last executing test programs: 3.499266014s ago: executing program 0 (id=3810): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x1c, 0x2, 0x3, 0x301, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x1c, 0x2, 0x3, 0x201, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8}]}, 0x1c}}, 0x0) r1 = socket$kcm(0x10, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000540)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) tkill(0x0, 0x0) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) syz_open_procfs$userns(r3, &(0x7f0000000140)) close_range(r2, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000080)={'batadv0\x00', 0x3}) write$selinux_access(0xffffffffffffffff, &(0x7f00000002c0)={'system_u:object_r:removable_device_t:s0', 0x20, 'unconfined', 0x20, 0xe1c7}, 0x48) 3.498665144s ago: executing program 0 (id=3811): pipe(&(0x7f00000001c0)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x80010, 0xffffffffffffffff, 0xf4123000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_dev$usbfs(&(0x7f0000000180), 0x5de1, 0x24000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$inet6(0xa, 0x3, 0x4) setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000740)={{{@in=@multicast2, @in6=@local, 0x0, 0x0, 0x4e22, 0x6, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x32}, 0x0, @in6=@private1}}, 0xe8) connect$inet6(r4, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x1010, 0xffffffffffffffff, 0x0, '\x00', r5, 0xffffffffffffffff, 0x20000000}, 0x48) bpf$MAP_GET_NEXT_KEY(0xf, &(0x7f0000000700)={r6, 0x0, 0x0}, 0x20) connect$unix(r1, &(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="186b1c174a6c97e46035124b1a264f9664000000000000ffff0000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000956ba4315303d922fd7ec0063391c0caf5ee66b9a5bd19be4f0c645fc7e59f51782ba1fd390831f7cbe1d7ff4b558bb5894511f4b6c80ce7c4107df4c12b190e7c97480917099b888ba808d4b89624ab9fe86ed37ff88e8365c94a6c41a5f549aaf7f05087ca17a9948bbb59083ef352"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10) r9 = socket(0xf, 0x5, 0xffffffff) r10 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000100)={0xa0179e1d}) mkdir(0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r11 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r11}, 0x10) keyctl$setperm(0x5, 0x0, 0x0) socket(0x0, 0x4, 0x8000) 3.498086314s ago: executing program 0 (id=3813): capset(&(0x7f0000000080), &(0x7f0000000040)) r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f0000000380)={'nat\x00', 0x0, 0x0, 0x0, [0xfffffffffffffff7, 0xffff, 0x0, 0xd9fa, 0x5, 0xe6]}, &(0x7f0000000400)=0x78) 3.484989755s ago: executing program 0 (id=3814): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791028000000000069003000000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) r2 = socket(0xa, 0x2, 0x0) getsockopt$nfc_llcp(r2, 0x11, 0xb, 0x0, 0x2000005b) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7f}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000280)={'ip6_vti0\x00', 0x0, 0x2f, 0x81, 0x1f, 0x0, 0x20, @dev, @loopback, 0x0, 0x10, 0x1, 0xe0}}) r4 = socket(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x28}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000900010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000008c0)=@newqdisc={0x4c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0) syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==") unlink(&(0x7f0000000000)='./file1\x00') r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x10) r9 = creat(&(0x7f0000000040)='./bus\x00', 0x0) pwritev2(r9, &(0x7f0000000600)=[{&(0x7f0000000380)='`', 0x1}], 0x1, 0xac04, 0x0, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=@newqdisc={0x24, 0x25, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) write$UHID_CREATE(r0, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', 0x0}}, 0x120) 3.401822642s ago: executing program 0 (id=3818): pipe(&(0x7f00000001c0)) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) r5 = socket(0x2c, 0x3, 0x0) r6 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000100)={0xa0179e1d, 0x11}) mkdir(0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) keyctl$setperm(0x5, 0x0, 0x0) socket(0x0, 0x4, 0x8000) 2.298775732s ago: executing program 0 (id=3830): r0 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0xffffffffffffffff) fcntl$setsig(r1, 0xa, 0x12) ppoll(0x0, 0x0, 0x0, &(0x7f0000000080)={[0x8001a0ffffffff]}, 0x8) dup2(r1, r2) fcntl$setown(r2, 0x8, r0) tkill(r0, 0x13) 2.031947644s ago: executing program 3 (id=3838): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000001c0)={0x8, 0x200}, 