last executing test programs: 27.421897476s ago: executing program 2 (id=447): socket(0x11, 0x800000003, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000060000000800000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r2, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103) linkat(0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000500)='./file7\x00', 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r4 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r4, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x5a}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600)) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001800)={&(0x7f0000000580)='kfree\x00', r6}, 0x9) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r7], 0x48}}, 0x0) 27.304388866s ago: executing program 2 (id=450): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="01"], 0x9) sendto$inet6(r0, &(0x7f0000000000)="eb", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) setfsuid(0xffffffffffffffff) socket(0x2, 0x3, 0x100000001) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ipvlan1\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8946, &(0x7f0000000080)) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r6) sendmsg$NLBL_MGMT_C_ADDDEF(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01000003000000000000040000000800020005"], 0x24}, 0x1, 0x0, 0x0, 0x4840}, 0x0) setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0xfffffffffffffffc}}, {{@in, 0x0, 0x6c}, 0x0, @in=@local}}, 0xe8) syz_emit_ethernet(0x3e, &(0x7f0000000500)={@local, @random="f368656e065b", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0) 27.151336187s ago: executing program 2 (id=459): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/rt_acct\x00') r2 = socket(0x18, 0x0, 0x0) connect$pppoe(r2, &(0x7f0000000100)={0x18, 0x0, {0x2, @broadcast, 'vxcan1\x00'}}, 0x1e) sendfile(r2, r1, 0x0, 0x8) 27.070994266s ago: executing program 2 (id=463): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48) open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x48) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = syz_pidfd_open(r1, 0x0) pidfd_send_signal(r2, 0x21, 0x0, 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x42) sendfile(r3, r3, 0x0, 0x80000000) 26.892744097s ago: executing program 2 (id=467): syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) r0 = socket(0x11, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x268, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xc8, 0x60030000, {0x0, 0xff000000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2c8) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000006000000080000000900000000000000bc687054adfd6167913be8e5d260599f7384e423c758b9", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10) r5 = socket$nl_generic(0x11, 0x3, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004501002b00000000c65a00e0000001"], 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@minixdf}]}, 0x1, 0x4ff, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvndhx0uwmu+wBEOwuuwsFVXUSdzda7QGWEwK0EmKPIHVD4kZR7DiKndKEHtIzVyQqcYIjfwDnnrhzQXDjUg5I/IhADRIHoxlPUje1m6hJ7Cj+fKTRvDdv6u97Tee9+pvEL4CR9XZE7EVEMSI+i4iZ7HouO+LjzpHc92T//vLB/v3lXLTbn/4zl7Yn16LrzySuZa9ZiogffifiJ7nn4zZ3dteXarXqVlafa9U355o7uzfX6kur1dXqRqWyuLA4/+GtDyrnNta36sWs9OXHf9j7xs+Sbk1nV7rHcZ46Qy8cxUmMR8T3LyLYEIxl4ykOuyO8lHxEvB4R76TP/0yMpV9NAOAqa7dnoj3TXQcArrp8mgPL5ctZLmA68vlyuZPDeyOm8rVGs3XjTmN7Y6WTK5uNQv7OWq06n+UKZ6OQS+oLaflpvXKsfisiXouIX0xMpvXycqO2Msz/+ADACLt2bP3/z0Rn/QcArrjSsDsAAAyc9R8ARo/1HwBGj/UfAEZPZ/2fHHY3AIAB8v4fAEaP9R8ARsoPPvkkOdoH2edfr9zd2V5v3L25Um2ul+vby+XlxtZmebXRWE0/s6d+0uvVGo3Nhfdj+97sNzebrbnmzu7temN7o3U7/Vzv29VCetfeAEYGAPTz2luP/pxLVuSPJtMjuvZyKAy1Z8BFyw+7A8DQjA27A8DQ2O0LRtcZ3uNLD8AV0WOL3meUev2CULvdbl9cl4ALdv0L8v8wqrry/34KGEaM/D+MLvl/GF3tdu60e/7HaW8EAC43OX6gz/f/X8/Ov82+OfDjleN3PLzIXgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDldrj/bznbC3w68vlyOeKViJiNQu7OWq06HxGvRsSfJgoTSX1hyH0GAM4q/7dctv/X9Zn3pp9pevPaUbEYET/91ae/vLfUam39MaKY+9fE4fXWw+x6ZfC9BwBOdrhOJ+dHXW/kn+zfXz48Btmfv387Ikqd+Af7xTg4ij8e4+m5FIWImPp3Lqt35LpyF2ex9yAiPt9r/LmYTnMgnZ1Pj8dPYr8y0Pj5Z+Ln07bOOfm7+Nw59AVGzaNk/vm41/OXj7fTc+/nv5TOUGeXzX/JSy0fpHPg0/iH899Yn/nv1DHe//13O6XJ59seRHxxPOIw9kHX/HMYP9cn/nunjP+XL735Tr+29q8jrkfv+N2x5lr1zbnmzu7NtfrSanW1ulGpLC4szn9464PKXJqjnuu/Gvzjoxuv9mtLxj/VJ37phPF/9ZTj/83/PvvRV14Q/+vv9oqfjzdeED9ZE792yvhLU78r9WtL4q/0Gf9JX/8bLw77vWJWePzX3ee2DQcAhqe5s7u+VKtVtxQULn8h+Sd7CbrRs/CtQcUqRu+mn7/beaaPNbXbLxWr34xxHlk34DI4eugj4r/D7gwAAAAAAAAAAAAAANDTIH5jadhjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Or6fwAAAP//sUPPoQ==") openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000d00)='kfree\x00', r6}, 0x10) add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630b00c145f94cd977", 0x18, 0xffffffffffffffff) sendmsg(r5, &(0x7f0000000640)={&(0x7f00000000c0)=@ll={0x11, 0xf7, 0x0, 0x1, 0x8, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0xe}, {&(0x7f0000000380)="d5b70a521f6a9dbcaa794f9b86172504e80b1b020147d483e4aa5749f9a2149a98712b7214d9d361510a61e4a0ba309c1adcaab96aff26ea0e7f7385d8e87edda83c31bf5511372925ae0ea32c776d064f7cf5fa352efe253460fb772d9b483ed3a380612a346b", 0x67}, {&(0x7f00000004c0)="5199802e29e23a469d2df3eebb2d303d9ae796a754f4e8e8cb68b53e9ea11f4574bf6c20a5ad0e2503622ba241118b3d434793", 0x33}], 0x3, 0x0, 0x0, 0x11000000}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00'}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4) sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f63047d2900ffffca88faca"], 0xdd12}], 0x1}, 0x0) 26.352545857s ago: executing program 2 (id=477): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 26.352404298s ago: executing program 32 (id=477): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 1.979494507s ago: executing program 0 (id=1192): r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b000000000000"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) 1.925415957s ago: executing program 0 (id=1196): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) 1.887646007s ago: executing program 0 (id=1199): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) select(0x0, 0x0, &(0x7f0000000280)={0x2, 0x80000001, 0x8001, 0x6, 0x100000000, 0x5b, 0x2, 0xfffffffffffff355}, &(0x7f0000000300)={0x5, 0x8, 0x1, 0x100000001, 0x3, 0x4, 0x100000000, 0xcc}, &(0x7f0000000340)={0x0, 0xea60}) 1.761408407s ago: executing program 0 (id=1201): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'geneve1\x00'}) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff010}, {0x80000006, 0x0, 0x19, 0x6}]}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="6400000002060500000000000000000000000000120003006269746d61703a69702c6d61482c190b906300000005000400000000000900020073797a310000000018000780050003001f0000000c000180080001400000000005000500020000000500010006000000"], 0x64}}, 0x0) 1.745643367s ago: executing program 0 (id=1204): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1, 0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'dummy0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000700)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xffff}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x5}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0xfffff1d4}]}, 0x40}}, 0x0) r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@bloom_filter={0x1e, 0x100, 0x4, 0xd41, 0xb000, r0, 0x47, '\x00', r3, 0xffffffffffffffff, 0x1, 0x1, 0x40000004, 0x7, @value=r5, @void, @void, @value}, 0x50) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f00000003c0)='kfree\x00', r6}, 0x18) r7 = socket(0x2, 0x5, 0x0) sendmmsg$inet_sctp(r7, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x880) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x15, 0x231}, 0x1016c7, 0x0, 0x0, 0x9, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) close_range(r8, 0xffffffffffffffff, 0x0) sendmmsg$inet_sctp(r7, &(0x7f0000000bc0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000001c0)=[{0x0, 0x2}], 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c0000000000000002002b0388edb6556900"/51, @ANYRES32=0x0], 0x30}], 0x1, 0x0) r9 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10) socket$kcm(0x2, 0x3, 0x84) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1bf7b}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8}, @IFLA_MTU={0x8, 0x4, 0x4c6}]}, 0x44}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 1.222133538s ago: executing program 1 (id=1222): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) 1.177722098s ago: executing program 1 (id=1224): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0) 1.148211838s ago: executing program 1 (id=1225): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94) r2 = fcntl$dupfd(r0, 0x0, r0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) 1.106260628s ago: executing program 1 (id=1228): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10) pause() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r1}, 0x10) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RGETLOCK(r3, &(0x7f0000001440)=ANY=[], 0xffffff6a) tee(r2, 0xffffffffffffffff, 0x5, 0x8) 1.045167558s ago: executing program 4 (id=1231): r0 = socket(0x11, 0x800000003, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000011c0)=@newqdisc={0xd0, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_qfg={0x8}, @TCA_STAB={0xa4, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xa6, 0x7, 0x5, 0x81, 0x1, 0x5, 0x4, 0x1}}, {0x6, 0x2, [0x8]}}, {{0x1c, 0x1, {0xff, 0x4, 0x8, 0x200, 0x1, 0x2, 0x0, 0xa}}, {0x18, 0x2, [0x9, 0x2, 0x7ff, 0x4, 0x8, 0x30e, 0x4, 0x542, 0x3, 0xb]}}, {{0x1c, 0x1, {0x5, 0x0, 0x8001, 0x3, 0x2, 0x255751fc, 0x68, 0x1}}, {0x6, 0x2, [0x7f]}}, {{0x1c, 0x1, {0x2, 0xbe, 0x23, 0x5, 0x2, 0x7fffffff, 0x100, 0x1}}, {0x6, 0x2, [0x3]}}]}]}, 0xd0}}, 0x800) 1.007727188s ago: executing program 5 (id=1233): prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x7f, 0x8d}, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = getpid() mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x2, 0x5, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) sched_setscheduler(r0, 0x1, &(0x7f0000000000)=0x9) pipe(&(0x7f0000002480)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_dev$evdev(&(0x7f00000002c0), 0x0, 0x0) ioctl$EVIOCGABS20(r3, 0x40044591, 0x0) r4 = epoll_create(0x3) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="91101e000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000002c80)={0x10000015}) splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x7, 0x0) write$P9_RWRITE(r2, &(0x7f0000000040)={0xb}, 0x11000) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x11, 0x14, &(0x7f0000001440)=ANY=[@ANYBLOB="18000000560000000000000047ffffff18110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000000000008500000084000000b700000000000000950000000000aac4477ab0ae200000"], &(0x7f0000000240)='GPL\x00', 0x1, 0x1000, &(0x7f0000000280)=""/4096, 0x41000, 0x4d, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000001280)={0x9, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000012c0)=[0x1], &(0x7f0000001300)=[{0x5, 0x4, 0xd, 0x1}], 0x10, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001400)={&(0x7f0000000100)='f2fs_map_blocks\x00', r6, 0x0, 0x10001}, 0x18) write(r2, &(0x7f0000000140)='i', 0x1) read(r1, &(0x7f0000019440)=""/102391, 0x18ff7) r7 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000000180)={'gre0\x00', &(0x7f0000001500)={'syztnl2\x00', 0x0, 0x7800, 0x7fd7, 0x5, 0x5, {{0x30, 0x4, 0x3, 0x5, 0xc0, 0x64, 0x0, 0x54, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, {[@cipso={0x86, 0x17, 0x3, [{0x7, 0x11, "77a73d74904e9f3885d606563799ae"}]}, @end, @timestamp_prespec={0x44, 0xc, 0xa7, 0x3, 0x4, [{@private=0xa010102, 0x4}]}, @ssrr={0x89, 0x17, 0x17, [@local, @multicast1, @private=0xa010102, @rand_addr=0x64010102, @rand_addr=0x64010102]}, @generic={0x82, 0x9, "7225f2a3a6a3da"}, @ssrr={0x89, 0x17, 0x92, [@empty, @local, @multicast1, @loopback, @loopback]}, @timestamp_addr={0x44, 0x4c, 0xd9, 0x1, 0xf, [{@local, 0x2}, {@multicast2, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@loopback, 0xffff}, {@loopback, 0x3}, {@rand_addr=0xffffffff, 0x9}, {@local, 0x6bb98b80}, {@multicast2, 0xfffffff7}, {@broadcast, 0x8000}]}, @ra={0x94, 0x4, 0x1}]}}}}}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000001600)={'syztnl1\x00', &(0x7f00000001c0)={'ip6_vti0\x00', r8, 0x2f, 0x10, 0x7, 0xffff, 0x10, @local, @mcast2, 0x1, 0x10, 0x10, 0x4}}) dup2(0xffffffffffffffff, 0xffffffffffffffff) 1.007382068s ago: executing program 4 (id=1234): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000001340)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[@ANYBLOB="849729d9cdb1844c80cb0aef3700000e", @ANYRES16=r1, @ANYBLOB="0002000000000000000039000000000001006e657464657673696d000000000002006e657464657673696d3000000800030005000000"], 0x3c}}, 0x800) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) symlinkat(0x0, 0xffffffffffffff9c, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0xfffffefd) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_SYMLINKAT={0x26, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000047c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00'}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0, r4}, 0x18) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000190001000000000000000000020000d1"], 0x1c}}, 0x0) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000000)=@generic={&(0x7f0000000a40)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x18}, 0x18) socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x38, 0x1403, 0x200, 0x171bd2a, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'dvmrp0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008001}, 0x24004000) r6 = socket$nl_rdma(0x10, 0x3, 0x14) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224"], 0x0) r7 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040), 0x111, 0x2}}, 0x20) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x20048000}, 0x20000000) 885.756258ms ago: executing program 0 (id=1237): prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x7f, 0x8d}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = getpid() mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x2, 0x5, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) sched_setscheduler(r2, 0x1, &(0x7f0000000000)=0x9) pipe(&(0x7f0000002480)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = syz_open_dev$evdev(&(0x7f00000002c0), 0x0, 0x0) ioctl$EVIOCGABS20(r5, 0x40044591, 0x0) r6 = epoll_create(0x3) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="91101e000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000002c80)={0x10000015}) splice(r0, 0x0, r4, 0x0, 0x7, 0x0) write$P9_RWRITE(r4, &(0x7f0000000040)={0xb}, 0x11000) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x11, 0x14, &(0x7f0000001440)=ANY=[@ANYBLOB="18000000560000000000000047ffffff18110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000000000008500000084000000b700000000000000950000000000aac4477ab0ae200000"], &(0x7f0000000240)='GPL\x00', 0x1, 0x1000, &(0x7f0000000280)=""/4096, 0x41000, 0x4d, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f0000001280)={0x9, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000012c0)=[0x1], &(0x7f0000001300)=[{0x5, 0x4, 0xd, 0x1}], 0x10, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001400)={&(0x7f0000000100)='f2fs_map_blocks\x00', r8, 0x0, 0x10001}, 0x18) write(r4, &(0x7f0000000140)='i', 0x1) read(r3, &(0x7f0000019440)=""/102391, 0x18ff7) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000001600)={'syztnl1\x00', &(0x7f00000001c0)={'ip6_vti0\x00', 0x0, 0x2f, 0x10, 0x7, 0xffff, 0x10, @local, @mcast2, 0x1, 0x10, 0x10, 0x4}}) dup2(r0, r1) 823.310428ms ago: executing program 5 (id=1239): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c000400002000000000000051ab00bc5b0900673e9209105afa0000000000", @ANYRES32=0x0, @ANYBLOB="e0d8010004a701002c00128009000100626f6e64000000001c000280080005000000000005000100060000000500110009000000"], 0x4c}, 0x1, 0x0, 0x0, 0x11}, 0x4000044) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000400)={@private, @empty, 0x0}, &(0x7f00000004c0)=0xc) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x5, 0xd, 0xfff, 0x24014, r1, 0x5, '\x00', r3, 0xffffffffffffffff, 0x2, 0x2, 0x2, 0x5, @void, @value, @void, @value}, 0x50) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0) write$vga_arbiter(r5, &(0x7f0000000100)=@other={'unlock', ' ', 'io+mem'}, 0xe) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000040000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000009505089f76ef9ed079621c09f152eb52b2024958d165c233af3b60f43337478be475c1366e1e99d30c55255e824e91f6050edabc6aeb6304d949ff58c4d281a9594067b5a3941a53d13ae9e16bfa8e06e45f3063d6913dfe3525012685a20d48d960f6ccc3db85dc4632cce6d06449894d3df831ee682106e66d31129a3715034c872459811d32872ff2ed5489e13dc38089606c7a1e3c3b1ffd5f602ee4505dbb6744a64213ce6f7be7fec17d0a9c7f4d7408ea1a1ddfdeb3dadf7a5473f4318a9a44cea682e08059fcbc4ff277868b5731a5fd7ade809cc277543361061efc17b136527cbe86dc691e9fbd8d3524b8d71ff57186aba558e4ae02b24924b3dd668556f6f266688a6aa79dc9717ea712b247dc411905959d4d3c31dd963da8317ea78671dbd8b3b14f00224d4f903b9c39d9735717d609294ff439fa9c308f082ece117f17ce0a04c6c92bbb789323f4949cf58b46f229579f7e310ea9a0fc4bc332f2a90a5309c6100fbca3c644260477f9c4ac95d498b43c9ef0d2306236a1f4127b9f49a5356acf9e4cfab3768d68290f3429e2343bf028214bd5c1f8484ab62e8e409c7fae5aeb961468038e851c8a231b4d3298654594f410220a8d90eddd551bede58a5b1256db80e2c17b50613d0a6c0a02aa614133223e89ee76e9b633c9b6c449a2c98d54f239c5e784eee8cd311682678c6d3e882f2c68f53367ca5e884b8a9315ce880c3696664632bfef75c32a8d7903b9f47773b1bff7fdf98de796a4e6c487b7e16b87edae6505a42341ccdfb346dbb0454f5f93e70906e0c23cdc5e3188934ad410fe7de524e89a26687d9b"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) r7 