x20 [ 1655.150540][ T1864] kmem_cache_alloc+0x24/0x220 [ 1655.155301][ T1864] radix_tree_node_alloc+0x190/0x380 [ 1655.160573][ T1864] ? kernfs_new_node+0x95/0x160 [ 1655.165407][ T1864] ? __kernfs_create_file+0x45/0x260 [ 1655.170675][ T1864] ? sysfs_add_file_mode_ns+0x292/0x340 [ 1655.176238][ T1864] ? sysfs_merge_group+0x1fe/0x450 [ 1655.181340][ T1864] idr_get_free+0x26b/0x850 [ 1655.185834][ T1864] idr_alloc_cyclic+0x1dc/0x5d0 [ 1655.190671][ T1864] ? idr_alloc+0x2f0/0x2f0 [ 1655.195074][ T1864] ? _raw_spin_lock+0xa4/0x1b0 [ 1655.199824][ T1864] ? __radix_tree_preload+0x212/0x260 [ 1655.205182][ T1864] __kernfs_new_node+0x122/0x6e0 [ 1655.210106][ T1864] ? kernfs_new_node+0x160/0x160 [ 1655.215028][ T1864] ? mutex_lock+0xd6/0x110 [ 1655.219429][ T1864] ? mutex_trylock+0xa0/0xa0 [ 1655.224011][ T1864] ? kernfs_activate+0x2fe/0x320 [ 1655.228932][ T1864] kernfs_new_node+0x95/0x160 [ 1655.233601][ T1864] __kernfs_create_file+0x45/0x260 [ 1655.238733][ T1864] sysfs_add_file_mode_ns+0x292/0x340 [ 1655.244092][ T1864] sysfs_merge_group+0x1fe/0x450 [ 1655.249025][ T1864] ? sysfs_remove_groups+0xa0/0xa0 [ 1655.254127][ T1864] ? device_create_file+0xea/0x1b0 [ 1655.259226][ T1864] ? bus_add_device+0x92/0x3f0 [ 1655.263979][ T1864] dpm_sysfs_add+0xcf/0x270 [ 1655.268472][ T1864] device_add+0x536/0xbb0 [ 1655.272794][ T1864] device_create_vargs+0x1b9/0x210 [ 1655.277895][ T1864] device_create+0xea/0x130 [ 1655.282386][ T1864] ? device_create_vargs+0x210/0x210 [ 1655.287663][ T1864] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1655.293366][ T1864] bdi_register_va+0x84/0x600 [ 1655.298035][ T1864] bdi_register+0xd1/0x120 [ 1655.302440][ T1864] ? __device_add_disk+0x551/0x1220 [ 1655.307621][ T1864] ? bdi_register_va+0x600/0x600 [ 1655.312590][ T1864] ? percpu_ref_resurrect+0x113/0x190 [ 1655.317937][ T1864] bdi_register_owner+0x55/0xf0 [ 1655.322761][ T1864] __device_add_disk+0x5d1/0x1220 [ 1655.327766][ T1864] ? device_add_disk+0x30/0x30 [ 1655.332508][ T1864] ? vsprintf+0x30/0x30 [ 1655.336640][ T1864] ? __alloc_disk_node+0x459/0x5a0 [ 1655.341727][ T1864] loop_add+0x573/0x740 [ 1655.345860][ T1864] loop_control_ioctl+0x448/0x620 [ 1655.350878][ T1864] ? loop_remove+0xa0/0xa0 [ 1655.355272][ T1864] ? memset+0x1f/0x40 [ 1655.359228][ T1864] ? fsnotify+0x1280/0x1340 13:54:32 executing program 0: ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan1\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wpan1\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wpan3\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x90, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r0}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_LEVEL={0x2c, 0x22, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x6}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x2}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x1}, @NL802154_SECLEVEL_ATTR_FRAME={0x8}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_LEVEL={0x4}]}, 0x90}, 0x1, 0x0, 0x0, 0x20040801}, 0x8041) (async, rerun: 32) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async, rerun: 32) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() 13:54:32 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) 13:54:32 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async) 13:54:32 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x0e\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x0e\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1655.363734][ T1864] ? loop_remove+0xa0/0xa0 [ 1655.368125][ T1864] do_vfs_ioctl+0x742/0x1720 [ 1655.372689][ T1864] ? ioctl_preallocate+0x250/0x250 [ 1655.377772][ T1864] ? __fget+0x407/0x490 [ 1655.381915][ T1864] ? fget_many+0x20/0x20 [ 1655.386132][ T1864] ? debug_smp_processor_id+0x20/0x20 [ 1655.391475][ T1864] ? security_file_ioctl+0x7d/0xa0 [ 1655.396557][ T1864] __x64_sys_ioctl+0xd4/0x110 [ 1655.401206][ T1864] do_syscall_64+0xca/0x1c0 [ 1655.405685][ T1864] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:32 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x10\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x2, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x7fff) 13:54:32 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 64) 13:54:32 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x10\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x2, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x7fff) 13:54:32 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x11\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x2, 0x0) (async) ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x7fff) [ 1655.427981][ T1868] Module has invalid ELF structures [ 1655.441802][ T1872] Module has invalid ELF structures [ 1655.455663][ T1875] Module has invalid ELF structures [ 1655.482448][ T1884] Module has invalid ELF structures [ 1655.484983][ T1881] Module has invalid ELF structures [ 1655.513274][ T1883] FAULT_INJECTION: forcing a failure. [ 1655.513274][ T1883] name failslab, interval 1, probability 0, space 0, times 0 [ 1655.531597][ T1883] CPU: 0 PID: 1883 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1655.541395][ T1883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1655.551430][ T1883] Call Trace: [ 1655.554700][ T1883] dump_stack+0x1d8/0x241 [ 1655.559007][ T1883] ? panic+0x73f/0x73f [ 1655.563053][ T1883] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1655.568827][ T1883] ? mutex_unlock+0x18/0x40 [ 1655.573302][ T1883] ? kernfs_add_one+0x49a/0x5b0 [ 1655.578129][ T1883] should_fail+0x71f/0x880 [ 1655.582520][ T1883] ? setup_fault_attr+0x3d0/0x3d0 [ 1655.587519][ T1883] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1655.592950][ T1883] ? _raw_spin_lock+0x1b0/0x1b0 [ 1655.597771][ T1883] ? sysfs_merge_group+0x3a5/0x450 [ 1655.602891][ T1883] ? kobject_uevent_env+0x258/0x6e0 [ 1655.608068][ T1883] should_failslab+0x5/0x20 [ 1655.612552][ T1883] kmem_cache_alloc_trace+0x28/0x240 [ 1655.617806][ T1883] ? dev_uevent_filter+0xb0/0xb0 [ 1655.622714][ T1883] kobject_uevent_env+0x258/0x6e0 [ 1655.627728][ T1883] device_add+0x797/0xbb0 [ 1655.632047][ T1883] device_create_vargs+0x1b9/0x210 [ 1655.637127][ T1883] device_create+0xea/0x130 [ 1655.641605][ T1883] ? device_create_vargs+0x210/0x210 [ 1655.646863][ T1883] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1655.652556][ T1883] bdi_register_va+0x84/0x600 [ 1655.657207][ T1883] bdi_register+0xd1/0x120 [ 1655.661594][ T1883] ? __device_add_disk+0x551/0x1220 [ 1655.666778][ T1883] ? bdi_register_va+0x600/0x600 [ 1655.671686][ T1883] ? percpu_ref_resurrect+0x113/0x190 [ 1655.677028][ T1883] bdi_register_owner+0x55/0xf0 [ 1655.681849][ T1883] __device_add_disk+0x5d1/0x1220 [ 1655.686850][ T1883] ? device_add_disk+0x30/0x30 [ 1655.691584][ T1883] ? vsprintf+0x30/0x30 [ 1655.695712][ T1883] ? __alloc_disk_node+0x459/0x5a0 [ 1655.700805][ T1883] loop_add+0x573/0x740 [ 1655.704937][ T1883] loop_control_ioctl+0x448/0x620 [ 1655.709933][ T1883] ? loop_remove+0xa0/0xa0 [ 1655.714324][ T1883] ? memset+0x1f/0x40 [ 1655.718287][ T1883] ? fsnotify+0x1280/0x1340 [ 1655.722761][ T1883] ? loop_remove+0xa0/0xa0 [ 1655.727179][ T1883] do_vfs_ioctl+0x742/0x1720 13:54:32 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000140)=""/108, 0x1107000, 0x1000, 0x65b, 0x2}, 0x20) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$HIDIOCGRDESCSIZE(r1, 0x80044801, &(0x7f0000000080)) setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000040)=0x2080, 0x4) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002dbd7000fcdbdf25010000000800179ae841f518c2db0100000000000800010001000000080001005cd9d7765c73c8aa020000000800010002000000080001000000000008000100020000000800020002000000080001000300000008000100030000004a184c0d1e520bb895a654411244e292b63d9e91d171e973eab1483801074d09b2b0c27c154bff62339487d32260ad6f14dbc9233d17007a795625b46d50601083fd4608a25ba7e9fcb8a23516d02f6bf0e03a6070a486781ed1a0d2e6ddb782b5667ebef799"], 0x64}}, 0x0) 13:54:32 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x12\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x11\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 13:54:32 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 65) 13:54:32 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000140)=""/108, 0x1107000, 0x1000, 0x65b, 0x2}, 0x20) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$HIDIOCGRDESCSIZE(r1, 0x80044801, &(0x7f0000000080)) setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000040)=0x2080, 0x4) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002dbd7000fcdbdf25010000000800179ae841f518c2db0100000000000800010001000000080001005cd9d7765c73c8aa020000000800010002000000080001000000000008000100020000000800020002000000080001000300000008000100030000004a184c0d1e520bb895a654411244e292b63d9e91d171e973eab1483801074d09b2b0c27c154bff62339487d32260ad6f14dbc9233d17007a795625b46d50601083fd4608a25ba7e9fcb8a23516d02f6bf0e03a6070a486781ed1a0d2e6ddb782b5667ebef799"], 0x64}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000140)=""/108, 0x1107000, 0x1000, 0x65b, 0x2}, 0x20) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) ioctl$HIDIOCGRDESCSIZE(r1, 0x80044801, &(0x7f0000000080)) (async) setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000040)=0x2080, 0x4) (async) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002dbd7000fcdbdf25010000000800179ae841f518c2db0100000000000800010001000000080001005cd9d7765c73c8aa020000000800010002000000080001000000000008000100020000000800020002000000080001000300000008000100030000004a184c0d1e520bb895a654411244e292b63d9e91d171e973eab1483801074d09b2b0c27c154bff62339487d32260ad6f14dbc9233d17007a795625b46d50601083fd4608a25ba7e9fcb8a23516d02f6bf0e03a6070a486781ed1a0d2e6ddb782b5667ebef799"], 0x64}}, 0x0) (async) [ 1655.731744][ T1883] ? ioctl_preallocate+0x250/0x250 [ 1655.736831][ T1883] ? __fget+0x407/0x490 [ 1655.740973][ T1883] ? fget_many+0x20/0x20 [ 1655.745187][ T1883] ? debug_smp_processor_id+0x20/0x20 [ 1655.750528][ T1883] ? security_file_ioctl+0x7d/0xa0 [ 1655.755610][ T1883] __x64_sys_ioctl+0xd4/0x110 [ 1655.760303][ T1883] do_syscall_64+0xca/0x1c0 [ 1655.764779][ T1883] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:32 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y%\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000140)=""/108, 0x1107000, 0x1000, 0x65b, 0x2}, 0x20) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) ioctl$HIDIOCGRDESCSIZE(r1, 0x80044801, &(0x7f0000000080)) setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000040)=0x2080, 0x4) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002dbd7000fcdbdf25010000000800179ae841f518c2db0100000000000800010001000000080001005cd9d7765c73c8aa020000000800010002000000080001000000000008000100020000000800020002000000080001000300000008000100030000004a184c0d1e520bb895a654411244e292b63d9e91d171e973eab1483801074d09b2b0c27c154bff62339487d32260ad6f14dbc9233d17007a795625b46d50601083fd4608a25ba7e9fcb8a23516d02f6bf0e03a6070a486781ed1a0d2e6ddb782b5667ebef799"], 0x64}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000140)=""/108, 0x1107000, 0x1000, 0x65b, 0x2}, 0x20) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) ioctl$HIDIOCGRDESCSIZE(r1, 0x80044801, &(0x7f0000000080)) (async) setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000040)=0x2080, 0x4) (async) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="04002dbd7000fcdbdf25010000000800179ae841f518c2db0100000000000800010001000000080001005cd9d7765c73c8aa020000000800010002000000080001000000000008000100020000000800020002000000080001000300000008000100030000004a184c0d1e520bb895a654411244e292b63d9e91d171e973eab1483801074d09b2b0c27c154bff62339487d32260ad6f14dbc9233d17007a795625b46d50601083fd4608a25ba7e9fcb8a23516d02f6bf0e03a6070a486781ed1a0d2e6ddb782b5667ebef799"], 0x64}}, 0x0) (async) 13:54:32 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x12\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1655.803775][ T1905] Module has invalid ELF structures [ 1655.805187][ T1911] Module has invalid ELF structures [ 1655.833214][ T1922] Module has invalid ELF structures [ 1655.841653][ T1909] FAULT_INJECTION: forcing a failure. [ 1655.841653][ T1909] name failslab, interval 1, probability 0, space 0, times 0 13:54:32 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) io_uring_register$IORING_UNREGISTER_FILES(r0, 0x3, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r2) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 13:54:32 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\x0ev\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000000)) socket$pppl2tp(0x18, 0x1, 0x1) socket$inet_udplite(0x2, 0x2, 0x88) getgid() r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$FUSE_WRITE(r0, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0x3}}, 0x18) read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_IOCTL(r0, &(0x7f0000000080)={0x20, 0x0, r1, {0x0, 0x0, 0x2, 0x4}}, 0x20) [ 1655.848402][ T1923] Module has invalid ELF structures [ 1655.863581][ T1909] CPU: 0 PID: 1909 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1655.873375][ T1909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1655.877494][ T1936] Module has invalid ELF structures [ 1655.883412][ T1909] Call Trace: [ 1655.883428][ T1909] dump_stack+0x1d8/0x241 [ 1655.883442][ T1909] ? panic+0x73f/0x73f [ 1655.900225][ T1909] ? bdi_register_owner+0x55/0xf0 [ 1655.905273][ T1909] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1655.911075][ T1909] ? do_vfs_ioctl+0x742/0x1720 [ 1655.912756][ T1939] Module has invalid ELF structures [ 1655.915844][ T1909] ? do_syscall_64+0xca/0x1c0 [ 1655.915855][ T1909] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1655.915871][ T1909] should_fail+0x71f/0x880 [ 1655.921175][ T1940] Module has invalid ELF structures [ 1655.925690][ T1909] ? setup_fault_attr+0x3d0/0x3d0 [ 1655.925701][ T1909] ? kobject_get_path+0xb3/0x190 [ 1655.925715][ T1909] should_failslab+0x5/0x20 [ 1655.955697][ T1909] __kmalloc+0x51/0x2b0 [ 1655.956121][ T1943] Module has invalid ELF structures [ 1655.959839][ T1909] kobject_get_path+0xb3/0x190 [ 1655.959849][ T1909] kobject_uevent_env+0x26f/0x6e0 [ 1655.959860][ T1909] device_add+0x797/0xbb0 [ 1655.959873][ T1909] device_create_vargs+0x1b9/0x210 [ 1655.965143][ T1944] Module has invalid ELF structures [ 1655.969789][ T1909] device_create+0xea/0x130 [ 1655.969799][ T1909] ? device_create_vargs+0x210/0x210 [ 1655.969809][ T1909] ? __percpu_ref_switch_mode+0x36d/0x5b0 13:54:32 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\x10v\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00YH\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00YL\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\v\n\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1655.969822][ T1909] bdi_register_va+0x84/0x600 [ 1656.009453][ T1909] bdi_register+0xd1/0x120 [ 1656.013859][ T1909] ? __device_add_disk+0x551/0x1220 [ 1656.019026][ T1909] ? bdi_register_va+0x600/0x600 [ 1656.023931][ T1909] ? percpu_ref_resurrect+0x113/0x190 [ 1656.029277][ T1909] bdi_register_owner+0x55/0xf0 [ 1656.034112][ T1909] __device_add_disk+0x5d1/0x1220 [ 1656.039103][ T1909] ? device_add_disk+0x30/0x30 [ 1656.043864][ T1909] ? vsprintf+0x30/0x30 [ 1656.047989][ T1909] ? __alloc_disk_node+0x459/0x5a0 [ 1656.053069][ T1909] loop_add+0x573/0x740 [ 1656.057199][ T1909] loop_control_ioctl+0x448/0x620 [ 1656.062200][ T1909] ? loop_remove+0xa0/0xa0 [ 1656.066584][ T1909] ? memset+0x1f/0x40 [ 1656.070569][ T1909] ? fsnotify+0x1280/0x1340 [ 1656.075057][ T1909] ? loop_remove+0xa0/0xa0 [ 1656.079448][ T1909] do_vfs_ioctl+0x742/0x1720 [ 1656.084074][ T1909] ? ioctl_preallocate+0x250/0x250 [ 1656.089155][ T1909] ? __fget+0x407/0x490 [ 1656.093305][ T1909] ? fget_many+0x20/0x20 [ 1656.097543][ T1909] ? debug_smp_processor_id+0x20/0x20 13:54:32 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 66) 13:54:32 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y`\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\v%\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async, rerun: 32) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (rerun: 32) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) io_uring_register$IORING_UNREGISTER_FILES(r0, 0x3, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r2) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 13:54:32 executing program 5: r0 = accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, &(0x7f0000000040)=0x10) r1 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) r3 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r3, 0x0, 0x0) getsockopt$inet_mreqsrc(r3, 0x0, 0x26, &(0x7f0000000100)={@loopback, @dev, @dev}, &(0x7f0000000140)=0xc) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000240)={@multicast2, @local, r2}, 0xc) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="67726578f4e0c7c3f0abeba4836c6e5b", @ANYRES32=r2, @ANYBLOB="00200040000000030000000048090020006400003f049078ac141428ac1414bb440c3d93e00000010000003f"]}) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:32 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000000)) socket$pppl2tp(0x18, 0x1, 0x1) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$FUSE_WRITE(r0, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0x3}}, 0x18) (async, rerun: 32) read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) (rerun: 32) write$FUSE_IOCTL(r0, &(0x7f0000000080)={0x20, 0x0, r1, {0x0, 0x0, 0x2, 0x4}}, 0x20) 13:54:32 executing program 5: r0 = accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, &(0x7f0000000040)=0x10) (async) r1 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) r3 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r3, 0x0, 0x0) (async) getsockopt$inet_mreqsrc(r3, 0x0, 0x26, &(0x7f0000000100)={@loopback, @dev, @dev}, &(0x7f0000000140)=0xc) (async) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000240)={@multicast2, @local, r2}, 0xc) (async, rerun: 32) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="67726578f4e0c7c3f0abeba4836c6e5b", @ANYRES32=r2, @ANYBLOB="00200040000000030000000048090020006400003f049078ac141428ac1414bb440c3d93e00000010000003f"]}) (rerun: 32) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:32 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000000)) socket$pppl2tp(0x18, 0x1, 0x1) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$FUSE_WRITE(r0, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0x3}}, 0x18) read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_IOCTL(r0, &(0x7f0000000080)={0x20, 0x0, r1, {0x0, 0x0, 0x2, 0x4}}, 0x20) 13:54:32 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x02\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Yh\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:32 executing program 1: openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0) (async) io_uring_register$IORING_UNREGISTER_FILES(r0, 0x3, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r2, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r2) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) 13:54:32 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x8, 0x9, 0x7, 0x2}, {0x0, 0x8, 0x0, 0x20}]}) [ 1656.102914][ T1909] ? security_file_ioctl+0x7d/0xa0 [ 1656.107995][ T1909] __x64_sys_ioctl+0xd4/0x110 [ 1656.112643][ T1909] do_syscall_64+0xca/0x1c0 [ 1656.117119][ T1909] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1656.143160][ T1951] Module has invalid ELF structures [ 1656.144681][ T1956] Module has invalid ELF structures [ 1656.184091][ T22] audit: type=1326 audit(1676296472.989:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1968 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1656.186272][ T1973] Module has invalid ELF structures [ 1656.213161][ T1974] Module has invalid ELF structures [ 1656.235407][ T1975] FAULT_INJECTION: forcing a failure. [ 1656.235407][ T1975] name failslab, interval 1, probability 0, space 0, times 0 [ 1656.252270][ T1975] CPU: 1 PID: 1975 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1656.262072][ T1975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1656.272109][ T1975] Call Trace: [ 1656.275391][ T1975] dump_stack+0x1d8/0x241 [ 1656.279721][ T1975] ? panic+0x73f/0x73f [ 1656.283787][ T1975] ? bdi_register_owner+0x55/0xf0 [ 1656.288807][ T1975] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1656.294603][ T1975] ? do_vfs_ioctl+0x742/0x1720 [ 1656.299362][ T1975] ? do_syscall_64+0xca/0x1c0 [ 1656.304032][ T1975] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1656.310082][ T1975] should_fail+0x71f/0x880 [ 1656.314487][ T1975] ? setup_fault_attr+0x3d0/0x3d0 [ 1656.319497][ T1975] ? kobject_get_path+0xb3/0x190 [ 1656.324419][ T1975] should_failslab+0x5/0x20 [ 1656.328951][ T1975] __kmalloc+0x51/0x2b0 [ 1656.333094][ T1975] kobject_get_path+0xb3/0x190 [ 1656.337844][ T1975] kobject_uevent_env+0x26f/0x6e0 [ 1656.342874][ T1975] device_add+0x797/0xbb0 [ 1656.347187][ T1975] device_create_vargs+0x1b9/0x210 [ 1656.352285][ T1975] device_create+0xea/0x130 [ 1656.356786][ T1975] ? device_create_vargs+0x210/0x210 [ 1656.362062][ T1975] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1656.367763][ T1975] bdi_register_va+0x84/0x600 [ 1656.372423][ T1975] bdi_register+0xd1/0x120 [ 1656.376824][ T1975] ? __device_add_disk+0x551/0x1220 [ 1656.382012][ T1975] ? bdi_register_va+0x600/0x600 [ 1656.386938][ T1975] ? percpu_ref_resurrect+0x113/0x190 [ 1656.392294][ T1975] bdi_register_owner+0x55/0xf0 [ 1656.397132][ T1975] __device_add_disk+0x5d1/0x1220 [ 1656.402140][ T1975] ? device_add_disk+0x30/0x30 [ 1656.406885][ T1975] ? vsprintf+0x30/0x30 [ 1656.411029][ T1975] ? __alloc_disk_node+0x459/0x5a0 [ 1656.416124][ T1975] loop_add+0x573/0x740 [ 1656.420289][ T1975] loop_control_ioctl+0x448/0x620 [ 1656.425302][ T1975] ? loop_remove+0xa0/0xa0 [ 1656.429735][ T1975] ? memset+0x1f/0x40 13:54:33 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 67) 13:54:33 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f00000000c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) getresuid(&(0x7f0000002100), &(0x7f0000002140), &(0x7f0000002180)=0x0) write$FUSE_CREATE_OPEN(r1, &(0x7f00000021c0)={0xa0, 0x0, r2, {{0x0, 0x2, 0x4, 0x101, 0x6, 0x1, {0x0, 0x1, 0xffffffffffffff01, 0x7000, 0xf9ef, 0x9, 0x80000001, 0x9, 0xcf, 0x4000, 0x8001, r4, r3, 0x10000, 0xd299}}, {0x0, 0x1d}}}, 0xa0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002280), 0x2, 0x0) read$FUSE(r1, &(0x7f00000022c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_STATFS(r5, &(0x7f0000004300)={0x60, 0x0, r6, {{0xb176, 0x8, 0xffffffffffffffff, 0x7fffffff, 0x8000000000000001, 0x8, 0x0, 0x101}}}, 0x60) ioctl$PPPIOCGMRU(0xffffffffffffffff, 0x80047453, &(0x7f0000000040)) write$FUSE_STATFS(r1, &(0x7f0000004380)={0x60, 0x0, r2, {{0x7ff, 0x5, 0x45c4, 0x8, 0x3, 0x8, 0x8001, 0xf40}}}, 0x60) 13:54:33 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x03\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:33 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Yl\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:33 executing program 5: r0 = accept$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @remote}, &(0x7f0000000040)=0x10) r1 = socket$igmp(0x2, 0x3, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', 0x0}) (async) r3 = socket$igmp(0x2, 0x3, 0x2) accept$inet(r3, 0x0, 0x0) (async) getsockopt$inet_mreqsrc(r3, 0x0, 0x26, &(0x7f0000000100)={@loopback, @dev, @dev}, &(0x7f0000000140)=0xc) (async) setsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000240)={@multicast2, @local, r2}, 0xc) (async) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="67726578f4e0c7c3f0abeba4836c6e5b", @ANYRES32=r2, @ANYBLOB="00200040000000030000000048090020006400003f049078ac141428ac1414bb440c3d93e00000010000003f"]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) [ 1656.433701][ T1975] ? fsnotify+0x1280/0x1340 [ 1656.438187][ T1975] ? loop_remove+0xa0/0xa0 [ 1656.442618][ T1975] do_vfs_ioctl+0x742/0x1720 [ 1656.447196][ T1975] ? ioctl_preallocate+0x250/0x250 [ 1656.452289][ T1975] ? __fget+0x407/0x490 [ 1656.456431][ T1975] ? fget_many+0x20/0x20 [ 1656.460658][ T1975] ? debug_smp_processor_id+0x20/0x20 [ 1656.466015][ T1975] ? security_file_ioctl+0x7d/0xa0 [ 1656.471113][ T1975] __x64_sys_ioctl+0xd4/0x110 [ 1656.475772][ T1975] do_syscall_64+0xca/0x1c0 [ 1656.480260][ T1975] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:33 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Yt\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:33 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x401, 0x4, 0x40, 0xfffeffff}]}) accept$inet(r0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0xc, @broadcast, 0x4e21, 0x4, 'lc\x00', 0xd, 0x0, 0x14}, {@multicast2, 0x4e21, 0x1, 0x40, 0x1, 0xfff}}, 0x44) 13:54:33 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x04\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:33 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async, rerun: 32) read$FUSE(0xffffffffffffffff, &(0x7f00000000c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) (rerun: 32) getresuid(&(0x7f0000002100), &(0x7f0000002140), &(0x7f0000002180)=0x0) write$FUSE_CREATE_OPEN(r1, &(0x7f00000021c0)={0xa0, 0x0, r2, {{0x0, 0x2, 0x4, 0x101, 0x6, 0x1, {0x0, 0x1, 0xffffffffffffff01, 0x7000, 0xf9ef, 0x9, 0x80000001, 0x9, 0xcf, 0x4000, 0x8001, r4, r3, 0x10000, 0xd299}}, {0x0, 0x1d}}}, 0xa0) (async) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002280), 0x2, 0x0) (async) read$FUSE(r1, &(0x7f00000022c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_STATFS(r5, &(0x7f0000004300)={0x60, 0x0, r6, {{0xb176, 0x8, 0xffffffffffffffff, 0x7fffffff, 0x8000000000000001, 0x8, 0x0, 0x101}}}, 0x60) (async) ioctl$PPPIOCGMRU(0xffffffffffffffff, 0x80047453, &(0x7f0000000040)) write$FUSE_STATFS(r1, &(0x7f0000004380)={0x60, 0x0, r2, {{0x7ff, 0x5, 0x45c4, 0x8, 0x3, 0x8, 0x8001, 0xf40}}}, 0x60) 13:54:33 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Yz\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1656.519078][ T1988] Module has invalid ELF structures [ 1656.519768][ T1985] Module has invalid ELF structures [ 1656.537312][ T1995] Module has invalid ELF structures 13:54:33 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac\n\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1656.573767][ T1989] FAULT_INJECTION: forcing a failure. [ 1656.573767][ T1989] name failslab, interval 1, probability 0, space 0, times 0 [ 1656.578638][ T2000] Module has invalid ELF structures [ 1656.596160][ T1989] CPU: 0 PID: 1989 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1656.597065][ T2002] Module has invalid ELF structures [ 1656.605952][ T1989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1656.605956][ T1989] Call Trace: [ 1656.605972][ T1989] dump_stack+0x1d8/0x241 [ 1656.605980][ T1989] ? panic+0x73f/0x73f [ 1656.605989][ T1989] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1656.605997][ T1989] ? string+0x26a/0x2b0 [ 1656.606008][ T1989] should_fail+0x71f/0x880 [ 1656.606019][ T1989] ? setup_fault_attr+0x3d0/0x3d0 [ 1656.606029][ T1989] ? of_device_uevent+0xe5/0x2a0 [ 1656.606038][ T1989] ? __alloc_skb+0x7a/0x4d0 [ 1656.606052][ T1989] should_failslab+0x5/0x20 [ 1656.642254][ T2005] Module has invalid ELF structures [ 1656.642771][ T1989] kmem_cache_alloc+0x24/0x220 [ 1656.642787][ T1989] __alloc_skb+0x7a/0x4d0 [ 1656.680180][ T1989] ? mutex_lock+0xa5/0x110 [ 1656.684566][ T1989] alloc_uevent_skb+0x74/0x220 [ 1656.689341][ T1989] kobject_uevent_net_broadcast+0x2e3/0x560 [ 1656.695205][ T1989] ? kobject_get_path+0x168/0x190 [ 1656.700198][ T1989] kobject_uevent_env+0x536/0x6e0 [ 1656.705194][ T1989] device_add+0x797/0xbb0 [ 1656.709496][ T1989] device_create_vargs+0x1b9/0x210 [ 1656.714577][ T1989] device_create+0xea/0x130 [ 1656.719049][ T1989] ? device_create_vargs+0x210/0x210 [ 1656.724423][ T1989] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1656.730113][ T1989] bdi_register_va+0x84/0x600 [ 1656.734763][ T1989] bdi_register+0xd1/0x120 [ 1656.739148][ T1989] ? __device_add_disk+0x551/0x1220 [ 1656.744334][ T1989] ? bdi_register_va+0x600/0x600 [ 1656.749241][ T1989] ? percpu_ref_resurrect+0x113/0x190 [ 1656.754581][ T1989] bdi_register_owner+0x55/0xf0 [ 1656.759399][ T1989] __device_add_disk+0x5d1/0x1220 [ 1656.764391][ T1989] ? device_add_disk+0x30/0x30 [ 1656.769119][ T1989] ? vsprintf+0x30/0x30 [ 1656.773240][ T1989] ? __alloc_disk_node+0x459/0x5a0 [ 1656.778328][ T1989] loop_add+0x573/0x740 [ 1656.782452][ T1989] loop_control_ioctl+0x448/0x620 [ 1656.787441][ T1989] ? loop_remove+0xa0/0xa0 [ 1656.791825][ T1989] ? memset+0x1f/0x40 [ 1656.795781][ T1989] ? fsnotify+0x1280/0x1340 [ 1656.800251][ T1989] ? loop_remove+0xa0/0xa0 [ 1656.804635][ T1989] do_vfs_ioctl+0x742/0x1720 [ 1656.809194][ T1989] ? ioctl_preallocate+0x250/0x250 [ 1656.814275][ T1989] ? __fget+0x407/0x490 [ 1656.818406][ T1989] ? fget_many+0x20/0x20 13:54:33 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x8, 0x9, 0x7, 0x2}, {0x0, 0x8, 0x0, 0x20}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) getgid() (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x8, 0x9, 0x7, 0x2}, {0x0, 0x8, 0x0, 0x20}]}) (async) 13:54:33 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 68) 13:54:33 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x05\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:33 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac#\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:33 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x401, 0x4, 0x40, 0xfffeffff}]}) accept$inet(r0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0xc, @broadcast, 0x4e21, 0x4, 'lc\x00', 0xd, 0x0, 0x14}, {@multicast2, 0x4e21, 0x1, 0x40, 0x1, 0xfff}}, 0x44) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0) (async) socket$igmp(0x2, 0x3, 0x2) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x401, 0x4, 0x40, 0xfffeffff}]}) (async) accept$inet(r0, 0x0, 0x0) (async) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0xc, @broadcast, 