0x10) r1 = socket$inet(0x2, 0x6, 0x0) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000580)='pim6reg\x00', 0x10) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10) writev(r1, &(0x7f0000000800)=[{&(0x7f00000001c0)="a4", 0x1}], 0x1) socket$vsock_stream(0x28, 0x1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="60000000020605e12cd8e35a19f746b17d000000dc050e7eca63b504269186aa4400000000000900020073797a32000000001400078005001400000000020800084000000000050005000a000000050001000600000011000300686173683a6e65742c6e657400000000"], 0x60}}, 0x0) open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$inet(r0, &(0x7f0000000080)='<', 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10) 2.024944794s ago: executing program 3 (id=3840): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00100000000000120000d1850000000500000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000100)) 1.990744338s ago: executing program 3 (id=3841): r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2) ioperm(0x0, 0x10e, 0x8000000000004) prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0xc) unshare(0x2c060000) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000500), 0x1, 0x487, &(0x7f00000010c0)="$eJzs3M1vVFUbAPDn3n5A+Wrf9+VFQdAqGokfLS2oLNxoNHGhiYkucFnbgshADa2JECLVGFwaEvfGpYl/gTs3Rl0YE3dGE5eGhCgxAV2NuV8wHWZKgWkHmN8vucw5957pOc/ce+49cw93AuhZo9k/ScSmiPglIoaL7NICo8XL5Yunp/++eHo6iXr9tT+SvNyli6enq6LV+zZGxPokYk8akX6UlJUsNX/y1NGpWm32RJkfX6ifGZ8/eerJI8emDs8enj0+eeDA/n0Tzzw9+VRH4sziurTj/bmd219649wr0wfPvfndl1l7t+0qtjfG0SmjWeB/1nPN2x7pdGVdtrkhnfR3sSHckL6IyHbXQN7/h6Mvru684Xjxw642DlhV2bVpXfvNi3XgLpZEt1sAdEd1oc++/1bLGg09bgsXnouY/rmI/3K5FFv6Iy3LDKxi/aMRcXDxn8+yJVbpPgQAQKN8bPNEq/FfGtvy12JWZ0s5hzISEf+JiP9GxP8iYmtE/D8iL3tPRNxbvLk+vML6m6eGrh3/pOdvKcDryMZ/z5ZzW9WyWNRbVh8jfWVucx7/QHLoSG12b/mZ7ImBdVl+Ypk6vn7hp0+a1w2Vr43jv2zJ6q/GgqXz/U036GamFqY6NSi98EHEjv6l8RdbkiszAdkRsD0idtzYn95SJY489sXOdoVWEH97HZhnqn8e8Wix/xejKf5Kks9PHnunzfzk+Pqoze4dr46Ka33/49lX29V/S/F3QLb/Nyw9/ptKDP+VFPO1A1GrzZ6Yv/E6zv76cdvvNNePP215/A8mr+dz1j+8Vax7b2ph4cRExGDycp4fjIb1k1ffW+Wr8ln8e3a3Ov7T/BwX5f6/LyKyg3hXRNwfEQ+UbX8wIh6KiN3LxP/t8w+/ffPxr64s/plo3f9LI0njfP38yVPVZ3t1zfKJvqPffJW0qX9l+39/LObn2kJ+/ruOlbTr5o5mAAAAuPOkEbEpknTsSjpNx8aK/8O/NTaktbn5hccPzb17fKZ4RmAkBtLqTtdww/3QiWSx/ItFfrK8V1xt31feN/60byjPj03P1Wa6HDv0uo1t+n/m975utw5YdZ7Xgt7V3P/TLrUDWHuu/9C7WvT/oW60A1h7rv/Qu1r1/zNNeXMBcHe6tv//1uIn6yqDq90cYA0Z/0Pv0v+hd+n/0JOWPBJ/fPNKH5uX6PlEpLdFMzqbGFrxj1rc+Ynssr9MmW6fmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj3wAAAP//YyLvrA==") prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) setresgid(0x0, 0x0, 0x0) syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) socket$inet_sctp(0x2, 0x0, 0x84) 1.616090818s ago: executing program 3 (id=3846): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) accept4(r0, 0x0, &(0x7f0000000040), 0x80800) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x101082, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe6, 0x0) r5 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000002200)={r6}, &(0x7f0000002240)=0xc) 1.080699252s ago: executing program 4 (id=3858): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000240)={0x0, 0xd00, &(0x7f0000000100)={&(0x7f0000000f80)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r0, @ANYBLOB="010000000000000000000c000000a401038015000200070000005600050070e68f25ce0c924f2a8195afe1c770786adf6f083f0b66dfdbd403cacc428f32d42ea86e754b241d6785cc2edb9c0a270ec963a7a5f5cbc9e316cf560e6d83fb35aae47917175ae1ca22311a3eb4236403a6000004000100d40005001ddc22bea333cbca2de3c71f47a57bbbeec0b6ca1b412ff7f21ccf8b0afacf865b658e3841dc5fa1a2b4396dba58656ae0705ecc674e531fdcaa486d041b51771487420b154826c1dea20802e17f73edb41a275bcdc48fbfaffcab68ce1a6d05fcb5b2cc0d88b3607c9d562208c2af6a962396f238c2aceac9406d2a80889b1f2935be4b149ec3bb65adf0bad7aee90737087c40498241dbe3b07929ec2c33a262e98d4114152c50be2d2e8c736d3961ad843af71107ddcd9c6d7b1b5a8a97f27374d0d7a244ae1bf8b5c24f0a4af29816000400e74ec8efdbd43a13c66fff7b90fd52fafc7a000050000380200001800800010052a90000070002002a290000060002003a000000040003002c0001800a000200757365725f75000004000300080001000700000008000200252c2900080001000000000020000180140002006c6f000000000000000000000000000008000100", @ANYRES32=r2], 0x1d8}}, 0x0) 991.978969ms ago: executing program 4 (id=3860): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0xc0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xa7020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240), 0xd}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)) close(0xffffffffffffffff) socket$phonet_pipe(0x23, 0x5, 