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) write$UHID_CREATE2(r7, 0x0, 0x1b) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10) sigaltstack(0x0, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdb"], 0x138) write$UHID_DESTROY(r0, &(0x7f0000000340), 0x4) accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, 0x0, 0x10) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r11 = socket(0xa, 0x40000000002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r11, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[]}, 0x78) sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x5a1c}}, 0x0) 638.304989ms ago: executing program 5 (id=1240): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = fcntl$dupfd(r0, 0x0, r0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0) ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) 596.435629ms ago: executing program 5 (id=1242): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) read(0xffffffffffffffff, &(0x7f0000000040)=""/148, 0xffffff96) r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}, 0x7395}], 0x1, 0x40010029, 0x0) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 440.711219ms ago: executing program 5 (id=1243): close(0x3) 394.640769ms ago: executing program 5 (id=1244): prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x7f, 0x8d}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = getpid() mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x2, 0x5, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) sched_setscheduler(r2, 0x1, &(0x7f0000000000)=0x9) pipe(&(0x7f0000002480)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = syz_open_dev$evdev(&(0x7f00000002c0), 0x0, 0x0) ioctl$EVIOCGABS20(r5, 0x40044591, 0x0) r6 = epoll_create(0x3) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="91101e000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000002c80)={0x10000015}) splice(r0, 0x0, r4, 0x0, 0x7, 0x0) write$P9_RWRITE(r4, &(0x7f0000000040)={0xb}, 0x11000) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x11, 0x14, &(0x7f0000001440)=ANY=[@ANYBLOB="18000000560000000000000047ffffff18110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000000000008500000084000000b700000000000000950000000000aac4477ab0ae200000"], &(0x7f0000000240)='GPL\x00', 0x1, 0x1000, &(0x7f0000000280)=""/4096, 0x41000, 0x4d, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f0000001280)={0x9, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000012c0)=[0x1], &(0x7f0000001300)=[{0x5, 0x4, 0xd, 0x1}], 0x10, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001400)={&(0x7f0000000100)='f2fs_map_blocks\x00', r8, 0x0, 0x10001}, 0x18) write(r4, &(0x7f0000000140)='i', 0x1) read(r3, &(0x7f0000019440)=""/102391, 0x18ff7) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000001600)={'syztnl1\x00', &(0x7f00000001c0)={'ip6_vti0\x00', 0x0, 0x2f, 0x10, 0x7, 0xffff, 0x10, @local, @mcast2, 0x1, 0x10, 0x10, 0x4}}) dup2(r0, r1) 393.711259ms ago: executing program 4 (id=1245): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0x40002, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0}) 379.752679ms ago: executing program 3 (id=1246): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0xfa, 0x7fff0000}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x201, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000500)='kfree\x00', r0, 0x0, 0x33}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r2}, 0x10) setrlimit(0x9, &(0x7f0000000000)) io_setup(0x2004, &(0x7f0000000680)) 314.773549ms ago: executing program 4 (id=1247): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$sock_int(r0, 0x1, 0xc, 0x0, 0x0) 251.817149ms ago: executing program 3 (id=1248): socket$inet6_sctp(0xa, 0x1, 0x84) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) socket(0x2, 0x3, 0x100000001) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="01000003000000000000040000000800020005"], 0x24}, 0x1, 0x0, 0x0, 0x4840}, 0x0) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0xfffffffffffffffc}}, {{@in, 0x0, 0x6c}, 0x0, @in=@local}}, 0xe8) syz_emit_ethernet(0x3e, &(0x7f0000000500)={@local, @random="f368656e065b", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0) 245.107549ms ago: executing program 1 (id=1249): prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x7f, 0x8d}, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) r0 = getpid() mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000) mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x2, 0x5, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) sched_setscheduler(r0, 0x1, &(0x7f0000000000)=0x9) pipe(&(0x7f0000002480)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_dev$evdev(&(0x7f00000002c0), 0x0, 0x0) ioctl$EVIOCGABS20(r3, 0x40044591, 0x0) r4 = epoll_create(0x3) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="91101e000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000002c80)={0x10000015}) splice(0xffffffffffffffff, 0x0, r2, 0x0, 0x7, 0x0) write$P9_RWRITE(r2, &(0x7f0000000040)={0xb}, 0x11000) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x11, 0x14, &(0x7f0000001440)=ANY=[@ANYBLOB="18000000560000000000000047ffffff18110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000000000008500000084000000b700000000000000950000000000aac4477ab0ae200000"], &(0x7f0000000240)='GPL\x00', 0x1, 0x1000, &(0x7f0000000280)=""/4096, 0x41000, 0x4d, '\x00', 0x0, 0x0, r2, 0x8, &(0x7f0000001280)={0x9, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000012c0)=[0x1], &(0x7f0000001300)=[{0x5, 0x4, 0xd, 0x1}], 0x10, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001400)={&(0x7f0000000100)='f2fs_map_blocks\x00', r6, 0x0, 0x10001}, 0x18) write(r2, &(0x7f0000000140)='i', 0x1) read(r1, &(0x7f0000019440)=""/102391, 0x18ff7) r7 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000000180)={'gre0\x00', &(0x7f0000001500)={'syztnl2\x00', 0x0, 0x7800, 0x7fd7, 0x5, 0x5, {{0x30, 0x4, 0x3, 0x5, 0xc0, 0x64, 0x0, 0x54, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, {[@cipso={0x86, 0x17, 0x3, [{0x7, 0x11, "77a73d74904e9f3885d606563799ae"}]}, @end, @timestamp_prespec={0x44, 0xc, 0xa7, 0x3, 0x4, [{@private=0xa010102, 0x4}]}, @ssrr={0x89, 0x17, 0x17, [@local, @multicast1, @private=0xa010102, @rand_addr=0x64010102, @rand_addr=0x64010102]}, @generic={0x82, 0x9, "7225f2a3a6a3da"}, @ssrr={0x89, 0x17, 0x92, [@empty, @local, @multicast1, @loopback, @loopback]}, @timestamp_addr={0x44, 0x4c, 0xd9, 0x1, 0xf, [{@local, 0x2}, {@multicast2, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@loopback, 0xffff}, {@loopback, 0x3}, {@rand_addr=0xffffffff, 0x9}, {@local, 0x6bb98b80}, {@multicast2, 0xfffffff7}, {@broadcast, 0x8000}]}, @ra={0x94, 0x4, 0x1}]}}}}}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000001600)={'syztnl1\x00', &(0x7f00000001c0)={'ip6_vti0\x00', r8, 0x2f, 0x10, 0x7, 0xffff, 0x10, @local, @mcast2, 0x1, 0x10, 0x10, 0x4}}) dup2(0xffffffffffffffff, 0xffffffffffffffff) 211.461129ms ago: executing program 4 (id=1250): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0xffffffffffffffb6) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) r4 = socket$inet_tcp(0x2, 0x1, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) r7 = dup(r6) write$UHID_INPUT(r7, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b0732306c090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb000000002f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d6ced5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed700129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb21fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000780)={'veth1_to_bridge\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000007c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010026bd6000000000002d9300000c00018008000100", @ANYRES32=r9], 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20040814) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000a7a7c4a0000000009500000000000000a4a9de0b5560a33dad8d3627fb041ded8382"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', r9, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r10}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYRESOCT=r3], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff1c, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10) set_robust_list(0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) timer_create(0xfffffffc, 0x0, &(0x7f0000000040)) socket$inet6_sctp(0xa, 0x1, 0x84) 211.040109ms ago: executing program 3 (id=1251): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c000400002000000000000051ab00bc5b0900673e9209105afa0000000000", @ANYRES32=0x0, @ANYBLOB="e0d8010004a701002c00128009000100626f6e64000000001c000280080005000000000005000100060000000500110009000000"], 0x4c}, 0x1, 0x0, 0x0, 0x11}, 0x4000044) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb010018000000af15cd9f0000000024000000240002767b3f0a1acf480fa3e05dae000004000081c29d4eb9c7ab000c0000000000000b0200000000000000"], &(0x7f00000005c0)=""/162, 0x40, 0xa2, 0x1, 0xffffffff, 0x10000, @value}, 0x28) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x5, 0xd, 0xfff, 0x24014, r1, 0x5, '\x00', 0x0, r3, 0x2, 0x2, 0x2, 0x5, @void, @value, @void, @value}, 0x50) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0) write$vga_arbiter(r5, &(0x7f0000000100)=@other={'unlock', ' ', 'io+mem'}, 0xe) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000040000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000009505089f76ef9ed079621c09f152eb52b2024958d165c233af3b60f43337478be475c1366e1e99d30c55255e824e91f6050edabc6aeb6304d949ff58c4d281a9594067b5a3941a53d13ae9e16bfa8e06e45f3063d6913dfe3525012685a20d48d960f6ccc3db85dc4632cce6d06449894d3df831ee682106e66d31129a3715034c872459811d32872ff2ed5489e13dc38089606c7a1e3c3b1ffd5f602ee4505dbb6744a64213ce6f7be7fec17d0a9c7f4d7408ea1a1ddfdeb3dadf7a5473f4318a9a44cea682e08059fcbc4ff277868b5731a5fd7ade809cc277543361061efc17b136527cbe86dc691e9fbd8d3524b8d71ff57186aba558e4ae02b24924b3dd668556f6f266688a6aa79dc9717ea712b247dc411905959d4d3c31dd963da8317ea78671dbd8b3b14f00224d4f903b9c39d9735717d609294ff439fa9c308f082ece117f17ce0a04c6c92bbb789323f4949cf58b46f229579f7e310ea9a0fc4bc332f2a90a5309c6100fbca3c644260477f9c4ac95d498b43c9ef0d2306236a1f4127b9f49a5356acf9e4cfab3768d68290f3429e2343bf028214bd5c1f8484ab62e8e409c7fae5aeb961468038e851c8a231b4d3298654594f410220a8d90eddd551bede58a5b1256db80e2c17b50613d0a6c0a02aa614133223e89ee76e9b633c9b6c449a2c98d54f239c5e784eee8cd311682678c6d3e882f2c68f53367ca5e884b8a9315ce880c3696664632bfef75c32a8d7903b9f47773b1bff7fdf98de796a4e6c487b7e16b87edae6505a42341ccdfb346dbb0454f5f93e70906e0c23cdc5e3188934ad410fe7de524e89a26687d9b"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) r7 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0) write$UHID_CREATE2(r7, 0x0, 0x1b) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10) sigaltstack(0x0, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdb"], 0x138) write$UHID_DESTROY(r0, &(0x7f0000000340), 0x4) accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, 0x0, 0x10) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r11 = socket(0xa, 0x40000000002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r11, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[]}, 0x78) sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$NFT_BATCH(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x5a1c}}, 0x0) 87.486349ms ago: executing program 3 (id=1252): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r1}, 0x18) sendmmsg(r0, &(0x7f0000003a80)=[{{&(0x7f00000000c0)=@in={0x2, 0x4e24, @loopback}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000240)='7', 0x1}], 0x1}}], 0x1, 0x2c000011) close(r0) 81.05209ms ago: executing program 4 (id=1253): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) read(0xffffffffffffffff, &(0x7f0000000040)=""/148, 0xffffff96) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r1, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}, 0x7395}], 0x1, 0x40010029, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 56.70409ms ago: executing program 3 (id=1254): close(0x3) 467.18µs ago: executing program 3 (id=1255): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104a5270b7357000000925e4a44", @ANYRES32, @ANYBLOB="0dfa130016000000240012000c00010000000000000000000c0002f60800000001180000080001"], 0x44}}, 0x0) r2 = socket(0x10, 0x803, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4800000010000507000000000000000000000002", @ANYRES32=r3], 0x48}}, 0x0) 0s ago: executing program 1 (id=1265): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0) kernel console output (not intermixed with test programs): =0x7ff708e2fed9 code=0x7ffc0000 [ 44.521174][ T29] audit: type=1326 audit(1733542990.030:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4104 comm="syz.0.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 44.653837][ T4061] syz.1.150 (4061) used greatest stack depth: 9296 bytes left [ 44.661906][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.693994][ T4114] FAULT_INJECTION: forcing a failure. [ 44.693994][ T4114] name failslab, interval 1, probability 0, space 0, times 0 [ 44.706848][ T4114] CPU: 0 UID: 0 PID: 4114 Comm: syz.2.168 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 44.717471][ T4114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 44.727640][ T4114] Call Trace: [ 44.730941][ T4114] [ 44.733899][ T4114] dump_stack_lvl+0xf2/0x150 [ 44.738552][ T4114] dump_stack+0x15/0x1a [ 44.742765][ T4114] should_fail_ex+0x223/0x230 [ 44.747460][ T4114] should_failslab+0x8f/0xb0 [ 44.752126][ T4114] __kmalloc_node_track_caller_noprof+0xa8/0x410 [ 44.758539][ T4114] ? security_context_to_sid_core+0x66/0x3b0 [ 44.764547][ T4114] kmemdup_nul+0x30/0x80 [ 44.768819][ T4114] security_context_to_sid_core+0x66/0x3b0 [ 44.774711][ T4114] security_context_str_to_sid+0x33/0x40 [ 44.780519][ T4114] sel_write_access+0x199/0x2b0 [ 44.785429][ T4114] selinux_transaction_write+0xba/0x100 [ 44.791067][ T4114] ? __pfx_selinux_transaction_write+0x10/0x10 [ 44.797311][ T4114] vfs_write+0x281/0x920 [ 44.801574][ T4114] ? putname+0xcf/0xf0 [ 44.805701][ T4114] ? __fget_files+0x17c/0x1c0 [ 44.810421][ T4114] ksys_write+0xe8/0x1b0 [ 44.814679][ T4114] __x64_sys_write+0x42/0x50 [ 44.819283][ T4114] x64_sys_call+0x287e/0x2dc0 [ 44.824000][ T4114] do_syscall_64+0xc9/0x1c0 [ 44.828610][ T4114] ? clear_bhb_loop+0x55/0xb0 [ 44.833294][ T4114] ? clear_bhb_loop+0x55/0xb0 [ 44.838010][ T4114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 44.843964][ T4114] RIP: 0033:0x7faf9240fed9 [ 44.848438][ T4114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 44.868204][ T4114] RSP: 002b:00007faf90a87058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 44.876718][ T4114] RAX: ffffffffffffffda RBX: 00007faf925d5fa0 RCX: 00007faf9240fed9 [ 44.884745][ T4114] RDX: 0000000000000041 RSI: 0000000020000740 RDI: 0000000000000003 [ 44.892735][ T4114] RBP: 00007faf90a870a0 R08: 0000000000000000 R09: 0000000000000000 [ 44.900712][ T4114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 44.908689][ T4114] R13: 0000000000000000 R14: 00007faf925d5fa0 R15: 00007ffd90a9f8f8 [ 44.916702][ T4114] [ 45.121762][ T4135] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 45.136977][ T4135] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 45.409825][ T4165] FAULT_INJECTION: forcing a failure. [ 45.409825][ T4165] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 45.423012][ T4165] CPU: 1 UID: 0 PID: 4165 Comm: syz.4.188 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 45.433777][ T4165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 45.443859][ T4165] Call Trace: [ 45.447167][ T4165] [ 45.450106][ T4165] dump_stack_lvl+0xf2/0x150 [ 45.454726][ T4165] dump_stack+0x15/0x1a [ 45.458904][ T4165] should_fail_ex+0x223/0x230 [ 45.463606][ T4165] should_fail+0xb/0x10 [ 45.467830][ T4165] should_fail_usercopy+0x1a/0x20 [ 45.472867][ T4165] _copy_from_user+0x1e/0xb0 [ 45.477478][ T4165] copy_msghdr_from_user+0x54/0x2a0 [ 45.482880][ T4165] __sys_sendmmsg+0x1e8/0x4b0 [ 45.487639][ T4165] __x64_sys_sendmmsg+0x57/0x70 [ 45.492519][ T4165] x64_sys_call+0x29aa/0x2dc0 [ 45.497284][ T4165] do_syscall_64+0xc9/0x1c0 [ 45.501847][ T4165] ? clear_bhb_loop+0x55/0xb0 [ 45.506531][ T4165] ? clear_bhb_loop+0x55/0xb0 [ 45.511270][ T4165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 45.517190][ T4165] RIP: 0033:0x7f86892afed9 [ 45.521621][ T4165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 45.541315][ T4165] RSP: 002b:00007f8687927058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 45.549752][ T4165] RAX: ffffffffffffffda RBX: 00007f8689475fa0 RCX: 00007f86892afed9 [ 45.557729][ T4165] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 45.565787][ T4165] RBP: 00007f86879270a0 R08: 0000000000000000 R09: 0000000000000000 [ 45.573804][ T4165] R10: 000000000000fff2 R11: 0000000000000246 R12: 0000000000000001 [ 45.581814][ T4165] R13: 0000000000000000 R14: 00007f8689475fa0 R15: 