0x4e21, 0x4, 'lc\x00', 0xd, 0x0, 0x14}, {@multicast2, 0x4e21, 0x1, 0x40, 0x1, 0xfff}}, 0x44) (async) 13:54:33 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async) read$FUSE(0xffffffffffffffff, &(0x7f00000000c0)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) getresuid(&(0x7f0000002100), &(0x7f0000002140), &(0x7f0000002180)=0x0) write$FUSE_CREATE_OPEN(r1, &(0x7f00000021c0)={0xa0, 0x0, r2, {{0x0, 0x2, 0x4, 0x101, 0x6, 0x1, {0x0, 0x1, 0xffffffffffffff01, 0x7000, 0xf9ef, 0x9, 0x80000001, 0x9, 0xcf, 0x4000, 0x8001, r4, r3, 0x10000, 0xd299}}, {0x0, 0x1d}}}, 0xa0) (async) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002280), 0x2, 0x0) read$FUSE(r1, &(0x7f00000022c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_STATFS(r5, &(0x7f0000004300)={0x60, 0x0, r6, {{0xb176, 0x8, 0xffffffffffffffff, 0x7fffffff, 0x8000000000000001, 0x8, 0x0, 0x101}}}, 0x60) (async) ioctl$PPPIOCGMRU(0xffffffffffffffff, 0x80047453, &(0x7f0000000040)) (async) write$FUSE_STATFS(r1, &(0x7f0000004380)={0x60, 0x0, r2, {{0x7ff, 0x5, 0x45c4, 0x8, 0x3, 0x8, 0x8001, 0xf40}}}, 0x60) [ 1656.822620][ T1989] ? debug_smp_processor_id+0x20/0x20 [ 1656.827960][ T1989] ? security_file_ioctl+0x7d/0xa0 [ 1656.833038][ T1989] __x64_sys_ioctl+0xd4/0x110 [ 1656.837728][ T1989] do_syscall_64+0xca/0x1c0 [ 1656.842237][ T1989] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:33 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac%\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:33 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x06\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:33 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async, rerun: 32) io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0) (rerun: 32) r0 = socket$igmp(0x2, 0x3, 0x2) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x401, 0x4, 0x40, 0xfffeffff}]}) accept$inet(r0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0xc, @broadcast, 0x4e21, 0x4, 'lc\x00', 0xd, 0x0, 0x14}, {@multicast2, 0x4e21, 0x1, 0x40, 0x1, 0xfff}}, 0x44) [ 1656.889292][ T2015] Module has invalid ELF structures [ 1656.894891][ T2018] Module has invalid ELF structures [ 1656.894969][ T2014] FAULT_INJECTION: forcing a failure. [ 1656.894969][ T2014] name failslab, interval 1, probability 0, space 0, times 0 [ 1656.920353][ T2030] Module has invalid ELF structures [ 1656.931818][ T2014] CPU: 1 PID: 2014 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1656.933090][ T2031] Module has invalid ELF structures [ 1656.941626][ T2014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1656.941630][ T2014] Call Trace: [ 1656.941645][ T2014] dump_stack+0x1d8/0x241 [ 1656.941654][ T2014] ? panic+0x73f/0x73f [ 1656.941661][ T2014] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1656.941674][ T2014] ? vsnprintf+0x1c70/0x1c70 [ 1656.978812][ T2014] ? do_vfs_ioctl+0x742/0x1720 [ 1656.983563][ T2014] should_fail+0x71f/0x880 [ 1656.987962][ T2014] ? string+0x26a/0x2b0 [ 1656.992109][ T2014] ? setup_fault_attr+0x3d0/0x3d0 [ 1656.997117][ T2014] ? skb_clone+0x1c0/0x360 [ 1657.001512][ T2014] should_failslab+0x5/0x20 [ 1657.005988][ T2014] kmem_cache_alloc+0x24/0x220 [ 1657.010721][ T2014] skb_clone+0x1c0/0x360 [ 1657.014937][ T2014] ? netlink_broadcast_filtered+0x679/0x1280 [ 1657.020888][ T2014] netlink_broadcast_filtered+0x687/0x1280 [ 1657.026670][ T2014] netlink_broadcast+0x35/0x50 [ 1657.031408][ T2014] kobject_uevent_net_broadcast+0x375/0x560 [ 1657.037286][ T2014] kobject_uevent_env+0x536/0x6e0 [ 1657.042290][ T2014] device_add+0x797/0xbb0 [ 1657.046596][ T2014] device_create_vargs+0x1b9/0x210 [ 1657.051680][ T2014] device_create+0xea/0x130 [ 1657.056154][ T2014] ? device_create_vargs+0x210/0x210 [ 1657.061413][ T2014] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1657.067106][ T2014] bdi_register_va+0x84/0x600 [ 1657.071751][ T2014] bdi_register+0xd1/0x120 [ 1657.076140][ T2014] ? __device_add_disk+0x551/0x1220 [ 1657.081317][ T2014] ? bdi_register_va+0x600/0x600 [ 1657.086227][ T2014] ? percpu_ref_resurrect+0x113/0x190 [ 1657.091568][ T2014] bdi_register_owner+0x55/0xf0 [ 1657.096388][ T2014] __device_add_disk+0x5d1/0x1220 [ 1657.101388][ T2014] ? device_add_disk+0x30/0x30 [ 1657.106121][ T2014] ? vsprintf+0x30/0x30 [ 1657.110249][ T2014] ? __alloc_disk_node+0x459/0x5a0 [ 1657.115331][ T2014] loop_add+0x573/0x740 [ 1657.119460][ T2014] loop_control_ioctl+0x448/0x620 [ 1657.124455][ T2014] ? loop_remove+0xa0/0xa0 [ 1657.128843][ T2014] ? memset+0x1f/0x40 [ 1657.132797][ T2014] ? fsnotify+0x1280/0x1340 [ 1657.137268][ T2014] ? loop_remove+0xa0/0xa0 [ 1657.141657][ T2014] do_vfs_ioctl+0x742/0x1720 [ 1657.146221][ T2014] ? ioctl_preallocate+0x250/0x250 [ 1657.151302][ T2014] ? __fget+0x407/0x490 [ 1657.155428][ T2014] ? fget_many+0x20/0x20 [ 1657.159642][ T2014] ? debug_smp_processor_id+0x20/0x20 [ 1657.164988][ T2014] ? security_file_ioctl+0x7d/0xa0 [ 1657.170068][ T2014] __x64_sys_ioctl+0xd4/0x110 [ 1657.174725][ T2014] do_syscall_64+0xca/0x1c0 [ 1657.179203][ T2014] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:34 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 69) 13:54:34 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac*\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:34 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\a\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1657.198385][ T22] audit: type=1326 audit(1676296474.009:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2033 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1657.217221][ T2044] Module has invalid ELF structures [ 1657.228392][ T2045] Module has invalid ELF structures [ 1657.255503][ T2043] FAULT_INJECTION: forcing a failure. [ 1657.255503][ T2043] name failslab, interval 1, probability 0, space 0, times 0 [ 1657.271961][ T2043] CPU: 1 PID: 2043 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1657.281753][ T2043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1657.291792][ T2043] Call Trace: [ 1657.295090][ T2043] dump_stack+0x1d8/0x241 [ 1657.299407][ T2043] ? panic+0x73f/0x73f [ 1657.303500][ T2043] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1657.309288][ T2043] ? vsnprintf+0x1c70/0x1c70 [ 1657.313863][ T2043] ? do_vfs_ioctl+0x742/0x1720 [ 1657.318612][ T2043] should_fail+0x71f/0x880 [ 1657.323027][ T2043] ? string+0x26a/0x2b0 [ 1657.327169][ T2043] ? setup_fault_attr+0x3d0/0x3d0 [ 1657.332176][ T2043] ? skb_clone+0x1c0/0x360 [ 1657.336574][ T2043] should_failslab+0x5/0x20 [ 1657.341059][ T2043] kmem_cache_alloc+0x24/0x220 [ 1657.345806][ T2043] skb_clone+0x1c0/0x360 [ 1657.350031][ T2043] ? netlink_broadcast_filtered+0x679/0x1280 [ 1657.355993][ T2043] netlink_broadcast_filtered+0x687/0x1280 [ 1657.361798][ T2043] netlink_broadcast+0x35/0x50 [ 1657.366581][ T2043] kobject_uevent_net_broadcast+0x375/0x560 [ 1657.372463][ T2043] kobject_uevent_env+0x536/0x6e0 [ 1657.377490][ T2043] device_add+0x797/0xbb0 [ 1657.381810][ T2043] device_create_vargs+0x1b9/0x210 [ 1657.386907][ T2043] device_create+0xea/0x130 [ 1657.391394][ T2043] ? device_create_vargs+0x210/0x210 [ 1657.396669][ T2043] ? __percpu_ref_switch_mode+0x36d/0x5b0 [ 1657.402372][ T2043] bdi_register_va+0x84/0x600 [ 1657.407033][ T2043] bdi_register+0xd1/0x120 [ 1657.411436][ T2043] ? __device_add_disk+0x551/0x1220 [ 1657.416617][ T2043] ? bdi_register_va+0x600/0x600 [ 1657.421542][ T2043] ? percpu_ref_resurrect+0x113/0x190 [ 1657.426961][ T2043] bdi_register_owner+0x55/0xf0 [ 1657.431812][ T2043] __device_add_disk+0x5d1/0x1220 [ 1657.436824][ T2043] ? device_add_disk+0x30/0x30 [ 1657.441571][ T2043] ? vsprintf+0x30/0x30 [ 1657.445711][ T2043] ? __alloc_disk_node+0x459/0x5a0 [ 1657.450807][ T2043] loop_add+0x573/0x740 [ 1657.454948][ T2043] loop_control_ioctl+0x448/0x620 [ 1657.459968][ T2043] ? loop_remove+0xa0/0xa0 [ 1657.464370][ T2043] ? memset+0x1f/0x40 [ 1657.468378][ T2043] ? fsnotify+0x1280/0x1340 [ 1657.472876][ T2043] ? loop_remove+0xa0/0xa0 [ 1657.477298][ T2043] do_vfs_ioctl+0x742/0x1720 [ 1657.481879][ T2043] ? ioctl_preallocate+0x250/0x250 [ 1657.486977][ T2043] ? __fget+0x407/0x490 [ 1657.491121][ T2043] ? fget_many+0x20/0x20 [ 1657.495352][ T2043] ? debug_smp_processor_id+0x20/0x20 [ 1657.500708][ T2043] ? security_file_ioctl+0x7d/0xa0 13:54:34 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) getgid() (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x8, 0x9, 0x7, 0x2}, {0x0, 0x8, 0x0, 0x20}]}) 13:54:34 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x15d, 0x15d, 0xa, [@var={0x7, 0x0, 0x0, 0xe, 0x4}, @enum={0x2, 0x4, 0x0, 0x6, 0x4, [{0x8, 0x1}, {0x10, 0x9}, {0x0, 0x9}, {0x7, 0x2}]}, @enum={0x6, 0x5, 0x0, 0x6, 0x4, [{0x0, 0x7}, {0x0, 0x7fff}, {0xc, 0x7ff}, {0xc, 0xfff}, {0xb, 0x3162}]}, @ptr={0xd, 0x0, 0x0, 0x2, 0x4}, @datasec={0xe, 0x3, 0x0, 0xf, 0x1, [{0x4, 0x7, 0xdfc}, {0x2, 0x8001, 0xffffffff}, {0x1, 0x10001}], 'q'}, @enum={0x1, 0x4, 0x0, 0x6, 0x4, [{0x7, 0xc43}, {0x6, 0x6}, {0x7, 0x2}, {0x2, 0x1}]}, @struct={0xc, 0x4, 0x0, 0x4, 0x1, 0x7, [{0x2, 0x5, 0xd74}, {0x3, 0x4, 0x7}, {0xf, 0x2, 0x3}, {0xc, 0x3, 0x5}]}, @struct={0x7, 0x4, 0x0, 0x4, 0x0, 0x5, [{0xb, 0x5, 0x80000000}, {0xf, 0x3, 0x758}, {0x3, 0x2, 0x2}, {0xb, 0x1, 0x80000000}]}, @ptr={0xd}]}, {0x0, [0x0, 0x30, 0x1e, 0x2e, 0x5f, 0x20, 0x61, 0x30]}}, &(0x7f00000001c0)=""/211, 0x182, 0xd3, 0x1}, 0x20) 13:54:34 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\b\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:34 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac+\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:34 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0xc2, 0x0) 13:54:34 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x15d, 0x15d, 0xa, [@var={0x7, 0x0, 0x0, 0xe, 0x4}, @enum={0x2, 0x4, 0x0, 0x6, 0x4, [{0x8, 0x1}, {0x10, 0x9}, {0x0, 0x9}, {0x7, 0x2}]}, @enum={0x6, 0x5, 0x0, 0x6, 0x4, [{0x0, 0x7}, {0x0, 0x7fff}, {0xc, 0x7ff}, {0xc, 0xfff}, {0xb, 0x3162}]}, @ptr={0xd, 0x0, 0x0, 0x2, 0x4}, @datasec={0xe, 0x3, 0x0, 0xf, 0x1, [{0x4, 0x7, 0xdfc}, {0x2, 0x8001, 0xffffffff}, {0x1, 0x10001}], 'q'}, @enum={0x1, 0x4, 0x0, 0x6, 0x4, [{0x7, 0xc43}, {0x6, 0x6}, {0x7, 0x2}, {0x2, 0x1}]}, @struct={0xc, 0x4, 0x0, 0x4, 0x1, 0x7, [{0x2, 0x5, 0xd74}, {0x3, 0x4, 0x7}, {0xf, 0x2, 0x3}, {0xc, 0x3, 0x5}]}, @struct={0x7, 0x4, 0x0, 0x4, 0x0, 0x5, [{0xb, 0x5, 0x80000000}, {0xf, 0x3, 0x758}, {0x3, 0x2, 0x2}, {0xb, 0x1, 0x80000000}]}, @ptr={0xd}]}, {0x0, [0x0, 0x30, 0x1e, 0x2e, 0x5f, 0x20, 0x61, 0x30]}}, &(0x7f00000001c0)=""/211, 0x182, 0xd3, 0x1}, 0x20) 13:54:34 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 70) 13:54:34 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\t\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1657.505812][ T2043] __x64_sys_ioctl+0xd4/0x110 [ 1657.510475][ T2043] do_syscall_64+0xca/0x1c0 [ 1657.514970][ T2043] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1657.537341][ T2050] Module has invalid ELF structures [ 1657.547075][ T2053] Module has invalid ELF structures 13:54:34 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac-\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:34 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x15d, 0x15d, 0xa, [@var={0x7, 0x0, 0x0, 0xe, 0x4}, @enum={0x2, 0x4, 0x0, 0x6, 0x4, [{0x8, 0x1}, {0x10, 0x9}, {0x0, 0x9}, {0x7, 0x2}]}, @enum={0x6, 0x5, 0x0, 0x6, 0x4, [{0x0, 0x7}, {0x0, 0x7fff}, {0xc, 0x7ff}, {0xc, 0xfff}, {0xb, 0x3162}]}, @ptr={0xd, 0x0, 0x0, 0x2, 0x4}, @datasec={0xe, 0x3, 0x0, 0xf, 0x1, [{0x4, 0x7, 0xdfc}, {0x2, 0x8001, 0xffffffff}, {0x1, 0x10001}], 'q'}, @enum={0x1, 0x4, 0x0, 0x6, 0x4, [{0x7, 0xc43}, {0x6, 0x6}, {0x7, 0x2}, {0x2, 0x1}]}, @struct={0xc, 0x4, 0x0, 0x4, 0x1, 0x7, [{0x2, 0x5, 0xd74}, {0x3, 0x4, 0x7}, {0xf, 0x2, 0x3}, {0xc, 0x3, 0x5}]}, @struct={0x7, 0x4, 0x0, 0x4, 0x0, 0x5, [{0xb, 0x5, 0x80000000}, {0xf, 0x3, 0x758}, {0x3, 0x2, 0x2}, {0xb, 0x1, 0x80000000}]}, @ptr={0xd}]}, {0x0, [0x0, 0x30, 0x1e, 0x2e, 0x5f, 0x20, 0x61, 0x30]}}, &(0x7f00000001c0)=""/211, 0x182, 0xd3, 0x1}, 0x20) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x15d, 0x15d, 0xa, [@var={0x7, 0x0, 0x0, 0xe, 0x4}, @enum={0x2, 0x4, 0x0, 0x6, 0x4, [{0x8, 0x1}, {0x10, 0x9}, {0x0, 0x9}, {0x7, 0x2}]}, @enum={0x6, 0x5, 0x0, 0x6, 0x4, [{0x0, 0x7}, {0x0, 0x7fff}, {0xc, 0x7ff}, {0xc, 0xfff}, {0xb, 0x3162}]}, @ptr={0xd, 0x0, 0x0, 0x2, 0x4}, @datasec={0xe, 0x3, 0x0, 0xf, 0x1, [{0x4, 0x7, 0xdfc}, {0x2, 0x8001, 0xffffffff}, {0x1, 0x10001}], 'q'}, @enum={0x1, 0x4, 0x0, 0x6, 0x4, [{0x7, 0xc43}, {0x6, 0x6}, {0x7, 0x2}, {0x2, 0x1}]}, @struct={0xc, 0x4, 0x0, 0x4, 0x1, 0x7, [{0x2, 0x5, 0xd74}, {0x3, 0x4, 0x7}, {0xf, 0x2, 0x3}, {0xc, 0x3, 0x5}]}, @struct={0x7, 0x4, 0x0, 0x4, 0x0, 0x5, [{0xb, 0x5, 0x80000000}, {0xf, 0x3, 0x758}, {0x3, 0x2, 0x2}, {0xb, 0x1, 0x80000000}]}, @ptr={0xd}]}, {0x0, [0x0, 0x30, 0x1e, 0x2e, 0x5f, 0x20, 0x61, 0x30]}}, &(0x7f00000001c0)=""/211, 0x182, 0xd3, 0x1}, 0x20) (async) 13:54:34 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\n\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:34 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0xc2, 0x0) [ 1657.600906][ T2059] Module has invalid ELF structures [ 1657.612108][ T2056] FAULT_INJECTION: forcing a failure. [ 1657.612108][ T2056] name failslab, interval 1, probability 0, space 0, times 0 [ 1657.630634][ T2066] Module has invalid ELF structures [ 1657.637673][ T2056] CPU: 1 PID: 2056 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1657.642883][ T2067] Module has invalid ELF structures [ 1657.647470][ T2056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1657.647474][ T2056] Call Trace: [ 1657.647490][ T2056] dump_stack+0x1d8/0x241 [ 1657.647498][ T2056] ? panic+0x73f/0x73f [ 1657.647507][ T2056] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1657.647522][ T2056] ? simple_lookup+0xba/0xf0 [ 1657.684694][ T2056] ? __lookup_slow+0x350/0x460 [ 1657.689446][ T2056] should_fail+0x71f/0x880 [ 1657.693855][ T2056] ? setup_fault_attr+0x3d0/0x3d0 [ 1657.698881][ T2056] ? lookup_one_len+0x180/0x2c0 [ 1657.703741][ T2056] ? new_inode_pseudo+0x78/0x210 [ 1657.708669][ T2056] should_failslab+0x5/0x20 [ 1657.713158][ T2056] kmem_cache_alloc+0x24/0x220 [ 1657.717912][ T2056] new_inode_pseudo+0x78/0x210 [ 1657.722717][ T2056] new_inode+0x25/0x1d0 [ 1657.726911][ T2056] ? start_creating+0x15d/0x250 [ 1657.731753][ T2056] debugfs_create_dir+0x66/0x380 [ 1657.736699][ T2056] bdi_register_va+0x22d/0x600 [ 1657.741437][ T2056] bdi_register+0xd1/0x120 [ 1657.745827][ T2056] ? __device_add_disk+0x551/0x1220 [ 1657.750998][ T2056] ? bdi_register_va+0x600/0x600 [ 1657.755912][ T2056] ? percpu_ref_resurrect+0x113/0x190 [ 1657.761257][ T2056] bdi_register_owner+0x55/0xf0 [ 1657.766078][ T2056] __device_add_disk+0x5d1/0x1220 [ 1657.771074][ T2056] ? device_add_disk+0x30/0x30 [ 1657.775831][ T2056] ? vsprintf+0x30/0x30 [ 1657.779960][ T2056] ? __alloc_disk_node+0x459/0x5a0 [ 1657.785044][ T2056] loop_add+0x573/0x740 [ 1657.789174][ T2056] loop_control_ioctl+0x448/0x620 [ 1657.794170][ T2056] ? loop_remove+0xa0/0xa0 [ 1657.798590][ T2056] ? memset+0x1f/0x40 [ 1657.802554][ T2056] ? fsnotify+0x1280/0x1340 [ 1657.807027][ T2056] ? loop_remove+0xa0/0xa0 [ 1657.811415][ T2056] do_vfs_ioctl+0x742/0x1720 [ 1657.815982][ T2056] ? ioctl_preallocate+0x250/0x250 [ 1657.821070][ T2056] ? __fget+0x407/0x490 [ 1657.825200][ T2056] ? fget_many+0x20/0x20 [ 1657.829414][ T2056] ? debug_smp_processor_id+0x20/0x20 [ 1657.834758][ T2056] ? security_file_ioctl+0x7d/0xa0 [ 1657.839843][ T2056] __x64_sys_ioctl+0xd4/0x110 [ 1657.844492][ T2056] do_syscall_64+0xca/0x1c0 [ 1657.848969][ T2056] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1657.860078][ T2056] debugfs: out of free dentries, can not create directory '7:0' [ 1657.876883][ T22] audit: type=1326 audit(1676296474.679:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2069 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f7d08d10fab code=0x80000 [ 1657.930773][ T22] audit: type=1326 audit(1676296474.679:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2069 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:35 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x8, 0x0, 0x44, 0xbc}, {0x5, 0x3, 0xb3, 0x80008}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x8, 0x4, 0x4f, 0x3}, {0x1f, 0x56, 0xa9, 0x7fff}, {0x2, 0x4, 0x0, 0x446}, {0x6, 0x40, 0x40, 0x1}]}) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) sched_getparam(r0, &(0x7f0000002140)) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:35 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\v\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 5: getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000000)={{{@in6=@private0, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in6=@private1}}, &(0x7f0000000100)=0xe8) write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000140)={0xa0, 0xfffffffffffffffe, 0x0, {{0x0, 0x0, 0x3, 0xfffffffffffffbff, 0x1, 0x3f, {0x6, 0x0, 0x8, 0x0, 0x8, 0xb, 0x0, 0xa077, 0x3ff, 0xa000, 0x4, r0, 0xee00, 0x10000, 0x1ff}}, {0x0, 0x12}}}, 0xa0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:35 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac.\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 71) 13:54:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0xc2, 0x0) 13:54:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) mmap$xdp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000000, 0x2010, 0xffffffffffffffff, 0x100000000) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) syz_io_uring_setup(0x4728, &(0x7f0000000040)={0x0, 0x5a48, 0x8, 0x0, 0x3d2, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) 13:54:35 executing program 5: getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000000)={{{@in6=@private0, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in6=@private1}}, &(0x7f0000000100)=0xe8) write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000140)={0xa0, 0xfffffffffffffffe, 0x0, {{0x0, 0x0, 0x3, 0xfffffffffffffbff, 0x1, 0x3f, {0x6, 0x0, 0x8, 0x0, 0x8, 0xb, 0x0, 0xa077, 0x3ff, 0xa000, 0x4, r0, 0xee00, 0x10000, 0x1ff}}, {0x0, 0x12}}}, 0xa0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) [ 1658.244978][ T2081] Module has invalid ELF structures [ 1658.252085][ T2082] Module has invalid ELF structures [ 1658.260679][ T2083] FAULT_INJECTION: forcing a failure. [ 1658.260679][ T2083] name failslab, interval 1, probability 0, space 0, times 0 [ 1658.295040][ T2083] CPU: 1 PID: 2083 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1658.304873][ T2083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1658.314912][ T2083] Call Trace: [ 1658.318193][ T2083] dump_stack+0x1d8/0x241 [ 1658.322507][ T2083] ? panic+0x73f/0x73f [ 1658.326569][ T2083] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1658.332358][ T2083] ? simple_lookup+0xba/0xf0 [ 1658.336934][ T2083] ? __lookup_slow+0x350/0x460 [ 1658.341682][ T2083] should_fail+0x71f/0x880 [ 1658.346099][ T2083] ? setup_fault_attr+0x3d0/0x3d0 [ 1658.351152][ T2083] ? lookup_one_len+0x180/0x2c0 [ 1658.355992][ T2083] ? new_inode_pseudo+0x78/0x210 [ 1658.360930][ T2083] should_failslab+0x5/0x20 [ 1658.365416][ T2083] kmem_cache_alloc+0x24/0x220 [ 1658.370170][ T2083] new_inode_pseudo+0x78/0x210 [ 1658.374922][ T2083] new_inode+0x25/0x1d0 [ 1658.379070][ T2083] ? start_creating+0x15d/0x250 [ 1658.383909][ T2083] debugfs_create_dir+0x66/0x380 [ 1658.388846][ T2083] bdi_register_va+0x22d/0x600 13:54:35 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x8, 0x0, 0x44, 0xbc}, {0x5, 0x3, 0xb3, 0x80008}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x8, 0x4, 0x4f, 0x3}, {0x1f, 0x56, 0xa9, 0x7fff}, {0x2, 0x4, 0x0, 0x446}, {0x6, 0x40, 0x40, 0x1}]}) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) sched_getparam(r0, &(0x7f0000002140)) socket$inet_udplite(0x2, 0x2, 0x88) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x8, 0x0, 0x44, 0xbc}, {0x5, 0x3, 0xb3, 0x80008}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x8, 0x4, 0x4f, 0x3}, {0x1f, 0x56, 0xa9, 0x7fff}, {0x2, 0x4, 0x0, 0x446}, {0x6, 0x40, 0x40, 0x1}]}) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020}, 0x2020) (async) sched_getparam(r0, &(0x7f0000002140)) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) [ 1658.393598][ T2083] bdi_register+0xd1/0x120 [ 1658.398007][ T2083] ? __device_add_disk+0x551/0x1220 [ 1658.403188][ T2083] ? bdi_register_va+0x600/0x600 [ 1658.408123][ T2083] ? percpu_ref_resurrect+0x113/0x190 [ 1658.413481][ T2083] bdi_register_owner+0x55/0xf0 [ 1658.418322][ T2083] __device_add_disk+0x5d1/0x1220 [ 1658.423342][ T2083] ? device_add_disk+0x30/0x30 [ 1658.428089][ T2083] ? vsprintf+0x30/0x30 [ 1658.432240][ T2083] ? __alloc_disk_node+0x459/0x5a0 [ 1658.437357][ T2083] loop_add+0x573/0x740 [ 1658.441500][ T2083] loop_control_ioctl+0x448/0x620 [ 1658.446519][ T2083] ? loop_remove+0xa0/0xa0 [ 1658.450922][ T2083] ? memset+0x1f/0x40 [ 1658.454888][ T2083] ? fsnotify+0x1280/0x1340 [ 1658.459378][ T2083] ? loop_remove+0xa0/0xa0 [ 1658.463785][ T2083] do_vfs_ioctl+0x742/0x1720 [ 1658.468367][ T2083] ? ioctl_preallocate+0x250/0x250 [ 1658.473463][ T2083] ? __fget+0x407/0x490 [ 1658.477605][ T2083] ? fget_many+0x20/0x20 [ 1658.481840][ T2083] ? debug_smp_processor_id+0x20/0x20 [ 1658.487198][ T2083] ? security_file_ioctl+0x7d/0xa0 13:54:35 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\f\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xac0\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 5: getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000000)={{{@in6=@private0, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in6=@private1}}, &(0x7f0000000100)=0xe8) write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000140)={0xa0, 0xfffffffffffffffe, 0x0, {{0x0, 0x0, 0x3, 0xfffffffffffffbff, 0x1, 0x3f, {0x6, 0x0, 0x8, 0x0, 0x8, 0xb, 0x0, 0xa077, 0x3ff, 0xa000, 0x4, r0, 0xee00, 0x10000, 0x1ff}}, {0x0, 0x12}}}, 0xa0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:35 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacL\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 72) 13:54:35 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x8, 0x0, 0x44, 0xbc}, {0x5, 0x3, 0xb3, 0x80008}]}) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x8, 0x4, 0x4f, 0x3}, {0x1f, 0x56, 0xa9, 0x7fff}, {0x2, 0x4, 0x0, 0x446}, {0x6, 0x40, 0x40, 0x1}]}) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) sched_getparam(r0, &(0x7f0000002140)) socket$inet_udplite(0x2, 0x2, 0x88) getgid() seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x8, 0x0, 0x44, 0xbc}, {0x5, 0x3, 0xb3, 0x80008}]}) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{0x8, 0x4, 0x4f, 0x3}, {0x1f, 0x56, 0xa9, 0x7fff}, {0x2, 0x4, 0x0, 0x446}, {0x6, 0x40, 0x40, 0x1}]}) (async) read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020}, 0x2020) (async) sched_getparam(r0, &(0x7f0000002140)) (async) socket$inet_udplite(0x2, 0x2, 0x88) (async) getgid() (async) 13:54:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000040)=""/213, &(0x7f0000000140)=0xd5) 13:54:35 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\r\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1658.492298][ T2083] __x64_sys_ioctl+0xd4/0x110 [ 1658.496993][ T2083] do_syscall_64+0xca/0x1c0 [ 1658.501493][ T2083] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1658.522521][ T2083] debugfs: out of free dentries, can not create directory '7:0' [ 1658.524800][ T2098] Module has invalid ELF structures [ 1658.530607][ T2103] Module has invalid ELF structures 13:54:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) (async) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000040)=""/213, &(0x7f0000000140)=0xd5) [ 1658.576066][ T2114] Module has invalid ELF structures [ 1658.586054][ T2123] Module has invalid ELF structures 13:54:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) mmap$xdp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000000, 0x2010, 0xffffffffffffffff, 0x100000000) (async) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) syz_io_uring_setup(0x4728, &(0x7f0000000040)={0x0, 0x5a48, 0x8, 0x0, 0x3d2, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (async) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) 13:54:35 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacX\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x8, 0x8, 0x9}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x0, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:35 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x0e\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000040)=""/213, &(0x7f0000000140)=0xd5) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) (async) getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, &(0x7f0000000040)=""/213, &(0x7f0000000140)=0xd5) (async) [ 1658.648810][ T2127] FAULT_INJECTION: forcing a failure. [ 1658.648810][ T2127] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1658.670418][ T2127] CPU: 1 PID: 2127 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1658.677658][ T2134] Module has invalid ELF structures [ 1658.680216][ T2127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1658.680220][ T2127] Call Trace: [ 1658.680236][ T2127] dump_stack+0x1d8/0x241 [ 1658.680255][ T2127] ? panic+0x73f/0x73f [ 1658.707076][ T2127] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1658.712876][ T2127] ? stack_trace_save+0x118/0x1c0 [ 1658.717896][ T2127] ? stack_trace_snprint+0x170/0x170 [ 1658.723173][ T2127] should_fail+0x71f/0x880 [ 1658.725053][ T2142] Module has invalid ELF structures [ 1658.727583][ T2127] ? setup_fault_attr+0x3d0/0x3d0 [ 1658.727591][ T2127] ? __kasan_kmalloc+0x199/0x1d0 [ 1658.727599][ T2127] ? remove_wait_queue+0x120/0x120 [ 1658.727612][ T2127] ? __kasan_kmalloc+0x130/0x1d0 [ 1658.752664][ T2127] __alloc_pages_nodemask+0x1b4/0x840 [ 1658.758014][ T2127] ? __device_add_disk+0x5d1/0x1220 [ 1658.763183][ T2127] ? loop_add+0x573/0x740 [ 1658.767481][ T2127] ? loop_control_ioctl+0x448/0x620 [ 1658.772651][ T2127] ? do_syscall_64+0xca/0x1c0 [ 1658.777310][ T2127] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 1658.782830][ T2127] ? lockref_get+0x1b5/0x2b0 [ 1658.787437][ T2127] __get_free_pages+0xa/0x30 [ 1658.791999][ T2127] selinux_genfs_get_sid+0x54/0x260 [ 1658.797172][ T2127] inode_doinit_with_dentry+0x892/0x1050 [ 1658.802780][ T2127] ? sb_finish_set_opts+0x770/0x770 [ 1658.807949][ T2127] ? current_time+0x1af/0x2f0 [ 1658.812600][ T2127] ? atime_needs_update+0x590/0x590 [ 1658.817777][ T2127] security_d_instantiate+0x97/0xf0 [ 1658.822948][ T2127] d_instantiate+0x51/0x90 [ 1658.827342][ T2127] debugfs_create_dir+0x1a2/0x380 [ 1658.832339][ T2127] bdi_register_va+0x22d/0x600 [ 1658.837075][ T2127] bdi_register+0xd1/0x120 [ 1658.841465][ T2127] ? __device_add_disk+0x551/0x1220 [ 1658.846632][ T2127] ? bdi_register_va+0x600/0x600 [ 1658.851542][ T2127] ? percpu_ref_resurrect+0x113/0x190 [ 1658.856894][ T2127] bdi_register_owner+0x55/0xf0 [ 1658.861718][ T2127] __device_add_disk+0x5d1/0x1220 [ 1658.866719][ T2127] ? device_add_disk+0x30/0x30 [ 1658.871467][ T2127] ? vsprintf+0x30/0x30 [ 1658.875597][ T2127] ? __alloc_disk_node+0x459/0x5a0 [ 1658.880678][ T2127] loop_add+0x573/0x740 [ 1658.884808][ T2127] loop_control_ioctl+0x448/0x620 [ 1658.889804][ T2127] ? loop_remove+0xa0/0xa0 [ 1658.894193][ T2127] ? memset+0x1f/0x40 [ 1658.898147][ T2127] ? fsnotify+0x1280/0x1340 [ 1658.902618][ T2127] ? loop_remove+0xa0/0xa0 [ 1658.907010][ T2127] do_vfs_ioctl+0x742/0x1720 [ 1658.911574][ T2127] ? ioctl_preallocate+0x250/0x250 [ 1658.916656][ T2127] ? __fget+0x407/0x490 [ 1658.920786][ T2127] ? fget_many+0x20/0x20 [ 1658.925000][ T2127] ? debug_smp_processor_id+0x20/0x20 [ 1658.930345][ T2127] ? security_file_ioctl+0x7d/0xa0 [ 1658.935439][ T2127] __x64_sys_ioctl+0xd4/0x110 [ 1658.940087][ T2127] do_syscall_64+0xca/0x1c0 13:54:35 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacd\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x10\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1658.944566][ T2127] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1658.966587][ T2147] Module has invalid ELF structures [ 1658.972154][ T22] audit: type=1326 audit(1676296475.779:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2128 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:35 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 73) 13:54:35 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xach\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) socket(0x18, 0x1, 0x7fff) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="040026bd7000fcdbdf2506000000084676e3991611b7cd28fcbe7f146cded0b79741d3c5c20c08dea67f5f4cbce4bd76972817df8343b61443eb35c33f3c621577138ce96c4ee38bfd6dd1bb6554a17018636d15846ba3b94d1352591a1246bf413346fc5b5eb55dd4ec2e8f42bfaa114c00000005009a36b4d85d1b9069d82bb29a2ec661bab52a9db90df0147c8b06e6663c94a79c8b2cefa8c43e842e9188b5a67b0219c0dbfa561b526a5cf5433918f8bc63a176783ccc9e69f0bef71c29399a9cf4b0e1f59bae55193015ff3a91f79832ff9472dbd5811768216643fd49fd7c588aea696e21d7a9a7d51bea0d5fe33c58dde30a9af3be982003bd033a39f3abcce5a77ec89dad522300"/282], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000000)={r0, 0xffffee1b, {0x0, 0x0, 0x0, 0x61, 0x11c0, 0x0, 0x0, 0x1c, 0x6, "fe07303d2327b7fa32ea8ef2638b6501347e6011aa128acd8f242f690b4431349eff095c0e2ad5f24f0f80ae9808a47fcb5b3213315f4fac3b5fab390e50a9dd", "ad9323dcbfbad3f41b5f1a6e74d55b2452b6f52fbd7996a79e3781078209fb57f97410a8c4d684d5cfea20d1a665e0ac5acf67de02be274ec2cc9f3809c2fd6b", "4a04ba94f92326ea93c4cffec5f53f535f9dcbf58b6a6a8df364229ef87d1433", [0xfffffffffffffffb, 0x7fffffff]}}) 13:54:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) mmap$xdp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000000, 0x2010, 0xffffffffffffffff, 0x100000000) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) syz_io_uring_setup(0x4728, &(0x7f0000000040)={0x0, 0x5a48, 0x8, 0x0, 0x3d2, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x1) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) mmap$xdp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000000, 