0x2) socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x2, 0x10100, 0x3}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x3}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000ff1000/0xd000)=nil, 0xd000, 0x3000007, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) set_mempolicy(0x0, 0x0, 0x0) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r3], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x12, r5, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r2, 0x2d3e, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) syz_open_dev$ptys(0xc, 0x3, 0x0) r6 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r6, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'veth1_to_batadv\x00'}}, 0x1e) socket$pppoe(0x18, 0x1, 0x0) r7 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r7, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev, 'team_slave_1\x00'}}, 0x1e) connect$pppoe(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, 'veth1_to_batadv\x00'}}, 0x1e) 952.121622ms ago: executing program 2 (id=3862): bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x3, 0x18, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040001f0ffffffb70200000800000018230000a43668528cfcdea56c32a2a11abc3ca5790e880c8dc19361320ec028eb8abccbac60f886d0639f5f9a8ff87cbacd0df5c9212a399d5e04446d5906f31dc825b07d614e048774afb912f1e95993193dd357b774a0e479dc7c7324400a1bd177037498b44f5bcff3f4a736be4e630046162fbc7afe88086eb528f0e0a262f94a889fb7c99e640cf2a4b6581234ebbca76d29b71b48db5942653c8a9e9259172d4a659a84ff801260271f03422f54f1432cc18635d043f407766791c8d778776b8583209a7e", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan1\x00', 0x0}) connect$can_bcm(r1, &(0x7f0000000300)={0x1d, r2}, 0x10) sendmsg$can_bcm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) sendmsg$can_bcm(r1, &(0x7f00000001c0)={&(0x7f0000000040), 0x10, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="0500"/14, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket$rxrpc(0x21, 0x2, 0x2) bpf$MAP_CREATE(0x0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 890.554917ms ago: executing program 2 (id=3863): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00100000000000120000d1850000000500000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000100)) 867.4633ms ago: executing program 2 (id=3864): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000001840)='wg0\x00', 0x4) bind$xdp(r1, &(0x7f0000001880), 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYBLOB="00000000010000001400030073797a5f74756e00000000000000000008000a00", @ANYRES32=r2], 0x3c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e6400000000040002800a000100ffffffffffbf0000"], 0x40}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB="0d00ff0000000000830000000000000045"], 0x0, 0x6}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0) preadv(r4, &(0x7f0000000400)=[{&(0x7f0000000300)=""/113, 0x71}], 0x1, 0x401, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f1, &(0x7f0000000580)='\x1a\xca\x10\xea\x1a\x87\xe7\xebz\xbd\xb5B\x99\xf9\x96]\xe7\xb7N\n\xaa.y\xc2V\x04`\n\x00\x00\x00\x00\x02\b\x00\x00\x9d\xf2u\x94\xa2\x86(\xf9\xc1\x9c\x05W\x80\x17T\'\xcd\x8e\xe2\xaf$\xc4\xc0\x90\xf3~\x1dV\xc6\x12!\xc2\xf5I\t\xed;$\v\xdcz\xc7e\xa0](\t\xca\xadj\xa4\xd1>\xb8#\xe7`\xf0 \xe4P\xbe\f\x10B\xd2\xcd\xf1\x18\"\x11D\x8d\x93ME\xe6\as\x9d\x86\xde\xc2\r\xde*1\x89\t\xe3&\xf6W9]\xae\xfc\x04w\xc1g\xbc\xec\x15C\x8e\x83\x8a\xac\xde`\xc4\xfb\xb9K\x89\xf2\x90\xba+S1\xf2=L\xdez\xc0L\xb5\xd1|z\x192\xce\x1d\tr\x83g\xcbg\xef\x9b\x947H\xb6sT)\v\xe03\x189\xb8RKt\xe5W\t8\x0e\x10\x86\x8d\xac4\xb0\xe4\xb2^\xcf\x88%\xac\x96\x0e\xb9\xf7\x1e\xcc!\x13\xe6\t\xd3\x1b\x84\xee\x1d\xfew\xb0\x947\xcd!`r\x9aV\x1d\x89\x89\xe9\xfa\x1e\xc3\xacc7\x02\xa6\v\x9f\xc8H\x91m\xe7\x13\xa1t=j\xeck\x9a\xc8z&\x8a\x8c]&A\xc1Z:\xb9\xc8j\xdfs\xcc\xfc\x15\r!\xfd\xb2\xeb\x97f\xf5\xc2\x1d}5&\x85\xac\xfe\x9az\x15\xfd\xf9\xccH\xc1`\xd9n\xf3\b\x8b\x01\xd5\xbc\xe7\x9a\'76R9ag\x16\xfc\x83') r5 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r5, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000540)={r4, 0xffffffffffffffff, 0x33, 0x0, @val=@tcx={@prog_fd=r4}}, 0x40) r6 = io_uring_setup(0x7bde, &(0x7f0000000080)={0x0, 0x3617}) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0x1a, 0x20000009, r7) 842.142502ms ago: executing program 1 (id=3865): r0 = syz_usbip_server_init(0x2) write$usbip_server(r0, &(0x7f0000000000)=@ret_submit={{0x3, 0x5, 0x0, 0x0, 0x3}, 0x2, 0x25, 0xfff, 0x312, 0x5, 0x0, "840a7772d34358f690d157a1a80df12023bdfb8c3a303879e11d74f6e3577ec5d61251de13", [{0x7f, 0x80000001, 0x5, 0xc}, {0x2, 0x6, 0x4, 0x31}, {0xc79, 