00007fff71742008 [ 45.589888][ T4165] [ 45.636119][ T4173] FAULT_INJECTION: forcing a failure. [ 45.636119][ T4173] name failslab, interval 1, probability 0, space 0, times 0 [ 45.637309][ T4171] netlink: 'syz.3.190': attribute type 12 has an invalid length. [ 45.648819][ T4173] CPU: 1 UID: 0 PID: 4173 Comm: syz.4.191 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 45.662311][ T4171] netlink: 'syz.3.190': attribute type 10 has an invalid length. [ 45.667092][ T4173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 45.667110][ T4173] Call Trace: [ 45.667118][ T4173] [ 45.667127][ T4173] dump_stack_lvl+0xf2/0x150 [ 45.695870][ T4173] dump_stack+0x15/0x1a [ 45.700158][ T4173] should_fail_ex+0x223/0x230 [ 45.704898][ T4173] should_failslab+0x8f/0xb0 [ 45.709533][ T4173] __kmalloc_node_track_caller_noprof+0xa8/0x410 [ 45.715887][ T4173] ? sidtab_sid2str_get+0xb8/0x140 [ 45.721089][ T4173] kmemdup_noprof+0x2a/0x60 [ 45.725611][ T4173] sidtab_sid2str_get+0xb8/0x140 [ 45.730669][ T4173] security_sid_to_context_core+0x1eb/0x2f0 [ 45.736610][ T4173] security_sid_to_context+0x27/0x30 [ 45.741942][ T4173] selinux_lsmprop_to_secctx+0x2c/0x40 [ 45.747414][ T4173] security_lsmprop_to_secctx+0x4a/0x90 [ 45.753050][ T4173] audit_log_task_context+0x93/0x1c0 [ 45.758520][ T4173] audit_log_task+0xf9/0x1c0 [ 45.763124][ T4173] audit_seccomp+0x68/0x130 [ 45.767697][ T4173] __seccomp_filter+0x6fa/0x1180 [ 45.772646][ T4173] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 45.778344][ T4173] ? vfs_write+0x596/0x920 [ 45.782840][ T4173] ? __schedule+0x6fa/0x930 [ 45.787356][ T4173] __secure_computing+0x9f/0x1c0 [ 45.792309][ T4173] syscall_trace_enter+0xd1/0x1f0 [ 45.797409][ T4173] do_syscall_64+0xaa/0x1c0 [ 45.802008][ T4173] ? clear_bhb_loop+0x55/0xb0 [ 45.806714][ T4173] ? clear_bhb_loop+0x55/0xb0 [ 45.811442][ T4173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 45.817431][ T4173] RIP: 0033:0x7f86892afed9 [ 45.821845][ T4173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 45.841480][ T4173] RSP: 002b:00007f8687927058 EFLAGS: 00000246 ORIG_RAX: 00000000000000f5 [ 45.849960][ T4173] RAX: ffffffffffffffda RBX: 00007f8689475fa0 RCX: 00007f86892afed9 [ 45.857945][ T4173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff [ 45.865951][ T4173] RBP: 00007f86879270a0 R08: 0000000000000000 R09: 0000000000000000 [ 45.873926][ T4173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 45.881903][ T4173] R13: 0000000000000000 R14: 00007f8689475fa0 R15: 00007fff71742008 [ 45.890045][ T4173] [ 45.893150][ T4171] hsr0: entered promiscuous mode [ 45.901512][ T4171] bond0: (slave hsr0): The slave device specified does not support setting the MAC address [ 45.912491][ T4171] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets). [ 45.925032][ T4171] bond0: (slave hsr0): Error -22 calling dev_set_mtu [ 46.031980][ T4186] loop1: detected capacity change from 0 to 764 [ 46.047428][ T4190] netlink: 'syz.4.197': attribute type 10 has an invalid length. [ 46.058197][ T4190] syz_tun: entered promiscuous mode [ 46.066733][ T4190] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 46.082863][ T4190] loop4: detected capacity change from 0 to 512 [ 46.127199][ T4190] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 46.139442][ T4190] System zones: 0-2, 18-18, 34-34 [ 46.147398][ T4190] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.197: bg 0: block 248: padding at end of block bitmap is not set [ 46.187423][ T4190] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.197: Failed to acquire dquot type 1 [ 46.199869][ T4205] loop3: detected capacity change from 0 to 764 [ 46.211200][ T4204] syz.2.201[4204] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 46.211316][ T4204] syz.2.201[4204] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 46.226536][ T4204] syz.2.201[4204] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 46.244140][ T4204] FAULT_INJECTION: forcing a failure. [ 46.244140][ T4204] name failslab, interval 1, probability 0, space 0, times 0 [ 46.268274][ T4204] CPU: 1 UID: 0 PID: 4204 Comm: syz.2.201 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 46.279012][ T4204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 46.289090][ T4204] Call Trace: [ 46.292382][ T4204] [ 46.295327][ T4204] dump_stack_lvl+0xf2/0x150 [ 46.299985][ T4204] dump_stack+0x15/0x1a [ 46.304340][ T4204] should_fail_ex+0x223/0x230 [ 46.309068][ T4204] should_failslab+0x8f/0xb0 [ 46.313704][ T4204] kmem_cache_alloc_noprof+0x52/0x320 [ 46.319125][ T4204] ? audit_log_start+0x34c/0x6b0 [ 46.324168][ T4204] ? audit_log_end+0x1d0/0x1e0 [ 46.329000][ T4204] audit_log_start+0x34c/0x6b0 [ 46.333849][ T4204] ? __fget_files+0x17c/0x1c0 [ 46.338592][ T4204] ? make_vfsgid+0x52/0xa0 [ 46.343075][ T4204] audit_seccomp+0x4b/0x130 [ 46.347608][ T4204] ? cgroup_rstat_updated+0x9f/0x570 [ 46.352934][ T4204] __seccomp_filter+0x6fa/0x1180 [ 46.357930][ T4204] ? update_load_avg+0x1f7/0x7c0 [ 46.362885][ T4204] ? __dequeue_entity+0x22/0x310 [ 46.367896][ T4204] ? __list_add_valid_or_report+0x36/0xc0 [ 46.373634][ T4204] ? tracing_record_taskinfo_sched_switch+0x6f/0x270 [ 46.380378][ T4204] __secure_computing+0x9f/0x1c0 [ 46.385409][ T4204] syscall_trace_enter+0xd1/0x1f0 [ 46.390464][ T4204] do_syscall_64+0xaa/0x1c0 [ 46.395054][ T4204] ? clear_bhb_loop+0x55/0xb0 [ 46.399765][ T4204] ? clear_bhb_loop+0x55/0xb0 [ 46.404468][ T4204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.410497][ T4204] RIP: 0033:0x7faf9240e8ec [ 46.414918][ T4204] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 46.434627][ T4204] RSP: 002b:00007faf90a87050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 46.443105][ T4204] RAX: ffffffffffffffda RBX: 00007faf925d5fa0 RCX: 00007faf9240e8ec [ 46.451081][ T4204] RDX: 000000000000000f RSI: 00007faf90a870b0 RDI: 0000000000000007 [ 46.459074][ T4204] RBP: 00007faf90a870a0 R08: 0000000000000000 R09: 0000000000000000 [ 46.467067][ T4204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 46.475106][ T4204] R13: 0000000000000000 R14: 00007faf925d5fa0 R15: 00007ffd90a9f8f8 [ 46.483087][ T4204] [ 46.495428][ T4190] EXT4-fs (loop4): 1 truncate cleaned up [ 46.501774][ T4190] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 46.514675][ T4190] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 46.575545][ T4190] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 46.588166][ T4217] netlink: 4 bytes leftover after parsing attributes in process `syz.1.208'. [ 46.625332][ T4223] loop2: detected capacity change from 0 to 764 [ 46.692620][ T4231] loop0: detected capacity change from 0 to 1024 [ 46.718647][ T4231] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.809124][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4 [ 46.816927][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2 [ 46.824635][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 46.832456][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 46.840318][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 46.848026][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 46.855743][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 46.863464][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 46.871191][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 46.878958][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 46.886715][ T24] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0 [ 46.895154][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.904276][ T24] hid-generic 0000:3000000:0000.0003: hidraw0: HID v0.00 Device [sy] on syz0 [ 46.985821][ T4255] netlink: 4 bytes leftover after parsing attributes in process `syz.2.222'. [ 47.064849][ T4258] ip6t_rpfilter: unknown options [ 47.073673][ T4258] SELinux: failed to load policy [ 47.126117][ T4267] FAULT_INJECTION: forcing a failure. [ 47.126117][ T4267] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 47.127454][ T4265] loop1: detected capacity change from 0 to 764 [ 47.139431][ T4267] CPU: 1 UID: 0 PID: 4267 Comm: syz.0.227 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 47.156250][ T4267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 47.156268][ T4267] Call Trace: [ 47.156276][ T4267] [ 47.156286][ T4267] dump_stack_lvl+0xf2/0x150 [ 47.156370][ T4267] dump_stack+0x15/0x1a [ 47.156404][ T4267] should_fail_ex+0x223/0x230 [ 47.156484][ T4267] should_fail_alloc_page+0xfd/0x110 [ 47.191664][ T4267] __alloc_pages_noprof+0x109/0x340 [ 47.196902][ T4267] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 47.202307][ T4267] alloc_pages_noprof+0xe1/0x100 [ 47.207338][ T4267] pte_alloc_one+0x31/0x110 [ 47.211906][ T4267] __pte_alloc+0x33/0x2a0 [ 47.216262][ T4267] walk_pgd_range+0x794/0x1110 [ 47.221149][ T4267] ? __pfx_guard_install_set_pte+0x10/0x10 [ 47.227031][ T4267] ? __pfx_guard_install_set_pte+0x10/0x10 [ 47.232879][ T4267] __walk_page_range+0xed/0x350 [ 47.237838][ T4267] walk_page_range_mm+0x395/0x4e0 [ 47.242885][ T4267] do_madvise+0xb55/0x2a70 [ 47.247386][ T4267] ? __fget_files+0x17c/0x1c0 [ 47.252086][ T4267] ? fput+0x1c4/0x200 [ 47.256079][ T4267] ? ksys_write+0x176/0x1b0 [ 47.260603][ T4267] __x64_sys_madvise+0x61/0x70 [ 47.265380][ T4267] x64_sys_call+0x23ab/0x2dc0 [ 47.270174][ T4267] do_syscall_64+0xc9/0x1c0 [ 47.274688][ T4267] ? clear_bhb_loop+0x55/0xb0 [ 47.279370][ T4267] ? clear_bhb_loop+0x55/0xb0 [ 47.284055][ T4267] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 47.290035][ T4267] RIP: 0033:0x7ff708e2fed9 [ 47.294456][ T4267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 47.314073][ T4267] RSP: 002b:00007ff7074a7058 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 47.322504][ T4267] RAX: ffffffffffffffda RBX: 00007ff708ff5fa0 RCX: 00007ff708e2fed9 [ 47.330481][ T4267] RDX: 0000000000000066 RSI: 7fffffffffffffff RDI: 0000000020000000 [ 47.338560][ T4267] RBP: 00007ff7074a70a0 R08: 0000000000000000 R09: 0000000000000000 [ 47.346539][ T4267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 47.354543][ T4267] R13: 0000000000000001 R14: 00007ff708ff5fa0 R15: 00007ffd2ff94978 [ 47.362603][ T4267] [ 47.442659][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x4 [ 47.450433][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x2 [ 47.458157][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 47.465950][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 47.473904][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 47.481635][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 47.489402][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 47.497104][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 47.504944][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 47.512797][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 47.520529][ T3377] hid-generic 0000:3000000:0000.0004: unknown main item tag 0x0 [ 47.528989][ T3377] hid-generic 0000:3000000:0000.0004: hidraw0: HID v0.00 Device [sy] on syz0 [ 47.539320][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.605435][ T4284] FAULT_INJECTION: forcing a failure. [ 47.605435][ T4284] name failslab, interval 1, probability 0, space 0, times 0 [ 47.618210][ T4284] CPU: 0 UID: 0 PID: 4284 Comm: syz.4.233 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 47.628911][ T4284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 47.638992][ T4284] Call Trace: [ 47.642305][ T4284] [ 47.645244][ T4284] dump_stack_lvl+0xf2/0x150 [ 47.649865][ T4284] dump_stack+0x15/0x1a [ 47.654110][ T4284] should_fail_ex+0x223/0x230 [ 47.658881][ T4284] should_failslab+0x8f/0xb0 [ 47.663576][ T4284] kmem_cache_alloc_noprof+0x52/0x320 [ 47.668965][ T4284] ? skb_clone+0x154/0x1f0 [ 47.673398][ T4284] skb_clone+0x154/0x1f0 [ 47.677656][ T4284] __netlink_deliver_tap+0x2bd/0x4f0 [ 47.682960][ T4284] netlink_unicast+0x64a/0x670 [ 47.687835][ T4284] netlink_sendmsg+0x5cc/0x6e0 [ 47.692690][ T4284] ? __pfx_netlink_sendmsg+0x10/0x10 [ 47.698022][ T4284] __sock_sendmsg+0x140/0x180 [ 47.702768][ T4284] ____sys_sendmsg+0x312/0x410 [ 47.707614][ T4284] __sys_sendmsg+0x19d/0x230 [ 47.712241][ T4284] __x64_sys_sendmsg+0x46/0x50 [ 47.717024][ T4284] x64_sys_call+0x2734/0x2dc0 [ 47.721821][ T4284] do_syscall_64+0xc9/0x1c0 [ 47.726341][ T4284] ? clear_bhb_loop+0x55/0xb0 [ 47.731027][ T4284] ? clear_bhb_loop+0x55/0xb0 [ 47.735709][ T4284] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 47.741726][ T4284] RIP: 0033:0x7f86892afed9 [ 47.746198][ T4284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 47.766028][ T4284] RSP: 002b:00007f8687927058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 47.774473][ T4284] RAX: ffffffffffffffda RBX: 00007f8689475fa0 RCX: 00007f86892afed9 [ 47.782460][ T4284] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 47.790439][ T4284] RBP: 00007f86879270a0 R08: 0000000000000000 R09: 0000000000000000 [ 47.798415][ T4284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 47.806390][ T4284] R13: 0000000000000000 R14: 00007f8689475fa0 R15: 00007fff71742008 [ 47.814451][ T4284] [ 47.860557][ T4298] Cannot find add_set index 0 as target [ 47.887396][ T4286] pim6reg: entered allmulticast mode [ 47.913805][ T4286] pim6reg: left allmulticast mode [ 47.951192][ T4307] loop4: detected capacity change from 0 to 764 [ 47.999928][ T4286] hub 6-0:1.0: USB hub found [ 48.004744][ T4286] hub 6-0:1.0: 8 ports detected [ 48.051693][ T4315] loop1: detected capacity change from 0 to 128 [ 48.061604][ T4315] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x61ff7272 (sector = 1) [ 48.087420][ T4321] Cannot find add_set index 0 as target [ 48.148116][ T4315] Illegal XDP return value 4294967274 on prog (id 169) dev syz_tun, expect packet loss! [ 48.272476][ T4342] loop2: detected capacity change from 0 to 764 [ 48.365332][ T4351] netlink: 72 bytes leftover after parsing attributes in process `syz.4.253'. [ 48.413192][ T4356] ip6t_rpfilter: unknown options [ 48.421610][ T4356] SELinux: failed to load policy [ 48.537361][ T4357] loop0: detected capacity change from 0 to 512 [ 48.554274][ T4369] xt_TPROXY: Can be used only with -p tcp or -p udp [ 48.562799][ T4357] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.577032][ T4357] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.583166][ T4365] loop2: detected capacity change from 0 to 512 [ 48.602604][ T4365] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 48.621993][ T4365] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 48.633356][ T4365] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm +}[@: corrupted in-inode xattr: e_value size too large [ 48.647576][ T4365] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm +}[@: couldn't read orphan inode 15 (err -117) [ 48.660030][ T4365] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 48.688107][ T4365] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.764682][ T4388] loop2: detected capacity change from 0 to 764 [ 48.819477][ T4393] ip6t_rpfilter: unknown options [ 48.830436][ T4393] SELinux: failed to load policy [ 48.921213][ T4404] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 48.929910][ T4404] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 49.130726][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.181762][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x4 [ 49.189599][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x2 [ 49.197406][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0 [ 49.205073][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0 [ 49.212921][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0 [ 49.220821][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0 [ 49.228551][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0 [ 49.236367][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0 [ 49.244038][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0 [ 49.251810][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0 [ 49.259525][ T3377] hid-generic 0000:3000000:0000.0005: unknown main item tag 0x0 [ 49.267723][ T3377] hid-generic 0000:3000000:0000.0005: hidraw0: HID v0.00 Device [sy] on syz0 [ 49.336926][ T29] kauditd_printk_skb: 683 callbacks suppressed [ 49.336944][ T29] audit: type=1400 audit(1733542995.040:1401): avc: denied { write } for pid=4425 comm="syz.0.276" path="socket:[7587]" dev="sockfs" ino=7587 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 49.372370][ T4435] netlink: 'syz.1.281': attribute type 12 has an invalid length. [ 49.386776][ T29] audit: type=1400 audit(1733542995.090:1402): avc: granted { setsecparam } for pid=4431 comm="syz.4.280" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 49.388313][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x4 [ 49.413907][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x2 [ 49.421622][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 49.429392][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 49.437162][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 49.444862][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 49.452563][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 49.460339][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 49.468038][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 49.475743][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 49.483538][ T9] hid-generic 0000:3000000:0000.0006: unknown main item tag 0x0 [ 49.524760][ T4437] netlink: 4 bytes leftover after parsing attributes in