0x2010, 0xffffffffffffffff, 0x100000000) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r1) (async) syz_io_uring_setup(0x4728, &(0x7f0000000040)={0x0, 0x5a48, 0x8, 0x0, 0x3d2, 0x0, r1}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) (async) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) (async) 13:54:35 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x8, 0x8, 0x9}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x0, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() [ 1659.012715][ T2149] Module has invalid ELF structures 13:54:35 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x11\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) socket(0x18, 0x1, 0x7fff) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0) r2 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="040026bd7000fcdbdf2506000000084676e3991611b7cd28fcbe7f146cded0b79741d3c5c20c08dea67f5f4cbce4bd76972817df8343b61443eb35c33f3c621577138ce96c4ee38bfd6dd1bb6554a17018636d15846ba3b94d1352591a1246bf413346fc5b5eb55dd4ec2e8f42bfaa114c00000005009a36b4d85d1b9069d82bb29a2ec661bab52a9db90df0147c8b06e6663c94a79c8b2cefa8c43e842e9188b5a67b0219c0dbfa561b526a5cf5433918f8bc63a176783ccc9e69f0bef71c29399a9cf4b0e1f59bae55193015ff3a91f79832ff9472dbd5811768216643fd49fd7c588aea696e21d7a9a7d51bea0d5fe33c58dde30a9af3be982003bd033a39f3abcce5a77ec89dad522300"/282], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000000)={r0, 0xffffee1b, {0x0, 0x0, 0x0, 0x61, 0x11c0, 0x0, 0x0, 0x1c, 0x6, "fe07303d2327b7fa32ea8ef2638b6501347e6011aa128acd8f242f690b4431349eff095c0e2ad5f24f0f80ae9808a47fcb5b3213315f4fac3b5fab390e50a9dd", "ad9323dcbfbad3f41b5f1a6e74d55b2452b6f52fbd7996a79e3781078209fb57f97410a8c4d684d5cfea20d1a665e0ac5acf67de02be274ec2cc9f3809c2fd6b", "4a04ba94f92326ea93c4cffec5f53f535f9dcbf58b6a6a8df364229ef87d1433", [0xfffffffffffffffb, 0x7fffffff]}}) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) socket(0x18, 0x1, 0x7fff) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) (async) io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0) (async) syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="040026bd7000fcdbdf2506000000084676e3991611b7cd28fcbe7f146cded0b79741d3c5c20c08dea67f5f4cbce4bd76972817df8343b61443eb35c33f3c621577138ce96c4ee38bfd6dd1bb6554a17018636d15846ba3b94d1352591a1246bf413346fc5b5eb55dd4ec2e8f42bfaa114c00000005009a36b4d85d1b9069d82bb29a2ec661bab52a9db90df0147c8b06e6663c94a79c8b2cefa8c43e842e9188b5a67b0219c0dbfa561b526a5cf5433918f8bc63a176783ccc9e69f0bef71c29399a9cf4b0e1f59bae55193015ff3a91f79832ff9472dbd5811768216643fd49fd7c588aea696e21d7a9a7d51bea0d5fe33c58dde30a9af3be982003bd033a39f3abcce5a77ec89dad522300"/282], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) (async) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000000)={r0, 0xffffee1b, {0x0, 0x0, 0x0, 0x61, 0x11c0, 0x0, 0x0, 0x1c, 0x6, "fe07303d2327b7fa32ea8ef2638b6501347e6011aa128acd8f242f690b4431349eff095c0e2ad5f24f0f80ae9808a47fcb5b3213315f4fac3b5fab390e50a9dd", "ad9323dcbfbad3f41b5f1a6e74d55b2452b6f52fbd7996a79e3781078209fb57f97410a8c4d684d5cfea20d1a665e0ac5acf67de02be274ec2cc9f3809c2fd6b", "4a04ba94f92326ea93c4cffec5f53f535f9dcbf58b6a6a8df364229ef87d1433", [0xfffffffffffffffb, 0x7fffffff]}}) (async) [ 1659.043975][ T22] audit: type=1326 audit(1676296475.849:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2153 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1659.080582][ T2155] Module has invalid ELF structures 13:54:35 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xaci\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x12\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:35 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x600880, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:35 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacl\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1659.107721][ T2162] Module has invalid ELF structures [ 1659.114143][ T2158] FAULT_INJECTION: forcing a failure. [ 1659.114143][ T2158] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1659.137323][ T2174] Module has invalid ELF structures [ 1659.151358][ T2158] CPU: 0 PID: 2158 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1659.161155][ T2158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1659.171195][ T2158] Call Trace: [ 1659.174482][ T2158] dump_stack+0x1d8/0x241 [ 1659.178801][ T2158] ? panic+0x73f/0x73f [ 1659.182868][ T2158] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1659.188661][ T2158] ? stack_trace_save+0x118/0x1c0 [ 1659.193675][ T2158] ? stack_trace_snprint+0x170/0x170 [ 1659.198944][ T2158] should_fail+0x71f/0x880 [ 1659.203349][ T2158] ? setup_fault_attr+0x3d0/0x3d0 [ 1659.208356][ T2158] ? __kasan_kmalloc+0x199/0x1d0 [ 1659.213279][ T2158] ? remove_wait_queue+0x120/0x120 [ 1659.218378][ T2158] ? __kasan_kmalloc+0x130/0x1d0 [ 1659.223300][ T2158] __alloc_pages_nodemask+0x1b4/0x840 [ 1659.228656][ T2158] ? __device_add_disk+0x5d1/0x1220 [ 1659.233836][ T2158] ? loop_add+0x573/0x740 [ 1659.238149][ T2158] ? loop_control_ioctl+0x448/0x620 [ 1659.243330][ T2158] ? do_syscall_64+0xca/0x1c0 [ 1659.247996][ T2158] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 1659.253525][ T2158] ? lockref_get+0x1b5/0x2b0 [ 1659.258103][ T2158] __get_free_pages+0xa/0x30 [ 1659.262681][ T2158] selinux_genfs_get_sid+0x54/0x260 [ 1659.267867][ T2158] inode_doinit_with_dentry+0x892/0x1050 [ 1659.273486][ T2158] ? sb_finish_set_opts+0x770/0x770 [ 1659.278670][ T2158] ? current_time+0x1af/0x2f0 [ 1659.283342][ T2158] ? atime_needs_update+0x590/0x590 [ 1659.288537][ T2158] security_d_instantiate+0x97/0xf0 [ 1659.293723][ T2158] d_instantiate+0x51/0x90 [ 1659.298127][ T2158] debugfs_create_dir+0x1a2/0x380 [ 1659.303145][ T2158] bdi_register_va+0x22d/0x600 [ 1659.307892][ T2158] bdi_register+0xd1/0x120 [ 1659.312297][ T2158] ? __device_add_disk+0x551/0x1220 [ 1659.317482][ T2158] ? bdi_register_va+0x600/0x600 [ 1659.322411][ T2158] ? percpu_ref_resurrect+0x113/0x190 [ 1659.327766][ T2158] bdi_register_owner+0x55/0xf0 [ 1659.332605][ T2158] __device_add_disk+0x5d1/0x1220 [ 1659.337623][ T2158] ? device_add_disk+0x30/0x30 [ 1659.342371][ T2158] ? vsprintf+0x30/0x30 [ 1659.346516][ T2158] ? __alloc_disk_node+0x459/0x5a0 [ 1659.351613][ T2158] loop_add+0x573/0x740 [ 1659.355768][ T2158] loop_control_ioctl+0x448/0x620 [ 1659.360821][ T2158] ? loop_remove+0xa0/0xa0 [ 1659.365226][ T2158] ? memset+0x1f/0x40 [ 1659.369196][ T2158] ? fsnotify+0x1280/0x1340 [ 1659.373688][ T2158] ? loop_remove+0xa0/0xa0 [ 1659.378089][ T2158] do_vfs_ioctl+0x742/0x1720 [ 1659.382673][ T2158] ? ioctl_preallocate+0x250/0x250 [ 1659.387771][ T2158] ? __fget+0x407/0x490 [ 1659.391920][ T2158] ? fget_many+0x20/0x20 [ 1659.396151][ T2158] ? debug_smp_processor_id+0x20/0x20 [ 1659.401510][ T2158] ? security_file_ioctl+0x7d/0xa0 13:54:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x600880, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) 13:54:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 74) 13:54:36 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async, rerun: 64) socket(0x18, 0x1, 0x7fff) (rerun: 64) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r0) io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0) (async) r2 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) (async) sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="040026bd7000fcdbdf2506000000084676e3991611b7cd28fcbe7f146cded0b79741d3c5c20c08dea67f5f4cbce4bd76972817df8343b61443eb35c33f3c621577138ce96c4ee38bfd6dd1bb6554a17018636d15846ba3b94d1352591a1246bf413346fc5b5eb55dd4ec2e8f42bfaa114c00000005009a36b4d85d1b9069d82bb29a2ec661bab52a9db90df0147c8b06e6663c94a79c8b2cefa8c43e842e9188b5a67b0219c0dbfa561b526a5cf5433918f8bc63a176783ccc9e69f0bef71c29399a9cf4b0e1f59bae55193015ff3a91f79832ff9472dbd5811768216643fd49fd7c588aea696e21d7a9a7d51bea0d5fe33c58dde30a9af3be982003bd033a39f3abcce5a77ec89dad522300"/282], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x40004) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000000)={r0, 0xffffee1b, {0x0, 0x0, 0x0, 0x61, 0x11c0, 0x0, 0x0, 0x1c, 0x6, "fe07303d2327b7fa32ea8ef2638b6501347e6011aa128acd8f242f690b4431349eff095c0e2ad5f24f0f80ae9808a47fcb5b3213315f4fac3b5fab390e50a9dd", "ad9323dcbfbad3f41b5f1a6e74d55b2452b6f52fbd7996a79e3781078209fb57f97410a8c4d684d5cfea20d1a665e0ac5acf67de02be274ec2cc9f3809c2fd6b", "4a04ba94f92326ea93c4cffec5f53f535f9dcbf58b6a6a8df364229ef87d1433", [0xfffffffffffffffb, 0x7fffffff]}}) 13:54:36 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce%\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x600880, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) [ 1659.406607][ T2158] __x64_sys_ioctl+0xd4/0x110 [ 1659.411273][ T2158] do_syscall_64+0xca/0x1c0 [ 1659.415768][ T2158] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1659.426687][ T2186] Module has invalid ELF structures [ 1659.435021][ T2188] Module has invalid ELF structures [ 1659.462958][ T2194] Module has invalid ELF structures [ 1659.470801][ T2193] FAULT_INJECTION: forcing a failure. [ 1659.470801][ T2193] name failslab, interval 1, probability 0, space 0, times 0 [ 1659.494253][ T2193] CPU: 0 PID: 2193 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1659.504043][ T2193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1659.514089][ T2193] Call Trace: [ 1659.517383][ T2193] dump_stack+0x1d8/0x241 [ 1659.521701][ T2193] ? panic+0x73f/0x73f [ 1659.525759][ T2193] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1659.531569][ T2193] ? simple_lookup+0xba/0xf0 [ 1659.536144][ T2193] ? __lookup_slow+0x350/0x460 [ 1659.540895][ T2193] should_fail+0x71f/0x880 [ 1659.545298][ T2193] ? setup_fault_attr+0x3d0/0x3d0 [ 1659.550305][ T2193] ? lookup_one_len+0x180/0x2c0 [ 1659.555143][ T2193] ? new_inode_pseudo+0x78/0x210 [ 1659.560064][ T2193] should_failslab+0x5/0x20 [ 1659.564551][ T2193] kmem_cache_alloc+0x24/0x220 [ 1659.569309][ T2193] new_inode_pseudo+0x78/0x210 [ 1659.574057][ T2193] new_inode+0x25/0x1d0 [ 1659.578194][ T2193] ? start_creating+0x15d/0x250 [ 1659.583027][ T2193] __debugfs_create_file+0xb6/0x400 [ 1659.588213][ T2193] ? debugfs_create_dir+0x2e7/0x380 [ 1659.593393][ T2193] bdi_register_va+0x26f/0x600 [ 1659.598141][ T2193] bdi_register+0xd1/0x120 [ 1659.602541][ T2193] ? __device_add_disk+0x551/0x1220 [ 1659.607728][ T2193] ? bdi_register_va+0x600/0x600 [ 1659.612655][ T2193] ? percpu_ref_resurrect+0x113/0x190 [ 1659.618011][ T2193] bdi_register_owner+0x55/0xf0 [ 1659.622850][ T2193] __device_add_disk+0x5d1/0x1220 [ 1659.627879][ T2193] ? device_add_disk+0x30/0x30 [ 1659.632625][ T2193] ? vsprintf+0x30/0x30 [ 1659.636771][ T2193] ? __alloc_disk_node+0x459/0x5a0 [ 1659.641888][ T2193] loop_add+0x573/0x740 [ 1659.646049][ T2193] loop_control_ioctl+0x448/0x620 [ 1659.651060][ T2193] ? loop_remove+0xa0/0xa0 [ 1659.655463][ T2193] ? memset+0x1f/0x40 [ 1659.659429][ T2193] ? fsnotify+0x1280/0x1340 [ 1659.663919][ T2193] ? loop_remove+0xa0/0xa0 [ 1659.668325][ T2193] do_vfs_ioctl+0x742/0x1720 [ 1659.672903][ T2193] ? ioctl_preallocate+0x250/0x250 [ 1659.677998][ T2193] ? __fget+0x407/0x490 [ 1659.682138][ T2193] ? fget_many+0x20/0x20 [ 1659.686363][ T2193] ? debug_smp_processor_id+0x20/0x20 [ 1659.691720][ T2193] ? security_file_ioctl+0x7d/0xa0 [ 1659.696819][ T2193] __x64_sys_ioctl+0xd4/0x110 [ 1659.701480][ T2193] do_syscall_64+0xca/0x1c0 [ 1659.705958][ T2193] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:36 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x8, 0x8, 0x9}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x0, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) getgid() 13:54:36 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xaco\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:36 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xceH\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:36 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) delete_module(&(0x7f0000000040)='){\x00', 0x200) 13:54:36 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) mmap$xdp(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x4010, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008944}, 0x8000) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) 13:54:36 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xceL\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:36 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacp\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1659.714587][ T2193] debugfs: out of free dentries, can not create file 'stats' [ 1659.741877][ T2203] Module has invalid ELF structures [ 1659.745928][ T2206] Module has invalid ELF structures 13:54:36 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 75) 13:54:36 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) mmap$xdp(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x4010, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008944}, 0x8000) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) mmap$xdp(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x4010, 0xffffffffffffffff, 0x0) (async) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) (async) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008944}, 0x8000) (async) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) (async) 13:54:36 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce`\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:36 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacs\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:36 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) mmap$xdp(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x4010, 0xffffffffffffffff, 0x0) (async) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000002600)={&(0x7f0000002540)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000025c0)={&(0x7f0000002580)={0x14}, 0x14}}, 0x0) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x2, 0x70bd2c, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008944}, 0x8000) (async) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0) [ 1659.767899][ T2209] Module has invalid ELF structures [ 1659.780958][ T2214] Module has invalid ELF structures [ 1659.792239][ T2216] Module has invalid ELF structures [ 1659.809085][ T2213] FAULT_INJECTION: forcing a failure. [ 1659.809085][ T2213] name failslab, interval 1, probability 0, space 0, times 0 [ 1659.820211][ T2224] Module has invalid ELF structures [ 1659.829772][ T2213] CPU: 1 PID: 2213 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1659.839564][ T2213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1659.849612][ T2213] Call Trace: [ 1659.852891][ T2213] dump_stack+0x1d8/0x241 [ 1659.857207][ T2213] ? panic+0x73f/0x73f [ 1659.861266][ T2213] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1659.867053][ T2213] ? stack_trace_save+0x1c0/0x1c0 [ 1659.872060][ T2213] ? arch_stack_walk+0x105/0x140 [ 1659.877001][ T2213] should_fail+0x71f/0x880 [ 1659.881403][ T2213] ? setup_fault_attr+0x3d0/0x3d0 [ 1659.886414][ T2213] ? stack_trace_snprint+0x170/0x170 [ 1659.891680][ T2213] ? __d_alloc+0x2a/0x6a0 [ 1659.895993][ T2213] should_failslab+0x5/0x20 [ 1659.900478][ T2213] kmem_cache_alloc+0x24/0x220 [ 1659.905223][ T2213] __d_alloc+0x2a/0x6a0 [ 1659.909367][ T2213] d_alloc_parallel+0xe7/0x1310 [ 1659.914203][ T2213] ? security_d_instantiate+0x97/0xf0 [ 1659.919557][ T2213] ? d_instantiate+0x51/0x90 [ 1659.924138][ T2213] ? debugfs_create_dir+0x1a2/0x380 [ 1659.929318][ T2213] ? bdi_register_va+0x22d/0x600 [ 1659.934236][ T2213] ? bdi_register+0xd1/0x120 [ 1659.938809][ T2213] ? bdi_register_owner+0x55/0xf0 [ 1659.943817][ T2213] ? avc_has_perm_noaudit+0x2f1/0x3d0 [ 1659.949194][ T2213] ? avc_denied+0x1d0/0x1d0 [ 1659.953681][ T2213] ? d_hash_and_lookup+0x1e0/0x1e0 [ 1659.958890][ T2213] ? selinux_inode_permission+0x380/0x6a0 [ 1659.964600][ T2213] ? selinux_inode_permission+0x454/0x6a0 [ 1659.970308][ T2213] __lookup_slow+0x156/0x460 [ 1659.974889][ T2213] ? lookup_one_len+0x2c0/0x2c0 [ 1659.979729][ T2213] lookup_one_len+0x180/0x2c0 [ 1659.984399][ T2213] ? lookup_one_len_common+0x450/0x450 [ 1659.989841][ T2213] ? up_write+0xa6/0x270 [ 1659.994068][ T2213] start_creating+0xec/0x250 [ 1659.998659][ T2213] __debugfs_create_file+0x74/0x400 [ 1660.003842][ T2213] ? debugfs_create_dir+0x2e7/0x380 [ 1660.009023][ T2213] bdi_register_va+0x26f/0x600 [ 1660.013778][ T2213] bdi_register+0xd1/0x120 [ 1660.018183][ T2213] ? __device_add_disk+0x551/0x1220 [ 1660.023367][ T2213] ? bdi_register_va+0x600/0x600 [ 1660.028292][ T2213] ? percpu_ref_resurrect+0x113/0x190 [ 1660.033651][ T2213] bdi_register_owner+0x55/0xf0 [ 1660.038488][ T2213] __device_add_disk+0x5d1/0x1220 [ 1660.043498][ T2213] ? device_add_disk+0x30/0x30 [ 1660.048246][ T2213] ? vsprintf+0x30/0x30 [ 1660.052387][ T2213] ? __alloc_disk_node+0x459/0x5a0 [ 1660.057488][ T2213] loop_add+0x573/0x740 [ 1660.061631][ T2213] loop_control_ioctl+0x448/0x620 [ 1660.066632][ T2213] ? loop_remove+0xa0/0xa0 [ 1660.071023][ T2213] ? memset+0x1f/0x40 [ 1660.074976][ T2213] ? fsnotify+0x1280/0x1340 [ 1660.079447][ T2213] ? loop_remove+0xa0/0xa0 [ 1660.083835][ T2213] do_vfs_ioctl+0x742/0x1720 [ 1660.088399][ T2213] ? ioctl_preallocate+0x250/0x250 [ 1660.093482][ T2213] ? __fget+0x407/0x490 [ 1660.097609][ T2213] ? fget_many+0x20/0x20 [ 1660.101822][ T2213] ? debug_smp_processor_id+0x20/0x20 [ 1660.107167][ T2213] ? security_file_ioctl+0x7d/0xa0 [ 1660.112257][ T2213] __x64_sys_ioctl+0xd4/0x110 [ 1660.116916][ T2213] do_syscall_64+0xca/0x1c0 [ 1660.121403][ T2213] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1660.139060][ T22] audit: type=1326 audit(1676296476.939:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2227 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:37 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getgid() setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f00000000c0)={{0x191, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x7ff, 0x0, 'lblcr\x00', 0x7, 0x3, 0x25}, {@rand_addr=0x64010100, 0x4e20, 0x1, 0x80, 0xc4, 0x5}}, 0x44) 13:54:37 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) delete_module(&(0x7f0000000040)='){\x00', 0x200) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) delete_module(&(0x7f0000000040)='){\x00', 0x200) (async) 13:54:37 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xceh\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:37 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xact\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:37 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) 13:54:37 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 76) 13:54:37 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) 13:54:37 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacu\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:37 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xcel\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1660.493636][ T2235] Module has invalid ELF structures [ 1660.496077][ T2238] Module has invalid ELF structures [ 1660.530590][ T2237] FAULT_INJECTION: forcing a failure. [ 1660.530590][ T2237] name fail_page_alloc, interval 1, probability 0, space 0, times 0 13:54:37 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x4, 0x0) 13:54:37 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xcet\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1660.540499][ T2246] Module has invalid ELF structures [ 1660.554608][ T2237] CPU: 1 PID: 2237 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1660.558482][ T2247] Module has invalid ELF structures [ 1660.564395][ T2237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1660.564398][ T2237] Call Trace: [ 1660.564415][ T2237] dump_stack+0x1d8/0x241 [ 1660.564428][ T2237] ? panic+0x73f/0x73f 13:54:37 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xcez\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1660.591273][ T2237] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1660.597067][ T2237] ? stack_trace_save+0x118/0x1c0 [ 1660.598629][ T2250] Module has invalid ELF structures [ 1660.602106][ T2237] ? stack_trace_snprint+0x170/0x170 [ 1660.602117][ T2237] should_fail+0x71f/0x880 [ 1660.602132][ T2237] ? setup_fault_attr+0x3d0/0x3d0 [ 1660.621942][ T2237] ? __kasan_kmalloc+0x199/0x1d0 [ 1660.626866][ T2237] ? remove_wait_queue+0x120/0x120 [ 1660.631965][ T2237] ? __kasan_kmalloc+0x130/0x1d0 [ 1660.635863][ T2253] Module has invalid ELF structures [ 1660.636888][ T2237] __alloc_pages_nodemask+0x1b4/0x840 [ 1660.636899][ T2237] ? __device_add_disk+0x5d1/0x1220 [ 1660.636913][ T2237] ? loop_add+0x573/0x740 [ 1660.656888][ T2237] ? loop_control_ioctl+0x448/0x620 [ 1660.662061][ T2237] ? do_syscall_64+0xca/0x1c0 [ 1660.666713][ T2237] ? gfp_pfmemalloc_allowed+0x120/0x120 [ 1660.672230][ T2237] ? lockref_get+0x1b5/0x2b0 [ 1660.676799][ T2237] __get_free_pages+0xa/0x30 [ 1660.681365][ T2237] selinux_genfs_get_sid+0x54/0x260 [ 1660.686549][ T2237] inode_doinit_with_dentry+0x892/0x1050 [ 1660.692162][ T2237] ? sb_finish_set_opts+0x770/0x770 [ 1660.697334][ T2237] ? current_time+0x1af/0x2f0 [ 1660.701984][ T2237] ? atime_needs_update+0x590/0x590 [ 1660.707157][ T2237] security_d_instantiate+0x97/0xf0 [ 1660.712328][ T2237] d_instantiate+0x51/0x90 [ 1660.716720][ T2237] __debugfs_create_file+0x257/0x400 [ 1660.721977][ T2237] bdi_register_va+0x26f/0x600 [ 1660.726720][ T2237] bdi_register+0xd1/0x120 [ 1660.731128][ T2237] ? __device_add_disk+0x551/0x1220 [ 1660.736297][ T2237] ? bdi_register_va+0x600/0x600 [ 1660.741207][ T2237] ? percpu_ref_resurrect+0x113/0x190 [ 1660.746553][ T2237] bdi_register_owner+0x55/0xf0 [ 1660.751431][ T2237] __device_add_disk+0x5d1/0x1220 [ 1660.756434][ T2237] ? device_add_disk+0x30/0x30 [ 1660.761171][ T2237] ? vsprintf+0x30/0x30 [ 1660.765302][ T2237] ? __alloc_disk_node+0x459/0x5a0 [ 1660.770389][ T2237] loop_add+0x573/0x740 [ 1660.774518][ T2237] loop_control_ioctl+0x448/0x620 [ 1660.779513][ T2237] ? loop_remove+0xa0/0xa0 [ 1660.783902][ T2237] ? memset+0x1f/0x40 [ 1660.787858][ T2237] ? fsnotify+0x1280/0x1340 [ 1660.792329][ T2237] ? loop_remove+0xa0/0xa0 [ 1660.796724][ T2237] do_vfs_ioctl+0x742/0x1720 [ 1660.801289][ T2237] ? ioctl_preallocate+0x250/0x250 [ 1660.806372][ T2237] ? __fget+0x407/0x490 [ 1660.810497][ T2237] ? fget_many+0x20/0x20 [ 1660.814716][ T2237] ? debug_smp_processor_id+0x20/0x20 [ 1660.820065][ T2237] ? security_file_ioctl+0x7d/0xa0 [ 1660.825148][ T2237] __x64_sys_ioctl+0xd4/0x110 [ 1660.829800][ T2237] do_syscall_64+0xca/0x1c0 [ 1660.834277][ T2237] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1660.856940][ T22] audit: type=1326 audit(1676296477.659:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2252 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:38 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getgid() (async) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f00000000c0)={{0x191, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x7ff, 0x0, 'lblcr\x00', 0x7, 0x3, 0x25}, {@rand_addr=0x64010100, 0x4e20, 0x1, 0x80, 0xc4, 0x5}}, 0x44) 13:54:38 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacx\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:38 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99\x02\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:38 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x8, 0x81, 0x4, 0x8}, {0x9, 0x2, 0x9, 0x5}, {0x1, 0x80, 0x16, 0x9}]}) 13:54:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 77) 13:54:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) delete_module(&(0x7f0000000040)='){\x00', 0x200) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) delete_module(&(0x7f0000000040)='){\x00', 0x200) (async) 13:54:38 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99\x03\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:38 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x8, 0x81, 0x4, 0x8}, {0x9, 0x2, 0x9, 0x5}, {0x1, 0x80, 0x16, 0x9}]}) [ 1661.251621][ T2263] Module has invalid ELF structures [ 1661.258231][ T2264] FAULT_INJECTION: forcing a failure. [ 1661.258231][ T2264] name failslab, interval 1, probability 0, space 0, times 0 [ 1661.280954][ T2269] Module has invalid ELF structures 13:54:38 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x8, 0x81, 0x4, 0x8}, {0x9, 0x2, 0x9, 0x5}, {0x1, 0x80, 0x16, 0x9}]}) 13:54:38 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x9, &(0x7f0000000000)=[{0x5, 0x3, 0x2, 0xfe}, {0x9, 0x80, 0x6, 0x80000001}, {0xa7, 0x1, 0x0, 0x33}, {0x1, 0x0, 0x7, 0x6}, {0x2, 0x6, 0xfe, 0x2}, {0x281, 0xcc, 0x0, 0x1ff}, {0x48, 0x8, 0xfe, 0x9}, {0x4, 0xff, 0x6, 0x4}, {0xffc0, 0xcb, 0x5, 0x6}]}) [ 1661.294827][ T2264] CPU: 1 PID: 2264 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1661.304623][ T2264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1661.314660][ T2264] Call Trace: [ 1661.317937][ T2264] dump_stack+0x1d8/0x241 [ 1661.322251][ T2264] ? panic+0x73f/0x73f [ 1661.326307][ T2264] ? do_vfs_ioctl+0x742/0x1720 [ 1661.331057][ T2264] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1661.336850][ T2264] should_fail+0x71f/0x880 [ 1661.341257][ T2264] ? setup_fault_attr+0x3d0/0x3d0 [ 1661.346270][ T2264] ? make_kgid+0x1f2/0x6f0 13:54:38 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x9, &(0x7f0000000000)=[{0x5, 0x3, 0x2, 0xfe}, {0x9, 0x80, 0x6, 0x80000001}, {0xa7, 0x1, 0x0, 0x33}, {0x1, 0x0, 0x7, 0x6}, {0x2, 0x6, 0xfe, 0x2}, {0x281, 0xcc, 0x0, 0x1ff}, {0x48, 0x8, 0xfe, 0x9}, {0x4, 0xff, 0x6, 0x4}, {0xffc0, 0xcb, 0x5, 0x6}]}) 13:54:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x8001, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) read$FUSE(r3, &(0x7f0000004500)={0x2020}, 0xfffffffffffffe96) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000002100), 0x40200, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r6, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r2) sendmsg$BATADV_CMD_GET_DAT_CACHE(r6, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="4fffffed", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250d000000080034000600000005003000010000000500380000000000080034000000000005002900000000000a000900aaaaaaaaaa3c000005002f0000000000"], 0x50}, 0x1, 0x0, 0x0, 0xd5}, 0x40) r7 = ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r7) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r7) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$cgroup_type(r2, &(0x7f00000020c0), 0x2, 0x0) r8 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) ioctl$LOOP_SET_STATUS64(r8, 0x4c04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x8000, 0x0, 0x12, 0x5, 0x10, "8906c4911851f15d6836d22014ed3d2ee5a33d1810fed23ca884de3c5c1348c8c480894ce5ad9c8fb33ac7529335a51048203b567b4bf88693c7d6225965b105", "c6216fd516c6265a7702510e26a2fe4a405fa4b6ce1c57a1438c9a9e59cebb065c190687f865f0a03d7cb413e0dbf3af5dbdb43e101304177f1824a71057d296", "b950c69df81fd0520611f96dcc7552108e09e1cc2af6ccf2f81370c9b2d68541", [0x9, 0x5]}) [ 1661.350677][ T2264] ? security_inode_alloc+0x24/0x110 [ 1661.355957][ T2264] should_failslab+0x5/0x20 [ 1661.360451][ T2264] kmem_cache_alloc+0x24/0x220 [ 1661.365209][ T2264] security_inode_alloc+0x24/0x110 [ 1661.370310][ T2264] inode_init_always+0x62a/0x870 [ 1661.375239][ T2264] new_inode_pseudo+0x8f/0x210 [ 1661.379997][ T2264] new_inode+0x25/0x1d0 [ 1661.384141][ T2264] ? start_creating+0x15d/0x250 [ 1661.388979][ T2264] __debugfs_create_file+0xb6/0x400 [ 1661.394166][ T2264] ? debugfs_create_dir+0x2e7/0x380 [ 1661.399358][ T2264] bdi_register_va+0x26f/0x600 [ 1661.404108][ T2264] bdi_register+0xd1/0x120 [ 1661.406203][ T2272] Module has invalid ELF structures [ 1661.408536][ T2264] ? __device_add_disk+0x551/0x1220 [ 1661.408545][ T2264] ? bdi_register_va+0x600/0x600 [ 1661.408556][ T2264] ? percpu_ref_resurrect+0x113/0x190 [ 1661.408571][ T2264] bdi_register_owner+0x55/0xf0 [ 1661.433990][ T2264] __device_add_disk+0x5d1/0x1220 [ 1661.439004][ T2264] ? device_add_disk+0x30/0x30 [ 1661.443753][ T2264] ? vsprintf+0x30/0x30 [ 1661.447894][ T2264] ? __alloc_disk_node+0x459/0x5a0 [ 1661.453010][ T2264] loop_add+0x573/0x740 [ 1661.457153][ T2264] loop_control_ioctl+0x448/0x620 [ 1661.462165][ T2264] ? loop_remove+0xa0/0xa0 [ 1661.466572][ T2264] ? memset+0x1f/0x40 [ 1661.470537][ T2264] ? fsnotify+0x1280/0x1340 [ 1661.475021][ T2264] ? loop_remove+0xa0/0xa0 [ 1661.479412][ T2264] do_vfs_ioctl+0x742/0x1720 [ 1661.483978][ T2264] ? ioctl_preallocate+0x250/0x250 [ 1661.489059][ T2264] ? __fget+0x407/0x490 [ 1661.493196][ T2264] ? fget_many+0x20/0x20 [ 1661.497413][ T2264] ? debug_smp_processor_id+0x20/0x20 [ 1661.502760][ T2264] ? security_file_ioctl+0x7d/0xa0 [ 1661.507847][ T2264] __x64_sys_ioctl+0xd4/0x110 [ 1661.512499][ T2264] do_syscall_64+0xca/0x1c0 [ 1661.516977][ T2264] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1661.529166][ T2264] debugfs: out of free dentries, can not create file 'stats' [ 1661.547289][ T22] audit: type=1326 audit(1676296478.349:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2283 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 13:54:38 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) (async) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getgid() setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f00000000c0)={{0x191, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x7ff, 0x0, 'lblcr\x00', 0x7, 0x3, 0x25}, {@rand_addr=0x64010100, 0x4e20, 0x1, 0x80, 0xc4, 0x5}}, 0x44) 13:54:38 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x2, &(0x7f0000000080)={0x9, &(0x7f0000000000)=[{0x5, 0x3, 0x2, 0xfe}, {0x9, 0x80, 0x6, 0x80000001}, {0xa7, 0x1, 0x0, 0x33}, {0x1, 0x0, 0x7, 0x6}, {0x2, 0x6, 0xfe, 0x2}, {0x281, 0xcc, 0x0, 0x1ff}, {0x48, 0x8, 0xfe, 0x9}, {0x4, 0xff, 0x6, 0x4}, {0xffc0, 0xcb, 0x5, 0x6}]}) 13:54:38 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99\x04\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:38 