0x1, 0x8000, 0xc9}, {0x6a, 0x908f, 0x2, 0x3}, {0xd0, 0x52, 0x401, 0x8}, {0xdc000, 0x5, 0x0, 0x1}, {0x7fffffff, 0x7, 0xd, 0x7fff}, {0x7ff0, 0x8, 0x8, 0xf}, {0x4, 0x7, 0x1}, {0x10, 0xffff, 0x81, 0x6}, {0x3, 0x8, 0xf4, 0x3}, {0x151, 0x9, 0x100, 0xa4dc}, {0x4d, 0x10, 0xfd, 0x4}, {0xffff, 0x12f2, 0x6, 0x2}, {0x6, 0x8, 0x9, 0x80}, {0x7, 0x2, 0xfff, 0x5}, {0x1ff, 0x10001, 0x9, 0xffffffff}, {0x80000001, 0x3ff, 0x3, 0x9e}, {0x0, 0x8, 0xa443}, {0x5, 0xffffb923, 0x3, 0x154}, {0x400, 0x263308c6, 0x81, 0x2}, {0x4, 0x1000, 0xd, 0xe}, {0x14000000, 0x732, 0x8, 0x32}, {0x12c4, 0x8000, 0x6, 0x1ff}, {0x800000, 0xe498, 0x262, 0xf7}, {0x8, 0x10001, 0x1, 0x5}, {0xffffffff, 0x4, 0x8, 0xfffffffe}, {0x2, 0x4, 0x1, 0x1}, {0x5, 0x80, 0xfffffffb, 0xe4}, {0x9, 0x8, 0x0, 0x1ad3}, {0xa39, 0xe, 0x2, 0x75}, {0x2, 0x3806, 0x101, 0x80}, {0x40, 0x9, 0x4, 0x3}, {0x92, 0x46e80195, 0x4, 0xfffffffb}, {0x6000, 0x40, 0x3, 0x7}, {0xfffffff9, 0x7, 0x8, 0x6}, {0x4, 0x9, 0x758, 0x6}, {0x96a7, 0xfffffffb, 0x2, 0x4}, {0x2, 0xb7, 0x3, 0x2}, {0x983, 0x13, 0x3, 0x2000}, {0xbf01, 0xe52, 0x9, 0x6cca}, {0x10, 0x7000000, 0x7, 0x5}, {0x735, 0xf79, 0x60c, 0x6}, {0x4, 0x8000000, 0x6, 0x2}, {0x7, 0x2, 0x2}, {0x4, 0x0, 0x4, 0x6}, {0xa6b, 0xc, 0xfffffeaa, 0xc}, {0xfffffff8, 0x0, 0x5, 0x631c}, {0x7fff, 0x7fffffff, 0x2, 0x91}, {0x1, 0xfff, 0x3, 0x3}, {0x1, 0x9, 0xbf, 0x10}, {0x1ff, 0x3, 0x3, 0x2}, {0xbd9, 0x4, 0x5}, {0x2, 0x9, 0x81, 0x8}, {0x8e, 0x16, 0x1, 0x3ff}, {0x4, 0x9, 0x4, 0x1}, {0x8, 0x6, 0x8, 0x7}, {0xfffffff8, 0x5, 0x4f5, 0x9}, {0x88, 0xf6, 0x10001, 0x3f}, {0xbc6, 0xf, 0x5, 0x8}, {0x8c3b, 0x7, 0x81, 0x401}, {0xa05, 0x4, 0x3, 0x200}, {0x7, 0x9, 0x8, 0x5}, {0x4, 0x595, 0xf, 0x2}, {0x8, 0x1, 0x8, 0x6}, {0x6, 0x6, 0x80000001, 0xfffffff7}, {0x7, 0x1000, 0x800, 0xbf81}, {0x8, 0x101, 0x7, 0xffff}, {0x80, 0xe, 0x3, 0x7}, {0x9, 0x7, 0x9, 0x8}, {0x16e, 0x4f, 0xfff, 0x3dd0bfda}, {0x7, 0x6, 0x8, 0xe6b8}, {0xd, 0xce, 0xfffffff2, 0x63f}, {0xff, 0x800, 0x9, 0x1}, {0x7, 0x0, 0x3, 0x221e}, {0x5, 0x0, 0x1000, 0x3}, {0x4, 0x3, 0x2}, {0x6cb9, 0x6, 0x9, 0xffffc2eb}, {0x8, 0x84, 0x1, 0x5fd}, {0x2, 0x769, 0x0, 0x2}, {0x8, 0x7f, 0xfffffff8, 0x4}, {0x7, 0x3, 0xfffffff9, 0x5}, {0x100, 0xfffffffa, 0x0, 0x3}, {0x4, 0x8, 0x27ab2165, 0xb71b}, {0xfffff472, 0x1, 0x100, 0x4000000}, {0x8, 0x8, 0x1}, {0x0, 0x3, 0x2, 0x2}, {0x4, 0x15d2, 0x8, 0x81}, {0xc0, 0x35b, 0xfffffff7, 0x3}, {0x2, 0x5, 0x774, 0x10001}, {0x3, 0x222e052b, 0x5, 0x7f2}, {0x6, 0xe2fe, 0x6, 0x4958}, {0x8000, 0x5, 0x6911ba94, 0x9}, {0x5, 0xc, 0x3, 0xc093}, {0x9b, 0x100, 0x400, 0x3}, {0x5, 0x7, 0x9, 0x1}, {0x841, 0x6, 0x6, 0x8}, {0xfffffffa, 0x5, 0x6, 0x101}, {0x52b, 0x9, 0x5, 0x799}, {0x1, 0x5, 0x0, 0xfffff000}, {0xfff, 0xab, 0x8, 0x95}, {0x8, 0x8b, 0x81, 0x4c74}, {0x9, 0xfffffffe, 0x5, 0x6}, {0x8, 0x7f, 0x80000, 0x7}, {0x2, 0x1, 0x9, 0x3}, {0x8, 0x5b, 0xe, 0x2}, {0x100, 0x4, 0x6000000, 0x749587bb}, {0x1, 0x8000, 0x7, 0x1}, {0x9, 0x8, 0x7d9, 0x1000}, {0x7, 0x80000001, 0xcb, 0x7fff}, {0x4, 0x8, 0x5, 0x5}, {0x3, 0x1, 0x4, 0xc00}, {0x2, 0x1, 0xffffdbd4, 0x81}, {0xfff, 0x400, 0xffff, 0x2}, {0x0, 0x3, 0x4}, {0x4, 0x800, 0x8a, 0x10000}, {0x2, 0x7fffffff, 0x1000, 0x4}, {0x5, 0x7f, 0x6ca802bd, 0xfffffff7}, {0x81, 0x24, 0x6f6fb3b6, 0x4}, {0x1, 0x80000001, 0x7a7, 0x4}, {0x2, 0x0, 0x7}, {0x2, 0x3, 0x7, 0x101}, {0x8, 0x5, 0x0, 0xa}, {0x437, 0xfff, 0x7ff, 0x5}, {0x8a, 0x0, 0xfff, 0xc0c9}, {0x2, 0x5, 0x3, 0xd59}, {0x2, 0x8, 0x4, 0x40}, {0x7fff, 0x5, 0x8, 0x400}, {0x8, 0x5, 0x7, 0x7}, {0x9, 0x80000001, 0x7ff, 0x2}, {0x6, 0x400, 0x2, 0x4}, {0x0, 0x6, 0xffffffff, 0x5}, {0xe, 0xc001, 0xfffffe0e, 0x40}, {0x7, 0x9, 0x7, 0xe}, {0x7, 0x6, 0xf, 0x4}, {0x3, 0x101, 0x3, 0xff}, {0x3ff, 0x7fdcf61f, 0x8c8b, 0x1}, {0x4, 0xc, 0x5, 0xfffffffe}, {0x8, 0xe32, 0x7, 0x3}, {0xfff, 0x970, 0x0, 0x10000}, {0x8, 0xc9c, 0x0, 0x8}, {0x100, 0x9, 0xdef, 0xfff}, {0x26, 0x1, 0xffff, 0x9}, {0x2, 0x10, 0x2dc, 0x4}, {0x1, 0x5, 0x3b40a4bb, 0x7}, {0x2, 0x2000, 0xffffffff, 0xf}, {0x9, 0xa, 0xc, 0x4}, {0x0, 0x7ff, 0x1, 0x60a0e214}, {0x2800000, 0x10001, 0x3, 0x4f2}, {0x7, 0x1, 0x7, 0x6}, {0x4, 0x3, 0x8, 0x61}, {0x1, 0x6, 0x9, 0x10}, {0x8, 0x5, 0x7fff, 0x8}, {0x0, 0x5, 0xbb, 0x6}, {0x6000, 0xff, 0x9, 0x1ff}, {0x9, 0x3, 0x3, 0x8}, {0x1, 0x5, 0x800}, {0xa5f39d3, 0xffffffff, 0x4, 0x200}, {0x4, 0x3ff, 0x8, 0x5}, {0x1, 0x8, 0x1, 0x3}, {0x0, 0x8, 0xd}, {0x7, 0x2, 0x1000, 0x8}, {0x3, 0x9, 0xf3, 0xf}, {0x8000, 0x6, 0x0, 0x10000}, {0x7f, 0x2cd, 0xfffffff8, 0x101}, {0x8, 0x101, 0x1, 0x5}, {0x2, 0x6, 0x10001, 0x1}, {0x2000, 0x10, 0x96c, 0xbe7}, {0x8001, 0x8, 0xfffff000}, {0x9, 0xf, 0x9, 0x9}, {0x100, 0xff, 0x1c9a, 0xca7b}, {0xffff, 0x7, 0x6bc, 0x5}, {0xffff7fff, 0x4, 0xa5, 