process `syz.2.282'. [ 49.536521][ T29] audit: type=1326 audit(1733542995.240:1403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4442 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 49.536679][ T9] hid-generic 0000:3000000:0000.0006: hidraw0: HID v0.00 Device [sy] on syz0 [ 49.584361][ T29] audit: type=1326 audit(1733542995.240:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4442 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 49.607812][ T29] audit: type=1326 audit(1733542995.270:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4442 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 49.631171][ T29] audit: type=1326 audit(1733542995.270:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4442 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 49.654680][ T29] audit: type=1326 audit(1733542995.270:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4442 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 49.678577][ T29] audit: type=1326 audit(1733542995.270:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4442 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 49.702200][ T29] audit: type=1326 audit(1733542995.270:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4442 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 49.725774][ T29] audit: type=1326 audit(1733542995.270:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4442 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 49.738198][ T4449] ip6t_rpfilter: unknown options [ 49.778444][ T4443] SELinux: failed to load policy [ 49.878258][ T4458] loop2: detected capacity change from 0 to 2048 [ 49.917043][ T4458] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.960806][ T4458] netlink: 8 bytes leftover after parsing attributes in process `+}[@'. [ 50.147741][ T4475] netlink: 'syz.3.293': attribute type 12 has an invalid length. [ 50.173632][ T4477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 50.202181][ T3378] IPVS: starting estimator thread 0... [ 50.215728][ T4477] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 50.256625][ T4485] FAULT_INJECTION: forcing a failure. [ 50.256625][ T4485] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 50.269814][ T4485] CPU: 1 UID: 0 PID: 4485 Comm: syz.4.297 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 50.280492][ T4485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 50.290610][ T4485] Call Trace: [ 50.293971][ T4485] [ 50.296993][ T4485] dump_stack_lvl+0xf2/0x150 [ 50.301631][ T4485] dump_stack+0x15/0x1a [ 50.305818][ T4485] should_fail_ex+0x223/0x230 [ 50.310527][ T4485] should_fail+0xb/0x10 [ 50.314744][ T4485] should_fail_usercopy+0x1a/0x20 [ 50.319862][ T4485] _copy_from_user+0x1e/0xb0 [ 50.324492][ T4485] snd_seq_ioctl+0x11b/0x2a0 [ 50.329183][ T4485] ? __pfx_snd_seq_ioctl+0x10/0x10 [ 50.334392][ T4485] __se_sys_ioctl+0xc9/0x140 [ 50.339064][ T4485] __x64_sys_ioctl+0x43/0x50 [ 50.343670][ T4485] x64_sys_call+0x1690/0x2dc0 [ 50.348354][ T4485] do_syscall_64+0xc9/0x1c0 [ 50.352943][ T4485] ? clear_bhb_loop+0x55/0xb0 [ 50.357643][ T4485] ? clear_bhb_loop+0x55/0xb0 [ 50.362329][ T4485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.368328][ T4485] RIP: 0033:0x7f86892afed9 [ 50.372748][ T4485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.377540][ T4480] IPVS: using max 2064 ests per chain, 103200 per kthread [ 50.392400][ T4485] RSP: 002b:00007f8687927058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 50.407948][ T4485] RAX: ffffffffffffffda RBX: 00007f8689475fa0 RCX: 00007f86892afed9 [ 50.415963][ T4485] RDX: 0000000020000180 RSI: 000000004058534c RDI: 0000000000000003 [ 50.423977][ T4485] RBP: 00007f86879270a0 R08: 0000000000000000 R09: 0000000000000000 [ 50.431955][ T4485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 50.439927][ T4485] R13: 0000000000000000 R14: 00007f8689475fa0 R15: 00007fff71742008 [ 50.447936][ T4485] [ 50.484478][ T4492] netlink: 4 bytes leftover after parsing attributes in process `syz.4.299'. [ 50.618634][ T4513] loop3: detected capacity change from 0 to 128 [ 50.635805][ T4513] program syz.3.305 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 50.690875][ T4518] loop0: detected capacity change from 0 to 512 [ 50.707310][ T4521] loop3: detected capacity change from 0 to 164 [ 50.745549][ T4521] Unable to read rock-ridge attributes [ 50.757210][ T4518] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.774008][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.777130][ T4518] ext4 filesystem being mounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 50.873442][ T4543] loop4: detected capacity change from 0 to 512 [ 50.898295][ T4540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.311'. [ 50.910291][ T4543] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.923774][ T4543] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 51.092689][ T4582] netlink: 60 bytes leftover after parsing attributes in process `syz.2.314'. [ 51.259018][ T4602] loop1: detected capacity change from 0 to 128 [ 51.270851][ T4602] program syz.1.317 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 51.312575][ T4609] FAULT_INJECTION: forcing a failure. [ 51.312575][ T4609] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 51.325829][ T4609] CPU: 1 UID: 0 PID: 4609 Comm: syz.1.318 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 51.336977][ T4609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 51.347222][ T4609] Call Trace: [ 51.350523][ T4609] [ 51.353486][ T4609] dump_stack_lvl+0xf2/0x150 [ 51.358128][ T4609] dump_stack+0x15/0x1a [ 51.362363][ T4609] should_fail_ex+0x223/0x230 [ 51.367161][ T4609] should_fail+0xb/0x10 [ 51.371344][ T4609] should_fail_usercopy+0x1a/0x20 [ 51.376408][ T4609] _copy_from_user+0x1e/0xb0 [ 51.381104][ T4609] copy_msghdr_from_user+0x54/0x2a0 [ 51.386343][ T4609] ? __fget_files+0x17c/0x1c0 [ 51.391118][ T4609] __sys_sendmsg+0x13e/0x230 [ 51.395767][ T4609] __x64_sys_sendmsg+0x46/0x50 [ 51.400684][ T4609] x64_sys_call+0x2734/0x2dc0 [ 51.405419][ T4609] do_syscall_64+0xc9/0x1c0 [ 51.410022][ T4609] ? clear_bhb_loop+0x55/0xb0 [ 51.414793][ T4609] ? clear_bhb_loop+0x55/0xb0 [ 51.419500][ T4609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.425506][ T4609] RIP: 0033:0x7f9d060dfed9 [ 51.429973][ T4609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.449677][ T4609] RSP: 002b:00007f9d04757058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 51.458164][ T4609] RAX: ffffffffffffffda RBX: 00007f9d062a5fa0 RCX: 00007f9d060dfed9 [ 51.466244][ T4609] RDX: 0000000000000000 RSI: 0000000020002ac0 RDI: 0000000000000003 [ 51.474246][ T4609] RBP: 00007f9d047570a0 R08: 0000000000000000 R09: 0000000000000000 [ 51.482303][ T4609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.490305][ T4609] R13: 0000000000000000 R14: 00007f9d062a5fa0 R15: 00007ffcf2622e58 [ 51.498361][ T4609] [ 51.566806][ T4633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 51.577942][ T4633] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 51.659908][ T4651] bridge0: port 3(bond0) entered blocking state [ 51.666400][ T4651] bridge0: port 3(bond0) entered disabled state [ 51.673209][ T4651] bond0: entered allmulticast mode [ 51.678387][ T4651] bond_slave_0: entered allmulticast mode [ 51.684296][ T4651] bond_slave_1: entered allmulticast mode [ 51.692503][ T4651] bond0: entered promiscuous mode [ 51.697617][ T4651] bond_slave_0: entered promiscuous mode [ 51.703398][ T4651] bond_slave_1: entered promiscuous mode [ 51.710990][ T4651] bridge0: port 3(bond0) entered blocking state [ 51.717407][ T4651] bridge0: port 3(bond0) entered forwarding state [ 51.767258][ T4651] loop3: detected capacity change from 0 to 1024 [ 51.777315][ T4651] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 51.804572][ T4651] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 51.812746][ T4651] EXT4-fs (loop3): orphan cleanup on readonly fs [ 51.827881][ T4651] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5837: Corrupt filesystem [ 51.838256][ T4651] EXT4-fs (loop3): Remounting filesystem read-only [ 51.844962][ T4651] EXT4-fs (loop3): 1 orphan inode deleted [ 51.862099][ T4651] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 51.874344][ T4651] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 51.882443][ T4651] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.919923][ T4651] loop3: detected capacity change from 0 to 1764 [ 52.197985][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.217702][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.295410][ T4732] netlink: 4 bytes leftover after parsing attributes in process `syz.4.329'. [ 52.304906][ T4737] FAULT_INJECTION: forcing a failure. [ 52.304906][ T4737] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 52.318187][ T4737] CPU: 1 UID: 0 PID: 4737 Comm: syz.3.330 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 52.329295][ T4737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 52.339675][ T4737] Call Trace: [ 52.342962][ T4737] [ 52.346029][ T4737] dump_stack_lvl+0xf2/0x150 [ 52.350693][ T4737] dump_stack+0x15/0x1a [ 52.354884][ T4737] should_fail_ex+0x223/0x230 [ 52.359581][ T4737] should_fail+0xb/0x10 [ 52.363810][ T4737] should_fail_usercopy+0x1a/0x20 [ 52.368883][ T4737] _copy_from_user+0x1e/0xb0 [ 52.375321][ T4737] move_addr_to_kernel+0x82/0x120 [ 52.380823][ T4737] __sys_sendto+0x12e/0x230 [ 52.385483][ T4737] __x64_sys_sendto+0x78/0x90 [ 52.390222][ T4737] x64_sys_call+0x29fa/0x2dc0 [ 52.394912][ T4737] do_syscall_64+0xc9/0x1c0 [ 52.399440][ T4737] ? clear_bhb_loop+0x55/0xb0 [ 52.404130][ T4737] ? clear_bhb_loop+0x55/0xb0 [ 52.408956][ T4737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 52.414993][ T4737] RIP: 0033:0x7f653da3fed9 [ 52.419420][ T4737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 52.439316][ T4737] RSP: 002b:00007f653c0b7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 52.447808][ T4737] RAX: ffffffffffffffda RBX: 00007f653dc05fa0 RCX: 00007f653da3fed9 [ 52.455876][ T4737] RDX: 0000000000000004 RSI: 0000000020000600 RDI: 0000000000000003 [ 52.463928][ T4737] RBP: 00007f653c0b70a0 R08: 00000000200005c0 R09: 0000000000000014 [ 52.471986][ T4737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.480064][ T4737] R13: 0000000000000000 R14: 00007f653dc05fa0 R15: 00007ffd457dcc18 [ 52.488055][ T4737] [ 52.533611][ T4741] loop0: detected capacity change from 0 to 128 [ 52.543355][ T4744] netlink: 'syz.1.332': attribute type 12 has an invalid length. [ 52.692276][ T4763] FAULT_INJECTION: forcing a failure. [ 52.692276][ T4763] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 52.705395][ T4763] CPU: 0 UID: 0 PID: 4763 Comm: syz.4.339 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 52.716096][ T4763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 52.726158][ T4763] Call Trace: [ 52.729454][ T4763] [ 52.732388][ T4763] dump_stack_lvl+0xf2/0x150 [ 52.737117][ T4763] dump_stack+0x15/0x1a [ 52.741330][ T4763] should_fail_ex+0x223/0x230 [ 52.746060][ T4763] should_fail+0xb/0x10 [ 52.750241][ T4763] should_fail_usercopy+0x1a/0x20 [ 52.755346][ T4763] _copy_from_user+0x1e/0xb0 [ 52.759983][ T4763] copy_msghdr_from_user+0x54/0x2a0 [ 52.765196][ T4763] ? __fget_files+0x17c/0x1c0 [ 52.769903][ T4763] __sys_sendmsg+0x13e/0x230 [ 52.774529][ T4763] __x64_sys_sendmsg+0x46/0x50 [ 52.779374][ T4763] x64_sys_call+0x2734/0x2dc0 [ 52.784146][ T4763] do_syscall_64+0xc9/0x1c0 [ 52.788746][ T4763] ? clear_bhb_loop+0x55/0xb0 [ 52.793431][ T4763] ? clear_bhb_loop+0x55/0xb0 [ 52.798189][ T4763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 52.804106][ T4763] RIP: 0033:0x7f86892afed9 [ 52.808531][ T4763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 52.828150][ T4763] RSP: 002b:00007f8687927058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 52.836574][ T4763] RAX: ffffffffffffffda RBX: 00007f8689475fa0 RCX: 00007f86892afed9 [ 52.844611][ T4763] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 52.852687][ T4763] RBP: 00007f86879270a0 R08: 0000000000000000 R09: 0000000000000000 [ 52.860676][ T4763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.868713][ T4763] R13: 0000000000000000 R14: 00007f8689475fa0 R15: 00007fff71742008 [ 52.876817][ T4763] [ 53.030810][ T4781] No such timeout policy "syz0" [ 53.084794][ T4792] pim6reg: entered allmulticast mode [ 53.107918][ T4794] loop3: detected capacity change from 0 to 128 [ 53.140329][ T4792] pim6reg: left allmulticast mode [ 53.197620][ T4799] loop2: detected capacity change from 0 to 764 [ 53.252052][ T4790] loop1: detected capacity change from 0 to 1024 [ 53.281518][ T4790] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.299696][ T4818] netlink: 4 bytes leftover after parsing attributes in process `syz.0.359'. [ 53.352483][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.397705][ T4825] loop2: detected capacity change from 0 to 512 [ 53.446844][ T4825] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.464956][ T4825] ext4 filesystem being mounted at /73/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 53.533421][ T3302] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.742482][ T4860] netlink: 12 bytes leftover after parsing attributes in process `syz.0.374'. [ 54.140339][ T4874] program syz.2.378 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 54.174391][ T4892] netlink: 12 bytes leftover after parsing attributes in process `syz.4.381'. [ 54.183465][ T4892] tipc: Started in network mode [ 54.188371][ T4892] tipc: Node identity , cluster identity 4711 [ 54.231115][ T4892] netlink: 16 bytes leftover after parsing attributes in process `syz.4.381'. [ 54.367773][ T4899] loop4: detected capacity change from 0 to 764 [ 54.594089][ T4924] sctp: [Deprecated]: syz.4.393 (pid 4924) Use of struct sctp_assoc_value in delayed_ack socket option. [ 54.594089][ T4924] Use struct sctp_sack_info instead [ 54.627002][ T4926] netlink: 4 bytes leftover after parsing attributes in process `syz.0.394'. [ 54.642571][ T4924] FAULT_INJECTION: forcing a failure. [ 54.642571][ T4924] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 54.655933][ T4924] CPU: 0 UID: 0 PID: 4924 Comm: syz.4.393 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 54.666598][ T4924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 54.676759][ T4924] Call Trace: [ 54.680054][ T4924] [ 54.683021][ T4924] dump_stack_lvl+0xf2/0x150 [ 54.687651][ T4924] dump_stack+0x15/0x1a [ 54.691939][ T4924] should_fail_ex+0x223/0x230 [ 54.696702][ T4924] should_fail+0xb/0x10 [ 54.701027][ T4924] should_fail_usercopy+0x1a/0x20 [ 54.706161][ T4924] _copy_to_user+0x20/0xa0 [ 54.710608][ T4924] simple_read_from_buffer+0xa0/0x110 [ 54.716037][ T4924] proc_fail_nth_read+0xf9/0x140 [ 54.721006][ T4924] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 54.726738][ T4924] vfs_read+0x1a2/0x700 [ 54.730924][ T4924] ? __rcu_read_unlock+0x4e/0x70 [ 54.735901][ T4924] ? __fget_files+0x17c/0x1c0 [ 54.740641][ T4924] ksys_read+0xe8/0x1b0 [ 54.744910][ T4924] __x64_sys_read+0x42/0x50 [ 54.749483][ T4924] x64_sys_call+0x2874/0x2dc0 [ 54.754186][ T4924] do_syscall_64+0xc9/0x1c0 [ 54.758706][ T4924] ? clear_bhb_loop+0x55/0xb0 [ 54.763489][ T4924] ? clear_bhb_loop+0x55/0xb0 [ 54.768183][ T4924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.774195][ T4924] RIP: 0033:0x7f86892ae8ec [ 54.778692][ T4924] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 54.798327][ T4924] RSP: 002b:00007f8687906050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 54.806758][ T4924] RAX: ffffffffffffffda RBX: 00007f8689476080 RCX: 00007f86892ae8ec [ 54.814733][ T4924] RDX: 000000000000000f RSI: 00007f86879060b0 RDI: 0000000000000005 [ 54.822979][ T4924] RBP: 00007f86879060a0 R08: 0000000000000000 R09: 0000000000000000 [ 54.831067][ T4924] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 54.839058][ T4924] R13: 0000000000000000 R14: 00007f8689476080 R15: 00007fff71742008 [ 54.847073][ T4924] [ 54.859016][ T29] kauditd_printk_skb: 376 callbacks suppressed [ 54.859031][ T29] audit: type=1326 audit(1733543000.560:1783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4927 comm="syz.2.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9240fed9 code=0x7ffc0000 [ 54.901580][ T29] audit: type=1326 audit(1733543000.590:1784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4927 comm="syz.2.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9240fed9 code=0x7ffc0000 [ 54.925002][ T29] audit: type=1326 audit(1733543000.590:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4927 comm="syz.2.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7faf9240fed9 code=0x7ffc0000 [ 54.948717][ T29] audit: type=1326 audit(1733543000.590:1786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4927 comm="syz.2.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9240fed9 code=0x7ffc0000 [ 54.972643][ T29] audit: type=1326 audit(1733543000.590:1787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4927 comm="syz.2.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9240fed9 code=0x7ffc0000 [ 54.996158][ T29] audit: type=1326 audit(1733543000.590:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4927 comm="syz.2.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf9240fed9 code=0x7ffc0000 [ 55.019527][ T29] audit: type=1326 audit(1733543000.590:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4927 comm="syz.2.