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacz\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:38 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 78) 13:54:38 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x8001, 0x0) (async) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) (async) openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0) (async) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) read$FUSE(r3, &(0x7f0000004500)={0x2020}, 0xfffffffffffffe96) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) (async) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000002100), 0x40200, 0x0) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r6, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r2) (async) sendmsg$BATADV_CMD_GET_DAT_CACHE(r6, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="4fffffed", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250d000000080034000600000005003000010000000500380000000000080034000000000005002900000000000a000900aaaaaaaaaa3c000005002f0000000000"], 0x50}, 0x1, 0x0, 0x0, 0xd5}, 0x40) r7 = ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r7) (async) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r7) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) openat$cgroup_type(r2, &(0x7f00000020c0), 0x2, 0x0) (async) r8 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_SET_STATUS64(r8, 0x4c04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x8000, 0x0, 0x12, 0x5, 0x10, "8906c4911851f15d6836d22014ed3d2ee5a33d1810fed23ca884de3c5c1348c8c480894ce5ad9c8fb33ac7529335a51048203b567b4bf88693c7d6225965b105", "c6216fd516c6265a7702510e26a2fe4a405fa4b6ce1c57a1438c9a9e59cebb065c190687f865f0a03d7cb413e0dbf3af5dbdb43e101304177f1824a71057d296", "b950c69df81fd0520611f96dcc7552108e09e1cc2af6ccf2f81370c9b2d68541", [0x9, 0x5]}) 13:54:38 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x2, 0x0) 13:54:38 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99\x05\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1661.901579][ T2295] Module has invalid ELF structures [ 1661.908383][ T2301] FAULT_INJECTION: forcing a failure. [ 1661.908383][ T2301] name failslab, interval 1, probability 0, space 0, times 0 [ 1661.911149][ T2302] Module has invalid ELF structures [ 1661.948434][ T2301] CPU: 0 PID: 2301 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1661.958230][ T2301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1661.968270][ T2301] Call Trace: [ 1661.971582][ T2301] dump_stack+0x1d8/0x241 [ 1661.975916][ T2301] ? panic+0x73f/0x73f [ 1661.979979][ T2301] ? check_preemption_disabled+0x9f/0x320 [ 1661.985684][ T2301] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1661.991477][ T2301] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 1661.996490][ T2301] ? debug_smp_processor_id+0x20/0x20 [ 1662.001849][ T2301] ? __debugfs_create_file+0x367/0x400 [ 1662.007290][ T2301] should_fail+0x71f/0x880 [ 1662.011689][ T2301] ? bdi_register_va+0x465/0x600 [ 1662.016619][ T2301] ? setup_fault_attr+0x3d0/0x3d0 [ 1662.021624][ T2301] ? bdi_register+0xd1/0x120 [ 1662.026198][ T2301] ? __device_add_disk+0x551/0x1220 [ 1662.031392][ T2301] ? kobj_map+0x65/0x5a0 [ 1662.035618][ T2301] should_failslab+0x5/0x20 [ 1662.040104][ T2301] __kmalloc+0x51/0x2b0 [ 1662.044243][ T2301] kobj_map+0x65/0x5a0 [ 1662.048296][ T2301] ? disk_check_events+0x600/0x600 [ 1662.053387][ T2301] ? exact_match+0x20/0x20 [ 1662.057789][ T2301] __device_add_disk+0x65a/0x1220 [ 1662.062797][ T2301] ? device_add_disk+0x30/0x30 [ 1662.067541][ T2301] ? vsprintf+0x30/0x30 [ 1662.071678][ T2301] ? __alloc_disk_node+0x459/0x5a0 [ 1662.076772][ T2301] loop_add+0x573/0x740 [ 1662.080917][ T2301] loop_control_ioctl+0x448/0x620 [ 1662.085928][ T2301] ? loop_remove+0xa0/0xa0 [ 1662.090331][ T2301] ? memset+0x1f/0x40 [ 1662.094300][ T2301] ? fsnotify+0x1280/0x1340 13:54:38 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3\n\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:38 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x2, 0x0) [ 1662.098787][ T2301] ? loop_remove+0xa0/0xa0 [ 1662.103188][ T2301] do_vfs_ioctl+0x742/0x1720 [ 1662.107763][ T2301] ? ioctl_preallocate+0x250/0x250 [ 1662.112855][ T2301] ? __fget+0x407/0x490 [ 1662.116995][ T2301] ? fget_many+0x20/0x20 [ 1662.121223][ T2301] ? debug_smp_processor_id+0x20/0x20 [ 1662.126581][ T2301] ? security_file_ioctl+0x7d/0xa0 [ 1662.131681][ T2301] __x64_sys_ioctl+0xd4/0x110 [ 1662.136343][ T2301] do_syscall_64+0xca/0x1c0 [ 1662.140831][ T2301] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 13:54:38 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3%\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:39 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) (fail_nth: 79) [ 1662.160217][ T2310] Module has invalid ELF structures [ 1662.161002][ T2307] Module has invalid ELF structures [ 1662.196178][ T2314] Module has invalid ELF structures [ 1662.223723][ T2315] FAULT_INJECTION: forcing a failure. [ 1662.223723][ T2315] name failslab, interval 1, probability 0, space 0, times 0 [ 1662.239367][ T2315] CPU: 1 PID: 2315 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1662.249161][ T2315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1662.259198][ T2315] Call Trace: [ 1662.262479][ T2315] dump_stack+0x1d8/0x241 [ 1662.266792][ T2315] ? panic+0x73f/0x73f [ 1662.270845][ T2315] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 1662.276642][ T2315] should_fail+0x71f/0x880 [ 1662.281050][ T2315] ? kobject_set_name_vargs+0xca/0x110 [ 1662.286499][ T2315] ? setup_fault_attr+0x3d0/0x3d0 [ 1662.291640][ T2315] ? dev_set_name+0xd1/0x120 [ 1662.296218][ T2315] ? device_add+0xb6/0xbb0 [ 1662.300620][ T2315] should_failslab+0x5/0x20 [ 1662.305113][ T2315] kmem_cache_alloc_trace+0x28/0x240 [ 1662.310389][ T2315] device_add+0xb6/0xbb0 [ 1662.314625][ T2315] __device_add_disk+0x767/0x1220 [ 1662.319640][ T2315] ? device_add_disk+0x30/0x30 [ 1662.324397][ T2315] ? __alloc_disk_node+0x459/0x5a0 [ 1662.329495][ T2315] loop_add+0x573/0x740 [ 1662.333639][ T2315] loop_control_ioctl+0x448/0x620 [ 1662.338646][ T2315] ? loop_remove+0xa0/0xa0 [ 1662.343047][ T2315] ? memset+0x1f/0x40 [ 1662.347036][ T2315] ? fsnotify+0x1280/0x1340 [ 1662.351568][ T2315] ? loop_remove+0xa0/0xa0 [ 1662.355973][ T2315] do_vfs_ioctl+0x742/0x1720 [ 1662.360552][ T2315] ? ioctl_preallocate+0x250/0x250 [ 1662.365651][ T2315] ? __fget+0x407/0x490 [ 1662.369790][ T2315] ? fget_many+0x20/0x20 [ 1662.374016][ T2315] ? debug_smp_processor_id+0x20/0x20 [ 1662.379370][ T2315] ? security_file_ioctl+0x7d/0xa0 [ 1662.384466][ T2315] __x64_sys_ioctl+0xd4/0x110 [ 1662.389128][ T2315] do_syscall_64+0xca/0x1c0 [ 1662.393625][ T2315] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1662.403088][ T22] audit: type=1326 audit(1676296479.209:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2316 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1662.403116][ T2315] kobject_add_internal failed for queue (error: -2 parent: loop0) [ 1662.455901][ T2315] ------------[ cut here ]------------ [ 1662.461371][ T2315] WARNING: CPU: 0 PID: 2315 at fs/sysfs/file.c:328 sysfs_create_files+0x325/0x470 [ 1662.470538][ T2315] Modules linked in: [ 1662.474430][ T2315] CPU: 0 PID: 2315 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1662.484207][ T2315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1662.494257][ T2315] RIP: 0010:sysfs_create_files+0x325/0x470 [ 1662.500046][ T2315] Code: c1 03 38 c1 0f 8c b7 fe ff ff 48 8d 7c 24 70 e8 e1 59 da ff e9 a8 fe ff ff e8 a7 d8 ac ff 31 db e9 ef 00 00 00 e8 9b d8 ac ff <0f> 0b bb ea ff ff ff 4c 8b 74 24 08 eb 17 85 db 0f 84 cf 00 00 00 [ 1662.519630][ T2315] RSP: 0018:ffff8881e4e37940 EFLAGS: 00010246 [ 1662.525679][ T2315] RAX: ffffffff81b65f18 RBX: ffff8881d0df40a0 RCX: 0000000000040000 [ 1662.533634][ T2315] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1662.541588][ T2315] RBP: ffff8881e4e37a10 R08: ffffffff843008c0 R09: ffffed103de74cf0 [ 1662.549541][ T2315] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 1662.557493][ T2315] R13: ffffffff84d90160 R14: dffffc0000000000 R15: ffff8881d0df4070 [ 1662.565449][ T2315] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1662.574359][ T2315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1662.580926][ T2315] CR2: 00007f7d08e7b0c0 CR3: 00000001e06e0000 CR4: 00000000003406f0 [ 1662.588885][ T2315] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1662.596849][ T2315] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1662.604797][ T2315] Call Trace: [ 1662.608075][ T2315] ? sysfs_create_file_ns+0x2a0/0x2a0 [ 1662.613440][ T2315] ? kobject_get+0xc9/0x110 [ 1662.617931][ T2315] __device_add_disk+0x949/0x1220 [ 1662.622981][ T2315] ? device_add_disk+0x30/0x30 [ 1662.627732][ T2315] ? __alloc_disk_node+0x459/0x5a0 [ 1662.632825][ T2315] loop_add+0x573/0x740 [ 1662.636967][ T2315] loop_control_ioctl+0x448/0x620 [ 1662.641973][ T2315] ? loop_remove+0xa0/0xa0 [ 1662.646375][ T2315] ? memset+0x1f/0x40 [ 1662.650343][ T2315] ? fsnotify+0x1280/0x1340 [ 1662.654830][ T2315] ? loop_remove+0xa0/0xa0 [ 1662.659231][ T2315] do_vfs_ioctl+0x742/0x1720 [ 1662.663809][ T2315] ? ioctl_preallocate+0x250/0x250 [ 1662.668907][ T2315] ? __fget+0x407/0x490 13:54:39 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) r0 = getgid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f00000000c0)={0x90, 0x0, 0x0, {0x5, 0x2, 0x0, 0x1, 0x9, 0x0, {0x1, 0x8, 0x7, 0xffff, 0x500e, 0xffffffffffffff81, 0x80, 0x81, 0x4, 0x0, 0x2, 0xffffffffffffffff, r0, 0xd9b, 0x20}}}, 0x90) 13:54:39 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x2, 0x0) 13:54:39 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99\x06\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:39 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xda\n\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:39 executing program 1: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x8001, 0x0) (async) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000001600), 0x301080, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000002480), r2) openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0) (async) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) read$FUSE(r3, &(0x7f0000004500)={0x2020}, 0xfffffffffffffe96) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x1) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000002100), 0x40200, 0x0) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r6, &(0x7f0000000d40)={0x0, 0x0, 0x0}, 0x0) (async) syz_genetlink_get_family_id$batadv(&(0x7f0000000240), r2) sendmsg$BATADV_CMD_GET_DAT_CACHE(r6, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="4fffffed", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250d000000080034000600000005003000010000000500380000000000080034000000000005002900000000000a000900aaaaaaaaaa3c000005002f0000000000"], 0x50}, 0x1, 0x0, 0x0, 0xd5}, 0x40) (async) r7 = ioctl$LOOP_CTL_ADD(r4, 0x4c80, 0x1) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r7) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r7) (async) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) openat$cgroup_type(r2, &(0x7f00000020c0), 0x2, 0x0) (async) r8 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f0000000040)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "2bf8b08f7233215d017dc6aff4aba41edf228ea7a98488924c5bc0da3116a3954a25054f893ac382a2379c8037388a28e45d99f86f12f1f007d6de48f9625b66", "994714f45ff0ce9339e64185957f4b13d941c68b73843ff7292c6d3386e90dfc536c361b658dc4e90ae89868a2d37745143642db9873d8d59061eedc535c6a02", "9dd7e8b68b71e5f1d9d1073b5aafe19b29e8b550f2f6958359ae0f6f2ca9ef4f"}}) (async) ioctl$LOOP_SET_STATUS64(r8, 0x4c04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x8000, 0x0, 0x12, 0x5, 0x10, "8906c4911851f15d6836d22014ed3d2ee5a33d1810fed23ca884de3c5c1348c8c480894ce5ad9c8fb33ac7529335a51048203b567b4bf88693c7d6225965b105", "c6216fd516c6265a7702510e26a2fe4a405fa4b6ce1c57a1438c9a9e59cebb065c190687f865f0a03d7cb413e0dbf3af5dbdb43e101304177f1824a71057d296", "b950c69df81fd0520611f96dcc7552108e09e1cc2af6ccf2f81370c9b2d68541", [0x9, 0x5]}) [ 1662.673049][ T2315] ? fget_many+0x20/0x20 [ 1662.677279][ T2315] ? debug_smp_processor_id+0x20/0x20 [ 1662.682637][ T2315] ? security_file_ioctl+0x7d/0xa0 [ 1662.687732][ T2315] __x64_sys_ioctl+0xd4/0x110 [ 1662.692398][ T2315] do_syscall_64+0xca/0x1c0 [ 1662.696888][ T2315] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1662.702767][ T2315] ---[ end trace bc12ee340783dbef ]--- 13:54:39 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99\a\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:39 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) 13:54:39 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99\b\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:39 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xda%\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:39 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) [ 1662.731066][ T2323] Module has invalid ELF structures [ 1662.746162][ T2325] Module has invalid ELF structures [ 1662.765868][ T2329] Module has invalid ELF structures 13:54:39 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) (async) [ 1662.805318][ T2334] Module has invalid ELF structures [ 1662.813944][ T2335] Module has invalid ELF structures [ 1662.884921][ T22] audit: type=1326 audit(1676296479.689:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2342 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1663.043567][ T2315] ------------[ cut here ]------------ [ 1663.054494][ T2315] kernfs: can not remove 'events', no directory [ 1663.067373][ T2315] WARNING: CPU: 0 PID: 2315 at fs/kernfs/dir.c:1511 kernfs_remove_by_name_ns+0xb1/0x100 [ 1663.077072][ T2315] Modules linked in: [ 1663.080960][ T2315] CPU: 0 PID: 2315 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1663.090735][ T2315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1663.100786][ T2315] RIP: 0010:kernfs_remove_by_name_ns+0xb1/0x100 [ 1663.107008][ T2315] Code: ff 03 48 89 df e8 ff ef ff ff 48 89 df e8 67 ae ff ff 31 db eb 27 e8 3e 36 ad ff 48 c7 c7 00 28 c5 84 4c 89 fe e8 4f 18 85 ff <0f> 0b bb fe ff ff ff eb 16 e8 21 36 ad ff bb fe ff ff ff 48 c7 c7 [ 1663.126595][ T2315] RSP: 0018:ffff8881e4e37918 EFLAGS: 00010246 [ 1663.132649][ T2315] RAX: 42f70b2a2c15ca00 RBX: 0000000000000000 RCX: 0000000000040000 [ 1663.140606][ T2315] RDX: ffffc90002757000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1663.148564][ T2315] RBP: ffff8881e4e37a10 R08: ffffffff814ca206 R09: ffffed103edcaa08 [ 1663.156531][ T2315] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000 [ 1663.164486][ T2315] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff84d90220 [ 1663.172456][ T2315] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1663.181427][ T2315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1663.187998][ T2315] CR2: 0000001b2f121000 CR3: 00000001e06e0000 CR4: 00000000003406f0 [ 1663.195975][ T2315] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1663.203953][ T2315] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1663.211905][ T2315] Call Trace: [ 1663.215186][ T2315] sysfs_create_files+0x3de/0x470 [ 1663.220202][ T2315] ? sysfs_create_file_ns+0x2a0/0x2a0 [ 1663.225566][ T2315] ? kobject_get+0xc9/0x110 [ 1663.230057][ T2315] __device_add_disk+0x949/0x1220 [ 1663.235078][ T2315] ? device_add_disk+0x30/0x30 [ 1663.239830][ T2315] ? __alloc_disk_node+0x459/0x5a0 [ 1663.244925][ T2315] loop_add+0x573/0x740 [ 1663.249066][ T2315] loop_control_ioctl+0x448/0x620 [ 1663.254076][ T2315] ? loop_remove+0xa0/0xa0 [ 1663.258485][ T2315] ? memset+0x1f/0x40 [ 1663.262459][ T2315] ? fsnotify+0x1280/0x1340 [ 1663.266988][ T2315] ? loop_remove+0xa0/0xa0 [ 1663.271403][ T2315] do_vfs_ioctl+0x742/0x1720 [ 1663.275981][ T2315] ? ioctl_preallocate+0x250/0x250 [ 1663.281077][ T2315] ? __fget+0x407/0x490 [ 1663.285215][ T2315] ? fget_many+0x20/0x20 [ 1663.289445][ T2315] ? debug_smp_processor_id+0x20/0x20 [ 1663.294836][ T2315] ? security_file_ioctl+0x7d/0xa0 [ 1663.299942][ T2315] __x64_sys_ioctl+0xd4/0x110 [ 1663.304608][ T2315] do_syscall_64+0xca/0x1c0 [ 1663.309102][ T2315] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1663.314979][ T2315] ---[ end trace bc12ee340783dbf0 ]--- 13:54:40 executing program 4: r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c80, 0x0) 13:54:40 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99\t\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:40 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf7\n\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:40 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0xe7, 0x3f, 0xef, 0x9}, {0x9, 0x7, 0x0, 0x82c5}, {0x4, 0x40, 0xfb, 0x3}, {0x1000, 0x1, 0x0, 0x7}, {0x1, 0x9b, 0x40, 0x200}, {0x9, 0x8, 0x0, 0x4}]}) 13:54:40 executing program 0: seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x81, 0x4, 0x8, 0x29}, {0x7, 0x0, 0x4, 0xbc}, {0x6, 0x3, 0x4, 0x80008}]}) socket$inet_udplite(0x2, 0x2, 0x88) (async) r0 = getgid() write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f00000000c0)={0x90, 0x0, 0x0, {0x5, 0x2, 0x0, 0x1, 0x9, 0x0, {0x1, 0x8, 0x7, 0xffff, 0x500e, 0xffffffffffffff81, 0x80, 0x81, 0x4, 0x0, 0x2, 0xffffffffffffffff, r0, 0xd9b, 0x20}}}, 0x90) [ 1663.535737][ T2315] loop0: failed to create sysfs files for events [ 1663.560719][ T2350] Module has invalid ELF structures [ 1663.565107][ T2352] Module has invalid ELF structures 13:54:40 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0xe7, 0x3f, 0xef, 0x9}, {0x9, 0x7, 0x0, 0x82c5}, {0x4, 0x40, 0xfb, 0x3}, {0x1000, 0x1, 0x0, 0x7}, {0x1, 0x9b, 0x40, 0x200}, {0x9, 0x8, 0x0, 0x4}]}) 13:54:40 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4\n\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:40 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf7#\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1663.588125][ T2351] ------------[ cut here ]------------ [ 1663.593584][ T2351] kernfs: can not remove 'events', no directory [ 1663.622974][ T2357] Module has invalid ELF structures [ 1663.623811][ T2351] WARNING: CPU: 0 PID: 2351 at fs/kernfs/dir.c:1511 kernfs_remove_by_name_ns+0xb1/0x100 [ 1663.630609][ T2358] Module has invalid ELF structures [ 1663.637858][ T2351] Modules linked in: [ 1663.637878][ T2351] CPU: 0 PID: 2351 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1663.637883][ T2351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1663.637904][ T2351] RIP: 0010:kernfs_remove_by_name_ns+0xb1/0x100 [ 1663.672946][ T2351] Code: ff 03 48 89 df e8 ff ef ff ff 48 89 df e8 67 ae ff ff 31 db eb 27 e8 3e 36 ad ff 48 c7 c7 00 28 c5 84 4c 89 fe e8 4f 18 85 ff <0f> 0b bb fe ff ff ff eb 16 e8 21 36 ad ff bb fe ff ff ff 48 c7 c7 [ 1663.692527][ T2351] RSP: 0018:ffff8881e2bd7a38 EFLAGS: 00010246 [ 1663.698564][ T2351] RAX: a19f2b27e9715300 RBX: 0000000000000000 RCX: ffff8881ed77bf00 [ 1663.706507][ T2351] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000 [ 1663.714449][ T2351] RBP: ffffffff85c45760 R08: ffffffff814ca206 R09: 0000000000006661 [ 1663.722432][ T2351] R10: 0000000000200000 R11: dffffc0000000001 R12: 0000000000000000 [ 1663.730375][ T2351] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff84d90220 [ 1663.738323][ T2351] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1663.747222][ T2351] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1663.753774][ T2351] CR2: 00007fc704b57988 CR3: 00000001e347a000 CR4: 00000000003406f0 [ 1663.761718][ T2351] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1663.769661][ T2351] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1663.777603][ T2351] Call Trace: [ 1663.780870][ T2351] sysfs_remove_files+0x91/0xe0 [ 1663.785691][ T2351] del_gendisk+0x26f/0xbf0 [ 1663.790078][ T2351] ? avc_flush+0x1f0/0x1f0 [ 1663.794467][ T2351] ? device_add_disk_no_queue_reg+0x20/0x20 [ 1663.800333][ T2351] loop_remove+0x42/0xa0 [ 1663.804548][ T2351] loop_control_ioctl+0x564/0x620 [ 1663.809540][ T2351] ? loop_remove+0xa0/0xa0 [ 1663.813928][ T2351] ? loop_remove+0xa0/0xa0 [ 1663.818314][ T2351] do_vfs_ioctl+0x742/0x1720 [ 1663.822876][ T2351] ? ioctl_preallocate+0x250/0x250 [ 1663.827960][ T2351] ? __fget+0x407/0x490 [ 1663.832086][ T2351] ? fget_many+0x20/0x20 13:54:40 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x1, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f0000000040)={0x6, &(0x7f0000000000)=[{0xe7, 0x3f, 0xef, 0x9}, {0x9, 0x7, 0x0, 0x82c5}, {0x4, 0x40, 0xfb, 0x3}, {0x1000, 0x1, 0x0, 0x7}, {0x1, 0x9b, 0x40, 0x200}, {0x9, 0x8, 0x0, 0x4}]}) 13:54:40 executing program 2: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf75\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4%\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) 13:54:40 executing program 3: init_module(&(0x7f0000000040)='R\xf8\xad\x18\x00\x00Y\x00\xacc\xaf\x85/x>}\xd3M\xab\xa0\xee\x93\xdav\x94\xca\xf7+\xe6\xaa\xe8\x8f\xe3\x04\xf4\xf1A\vv\xce\x00\x84A{\x1e\x1b\xd4{\x99@\xd3\x91\xb0\xd3\xe5_\x82P\"\xd4i\xb0\x1c\xd1\xde\x19\xac\xbd\x95\xf5\x17\x88\x8d\xecgm\xf1\x8c\xb7q\xc0\xa4+;', 0x54, 0x0) [ 1663.836299][ T2351] ? switch_fpu_return+0x1d4/0x410 [ 1663.841384][ T2351] ? security_file_ioctl+0x7d/0xa0 [ 1663.846466][ T2351] __x64_sys_ioctl+0xd4/0x110 [ 1663.851117][ T2351] do_syscall_64+0xca/0x1c0 [ 1663.855595][ T2351] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1663.861459][ T2351] ---[ end trace bc12ee340783dbf1 ]--- 13:54:40 executing program 5: seccomp$SECCOMP_SET_MODE_FILTER(0x2, 0x9, 0x0) seccomp$SECCOMP_SET_MODE_FILTER(0x8, 0x0, 0x0) [ 1663.897626][ T2368] Module has invalid ELF structures [ 1663.898120][ T2369] Module has invalid ELF structures [ 1663.929638][ T22] audit: type=1326 audit(1676296480.739:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2360 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d08d5f0f9 code=0x80000 [ 1663.955949][ T22] audit: type=1326 audit(1676296480.739:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2360 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=3 compat=0 ip=0x7f7d08d10fab code=0x80000 [ 1663.979444][ T2351] ------------[ cut here ]------------ [ 1663.984885][ T2351] kernfs: can not remove 'events_async', no directory [ 1663.992202][ T2351] WARNING: CPU: 0 PID: 2351 at fs/kernfs/dir.c:1511 kernfs_remove_by_name_ns+0xb1/0x100 [ 1664.001899][ T2351] Modules linked in: [ 1664.005782][ T2351] CPU: 0 PID: 2351 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1664.015561][ T2351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1664.025615][ T2351] RIP: 0010:kernfs_remove_by_name_ns+0xb1/0x100 [ 1664.031861][ T2351] Code: ff 03 48 89 df e8 ff ef ff ff 48 89 df e8 67 ae ff ff 31 db eb 27 e8 3e 36 ad ff 48 c7 c7 00 28 c5 84 4c 89 fe e8 4f 18 85 ff <0f> 0b bb fe ff ff ff eb 16 e8 21 36 ad ff bb fe ff ff ff 48 c7 c7 [ 1664.051444][ T2351] RSP: 0018:ffff8881e2bd7a38 EFLAGS: 00010246 [ 1664.057494][ T2351] RAX: a19f2b27e9715300 RBX: 0000000000000000 RCX: ffff8881ed77bf00 [ 1664.065494][ T2351] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000 [ 1664.073447][ T2351] RBP: ffffffff85c45760 R08: ffffffff814ca206 R09: 000000000000ffff [ 1664.081414][ T2351] R10: 0000000000200000 R11: dffffc0000000001 R12: 0000000000000000 [ 1664.089370][ T2351] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff84d902c0 [ 1664.097334][ T2351] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1664.106247][ T2351] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1664.112839][ T2351] CR2: 00007fc959c3b000 CR3: 00000001e347a000 CR4: 00000000003406f0 [ 1664.120801][ T2351] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1664.128759][ T2351] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1664.136710][ T2351] Call Trace: [ 1664.139994][ T2351] sysfs_remove_files+0x91/0xe0 [ 1664.144833][ T2351] del_gendisk+0x26f/0xbf0 [ 1664.149236][ T2351] ? avc_flush+0x1f0/0x1f0 [ 1664.153639][ T2351] ? device_add_disk_no_queue_reg+0x20/0x20 [ 1664.159525][ T2351] loop_remove+0x42/0xa0 [ 1664.163753][ T2351] loop_control_ioctl+0x564/0x620 [ 1664.168764][ T2351] ? loop_remove+0xa0/0xa0 [ 1664.173166][ T2351] ? loop_remove+0xa0/0xa0 [ 1664.177572][ T2351] do_vfs_ioctl+0x742/0x1720 [ 1664.182151][ T2351] ? ioctl_preallocate+0x250/0x250 [ 1664.187247][ T2351] ? __fget+0x407/0x490 [ 1664.191390][ T2351] ? fget_many+0x20/0x20 [ 1664.195626][ T2351] ? switch_fpu_return+0x1d4/0x410 [ 1664.200725][ T2351] ? security_file_ioctl+0x7d/0xa0 [ 1664.205832][ T2351] __x64_sys_ioctl+0xd4/0x110 [ 1664.210495][ T2351] do_syscall_64+0xca/0x1c0 [ 1664.214994][ T2351] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1664.220870][ T2351] ---[ end trace bc12ee340783dbf2 ]--- [ 1664.228300][ T2351] ------------[ cut here ]------------ [ 1664.233747][ T2351] kernfs: can not remove 'events_poll_msecs', no directory [ 1664.241229][ T2351] WARNING: CPU: 0 PID: 2351 at fs/kernfs/dir.c:1511 kernfs_remove_by_name_ns+0xb1/0x100 [ 1664.250924][ T2351] Modules linked in: [ 1664.254853][ T2351] CPU: 0 PID: 2351 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1664.264630][ T2351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1664.274681][ T2351] RIP: 0010:kernfs_remove_by_name_ns+0xb1/0x100 [ 1664.280905][ T2351] Code: ff 03 48 89 df e8 ff ef ff ff 48 89 df e8 67 ae ff ff 31 db eb 27 e8 3e 36 ad ff 48 c7 c7 00 28 c5 84 4c 89 fe e8 4f 18 85 ff <0f> 0b bb fe ff ff ff eb 16 e8 21 36 ad ff bb fe ff ff ff 48 c7 c7 [ 1664.300494][ T2351] RSP: 0018:ffff8881e2bd7a38 EFLAGS: 00010246 [ 1664.306543][ T2351] RAX: a19f2b27e9715300 RBX: 0000000000000000 RCX: ffff8881ed77bf00 [ 1664.314499][ T2351] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000 [ 1664.322456][ T2351] RBP: ffffffff85c45760 R08: ffffffff814ca206 R09: 000000000000ffff [ 1664.330414][ T2351] R10: 0000000000200000 R11: dffffc0000000001 R12: 0000000000000000 [ 1664.338373][ T2351] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffffff84d902e0 [ 1664.346328][ T2351] FS: 00007f9bcb684700(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 1664.355237][ T2351] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1664.361815][ T2351] CR2: 00007fc959c3b000 CR3: 00000001e347a000 CR4: 00000000003406f0 [ 1664.369781][ T2351] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1664.377743][ T2351] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1664.385698][ T2351] Call Trace: [ 1664.388981][ T2351] sysfs_remove_files+0x91/0xe0 [ 1664.393822][ T2351] del_gendisk+0x26f/0xbf0 [ 1664.398228][ T2351] ? avc_flush+0x1f0/0x1f0 [ 1664.402632][ T2351] ? device_add_disk_no_queue_reg+0x20/0x20 [ 1664.408510][ T2351] loop_remove+0x42/0xa0 [ 1664.412744][ T2351] loop_control_ioctl+0x564/0x620 [ 1664.417753][ T2351] ? loop_remove+0xa0/0xa0 [ 1664.422159][ T2351] ? loop_remove+0xa0/0xa0 [ 1664.426564][ T2351] do_vfs_ioctl+0x742/0x1720 [ 1664.431146][ T2351] ? ioctl_preallocate+0x250/0x250 [ 1664.436253][ T2351] ? __fget+0x407/0x490 [ 1664.440403][ T2351] ? fget_many+0x20/0x20 [ 1664.444635][ T2351] ? switch_fpu_return+0x1d4/0x410 [ 1664.449733][ T2351] ? security_file_ioctl+0x7d/0xa0 [ 1664.454831][ T2351] __x64_sys_ioctl+0xd4/0x110 [ 1664.459492][ T2351] do_syscall_64+0xca/0x1c0 [ 1664.463982][ T2351] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1664.469856][ T2351] ---[ end trace bc12ee340783dbf3 ]--- [ 1664.595699][ T2351] ------------[ cut here ]------------ [ 1664.606653][ T2351] kernfs: can not remove 'bdi', no directory [ 1664.612974][ T2351] WARNING: CPU: 1 PID: 2351 at fs/kernfs/dir.c:1511 kernfs_remove_by_name_ns+0xb1/0x100 [ 1664.622665][ T2351] Modules linked in: [ 1664.626551][ T2351] CPU: 1 PID: 2351 Comm: syz-executor.4 Tainted: G W 5.4.225-syzkaller #0 [ 1664.636329][ T2351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 [ 1664.646381][ T2351] RIP: 0010:kernfs_remove_by_name_ns+0xb1/0x100 [ 1664.652604][ T2351] Code: ff 03 48 89 df e8 ff ef ff ff 48 89 df e8 67 ae ff ff 31 db eb 27 e8 3e 36 ad ff 48 c7 c7 00 28 c5 84 4c 89 fe e8 4f 18 85 ff <0f> 0b bb fe ff ff ff eb 16 e8 21 36 ad ff bb fe ff ff ff 48 c7 c7 [ 1664.672195][ T2351] RSP: 0018:ffff8881e2bd7a78 EFLAGS: 00010246 [ 1664.678245][ T2351] RAX: a19f2b27e9715300 RBX: 0000000000000000 RCX: ffff8881ed77bf00 [ 1664.686205][ T2351] RDX: 0000000000000003 RSI: 0000000080000000 RDI: 0000000000000000 [ 1664.694162][ T2351] RBP: ffff8881e2bd7b88 R08: ffffffff814ca206 R09: 000000000000ffff [ 1664.702121][ T2351] R10: 0000000000200000 R11: dffffc0000000001 R12: ffff8881d0df4000 [ 1664.710079][ T2351] R13: ffff8881d0df44e8 R14: 0000000000000000 R15: ffffffff84d8fd80 [ 1664.718034][ T2351] FS: 00007f9bcb684700(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 1664.726945][ T2351] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1664.733511][ T2351] CR2: 00007ffc3768bff8 CR3: 00000001e347a000 CR4: 00000000003406e0 [ 1664.741467][ T2351] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1664.749423][ T2351] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1664.757375][ T2351] Call Trace: [ 1664.760654][ T2351] del_gendisk+0x59a/0xbf0 [ 1664.765060][ T2351] ? device_add_disk_no_queue_reg+0x20/0x20 [ 1664.770946][ T2351] loop_remove+0x42/0xa0 [ 1664.775177][ T2351] loop_control_ioctl+0x564/0x620 [ 1664.780199][ T2351] ? loop_remove+0xa0/0xa0 [ 1664.784601][ T2351] ? loop_remove+0xa0/0xa0 [ 1664.789001][ T2351] do_vfs_ioctl+0x742/0x1720 [ 1664.793578][ T2351] ? ioctl_preallocate+0x250/0x250 [ 1664.798674][ T2351] ? __fget+0x407/0x490 [ 1664.802811][ T2351] ? fget_many+0x20/0x20 [ 1664.807039][ T2351] ? switch_fpu_return+0x1d4/0x410 [ 1664.812135][ T2351] ? security_file_ioctl+0x7d/0xa0 [ 1664.817232][ T2351] __x64_sys_ioctl+0xd4/0x110 [ 1664.821892][ T2351] do_syscall_64+0xca/0x1c0 [ 1664.826384][ T2351] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 1664.832259][ T2351] ---[ end trace bc12ee340783dbf4 ]--- [ 1664.839992][ T2351] kasan: CONFIG_KASAN_INLINE enabled [ 1664.845308][ T2351] kasan: GPF could be caused by NULL-ptr deref or user memory access