0xffff}, {0x40, 0x19b, 0x1, 0x7f}, {0x401, 0xfffffe41, 0xfffffff7, 0xb}, {0x2, 0x96ea, 0x7ff, 0xe6}, {0x0, 0x100, 0x8}, {0x77, 0x2, 0x4, 0xad5d}, {0xd, 0x1e32, 0xd9a, 0x8001}, {0x0, 0x10, 0xe5, 0x8}, {0x4, 0x1, 0xcb74, 0x401}, {0xff, 0x4, 0x0, 0x68}, {0x25c, 0x3, 0x3, 0xfffffff6}, {0x4, 0x4, 0x5, 0x7}, {0x0, 0x9, 0x2, 0x1}, {0x5, 0x9, 0x0, 0xff}, {0x83, 0x6, 0xfffffff0, 0x8000}, {0xffffffff, 0x3, 0x4, 0x6}, {0x0, 0xff, 0x0, 0x1}, {0xfffffff7, 0x9, 0x5, 0x8001}, {0x2, 0xc4f9, 0x2, 0x4}, {0x46a6, 0x6, 0xfffffffa, 0x4}, {0x4c70, 0x6, 0x1, 0x8}, {0x76, 0xfffffffe, 0xff, 0x2}, {0x8, 0x65, 0x6, 0x1}, {0x2, 0xfffff817, 0x9, 0x5}, {0x73, 0x4, 0xe040, 0x3}, {0xdfa, 0x6, 0x7f, 0x8000}, {0x2, 0x1, 0x6, 0x9}, {0x9, 0x5, 0x80, 0x9}, {0x0, 0x8, 0x9, 0x400}, {0x0, 0x7, 0x1000, 0x1}, {0xfffffff8, 0x1, 0x240, 0x5}, {0xf8e, 0x543, 0xfffffffb, 0x4}, {0xc6e, 0x8, 0x6, 0x6}, {0x4e51, 0xc, 0x9, 0x7f}, {0xfffffff9, 0x5, 0xc7cb, 0x6}, {0xff, 0x10001, 0x81, 0xff}, {0x7f, 0x1, 0xe44e, 0x8}, {0x4, 0x3ff, 0x1, 0x9}, {0x5, 0xa, 0xd4, 0x4}, {0x200, 0xe8, 0x8, 0x5}, {0xffffffff, 0x3, 0x3, 0x41e}, {0x0, 0x0, 0x401, 0x5}, {0x3, 0x80000000, 0x6, 0xd}, {0xffffff0c, 0x1, 0x5, 0xffffffff}, {0x8001, 0x7fff, 0xffffffff, 0x40}, {0x0, 0x5, 0x8, 0x4e28}, {0x8, 0x101, 0xfffffffe, 0x7}, {0x9, 0x3, 0x7fffffff, 0x4}, {0x3, 0x5, 0x0, 0x8}, {0xb, 0x2, 0x8, 0x2}, {0x0, 0x5, 0x1000, 0x60}, {0x6, 0x7, 0x9, 0x1a}, {0xba6, 0xf, 0x9, 0x3ff}, {0x1ff, 0x8, 0x5, 0xfffffffb}, {0x800, 0x2761, 0xde21, 0xfffffffe}, {0x1, 0x3afd, 0x9, 0x1}, {0x3, 0xb, 0xfffffff0, 0x2}, {0x10, 0x3, 0x1c, 0x80}, {0x10, 0x7fffffff, 0x4, 0x10001}, {0x0, 0xb90, 0x2, 0x5}, {0x7, 0x0, 0x6}, {0xe4b, 0x5c82, 0x8000, 0x1}, {0xa, 0xc0, 0x5, 0xad}, {0x7fff, 0x9, 0x7, 0x7}, {0x5, 0xb4, 0xc, 0x9}, {0x2, 0x6, 0x2}, {0xc730, 0x7f, 0xd, 0x6}, {0x5, 0xfffffffc, 0x4, 0x70a}, {0x80000001, 0x1, 0x2, 0x1ff}, {0xaf6d, 0x7, 0x5, 0x8}, {0xe, 0x3, 0xfffffffc, 0x10001}, {0x5d8b, 0xffff, 0x6, 0x1}, {0x9, 0xfb, 0x5, 0x10}, {0x1, 0x2, 0x3, 0x8}, {0x2, 0x80, 0x8, 0x8c}, {0xf58, 0x8, 0xe7, 0xff}, {0x4, 0x2, 0x80, 0x80000000}, {0x1, 0xffffa1ec, 0x234, 0x9}, {0x4, 0x8, 0x2, 0x4}, {0x4, 0x1, 0x2, 0x3}, {0x4, 0xe, 0x3, 0x3f1}, {0xfffff001, 0x23, 0x3, 0x83}, {0x4, 0xd0f, 0x1, 0x3}, {0x80000000, 0xc53f, 0x1000, 0xffffffd2}, {0xffffffff, 0x9, 0xbd, 0x4022cc0}, {0x80000000, 0x81, 0x0, 0x2}, {0x10000, 0x18, 0x1, 0x7fffffff}, {0x3, 0xfffffff7, 0x332, 0x9}, {0x9, 0x949, 0x6, 0x5}, {0x83, 0x8, 0x86e, 0x1}, {0x6, 0x80, 0x9, 0x3}, {0x98e1, 0x4, 0x6fa29afc, 0x4}, {0x7, 0x2, 0x0, 0x8}, {0x3, 0x5, 0xef5, 0x2}, {0x0, 0x6, 0x10000, 0x4}, {0x7, 0x1, 0x6, 0x8}, {0x6, 0x3a, 0x80}, {0x8e6, 0x7, 0x1, 0x3f4}, {0xfffffffa, 0x7, 0xffffffff, 0x6}, {0xa570, 0x54, 0x4, 0x1}, {0x6, 0x9, 0x8000, 0xff}, {0x3, 0x8f5f, 0x200}, {0x3, 0xfffffffc, 0x6, 0x3}, {0x1b11c0, 0x80000001, 0xffffffff, 0x8}, {0x76, 0x3, 0xbfb, 0x8}, {0x1, 0xca, 0xf, 0x7}, {0x80000000, 0xb, 0xff, 0x3}, {0x1, 0x401, 0x1, 0x29d}, {0x40a, 0x5, 0x2, 0x3}, {0x9, 0x8001, 0x2, 0x8}, {0x87f0, 0x5, 0x1, 0x7ff}, {0x1459, 0x9, 0x101, 0x5}, {0x8, 0x9, 0x5, 0x8}, {0x30, 0xffffffff, 0x4, 0x2}, {0x2, 0xd2d6, 0xd0, 0x5}, {0x2, 0x5, 0x7909a6be, 0xffff1a65}, {0x8, 0x9, 0xf, 0x6}, {0x8, 0xdebd, 0x3, 0xfffffffb}, {0x5, 0x5, 0xfffffe00, 0x49}, {0x2459, 0x10001, 0x9}, {0x0, 0x7, 0x2, 0x900d}, {0x8000, 0x1, 0x81, 0x1}, {0x9, 0xffffff9b, 0x97, 0x8}, {0x0, 0x3ff, 0x42, 0x8001}, {0x800, 0x2, 0x8, 0x3}, {0xffffd81a, 0x1}, {0x8e, 0xfffffffd, 0xfffffff9, 0x7}, {0x9, 0x2, 0xe99}, {0x8, 0x7ff, 0x8d, 0x4}, {0x8, 0x7, 0xfffffffc}, {0x8001, 0x10001, 0xfffffffe, 0x3}, {0x5209, 0x1263, 0xff, 0x3}, {0xffff, 0x6, 0x3, 0x1}, {0x7, 0xfffffff5, 0x0, 0xca}, {0xffff0841, 0x400, 0x5, 0xc}, {0x2, 0x8, 0x0, 0x9}, {0x9, 0x2, 0x7, 0xfffffffb}, {0x0, 0x8, 0xffffffff, 0x9b}, {0x3, 0x3, 0x9, 0x7}, {0x9, 0x0, 0x1, 0x1}, {0x8, 0x7, 0x80, 0x7ff}, {0x8, 0x5, 0x5c, 0x2}, {0x8000000, 0x0, 0x8, 0x5}, {0x3, 0x10000, 0x9684, 0x7}, {0xa66, 0x8001, 0x6, 0x64caef3f}, {0x4, 0x34, 0x9, 0x5}, {0x6, 0xfffffff1, 0x6a, 0x10}, {0x4, 0x1, 0x10, 0x1ff}, {0x8, 0xf4ec, 0x5, 0x3}, {0x76e, 0xfff, 0x2, 0x9}, {0x2, 0xc, 0x93, 0x8}, {0x7fffffff, 0x100, 0x1000}, {0x262f7d4f, 0x80000001, 0xaf0, 0x6}, {0x7, 0x8, 0x5, 0xfffffff9}, {0x5, 0x1, 0x9, 0x9}, {0xc7, 0x0, 0xb, 0xfd}, {0x2, 0x10000, 0x380, 0x6}, {0x1, 0x9, 0x8001, 0x400}, {0x70, 0x3, 0x8, 0x5}, {0x3, 0x8, 0x5e77, 0x1}, {0x5, 0x1, 0x6, 0x2}, {0xffffffff, 0x0, 0x10, 0x5}, {0x4, 0x1, 0x7f, 0x5}, {0x800, 0x287e, 0x3, 0x6}, {0x9, 0x5, 0x8, 0x5}, {0x8, 0x401, 0x8001, 0x8}, {0x4, 0x9, 0x4, 0xf}, {0x0, 0x10, 0x71, 0xe}, {0x95, 0x7, 0x1, 0x6}, {0x1ff, 0x2, 0x6, 0x6043}, {0x4, 0x7, 0x5, 0xbb}, {0x7f, 0xa, 0x7, 