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9240fed9 code=0x7ffc0000 [ 55.042938][ T29] audit: type=1326 audit(1733543000.590:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4927 comm="syz.2.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9240fed9 code=0x7ffc0000 [ 55.066511][ T29] audit: type=1326 audit(1733543000.590:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4927 comm="syz.2.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faf9240fed9 code=0x7ffc0000 [ 55.090342][ T29] audit: type=1326 audit(1733543000.590:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4927 comm="syz.2.397" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9240fed9 code=0x7ffc0000 [ 55.182903][ T4940] loop4: detected capacity change from 0 to 512 [ 55.224043][ T4940] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.239397][ T4940] ext4 filesystem being mounted at /83/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 55.266181][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x4 [ 55.273901][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x2 [ 55.281606][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 55.289343][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 55.297091][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 55.305054][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 55.312785][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 55.320509][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 55.328388][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 55.336092][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 55.343759][ T9] hid-generic 0000:3000000:0000.0007: unknown main item tag 0x0 [ 55.353313][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.358757][ T9] hid-generic 0000:3000000:0000.0007: hidraw0: HID v0.00 Device [sy] on syz0 [ 55.400641][ T4960] loop1: detected capacity change from 0 to 512 [ 55.438865][ T4969] loop3: detected capacity change from 0 to 764 [ 55.458556][ T4960] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.487049][ T4960] ext4 filesystem being mounted at /76/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 55.518671][ T4980] loop0: detected capacity change from 0 to 512 [ 55.618400][ T4999] random: crng reseeded on system resumption [ 55.770048][ T5017] loop2: detected capacity change from 0 to 1024 [ 55.782829][ T5017] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 55.797973][ T5017] JBD2: no valid journal superblock found [ 55.803833][ T5017] EXT4-fs (loop2): Could not load journal inode [ 55.817458][ T5023] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 55.853566][ T4999] bridge1: entered promiscuous mode [ 55.859027][ T4999] bridge1: entered allmulticast mode [ 55.884532][ T5033] process 'syz.3.417' launched '/dev/fd/11' with NULL argv: empty string added [ 55.913800][ T5031] netlink: 8 bytes leftover after parsing attributes in process `syz.4.419'. [ 55.931169][ T5038] loop2: detected capacity change from 0 to 1764 [ 55.945311][ T5038] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 56.826546][ T5180] loop6: detected capacity change from 0 to 7 [ 56.832912][ T5180] Buffer I/O error on dev loop6, logical block 0, async page read [ 56.841100][ T5180] Buffer I/O error on dev loop6, logical block 0, async page read [ 56.848983][ T5180] loop6: unable to read partition table [ 56.852700][ T5179] loop2: detected capacity change from 0 to 128 [ 56.864634][ T5180] loop_reread_partitions: partition scan of loop6 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 56.864634][ T5180] ) failed (rc=-5) [ 56.881082][ T5170] netlink: 8 bytes leftover after parsing attributes in process `syz.0.434'. [ 56.917287][ T5188] loop4: detected capacity change from 0 to 128 [ 56.972791][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.041040][ T5199] loop4: detected capacity change from 0 to 512 [ 57.111625][ T5199] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.124075][ T5214] netlink: 16 bytes leftover after parsing attributes in process `syz.0.439'. [ 57.136399][ T5199] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 57.190259][ T5220] loop1: detected capacity change from 0 to 128 [ 57.261407][ T5228] loop1: detected capacity change from 0 to 764 [ 57.269274][ T5229] netlink: 8 bytes leftover after parsing attributes in process `syz.2.450'. [ 57.318456][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.468501][ T5252] loop2: detected capacity change from 0 to 4096 [ 57.490484][ T5252] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.543530][ T5261] loop1: detected capacity change from 0 to 128 [ 57.663306][ T5270] loop3: detected capacity change from 0 to 128 [ 57.697798][ T5273] SELinux: syz.1.469 (5273) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 57.711415][ T5273] FAULT_INJECTION: forcing a failure. [ 57.711415][ T5273] name failslab, interval 1, probability 0, space 0, times 0 [ 57.724066][ T5273] CPU: 1 UID: 0 PID: 5273 Comm: syz.1.469 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 57.734750][ T5273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 57.744808][ T5273] Call Trace: [ 57.748094][ T5273] [ 57.751133][ T5273] dump_stack_lvl+0xf2/0x150 [ 57.755794][ T5273] dump_stack+0x15/0x1a [ 57.759966][ T5273] should_fail_ex+0x223/0x230 [ 57.764720][ T5273] should_failslab+0x8f/0xb0 [ 57.769324][ T5273] __kmalloc_node_track_caller_noprof+0xa8/0x410 [ 57.775770][ T5273] ? security_context_to_sid_core+0x66/0x3b0 [ 57.781786][ T5273] kmemdup_nul+0x30/0x80 [ 57.786045][ T5273] security_context_to_sid_core+0x66/0x3b0 [ 57.791872][ T5273] security_context_str_to_sid+0x33/0x40 [ 57.797605][ T5273] sel_write_user+0x1ed/0x430 [ 57.802452][ T5273] selinux_transaction_write+0xba/0x100 [ 57.808009][ T5273] ? __pfx_selinux_transaction_write+0x10/0x10 [ 57.814179][ T5273] vfs_write+0x281/0x920 [ 57.818431][ T5273] ? __fget_files+0x17c/0x1c0 [ 57.823139][ T5273] ksys_write+0xe8/0x1b0 [ 57.827443][ T5273] __x64_sys_write+0x42/0x50 [ 57.832065][ T5273] x64_sys_call+0x287e/0x2dc0 [ 57.836817][ T5273] do_syscall_64+0xc9/0x1c0 [ 57.841353][ T5273] ? clear_bhb_loop+0x55/0xb0 [ 57.846133][ T5273] ? clear_bhb_loop+0x55/0xb0 [ 57.850908][ T5273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.857002][ T5273] RIP: 0033:0x7f9d060dfed9 [ 57.861527][ T5273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.881172][ T5273] RSP: 002b:00007f9d04757058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 57.889623][ T5273] RAX: ffffffffffffffda RBX: 00007f9d062a5fa0 RCX: 00007f9d060dfed9 [ 57.897624][ T5273] RDX: 0000000000000027 RSI: 0000000020000080 RDI: 0000000000000003 [ 57.906145][ T5273] RBP: 00007f9d047570a0 R08: 0000000000000000 R09: 0000000000000000 [ 57.914180][ T5273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 57.922167][ T5273] R13: 0000000000000000 R14: 00007f9d062a5fa0 R15: 00007ffcf2622e58 [ 57.930241][ T5273] [ 57.988930][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x4 [ 57.996716][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x2 [ 57.999218][ T5258] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.004411][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0 [ 58.004436][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0 [ 58.028841][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0 [ 58.036527][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0 [ 58.044307][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0 [ 58.052000][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0 [ 58.059706][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0 [ 58.067430][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0 [ 58.075136][ T3378] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x0 [ 58.083923][ T3378] hid-generic 0000:3000000:0000.0008: hidraw0: HID v0.00 Device [sy] on syz0 [ 58.097662][ T3857] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.207132][ T3857] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.274551][ T3857] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.323311][ T5321] netlink: 16 bytes leftover after parsing attributes in process `syz.1.480'. [ 58.382101][ T3857] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.396159][ T5329] loop0: detected capacity change from 0 to 128 [ 58.541341][ T3857] bridge_slave_1: left allmulticast mode [ 58.547126][ T3857] bridge_slave_1: left promiscuous mode [ 58.552841][ T3857] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.582723][ T3857] bridge_slave_0: left allmulticast mode [ 58.588736][ T3857] bridge_slave_0: left promiscuous mode [ 58.594459][ T3857] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.758718][ T3857] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 58.768981][ T3857] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 58.780557][ T3857] bond0 (unregistering): Released all slaves [ 58.829366][ T3857] hsr_slave_0: left promiscuous mode [ 58.835134][ T3857] hsr_slave_1: left promiscuous mode [ 58.845384][ T3857] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 58.852488][ T5375] loop0: detected capacity change from 0 to 128 [ 58.852979][ T3857] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 58.887060][ T3857] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 58.894514][ T3857] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 58.905263][ T3857] veth1_macvtap: left promiscuous mode [ 58.910841][ T3857] veth0_macvtap: left promiscuous mode [ 58.995649][ T3857] team0 (unregistering): Port device team_slave_1 removed [ 59.012817][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x4 [ 59.014692][ T3857] team0 (unregistering): Port device team_slave_0 removed [ 59.020548][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x2 [ 59.035424][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 59.043202][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 59.050913][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 59.058641][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 59.066520][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 59.074477][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 59.082187][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 59.090010][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 59.097698][ T9] hid-generic 0000:3000000:0000.0009: unknown main item tag 0x0 [ 59.115931][ T9] hid-generic 0000:3000000:0000.0009: hidraw0: HID v0.00 Device [sy] on syz0 [ 59.216127][ T5402] loop3: detected capacity change from 0 to 128 [ 59.250716][ T5305] chnl_net:caif_netlink_parms(): no params data found [ 59.273052][ T5393] random: crng reseeded on system resumption [ 59.328430][ T5418] loop0: detected capacity change from 0 to 128 [ 59.360302][ T5411] loop4: detected capacity change from 0 to 512 [ 59.393032][ T5411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.406490][ T5411] ext4 filesystem being mounted at /110/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 59.430975][ T5305] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.438245][ T5305] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.491842][ T5305] bridge_slave_0: entered allmulticast mode [ 59.503089][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.507643][ T5305] bridge_slave_0: entered promiscuous mode [ 59.520238][ T5305] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.527346][ T5305] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.534673][ T5305] bridge_slave_1: entered allmulticast mode [ 59.544615][ T5305] bridge_slave_1: entered promiscuous mode [ 59.613475][ T5305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 59.624086][ T5305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 59.660952][ T5305] team0: Port device team_slave_0 added [ 59.672429][ T5305] team0: Port device team_slave_1 added [ 59.697421][ T5305] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 59.704528][ T5305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.730614][ T5305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 59.747438][ T5305] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 59.754454][ T5305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 59.780455][ T5305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 59.827660][ T5305] hsr_slave_0: entered promiscuous mode [ 59.834740][ T5305] hsr_slave_1: entered promiscuous mode [ 59.844864][ T5305] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 59.854151][ T5305] Cannot create hsr debugfs directory [ 59.978470][ T5479] loop4: detected capacity change from 0 to 128 [ 60.048669][ T29] kauditd_printk_skb: 422 callbacks suppressed [ 60.048686][ T29] audit: type=1326 audit(1733543005.750:2215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5485 comm="syz.1.526" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9d060dfed9 code=0x0 [ 60.083405][ T5305] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 60.099309][ T5305] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 60.111366][ T5305] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 60.117495][ T5490] netlink: 60 bytes leftover after parsing attributes in process `syz.1.526'. [ 60.130389][ T5305] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 60.222746][ T5305] 8021q: adding VLAN 0 to HW filter on device bond0 [ 60.243230][ T5305] 8021q: adding VLAN 0 to HW filter on device team0 [ 60.251966][ T29] audit: type=1326 audit(1733543005.950:2216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86892afed9 code=0x7ffc0000 [ 60.275603][ T29] audit: type=1326 audit(1733543005.950:2217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f86892afed9 code=0x7ffc0000 [ 60.286432][ T5305] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 60.299091][ T29] audit: type=1326 audit(1733543005.950:2218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86892afed9 code=0x7ffc0000 [ 60.309514][ T5305] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 60.343604][ T29] audit: type=1326 audit(1733543005.950:2219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f86892afed9 code=0x7ffc0000 [ 60.366906][ T29] audit: type=1326 audit(1733543005.950:2220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86892afed9 code=0x7ffc0000 [ 60.395938][ T3855] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.403032][ T3855] bridge0: port 1(bridge_slave_0) entered forwarding state [ 60.417274][ T3855] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.424387][ T3855] bridge0: port 2(bridge_slave_1) entered forwarding state [ 60.452578][ T29] audit: type=1326 audit(1733543006.010:2221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86892afed9 code=0x7ffc0000 [ 60.476054][ T29] audit: type=1326 audit(1733543006.010:2222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86892afed9 code=0x7ffc0000 [ 60.499584][ T29] audit: type=1326 audit(1733543006.010:2223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f86892afed9 code=0x7ffc0000 [ 60.523296][ T29] audit: type=1326 audit(1733543006.010:2224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5499 comm="syz.4.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86892afed9 code=0x7ffc0000 [ 60.599464][ T5305] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 60.611634][ T5526] netlink: 'syz.0.534': attribute type 12 has an invalid length. [ 60.907057][ T5305] veth0_vlan: entered promiscuous mode [ 60.914935][ T5305] veth1_vlan: entered promiscuous mode [ 60.938189][ T5305] veth0_macvtap: entered promiscuous mode [ 60.961461][ T5305] veth1_macvtap: entered promiscuous mode [ 61.015442][ T5584] loop3: detected capacity change from 0 to 512 [ 61.024472][ T5584] EXT4-fs: dax option not supported [ 61.041139][ T5305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.051682][ T5305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.061663][ T5305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.072203][ T5305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.082532][ T5305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.093034][ T5305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.102979][ T5305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 61.113543][ T5305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.125194][ T5305] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 61.135980][ T5592] netlink: 'syz.4.546': attribute type 12 has an invalid length. [ 61.151007][ T5305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.161629][ T5305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.171529][ T5305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.182267][ T5305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.192122][ T5305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.202758][ T5305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.212721][ T5305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 61.223212][ T5305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 61.236438][ T5305] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 61.245716][ T5305] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.254502][ T5305] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.263344][ T5305] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.272248][ T5305] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 61.424865][ T5621] netlink: 36 bytes leftover after parsing attributes in process `syz.4.553'. [ 61.537518][ T5642] netlink: 'syz.1.558': attribute type 12 has an invalid length. [ 61.606879][ T5645] netlink: 4 bytes leftover after parsing attributes in process `syz.5.559'. [ 61.682866][ T5619] program syz.3.555 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 61.917633][ T5688] loop0: detected capacity change from 0 to 128 [ 61.965115][ T5695] loop5: detected capacity change from 0 to 128 [ 61.995161][ T5697] netlink: 4 bytes leftover after parsing attributes in process `syz.1.572'. [ 62.238920][ T5732] loop5: detected capacity change from 0 to 512 [ 62.254478][ T5731] netlink: 4 bytes leftover after parsing attributes in process `syz.3.584'. [ 62.270699][ T5732] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.274674][ T5739] loop4: detected capacity change from 0 to 128 [ 62.298948][ T5732] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 62.366256][ T5735] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 62.383615][ T5735] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 62.402424][ T5735] netlink: 16 bytes leftover after parsing attributes in process `syz.1.586'. [ 62.475116][ T5759] loop0: detected capacity change from 0 to 128 [ 62.582682][ T5768] netlink: 36 bytes leftover after parsing attributes in process `syz.4.593'. [ 62.774194][ T5781] FAULT_INJECTION: forcing a failure. [ 62.774194][ T5781] name failslab, interval 1, probability 0, space 0, times 0 [ 62.786941][ T5781] CPU: 1 UID: 0 PID: 5781 Comm: syz.3.598 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 62.797995][ T5781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 62.808183][ T5781] Call Trace: [ 62.811478][ T5781] [ 62.814437][ T5781] dump_stack_lvl+0xf2/0x150 [ 62.819077][ T5781] dump_stack+0x15/0x1a [ 62.823331][ T5781] should_fail_ex+0x223/0x230 [ 62.828045][ T5781] should_failslab+0x8f/0xb0 [ 62.832694][ T5781] __kmalloc_noprof+0xab/0x3f0 [ 62.837481][ T5781] ? __se_sys_memfd_create+0x230/0x5c0 [ 62.843035][ T5781] __se_sys_memfd_create+0x230/0x5c0 [ 62.848456][ T5781] __x64_sys_memfd_create+0x31/0x40 [ 62.853759][ T5781] x64_sys_call+0x2d4c/0x2dc0 [ 62.858474][ T5781] do_syscall_64+0xc9/0x1c0 [ 62.863007][ T5781] ? clear_bhb_loop+0x55/0xb0 [ 62.867720][ T5781] ? clear_bhb_loop+0x55/0xb0 [ 62.872422][ T5781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.878364][ T5781] RIP: 0033:0x7f653da3fed9 [ 62.882784][ T5781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.903789][ T5781] RSP: 002b:00007f653c0b6e38 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 62.912203][ T5781] RAX: ffffffffffffffda RBX: 000000000000050d RCX: 00007f653da3fed9 [ 62.920195][ T5781] RDX: 00007f653c0b6f10 RSI: 0000000000000000 RDI: 00007f653dab461b [ 62.928259][ T5781] RBP: 00000000200006c0 R08: 00007f653c0b6bd7 R09: 00007f653c0b6e60 [ 62.936262][ T5781] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000080 [ 62.936358][ T5781] R13: 00007f653c0b6f10 R14: 00007f653c0b6ed0 R15: 0000000020000000 [ 62.936386][ T5781] [ 62.974485][ T5305] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.985108][ T5779] netlink: 'syz.0.594': attribute type 1 has an invalid length. [ 62.993019][ T5779] netlink: 'syz.0.594': attribute type 2 has an invalid length. [ 63.002624][ T5779] netlink: 4 bytes leftover after parsing attributes in process `syz.0.594'. [ 63.082651][ T5783] syzkaller0: refused to change device tx_queue_len [ 63.089264][ T5795] loop3: detected capacity change from 0 to 128 [ 63.229885][ T5808] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 63.238545][ T5808] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 63.247868][ T5808] netlink: 16 bytes leftover after parsing attributes in process `syz.3.609'. [ 63.276059][ T5811] netlink: 4 bytes leftover after parsing attributes in process `syz.5.610'. [ 63.405915][ T5825] loop4: detected capacity change from 0 to 128 [ 63.577118][ T5839] loop4: detected capacity change from 0 to 512 [ 63.598604][ T5839] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 63.616026][ T5839] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 63.624824][ T5845] loop5: detected capacity change from 0 to 128 [ 63.803197][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x4 [ 63.810937][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x2 [ 63.818754][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 63.818784][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 63.818879][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 63.818908][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 63.849748][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 63.849796][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 63.849822][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 63.849848][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 63.849880][ T1034] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0 [ 63.900227][ T1034] hid-generic 0000:3000000:0000.000A: hidraw0: HID v0.00 Device [sy] on syz0 [ 63.947847][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.030321][ T5877] random: crng reseeded on system resumption [ 64.099140][ T5881] loop3: detected capacity change from 0 to 256 [ 64.119611][ T5888] loop4: detected capacity change from 0 to 128 [ 64.126499][ T5881] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 64.240957][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x4 [ 64.248734][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x2 [ 64.256576][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 64.264275][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 64.264307][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 64.264374][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 64.289432][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 64.297133][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 64.304845][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 64.312581][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 64.320374][ T3378] hid-generic 0000:3000000:0000.000B: unknown main item tag 0x0 [ 64.329157][ T3378] hid-generic 0000:3000000:0000.000B: hidraw0: HID v0.00 Device [sy] on syz0 [ 64.470037][ T5903] loop1: detected capacity change from 0 to 512 [ 64.531409][ T5903] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.544356][ T5903] ext4 filesystem being mounted at /116/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 64.572096][ T5929] loop4: detected capacity change from 0 to 512 [ 64.584140][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x4 [ 64.591891][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x2 [ 64.599707][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 64.607651][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 64.615444][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 64.623153][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 64.630983][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 64.638680][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 64.643378][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.646421][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 64.646448][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 64.670765][ T3378] hid-generic 0000:3000000:0000.000C: unknown main item tag 0x0 [ 64.680038][ T3378] hid-generic 0000:3000000:0000.000C: hidraw0: HID v0.00 Device [sy] on syz0 [ 64.725949][ T5929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 64.754632][ T5949] loop3: detected capacity change from 0 to 256 [ 64.765212][ T5929] ext4 filesystem being mounted at /140/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 64.931252][ T3312] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.947152][ T5964] loop1: detected capacity change from 0 to 512 [ 65.002209][ T5964] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.034068][ T5964] ext4 filesystem being mounted at /120/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 65.132653][ T5976] program syz.0.674 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 65.197568][ T5991] loop4: detected capacity change from 0 to 256 [ 65.207981][ T5991] FAULT_INJECTION: forcing a failure. [ 65.207981][ T5991] name failslab, interval 1, probability 0, space 0, times 0 [ 65.220652][ T5991] CPU: 1 UID: 0 PID: 5991 Comm: syz.4.680 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 65.231267][ T5991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 65.241386][ T5991] Call Trace: [ 65.244683][ T5991] [ 65.247624][ T5991] dump_stack_lvl+0xf2/0x150 [ 65.252263][ T5991] dump_stack+0x15/0x1a [ 65.256562][ T5991] should_fail_ex+0x223/0x230 [ 65.261314][ T5991] should_failslab+0x8f/0xb0 [ 65.265987][ T5991] kmem_cache_alloc_lru_noprof+0x57/0x320 [ 65.271725][ T5991] ? __d_alloc+0x3d/0x340 [ 65.276087][ T5991] ? selinux_inode_permission+0x341/0x410 [ 65.281858][ T5991] __d_alloc+0x3d/0x340 [ 65.286034][ T5991] d_alloc_parallel+0x54/0xc60 [ 65.290814][ T5991] ? __rcu_read_unlock+0x4e/0x70 [ 65.295826][ T5991] ? __d_lookup+0x342/0x370 [ 65.300367][ T5991] ? lockref_get_not_dead+0x118/0x1b0 [ 65.305815][ T5991] ? __rcu_read_unlock+0x4e/0x70 [ 65.310829][ T5991] path_openat+0x6c8/0x1fa0 [ 65.315350][ T5991] ? _parse_integer_limit+0x167/0x180 [ 65.320739][ T5991] do_filp_open+0x107/0x230 [ 65.325364][ T5991] do_sys_openat2+0xab/0x120 [ 65.329966][ T5991] __x64_sys_openat+0xf3/0x120 [ 65.334780][ T5991] x64_sys_call+0x2b30/0x2dc0 [ 65.339493][ T5991] do_syscall_64+0xc9/0x1c0 [ 65.344057][ T5991] ? clear_bhb_loop+0x55/0xb0 [ 65.348743][ T5991] ? clear_bhb_loop+0x55/0xb0 [ 65.353500][ T5991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.359507][ T5991] RIP: 0033:0x7f86892afed9 [ 65.363936][ T5991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.383655][ T5991] RSP: 002b:00007f8687927058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 65.392075][ T5991] RAX: ffffffffffffffda RBX: 00007f8689475fa0 RCX: 00007f86892afed9 [ 65.400051][ T5991] RDX: 00000000000026e1 RSI: 0000000020000140 RDI: ffffffffffffff9c [ 65.408031][ T5991] RBP: 00007f86879270a0 R08: 0000000000000000 R09: 0000000000000000 [ 65.416066][ T5991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.424043][ T5991] R13: 0000000000000000 R14: 00007f8689475fa0 R15: 00007fff71742008 [ 65.432039][ T5991] [ 65.453935][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.470284][ T5997] __nla_validate_parse: 3 callbacks suppressed [ 65.470302][ T5997] netlink: 4 bytes leftover after parsing attributes in process `syz.3.682'. [ 65.674620][ T6026] netlink: 4 bytes leftover after parsing attributes in process `syz.4.695'. [ 65.684848][ T6026] netlink: 4 bytes leftover after parsing attributes in process `syz.4.695'. [ 65.738853][ T29] kauditd_printk_skb: 361 callbacks suppressed [ 65.738870][ T29] audit: type=1326 audit(1733543011.430:2586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6027 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 65.768426][ T29] audit: type=1326 audit(1733543011.430:2587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6027 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 65.791915][ T29] audit: type=1326 audit(1733543011.430:2588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6027 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 65.815398][ T29] audit: type=1326 audit(1733543011.430:2589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6027 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 65.838795][ T29] audit: type=1326 audit(1733543011.430:2590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6027 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 65.862176][ T29] audit: type=1326 audit(1733543011.430:2591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6027 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 65.885676][ T29] audit: type=1326 audit(1733543011.430:2592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6027 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 65.908936][ T29] audit: type=1326 audit(1733543011.430:2593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6027 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 65.932315][ T29] audit: type=1326 audit(1733543011.430:2594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6027 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 65.955809][ T29] audit: type=1326 audit(1733543011.430:2595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6027 comm="syz.1.696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d060dfed9 code=0x7ffc0000 [ 65.959150][ T6020] program syz.3.692 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 66.007904][ T6030] syzkaller0: refused to change device tx_queue_len [ 66.172301][ T6056] team_slave_0: entered promiscuous mode [ 66.174680][ T6052] loop1: detected capacity change from 0 to 2048 [ 66.178048][ T6056] team_slave_1: entered promiscuous mode [ 66.217958][ T6052] loop1: p2 p3 < > p4 < p5 > [ 66.222705][ T6052] loop1: partition table partially beyond EOD, truncated [ 66.236819][ T6052] loop1: p2 start 2852127236 is beyond EOD, truncated [ 66.243674][ T6052] loop1: p3 start 2304 is beyond EOD, truncated [ 66.261080][ T6052] loop1: p5 start 2852127236 is beyond EOD, truncated [ 66.269277][ T6065] loop5: detected capacity change from 0 to 128 [ 66.529655][ T6099] netlink: 'syz.4.725': attribute type 1 has an invalid length. [ 66.556258][ T6102] loop1: detected capacity change from 0 to 128 [ 66.587558][ T6106] netlink: 4 bytes leftover after parsing attributes in process `syz.0.728'. [ 66.601698][ T6104] loop3: detected capacity change from 0 to 512 [ 66.644400][ T6104] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.715190][ T6104] ext4 filesystem being mounted at /153/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 66.781101][ T6096] program syz.5.723 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 66.859218][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.959663][ T6140] random: crng reseeded on system resumption [ 66.972968][ T6143] loop0: detected capacity change from 0 to 128 [ 67.090336][ T6151] infiniband syz1: set active [ 67.095120][ T6151] infiniband syz1: added bond_slave_1 [ 67.136731][ T6133] bridge1: entered promiscuous mode [ 67.141999][ T6133] bridge1: entered allmulticast mode [ 67.155295][ T6156] loop0: detected capacity change from 0 to 512 [ 67.156481][ T6151] RDS/IB: syz1: added [ 67.182405][ T6151] smc: adding ib device syz1 with port count 1 [ 67.195550][ T6151] smc: ib device syz1 port 1 has pnetid [ 67.215364][ T6149] bridge1: entered promiscuous mode [ 67.220651][ T6149] bridge1: entered allmulticast mode [ 67.278516][ T6156] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.535561][ T6156] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 67.632613][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.753670][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x4 [ 67.761446][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x2 [ 67.769235][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0 [ 67.777048][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0 [ 67.784783][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0 [ 67.792461][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0 [ 67.800281][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0 [ 67.807984][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0 [ 67.815658][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0 [ 67.823321][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0 [ 67.830988][ T3437] hid-generic 0000:3000000:0000.000D: unknown main item tag 0x0 [ 67.981875][ T3437] hid-generic 0000:3000000:0000.000D: hidraw0: HID v0.00 Device [sy] on syz0 [ 68.168041][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x1 [ 68.175668][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.183091][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.190942][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.198467][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.205939][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.213346][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x4 [ 68.220838][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.222189][ T6188] loop1: detected capacity change from 0 to 128 [ 68.228323][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.228354][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.249560][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.257333][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.264941][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.272444][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.279917][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.287428][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.294843][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.302368][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.309818][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.317261][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.324682][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.332244][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.339679][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.347140][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.354642][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.362098][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.364081][ T6175] program syz.0.750 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 