0x2}, {0x730, 0x9, 0x4, 0x3f}, {0x1ff, 0x0, 0xfff, 0x9}, {0x8001, 0x200, 0x10, 0x4}, {0x0, 0x8, 0x0, 0x96c}, {0xb028, 0x7, 0x3, 0xad25}, {0x7, 0xa, 0x3, 0x5}, {0x7, 0x9, 0x3, 0x5}, {0x5, 0x0, 0xc, 0x4}, {0x7f, 0x4, 0x3fb8, 0xe}, {0x7, 0x0, 0x9, 0x6}, {0xa4bd, 0x10000, 0xfffff415, 0xafe}, {0xd5e5, 0x8, 0xffff8000, 0x6}, {0x7, 0x60f8, 0xd, 0xfa}, {0x0, 0x4, 0x1ff, 0x2}, {0x2, 0x9b, 0x2, 0x9}, {0x7, 0x7, 0x0, 0x1}, {0x6, 0x400, 0x7, 0x4}, {0x0, 0x8, 0x10000, 0x1}, {0xfffffff8, 0x6, 0xfffffffa, 0x8}, {0xd0ba, 0x4, 0xc72b, 0x6}, {0x2, 0xfffffbff, 0x10, 0x8}, {0xff, 0x1, 0x9, 0x7}, {0x6, 0x7ff, 0x1, 0x6}, {0x7, 0x1, 0x4, 0xc}, {0x2, 0xc, 0x6, 0x7}, {0x3, 0xaa50, 0x7, 0x9}, {0xffffff67, 0x0, 0x5, 0x6}, {0x1, 0x5, 0x2c4, 0x9}, {0x6, 0x3, 0xdb53, 0x7fff}, {0x8, 0x6, 0x2, 0x11d}, {0x7, 0x9, 0x3df8, 0x100}, {0x20, 0x8, 0x457e0d65, 0x2}, {0x2, 0xb, 0x2, 0xffff322c}, {0xfff, 0x5, 0xf2, 0x3a}, {0x6, 0x2, 0x7fffffff, 0xce4}, {0x1, 0x4, 0x81, 0x2}, {0x5, 0xfffffffc, 0xf066, 0x4}, {0x80, 0x9, 0x100, 0x1}, {0x5, 0x5, 0x6, 0x65}, {0x10001, 0x4, 0x7fff, 0x6}, {0x74, 0xcad6, 0x8, 0x100}, {0x8, 0x3, 0x8, 0x1}, {0x3bc, 0x7, 0x3, 0x10000}, {0xc45, 0x1, 0x9, 0x8}, {0x2, 0x3, 0x9, 0x4}, {0x3, 0x8, 0xf, 0x1}, {0x4, 0x0, 0x4, 0x80}, {0x8, 0x1000, 0x4, 0x3ff}, {0xfffffff8, 0xfffffff8, 0xffffffff, 0x3}, {0x80, 0x1, 0x6}, {0x1b0f, 0x3, 0x7, 0x2}, {0x401, 0xfffffffc, 0x9, 0x3}, {0x3ff, 0x6, 0x5, 0x1}, {0x8001, 0x5, 0x100, 0x6}, {0x4, 0xf767, 0x8, 0x8}, {0x6, 0x4, 0x8, 0x80000000}, {0x3, 0x6, 0x5, 0xf972}, {0x9, 0x0, 0x10001, 0x8}, {0x4, 0x81, 0x3, 0xc}, {0x0, 0x9, 0x4, 0x9}, {0x5, 0x40800000, 0x400}, {0x0, 0xfffffffe, 0x1, 0xffff}, {0xa, 0x7fff, 0x0, 0x9}, {0x80, 0x81, 0x7, 0x9}, {0x9d32, 0x4, 0x4, 0x80000000}, {0x8, 0xd, 0x400, 0x8f03}, {0x223, 0x8, 0x29d0, 0x1200000}, {0x40, 0x200, 0x81e6, 0x7fff}, {0x8000, 0x6, 0x8, 0xc3}, {0x3, 0x80, 0x6}, {0x6, 0x0, 0x418d2a0d, 0x8}, {0xc, 0x0, 0xc136030, 0x4}, {0x4, 0x3, 0x10001, 0x80000000}, {0x1, 0x10001, 0x2, 0x400}, {0xffffffff, 0x597, 0x2d88, 0x7}, {0x4, 0x1000, 0x5, 0x8}, {0x4, 0xf, 0xfd6, 0xffffff81}, {0x400, 0x8, 0x7f, 0x3}, {0x3, 0xc000, 0xa, 0x5}, {0x2edb, 0x7, 0x8, 0x8}, {0x6, 0x8001, 0x3, 0x3}, {0xffff, 0x9, 0x80000000, 0x4}, {0xb7, 0x6, 0x180, 0xe}, {0x5, 0xb5, 0x1, 0x9}, {0x69, 0x6, 0x40a, 0xffff8000}, {0x1, 0x71f928bc, 0x7, 0x7}, {0xfffffff9, 0x3, 0x5, 0x5}, {0x8b, 0x10001, 0x6, 0x2}, {0x1000, 0xa0, 0x8, 0x7fff}, {0x300, 0x800, 0x8, 0x4}, {0x1, 0x9, 0x0, 0xf2}, {0x4000000, 0xffffffff, 0x7fffffff, 0x4}, {0x1, 0x49d7, 0x0, 0x200}, {0x2, 0x80000001, 0xc2, 0x9a}, {0x5, 0x1, 0x401, 0x3}, {0x8, 0x1, 0x0, 0x4}, {0xf5, 0xf, 0x4, 0x5d}, {0xed, 0x4, 0x9, 0x2}, {0xa, 0x10001, 0x7, 0xae36}, {0x6, 0x9, 0x0, 0x2}, {0x9, 0x9, 0x9, 0x80000001}, {0x8, 0xcfe32fd, 0xfffffffd, 0x7}, {0x200, 0x20000000, 0x5}, {0x6, 0x7fffffff, 0x7ff, 0x2}, {0x7, 0x10001, 0x8, 0x7}, {0x80000000, 0x5, 0xe52, 0xb}, {0x2, 0x40}, {0x1, 0x3ff, 0x10000, 0x5}, {0x7f, 0x5, 0x8, 0x7}, {0x2, 0x8, 0xf8000000, 0x1}, {0x6, 0x2, 0x5, 0xc96a}, {0x5, 0x0, 0x6, 0xe}, {0x8000, 0x6, 0x3d4, 0x5}, {0x56, 0x3, 0x4, 0x1}, {0x3, 0x81, 0x6, 0x9}, {0x285e, 0x7, 0x8, 0x9}, {0x3, 0xfffffffa, 0x7, 0x2e1}, {0x5, 0x4, 0xd, 0x4}, {0x4, 0x6, 0x9c6, 0x9}, {0x8, 0x1, 0xb, 0x6}, {0x80, 0x0, 0x0, 0x7c}, {0xe, 0x101, 0xb, 0x2}, {0x3, 0x3, 0x656, 0x10}, {0x0, 0x4, 0x1, 0x9}, {0xe508, 0xffffffff, 0x2, 0x81}, {0x3, 0x56eb, 0x4, 0x3}, {0x401, 0x401, 0x4, 0x9}, {0x1ff, 0x1, 0xff94, 0x8001}, {0x8, 0x1, 0x9, 0x3ff}, {0x1e, 0xc, 0x4, 0x6d0b}, {0x101, 0x800, 0x8, 0x8001}, {0x4, 0x9071, 0xb, 0x7fffffff}, {0x4, 0x4, 0x7fff}, {0x684, 0x7, 0x9, 0x3}, {0xc, 0x5, 0x5, 0x3}, {0x3, 0x80000001, 0x200, 0x3a2}, {0x5, 0x6e629750, 0x5, 0x4c}, {0x53bc8622, 0x4000, 0x3}, {0x4, 0x4, 0x0, 0x9}, {0x8, 0x10001, 0x8, 0x98c}, {0x3, 0x7, 0x8, 0x4}, {0x3, 0x26c0, 0x48d, 0x2}, {0x1, 0x5a2, 0x80, 0x8}, {0x9, 0x7ff, 0x4, 0x84e}, {0x8, 0xa, 0x2, 0x1}, {0x80, 0x3ff, 0xf8c8, 0x8}, {0x3, 0x4, 0x0, 0x3}, {0x1, 0x7, 0x1, 0xffffffc2}, {0x3, 0xb, 0x6, 0x14}, {0x6, 0x3, 0x1, 0x2}, {0x7f, 0x8001, 0x1, 0x3}, {0xfffffffb, 0x0, 0x1b0, 0x1d}, {0x0, 0x2, 0xa8, 0x10000}, {0x4, 0x8, 0x5795d00b, 0x5}, {0x5, 0x1, 0x101, 0x7}, {0xfff, 0x7, 0x62a1, 0x2}, {0xb59b, 0x7, 0x2, 0x6}, {0x1, 0x3ff, 0xb, 0x80000001}, {0x9, 0x8001, 0xff32, 0x5}, {0x921, 0x7, 0x9, 0xd2f}, {0x7ff, 0x2e7, 0x4, 0x6}, {0x7fff, 0x3, 0xd, 0x287}, {0x9, 0x2, 0xf280, 0x3}, {0xa120, 0x2, 0xffff, 0x7fffffff}, {0x9, 0x10001, 0xffff, 0xfd5c}, {0x6, 0x8000, 0x10, 0x4}, {0xcdbe, 0x4, 0xc70, 0x5}, {0x7f, 0x6, 0x4, 0x1}, {0x6, 0x0, 0x2, 0x8000000}, {0x160, 0x200, 0x80000001, 0x80}, {0x8001, 0x478, 0xb, 0xffffb226}, {0x4, 0xef1, 0x7, 0xe}, {0x9, 0x6, 0x4, 0x2}, {0x2, 0xffffffff, 0x0, 0x4}, {0x200, 0xfffffffa, 0x10000, 0x11}, {0xffffff80, 0x0, 0x10001, 0xf}, {0x0, 0x8, 0x118983e1, 0xb1d7}, {0xf0e0, 0x9, 0x80000001, 0x3}, {0x6, 0x9, 0x8, 0xfffffffa}, {0x240000, 0xbf, 0x97, 0x2}, {0x7fff, 0x7, 0x401, 0x1}, {0x8, 0x3, 0x7, 0x2000000}, {0x10001, 0x1, 0x4, 0x7}, {0x7ff, 0x8, 0xffffffff, 0x2}, {0x7, 0x0, 0x7, 0x40}, {0x5, 0x7, 0x0, 0xd01}, {0x46, 0x8229, 0x1, 0x5}, {0x1, 0x1, 0xc492, 0x6e8}, {0xf, 0x7, 0x7, 0x8b9}, {0x6, 0x9, 0x57, 0x3ff}, {0xd, 0x7d, 0x1, 0xe514}, {0x0, 0x9, 0x1, 0xfff}, {0x4a7, 0xea3, 0x8, 0x5}, {0xff, 0x101, 0x4, 0x4}, {0x1, 0x2, 0x1, 0xf}, {0x2, 0xff, 0xf7, 0x7}, {0x5, 0xd, 0x101, 0xe}, {0x4, 0x0, 0x5, 0x3}, {0x100, 0x8001, 0x6, 0xdc}, {0x6, 0x9, 0x2, 0x9}, {0x7, 0x827, 0x9, 0x5}, {0x85, 0x40, 0x2, 0x8}, {0x59c2, 0x0, 0x3, 0x10}, {0x8, 0x7, 0x1, 0xa00000}, {0x1000, 0x5, 0x306, 0x1}, {0x2, 0xffffffff, 0xffffffff, 0x3}, {0x7fffffff, 0xd2, 0x2, 0x7fffffff}, {0x2, 0xb, 0xffffffff, 0x6}, {0x400, 0xf5, 0x362, 0x3}, {0x1, 0x2, 0x4, 0x80000000}, {0xe845, 0x5, 0x1000, 0x7}, {0x0, 0x4, 0x0, 0x7b02}, {0x754, 0x9, 0x6fa, 0xff}, {0x9, 0xd79a, 0x7, 0xa9}, {0xc210, 0x2, 0x2, 0x5}, {0x7, 0xdaa9, 0xc, 0x401}, {0x1, 0xf, 0x8, 0x1}, {0x1, 0x0, 0x400, 0xbc64}, {0x3, 0x4fe, 0x0, 0x7fffffff}, {0xf0000000, 0x976, 0x9547}, {0x7, 0x4, 0x2, 0x52}, {0x1, 0x1, 0x4a8, 0x1}, {0x2b, 0x28000, 0xbc9}, {0x19a8, 0x400, 0x0, 0xfffffffa}, {0x3, 0x6, 0x6}, {0x4, 0x5, 0x81, 0xa10}, {0x10000, 0x1, 0x744, 0xd08}, {0x2, 0x3, 0x6, 0x1}, {0x9, 0x6, 0x8e9b6b88, 0x80}, {0xffffffff, 0x6, 0x3, 0xe}, {0x9, 0x3, 0x2, 0x9}, {0x7, 0x8c27, 0x4, 0xfffffff0}, {0x8b83, 0x62, 0x800, 0x8}, {0x10001, 0x9, 0x100, 0x1}, {0xfffffffa, 0x1801, 0xffff, 0x4}, {0x1b86, 0x0, 0xe4, 0x437b}, {0xd, 0x9, 0x2, 0x3}, {0x36b, 0x5, 0x100, 0x6}, {0x58, 0x20000000, 0x60000000, 0x2}, {0xffff8000, 0xa, 0x9, 0x4}, {0x5b, 0x4, 0x6249, 0x80000001}, {0x3, 0x200}, {0xe27, 0x5, 0x6, 0x5}, {0x2, 0x9, 0x0, 0x1}, {0x1000, 0x7fffffff, 0xd, 0x10000}, {0x8344, 0xe0bd, 0x0, 0x1}, {0x652e69ae, 0x9c, 0x6c, 0xa59}, {0x4, 0x2, 0x4, 0x401}, {0x588ab32, 0x1, 0x8, 0x5}, {0x334f1c02, 0xfffff37d, 0x0, 0x5}, {0x7ff, 0xfffffffe, 0x8, 0x7}, {0xeb1, 0x7, 0x2, 0x9}, {0x3, 0xc, 0xffffffaa, 0xff800000}, {0x1, 0x9, 0xc, 0x6}, {0x8, 0x40, 0xb43, 0x8}, {0x5, 0x6, 0x8, 0x2}, {0x6, 0x1, 0x7, 0xa17}, {0x1000, 0x5c6, 0x5, 0x8}, {0x80000001, 0x7, 0x9, 0x4}, {0x3, 0x0, 0x3, 0x3}, {0x2, 0xaed, 0x8, 0x400}, {0x76e5, 0x5, 0x0, 0x8}, {0xdac, 0x23, 0x2, 0x1ff}, {0xffffff27, 0xbdd, 0x8, 0x7fff}, {0x4, 0x9971, 0xffff, 0x8000}, {0x8, 0x0, 0xed, 0x3}, {0x9, 0x6, 0x2, 0xb4}, {0x3, 0xfffffffc, 0x5, 0x8}, {0xf1b, 0x80000001, 0x6, 0x80}, {0x8f, 0x3, 0x1, 0x10}, {0x4, 0x7, 0x7}, {0x3, 0x8, 0x2, 0x4}, {0x2, 0x2, 0x8, 0x9}, {0x7, 0xfffffff9, 0x6, 0x7}, {0x9, 0x1, 0xcb, 0xa}, {0xf, 0x80f4, 0x800, 0x2}, {0x5, 0x2, 0x2}, {0x7, 0xf, 0x7, 0x1}, {0x5, 0x4f, 0xfffffff8, 0xf}, {0x7, 0xc0, 0x243f, 0xfffffff8}, {0x101, 0x0, 0x6, 0x2}, {0x7ff, 0x0, 0x7, 0x7}, {0x8, 0xfffffff8, 0x1, 0x400000}, {0x8, 0x8, 0x9, 0x800}, {0xf0, 0x8000, 0x3, 0x80}, {0x9, 0x100, 0x5, 0x8}, {0x4, 0x101, 0x2, 0x4}, {0x2, 0x81, 0x800, 0x8}, {0x1, 0xffffffff, 0x2, 0x9}, {0xfffffff7, 0x4, 0xff, 0x2}, {0x6, 0x73, 0x13c00000, 0xd}, {0x3, 0xe, 0x8, 0x5}, {0x8, 0x26658cdb, 0x3ff, 0x9}, {0x7fffffff, 0x5, 0x6079aeeb, 0xfffffffb}, {0xfffeffff, 0x2, 0xfff, 0xfffffffd}, {0xd, 0x4, 0x1, 0x1}, {0x8, 0x9, 0x5, 0x3}, {0x8, 0x80, 0x8, 0x88}, {0x2b61, 0x4, 0x5, 0x219}, {0x4c025666, 0x2, 0x5, 0x8}, {0x8, 0x6db10e16, 0x8001, 0x100}, {0x4, 0xffffffff, 0x7, 0xffff}, {0x958, 0xff, 0x2, 0x9}, {0x2, 0x9, 0x0, 0xfffff539}, {0x4, 0x1, 0x5, 0x2}, {0x9, 0x401, 0x44, 0x6}, {0x0, 0x2, 0x66bf, 0x9}, {0x8, 0x3cf6, 0x8000}, {0x8d, 0x5, 0x8, 0x3}, {0x3, 0x4, 0x3ff, 0x9}, {0x401, 0x3, 0x6a, 0x6f82}, {0x0, 0xfffffff8, 0x6, 0x8}, {0x2, 0xd, 0x7, 0x4}, {0x9, 0x2, 0x7, 0x6}, {0x2, 0xfffffffe, 0x0, 0x9c}, {0x1e, 0x401, 0x327cdc65, 0xd}, {0x4, 0x1, 0x1, 0x4}, {0xd25, 0x9, 0xfffffff7}, {0x2, 0x4, 0x9, 0x36}, {0x1, 0x5c, 0x0, 0x6}, {0x6, 0x7d, 0x7b, 0x3}, {0xc38d, 0xffffffff, 0x1, 0x1}, {0xb7, 0x6, 0x10, 0xff}, {0x80000000, 0x6, 0x7}, {0x8000, 0x7, 0x4834b2b6, 0x9}, {0x8, 0xf55d, 0x9, 0x400}, {0x6, 0x6, 0x0, 0x5}, {0x81, 0x14, 0xc000, 0x1}, {0x1, 0xfff, 0x1, 0x4}, {0x9, 0x9d7, 0xabe8, 0x1ca77fd8}, {0x2, 0x2, 0x4, 0x44c}, {0x9, 0x3, 0x2, 0x8}, {0x7e0, 0x8, 0x5, 0xffff}, {0x6, 0x4, 0xc47c, 0x6}, {0x5, 0x80000001, 0xd179, 0x7}, {0x4, 0x9, 0x4, 0xfd}, {0x7, 0x5, 0xfffffe01, 0xc}, {0xfff, 0xfffffff8, 0x3, 0x8}, {0x80000001, 0x7, 0x7, 0x80}, {0xcb, 0x80000000, 0x4, 0x9}, {0x6, 0x80000000, 0x910a, 0x9}, {0x6, 0xffff8001, 0x1, 0x5}, {0x35ff258a, 0x81, 