68.369965][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.386691][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.394171][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.402143][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.409554][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.416995][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.424449][ T3437] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 68.433819][ T3437] hid-generic 0000:0000:0000.000E: hidraw0: HID v0.00 Device [syz0] on syz0 [ 68.523356][ T6201] netlink: 4 bytes leftover after parsing attributes in process `syz.5.762'. [ 68.641966][ T6206] loop3: detected capacity change from 0 to 512 [ 68.699082][ T6206] loop3: detected capacity change from 0 to 512 [ 68.731439][ T6217] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6217 comm=syz.0.769 [ 68.768493][ T6206] EXT4-fs: inline encryption not supported [ 68.808558][ T6206] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 68.823500][ T6206] EXT4-fs (loop3): mount failed [ 68.846664][ T6221] netlink: 4 bytes leftover after parsing attributes in process `syz.1.770'. [ 68.898381][ T6224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 68.925638][ T6224] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 68.982096][ T6224] netlink: 8 bytes leftover after parsing attributes in process `syz.5.771'. [ 69.184283][ T6229] program syz.3.773 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 69.199429][ T6244] random: crng reseeded on system resumption [ 69.322757][ T6259] 9pnet_fd: Insufficient options for proto=fd [ 69.351565][ T6262] netlink: 4 bytes leftover after parsing attributes in process `syz.3.785'. [ 69.474840][ T6244] bridge1: entered promiscuous mode [ 69.480224][ T6244] bridge1: entered allmulticast mode [ 69.543704][ T6285] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 69.554113][ T6285] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 70.837089][ T6404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.838'. [ 70.972393][ T6410] loop0: detected capacity change from 0 to 512 [ 71.027125][ T6410] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.065197][ T6410] ext4 filesystem being mounted at /182/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 71.107918][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x4 [ 71.115656][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x2 [ 71.123521][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x0 [ 71.131227][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x0 [ 71.138940][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x0 [ 71.146716][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x0 [ 71.154388][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x0 [ 71.162190][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x0 [ 71.169929][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x0 [ 71.177706][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x0 [ 71.185377][ T3437] hid-generic 0000:3000000:0000.000F: unknown main item tag 0x0 [ 71.205945][ T29] kauditd_printk_skb: 214 callbacks suppressed [ 71.205961][ T29] audit: type=1400 audit(1733543016.810:2807): avc: granted { setsecparam } for pid=6422 comm="syz.5.843" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 71.231668][ T29] audit: type=1326 audit(1733543016.900:2808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6424 comm="syz.3.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f653da3fed9 code=0x7ffc0000 [ 71.255128][ T29] audit: type=1326 audit(1733543016.900:2809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6424 comm="syz.3.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f653da3fed9 code=0x7ffc0000 [ 71.278574][ T29] audit: type=1326 audit(1733543016.900:2810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6424 comm="syz.3.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f653da3fed9 code=0x7ffc0000 [ 71.284848][ T3437] hid-generic 0000:3000000:0000.000F: hidraw0: HID v0.00 Device [sy] on syz0 [ 71.302107][ T29] audit: type=1326 audit(1733543016.900:2811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6424 comm="syz.3.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f653da3fed9 code=0x7ffc0000 [ 71.335541][ T29] audit: type=1326 audit(1733543016.900:2812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6424 comm="syz.3.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f653da3fed9 code=0x7ffc0000 [ 71.358908][ T29] audit: type=1326 audit(1733543016.900:2813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6424 comm="syz.3.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f653da3fed9 code=0x7ffc0000 [ 71.382154][ T29] audit: type=1326 audit(1733543016.900:2814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6424 comm="syz.3.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f653da3fed9 code=0x7ffc0000 [ 71.405603][ T29] audit: type=1326 audit(1733543016.900:2815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6424 comm="syz.3.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f653da3fed9 code=0x7ffc0000 [ 71.428947][ T29] audit: type=1326 audit(1733543016.910:2816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6424 comm="syz.3.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f653da3fed9 code=0x7ffc0000 [ 71.507722][ T6437] loop1: detected capacity change from 0 to 128 [ 71.527775][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.620554][ T6454] loop5: detected capacity change from 0 to 128 [ 71.658589][ T6459] loop1: detected capacity change from 0 to 128 [ 71.832904][ T6480] FAULT_INJECTION: forcing a failure. [ 71.832904][ T6480] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 71.846253][ T6480] CPU: 0 UID: 0 PID: 6480 Comm: syz.4.863 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 71.857258][ T6480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 71.867344][ T6480] Call Trace: [ 71.870642][ T6480] [ 71.873591][ T6480] dump_stack_lvl+0xf2/0x150 [ 71.878227][ T6480] dump_stack+0x15/0x1a [ 71.882439][ T6480] should_fail_ex+0x223/0x230 [ 71.887139][ T6480] should_fail+0xb/0x10 [ 71.891468][ T6480] should_fail_usercopy+0x1a/0x20 [ 71.896577][ T6480] _copy_from_user+0x1e/0xb0 [ 71.901205][ T6480] get_nodes+0x28e/0x330 [ 71.905601][ T6480] __se_sys_migrate_pages+0x76/0x370 [ 71.910917][ T6480] __x64_sys_migrate_pages+0x55/0x70 [ 71.916216][ T6480] x64_sys_call+0x1a8/0x2dc0 [ 71.920983][ T6480] do_syscall_64+0xc9/0x1c0 [ 71.925493][ T6480] ? clear_bhb_loop+0x55/0xb0 [ 71.930225][ T6480] ? clear_bhb_loop+0x55/0xb0 [ 71.934908][ T6480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.941040][ T6480] RIP: 0033:0x7f86892afed9 [ 71.945498][ T6480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.965156][ T6480] RSP: 002b:00007f8687927058 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 [ 71.973579][ T6480] RAX: ffffffffffffffda RBX: 00007f8689475fa0 RCX: 00007f86892afed9 [ 71.981625][ T6480] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000000 [ 71.989643][ T6480] RBP: 00007f86879270a0 R08: 0000000000000000 R09: 0000000000000000 [ 71.997639][ T6480] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000001 [ 72.005667][ T6480] R13: 0000000000000000 R14: 00007f8689475fa0 R15: 00007fff71742008 [ 72.013715][ T6480] [ 72.145257][ T6500] loop3: detected capacity change from 0 to 128 [ 72.285932][ T6507] Falling back ldisc for ttyS3. [ 72.292405][ T6507] hub 9-0:1.0: USB hub found [ 72.307379][ T6507] hub 9-0:1.0: 8 ports detected [ 72.339061][ T6526] bond1: entered promiscuous mode [ 72.344149][ T6526] bond1: entered allmulticast mode [ 72.349690][ T6526] 8021q: adding VLAN 0 to HW filter on device bond1 [ 72.371771][ T6526] bond1 (unregistering): Released all slaves [ 72.510602][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x4 [ 72.518434][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x2 [ 72.526220][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.533934][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.542000][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.549879][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.557610][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.565383][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.573079][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.580771][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.588520][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.596436][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.604545][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.612301][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.620009][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.627904][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.635638][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.643437][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.651247][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.659060][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.666736][ T3437] hid-generic 0000:3000000:0000.0010: unknown main item tag 0x0 [ 72.676062][ T3437] hid-generic 0000:3000000:0000.0010: hidraw0: HID v0.00 Device [sy] on syz0 [ 72.817055][ T6584] netlink: 132 bytes leftover after parsing attributes in process `syz.1.892'. [ 72.848985][ T6584] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6584 comm=syz.1.892 [ 72.937373][ T6601] loop1: detected capacity change from 0 to 128 [ 73.071522][ T6621] loop3: detected capacity change from 0 to 512 [ 73.193533][ T6641] loop0: detected capacity change from 0 to 128 [ 73.221587][ T6644] netlink: 4 bytes leftover after parsing attributes in process `syz.1.907'. [ 73.292286][ T6621] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.373708][ T6621] ext4 filesystem being mounted at /194/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 73.581975][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.930386][ T6689] loop4: detected capacity change from 0 to 128 [ 73.951168][ T6692] loop1: detected capacity change from 0 to 128 [ 73.962482][ T6693] netlink: 4 bytes leftover after parsing attributes in process `syz.5.922'. [ 74.337931][ T6746] netlink: 4 bytes leftover after parsing attributes in process `syz.4.936'. [ 74.597123][ T6792] loop1: detected capacity change from 0 to 512 [ 74.609400][ T6792] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.631993][ T6792] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.642072][ T6791] Falling back ldisc for ttyS3. [ 74.662778][ T6791] hub 9-0:1.0: USB hub found [ 74.670051][ T6791] hub 9-0:1.0: 8 ports detected [ 74.714207][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.793123][ T6817] loop1: detected capacity change from 0 to 512 [ 74.852103][ T6817] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.885686][ T6817] ext4 filesystem being mounted at /173/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 74.919720][ T6840] random: crng reseeded on system resumption [ 74.986753][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.990254][ T6847] loop4: detected capacity change from 0 to 128 [ 75.157506][ T6840] bridge1: entered promiscuous mode [ 75.162825][ T6840] bridge1: entered allmulticast mode [ 75.171001][ T6867] loop4: detected capacity change from 0 to 128 [ 75.281927][ T6875] loop3: detected capacity change from 0 to 512 [ 75.299964][ T6875] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.312639][ T6875] ext4 filesystem being mounted at /206/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 75.353488][ T6885] random: crng reseeded on system resumption [ 75.364826][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.000392][ T6951] hub 9-0:1.0: USB hub found [ 76.013314][ T6951] hub 9-0:1.0: 8 ports detected [ 76.294733][ T6979] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1001'. [ 76.313005][ T6968] syzkaller0: refused to change device tx_queue_len [ 76.323077][ T6980] 9pnet: Could not find request transport: f [ 76.391592][ T29] kauditd_printk_skb: 160 callbacks suppressed [ 76.391616][ T29] audit: type=1326 audit(1733543022.090:2977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6992 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 76.422198][ T29] audit: type=1326 audit(1733543022.100:2978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6992 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 76.446234][ T29] audit: type=1326 audit(1733543022.100:2979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6992 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 76.469695][ T29] audit: type=1326 audit(1733543022.100:2980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6992 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 76.493219][ T29] audit: type=1326 audit(1733543022.100:2981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6992 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 76.516680][ T29] audit: type=1326 audit(1733543022.100:2982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6992 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 76.540111][ T29] audit: type=1326 audit(1733543022.100:2983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6992 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 76.563539][ T29] audit: type=1326 audit(1733543022.100:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6992 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 76.587057][ T29] audit: type=1400 audit(1733543022.100:2985): avc: denied { ioctl } for pid=6992 comm="syz.0.1004" path="socket:[14342]" dev="sockfs" ino=14342 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 76.612483][ T29] audit: type=1326 audit(1733543022.100:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6992 comm="syz.0.1004" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 76.816027][ T7008] random: crng reseeded on system resumption [ 77.083797][ T7018] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1013'. [ 77.107222][ T7021] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1014'. [ 77.206020][ T7029] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1018'. [ 77.432490][ T7046] Falling back ldisc for ttyS3. [ 77.473360][ T7046] hub 9-0:1.0: USB hub found [ 77.482222][ T7046] hub 9-0:1.0: 8 ports detected [ 77.560592][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x4 [ 77.568349][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x2 [ 77.576062][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x0 [ 77.583793][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x0 [ 77.591487][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x0 [ 77.599281][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x0 [ 77.606976][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x0 [ 77.614696][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x0 [ 77.622451][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x0 [ 77.630201][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x0 [ 77.638062][ T1034] hid-generic 0000:3000000:0000.0011: unknown main item tag 0x0 [ 77.679246][ T7081] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1041'. [ 77.718525][ T1034] hid-generic 0000:3000000:0000.0011: hidraw0: HID v0.00 Device [sy] on syz0 [ 78.122684][ T7133] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1049'. [ 78.238363][ T7136] program syz.0.1043 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 78.456042][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x4 [ 78.463751][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x2 [ 78.471436][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0 [ 78.479124][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0 [ 78.486848][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0 [ 78.494574][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0 [ 78.502281][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0 [ 78.509991][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0 [ 78.517722][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0 [ 78.525407][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0 [ 78.533093][ T3377] hid-generic 0000:3000000:0000.0012: unknown main item tag 0x0 [ 78.677253][ T3377] hid-generic 0000:3000000:0000.0012: hidraw0: HID v0.00 Device [sy] on syz0 [ 78.730383][ T7170] loop1: detected capacity change from 0 to 128 [ 78.795802][ T7175] Falling back ldisc for ttyS3. [ 78.926113][ T7190] Falling back ldisc for ttyS3. [ 78.949046][ T7190] hub 9-0:1.0: USB hub found [ 78.966933][ T7190] hub 9-0:1.0: 8 ports detected [ 79.075619][ T7212] Falling back ldisc for ttyS3. [ 79.226506][ T7241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1091'. [ 79.237181][ T7241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1091'. [ 79.258000][ T7244] sit0: entered allmulticast mode [ 79.267206][ T7246] sit0: entered promiscuous mode [ 79.308398][ T7250] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1095'. [ 79.407280][ T7234] program syz.4.1089 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 79.494261][ T7274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1104'. [ 79.504388][ T7276] random: crng reseeded on system resumption [ 79.642031][ T7276] bridge2: entered promiscuous mode [ 79.647522][ T7283] Falling back ldisc for ttyS3. [ 79.647530][ T7276] bridge2: entered allmulticast mode [ 79.663168][ T7293] FAULT_INJECTION: forcing a failure. [ 79.663168][ T7293] name failslab, interval 1, probability 0, space 0, times 0 [ 79.676081][ T7293] CPU: 1 UID: 0 PID: 7293 Comm: syz.0.1111 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 79.686785][ T7293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 79.696847][ T7293] Call Trace: [ 79.700140][ T7293] [ 79.703077][ T7293] dump_stack_lvl+0xf2/0x150 [ 79.707795][ T7293] dump_stack+0x15/0x1a [ 79.711972][ T7293] should_fail_ex+0x223/0x230 [ 79.716663][ T7293] should_failslab+0x8f/0xb0 [ 79.721271][ T7293] __kmalloc_noprof+0xab/0x3f0 [ 79.726070][ T7293] ? __se_sys_memfd_create+0x230/0x5c0 [ 79.731593][ T7293] __se_sys_memfd_create+0x230/0x5c0 [ 79.736969][ T7293] __x64_sys_memfd_create+0x31/0x40 [ 79.742234][ T7293] x64_sys_call+0x2d4c/0x2dc0 [ 79.746921][ T7293] do_syscall_64+0xc9/0x1c0 [ 79.751430][ T7293] ? clear_bhb_loop+0x55/0xb0 [ 79.756153][ T7293] ? clear_bhb_loop+0x55/0xb0 [ 79.760888][ T7293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.766820][ T7293] RIP: 0033:0x7ff708e2fed9 [ 79.771240][ T7293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.790918][ T7293] RSP: 002b:00007ff7074a6e38 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 79.799427][ T7293] RAX: ffffffffffffffda RBX: 000000000000042f RCX: 00007ff708e2fed9 [ 79.807441][ T7293] RDX: 00007ff7074a6f10 RSI: 0000000000000000 RDI: 00007ff708ea461b [ 79.815507][ T7293] RBP: 0000000020000940 R08: 00007ff7074a6bd7 R09: 00007ff7074a6e60 [ 79.823519][ T7293] R10: 000000000000000a R11: 0000000000000202 R12: 00000000200001c0 [ 79.831497][ T7293] R13: 00007ff7074a6f10 R14: 00007ff7074a6ed0 R15: 0000000020004040 [ 79.839483][ T7293] [ 80.103619][ T7316] program syz.0.1119 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 80.171007][ T7327] loop3: detected capacity change from 0 to 128 [ 80.176552][ T7329] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (189) [ 80.212789][ T7329] x_tables: duplicate underflow at hook 1 [ 80.494434][ T7366] loop5: detected capacity change from 0 to 128 [ 80.522631][ T7369] random: crng reseeded on system resumption [ 80.689135][ T7352] program syz.4.1133 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 80.745852][ T7393] FAULT_INJECTION: forcing a failure. [ 80.745852][ T7393] name failslab, interval 1, probability 0, space 0, times 0 [ 80.758798][ T7393] CPU: 0 UID: 0 PID: 7393 Comm: syz.1.1143 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 80.769506][ T7393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 80.779613][ T7393] Call Trace: [ 80.782964][ T7393] [ 80.785918][ T7393] dump_stack_lvl+0xf2/0x150 [ 80.790566][ T7393] dump_stack+0x15/0x1a [ 80.794829][ T7393] should_fail_ex+0x223/0x230 [ 80.799526][ T7393] should_failslab+0x8f/0xb0 [ 80.804168][ T7393] kmem_cache_alloc_noprof+0x52/0x320 [ 80.809571][ T7393] ? audit_log_start+0x34c/0x6b0 [ 80.814550][ T7393] audit_log_start+0x34c/0x6b0 [ 80.819437][ T7393] audit_seccomp+0x4b/0x130 [ 80.824016][ T7393] __seccomp_filter+0x6fa/0x1180 [ 80.829003][ T7393] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 80.834735][ T7393] ? vfs_write+0x596/0x920 [ 80.839224][ T7393] __secure_computing+0x9f/0x1c0 [ 80.844205][ T7393] syscall_trace_enter+0xd1/0x1f0 [ 80.849265][ T7393] ? fpregs_assert_state_consistent+0x83/0xa0 [ 80.855486][ T7393] do_syscall_64+0xaa/0x1c0 [ 80.860033][ T7393] ? clear_bhb_loop+0x55/0xb0 [ 80.864818][ T7393] ? clear_bhb_loop+0x55/0xb0 [ 80.869541][ T7393] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.875535][ T7393] RIP: 0033:0x7f9d060dfed9 [ 80.880051][ T7393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.899724][ T7393] RSP: 002b:00007f9d04757058 EFLAGS: 00000246 ORIG_RAX: 00000000000000d0 [ 80.908234][ T7393] RAX: ffffffffffffffda RBX: 00007f9d062a5fa0 RCX: 00007f9d060dfed9 [ 80.916229][ T7393] RDX: 0000000000000000 RSI: 0000000000000081 RDI: 0000000000000000 [ 80.924220][ T7393] RBP: 00007f9d047570a0 R08: 0000000000000000 R09: 0000000000000000 [ 80.932208][ T7393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.940194][ T7393] R13: 0000000000000000 R14: 00007f9d062a5fa0 R15: 00007ffcf2622e58 [ 80.948187][ T7393] [ 81.055796][ T7410] Falling back ldisc for ttyS3. [ 81.207310][ T7421] program syz.3.1154 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 81.222368][ T7434] loop5: detected capacity change from 0 to 512 [ 81.292994][ T7434] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.305929][ T7434] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 81.341138][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x4 [ 81.348915][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x2 [ 81.356637][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x0 [ 81.364366][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x0 [ 81.372105][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x0 [ 81.379848][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x0 [ 81.387589][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x0 [ 81.395255][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x0 [ 81.403021][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x0 [ 81.410878][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x0 [ 81.418573][ T24] hid-generic 0000:3000000:0000.0013: unknown main item tag 0x0 [ 81.426898][ T24] hid-generic 0000:3000000:0000.0013: hidraw0: HID v0.00 Device [sy] on syz0 [ 81.428518][ T5305] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.441358][ T29] kauditd_printk_skb: 146 callbacks suppressed [ 81.441375][ T29] audit: type=1400 audit(1733543027.140:3131): avc: denied { block_suspend } for pid=7454 comm="syz.3.1165" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 81.473505][ T7456] loop3: detected capacity change from 0 to 256 [ 81.490554][ T7456] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 81.490613][ T7456] FAT-fs (loop3): Filesystem has been set read-only [ 81.490640][ T7456] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 81.490737][ T7456] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 81.595787][ T7460] Falling back ldisc for ttyS3. [ 81.674157][ T7470] loop0: detected capacity change from 0 to 512 [ 81.689737][ T7470] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 81.704941][ T7470] ext4 filesystem being mounted at /255/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 81.717207][ T29] audit: type=1400 audit(1733543027.420:3132): avc: granted { setsecparam } for pid=7481 comm="syz.4.1173" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security [ 81.722135][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x4 [ 81.744213][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x2 [ 81.751979][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x0 [ 81.759738][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x0 [ 81.767438][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x0 [ 81.775096][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x0 [ 81.782784][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x0 [ 81.790489][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x0 [ 81.798226][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x0 [ 81.805922][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x0 [ 81.807477][ T7485] random: crng reseeded on system resumption [ 81.813693][ T3437] hid-generic 0000:3000000:0000.0014: unknown main item tag 0x0 [ 81.828553][ T3437] hid-generic 0000:3000000:0000.0014: hidraw0: HID v0.00 Device [sy] on syz0 [ 81.882179][ T29] audit: type=1326 audit(1733543027.580:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7476 comm="syz.5.1172" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7a640fed9 code=0x0 [ 81.913233][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.975336][ T7498] __nla_validate_parse: 2 callbacks suppressed [ 81.975358][ T7498] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1177'. [ 82.023171][ T29] audit: type=1326 audit(1733543027.720:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7495 comm="syz.0.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 82.046688][ T29] audit: type=1326 audit(1733543027.720:3135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7495 comm="syz.0.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 82.070165][ T29] audit: type=1326 audit(1733543027.720:3136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7495 comm="syz.0.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 82.093808][ T29] audit: type=1326 audit(1733543027.720:3137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7495 comm="syz.0.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 82.117314][ T29] audit: type=1326 audit(1733543027.720:3138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7495 comm="syz.0.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 82.140878][ T29] audit: type=1326 audit(1733543027.720:3139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7495 comm="syz.0.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 82.164342][ T29] audit: type=1326 audit(1733543027.720:3140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7495 comm="syz.0.1176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff708e2fed9 code=0x7ffc0000 [ 82.250685][ T7512] hub 9-0:1.0: USB hub found [ 82.255609][ T7507] Falling back ldisc for ttyS3. [ 82.256061][ T7512] hub 9-0:1.0: 8 ports detected [ 82.262171][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x4 [ 82.273186][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x2 [ 82.273213][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x0 [ 82.273237][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x0 [ 82.273332][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x0 [ 82.273414][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x0 [ 82.273456][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x0 [ 82.273489][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x0 [ 82.273521][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x0 [ 82.273547][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x0 [ 82.273569][ T3437] hid-generic 0000:3000000:0000.0015: unknown main item tag 0x0 [ 82.274841][ T3437] hid-generic 0000:3000000:0000.0015: hidraw0: HID v0.00 Device [sy] on syz0 [ 82.365200][ T7520] loop3: detected capacity change from 0 to 512 [ 82.385172][ T7516] syzkaller0: refused to change device tx_queue_len [ 82.392539][ T7520] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.392695][ T7520] ext4 filesystem being mounted at /249/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 82.422144][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.617269][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x4 [ 82.624966][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x2 [ 82.632767][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x0 [ 82.640460][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x0 [ 82.648185][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x0 [ 82.655982][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x0 [ 82.663679][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x0 [ 82.671508][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x0 [ 82.679267][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x0 [ 82.687013][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x0 [ 82.694754][ T1034] hid-generic 0000:3000000:0000.0016: unknown main item tag 0x0 [ 82.703614][ T1034] hid-generic 0000:3000000:0000.0016: hidraw0: HID v0.00 Device [sy] on syz0 [ 82.706533][ T7556] loop3: detected capacity change from 0 to 512 [ 82.792133][ T7556] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 82.804956][ T7556] ext4 filesystem being mounted at /253/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 82.831818][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.873533][ T7581] random: crng reseeded on system resumption [ 82.951241][ T7588] loop4: detected capacity change from 0 to 256 [ 82.980104][ T7588] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 82.990349][ T7588] FAT-fs (loop4): Filesystem has been set read-only [ 82.997336][ T7588] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 83.007752][ T7588] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 83.032328][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x4 [ 83.040132][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x2 [ 83.047924][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x0 [ 83.055771][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x0 [ 83.063787][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x0 [ 83.071685][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x0 [ 83.079469][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x0 [ 83.087577][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x0 [ 83.095380][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x0 [ 83.103073][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x0 [ 83.110784][ T1034] hid-generic 0000:3000000:0000.0017: unknown main item tag 0x0 [ 83.119141][ T1034] hid-generic 0000:3000000:0000.0017: hidraw0: HID v0.00 Device [sy] on syz0 [ 83.302627][ T7614] loop5: detected capacity change from 0 to 512 [ 83.338143][ T7614] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.350965][ T7614] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 83.395998][ T5305] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.536950][ T7651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 83.556873][ T7651] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 83.704311][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x4 [ 83.712088][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x2 [ 83.719845][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x0 [ 83.727561][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x0 [ 83.735220][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x0 [ 83.742969][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x0 [ 83.749412][ T7671] loop3: detected capacity change from 0 to 512 [ 83.750662][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x0 [ 83.764575][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x0 [ 83.772303][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x0 [ 83.780107][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x0 [ 83.787836][ T24] hid-generic 0000:3000000:0000.0018: unknown main item tag 0x0 [ 83.788512][ T7671] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 83.808658][ T24] hid-generic 0000:3000000:0000.0018: hidraw0: HID v0.00 Device [sy] on syz0 [ 83.811712][ T7671] ext4 filesystem being mounted at /264/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 83.885257][ T3308] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 83.941975][ T7679] loop3: detected capacity change from 0 to 128 [ 84.312727][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x4 [ 84.312770][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x2 [ 84.312879][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 84.312904][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 84.312929][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 84.312955][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 84.312982][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 84.313031][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 84.313059][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 84.313087][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 84.389892][ T3437] hid-generic 0000:3000000:0000.0019: unknown main item tag 0x0 [ 84.391181][ T3437] hid-generic 0000:3000000:0000.0019: hidraw0: HID v0.00 Device [sy] on syz0 [ 84.453855][ T7692] ================================================================== [ 84.461988][ T7692] BUG: KCSAN: data-race in inode_set_ctime_to_ts / inode_update_timestamps [ 84.470637][ T7692] [ 84.472980][ T7692] write to 0xffff888106b9aed8 of 8 bytes by task 7698 on cpu 0: [ 84.480632][ T7692] inode_set_ctime_to_ts+0x73/0x180 [ 84.485851][ T7692] inode_set_ctime_current+0x1b7/0x7a0 [ 84.491330][ T7692] inode_update_timestamps+0x85/0x250 [ 84.496731][ T7692] file_update_time+0x219/0x2b0 [ 84.501614][ T7692] pipe_write+0xa7b/0xd20 [ 84.505980][ T7692] vfs_write+0x77f/0x920 [ 84.510264][ T7692] ksys_write+0xe8/0x1b0 [ 84.514548][ T7692] __x64_sys_write+0x42/0x50 [ 84.519178][ T7692] x64_sys_call+0x287e/0x2dc0 [ 84.523879][ T7692] do_syscall_64+0xc9/0x1c0 [ 84.528401][ T7692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.530999][ T7718] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1255'. [ 84.534309][ T7692] [ 84.534318][ T7692] read to 0xffff888106b9aed8 of 8 bytes by task 7692 on cpu 1: [ 84.553063][ T7692] inode_update_timestamps+0x43/0x250 [ 84.558474][ T7692] file_update_time+0x219/0x2b0 [ 84.563401][ T7692] pipe_write+0xa7b/0xd20 [ 84.567772][ T7692] vfs_write+0x77f/0x920 [ 84.572045][ T7692] ksys_write+0xe8/0x1b0 [ 84.576312][ T7692] __x64_sys_write+0x42/0x50 [ 84.580914][ T7692] x64_sys_call+0x287e/0x2dc0 [ 84.585592][ T7692] do_syscall_64+0xc9/0x1c0 [ 84.590100][ T7692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.596016][ T7692] [ 84.598332][ T7692] value changed: 0x000000006753c475 -> 0x000000006753c476 [ 84.605431][ T7692] [ 84.607757][ T7692] Reported by Kernel Concurrency Sanitizer on: [ 84.613897][ T7692] CPU: 1 UID: 0 PID: 7692 Comm: syz.5.1244 Not tainted 6.13.0-rc1-syzkaller-00239-g9a6e8c7c3a02 #0 [ 84.624581][ T7692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 84.634635][ T7692] ==================================================================