0x5, 0x9}, {0x1, 0x8, 0x9, 0x3}, {0x80000001, 0x2, 0x5, 0x401}, {0x20000000, 0x0, 0x6, 0x7fff}, {0x400, 0x1, 0x6, 0x2}, {0x9, 0x1000, 0x3, 0x2ea7c53c}, {0x3, 0x79a, 0x40, 0x9}, {0x1, 0x4a, 0xe, 0x400}, {0x0, 0x9, 0x7, 0x8}, {0x9, 0x80, 0x4, 0x5}, {0x1, 0x8, 0x8, 0x57}, {0x1, 0x8, 0xfff, 0x9}, {0xd, 0x200, 0x1, 0x200}, {0xe5, 0x0, 0x0, 0x3}, {0x5, 0x80000000, 0x5, 0xfff}, {0xc, 0xf6b4, 0x40, 0x673}, {0x6, 0xd302, 0xc, 0x4}, {0x8000000, 0x7, 0x2, 0x4}, {0x0, 0x100, 0x0, 0x2d}, {0x1, 0x8d, 0x1, 0x8}, {0x2, 0x1ff}, {0x1, 0x0, 0x3, 0xfffff3b5}, {0x1, 0x5, 0xcec9e76d, 0x48}, {0x4, 0x7ff, 0xffffffff, 0x401}, {0x0, 0x0, 0xe0, 0x8}, {0x7, 0x7ff, 0x7, 0x7ff}, {0x8, 0xe, 0x1000, 0x7}, {0x6, 0xea, 0x2, 0x9}, {0x8000, 0x5, 0x2, 0x2}, {0x80, 0x383f, 0x9aa9, 0x3ff}, {0x3367, 0x1, 0x8, 0x4}, {0x2, 0x9fd, 0x1fa11051, 0x6}, {0x1617, 0x5, 0x3, 0x2}, {0x3, 0x800, 0x1ff, 0x678}, {0xe3, 0x0, 0x2, 0x9}, {0x1ff, 0x101, 0x6, 0x80}, {0x8, 0x80000000, 0xf0f, 0x6da4}, {0xa, 0xf4, 0x10001, 0x6}, {0xf5, 0x627c, 0x5}, {0x1a3, 0x1, 0x3, 0xfffffff9}, {0x5, 0x4, 0x7ff, 0x92}, {0x7ff, 0x4e0, 0x4, 0x3}, {0x3, 0x3, 0x6, 0x101}, {0x2, 0xffff0000, 0xffffffff, 0x200}, {0x6acf, 0x8, 0xfffffff5, 0xff}, {0x9, 0x3, 0x8, 0x5}, {0x0, 0x8, 0x0, 0x1}, {0x7f, 0x3d, 0x5, 0x7}, {0x92c, 0x2, 0xcaed, 0x5}, {0xcb, 0x5, 0xfffff000, 0x8}, {0x4, 0xffffffff, 0x9, 0x78}, {0xc, 0xfffffffe, 0x1, 0x8}, {0xe, 0x6, 0x5, 0x80}, {0x4, 0x7, 0x4, 0x7ff}, {0x3000000, 0x3, 0xbf}, {0x9, 0x80000001, 0x5, 0x3ff}, {0x7, 0x7, 0x0, 0x1ff}, {0x8, 0x8, 0x1000}, {0x4, 0x1404, 0x1e, 0x9}, {0xa7, 0x8001, 0x10001, 0xffffffb6}, {0x8000, 0xfffffff9, 0x1000, 0xfce8}, {0x40, 0x7, 0x3, 0x2}, {0x401, 0x6, 0x0, 0x7}, {0x7, 0xe9a3, 0x1, 0x9}, {0x11, 0x2, 0x2, 0x7fffffff}, {0x6, 0xa, 0x7}, {0x9, 0x1, 0x0, 0xfffffe01}, {0x0, 0x80000000, 0xba8, 0xfffffc00}, {0x2, 0x401, 0x5, 0x2}, {0x7a0a0000, 0x5, 0x7}, {0x2, 0xb, 0x1, 0x7}, {0x6, 0x5, 0x0, 0x9}, {0x7, 0x10001, 0x1, 0x80}, {0x6, 0xde6c, 0xc397, 0x1}, {0x1ff, 0x6120, 0xfff, 0x8}, {0x4, 0x1, 0xfff, 0x7}, {0x8, 0x8, 0x4, 0x6}, {0x4, 0x3ff, 0xd477, 0x1}, {0xffffffff, 0x0, 0x4, 0x401}, {0x1, 0x8, 0xffff00, 0x7ff}, {0x2b, 0x400, 0x7, 0x80}, {0xc87, 0xbe7, 0x8}, {0x0, 0x2, 0x5, 0x9c}, {0x0, 0x2, 0x65, 0x4}, {0x81, 0x54, 0x2, 0x7}, {0x200, 0x38, 0x7, 0x2856}, {0xf6, 0x9, 0xfff, 0x5}, {0x8, 0x400, 0x9}, {0xda04, 0x40, 0x5, 0x5}, {0x80000000, 0x1, 0xbf1, 0x4}, {0x401, 0x7, 0xff, 0x1}, {0x3, 0x4, 0x9, 0x577}, {0x10000, 0x3, 0xd6, 0x3}, {0x10, 0x7, 0x80000, 0x7}, {0xf8d, 0x3283800, 0x0, 0x5}, {0xff, 0x1, 0x4, 0x6}, {0x7c, 0x0, 0x0, 0x85}, {0x1, 0x800, 0x8, 0x1}, {0xffff, 0x7f, 0x9, 0x6}, {0x5, 0x2, 0x4, 0x24a}]}, 0x3175) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000032c0)={&(0x7f00000031c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x5}, {0x0, [0x0, 0x0, 0x61]}}, &(0x7f0000003200)=""/148, 0x1d, 0x94}, 0x20) prctl$PR_SCHED_CORE(0x3e, 0x4, 0xffffffffffffffff, 0x0, &(0x7f0000003300)) r1 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r1, &(0x7f0000003340)={0x18, 0x2, {0x2, @multicast2}}, 0x1e) syz_usbip_server_init(0x5) ioctl$TIOCSBRK(0xffffffffffffffff, 0x5427) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000003380), 0x2) r2 = io_uring_setup(0x15e4, &(0x7f00000033c0)={0x0, 0xf22e, 0x20, 0x0, 0x232}) io_uring_enter(r2, 0xd9e, 0x1d80, 0xe211207c25785514, &(0x7f0000003440)={[0x7f]}, 0x8) r3 = openat$cgroup_type(r1, &(0x7f0000003480), 0x2, 0x0) write$cgroup_type(r3, &(0x7f00000034c0), 0x9) r4 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_FD_FRAMES(r4, 0x65, 0x5, &(0x7f0000003500)=0x1, 0x4) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r1, 0xf50f, 0x0) r5 = socket$pptp(0x18, 0x1, 0x2) bind$pptp(r5, &(0x7f00000048c0)={0x18, 0x2, {0x2, @loopback}}, 0x1e) 841.840212ms ago: executing program 2 (id=3866): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f00000002c0)={[{@init_itable}, {@resuid}, {@stripe}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==") r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0) open_by_handle_at(r1, &(0x7f0000000240)=@reiserfs_2={0x4b}, 0x0) 741.73363ms ago: executing program 3 (id=3867): setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x8100, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0) 728.133561ms ago: executing program 3 (id=3868): syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x40) r0 = syz_io_uring_setup(0x6f51, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f0000000000), &(0x7f00000003c0)) io_uring_enter(r0, 0x0, 0x0, 0x9, &(0x7f0000000040), 0x18) socket$nl_netfilter(0x10, 0x3, 0xc) syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) syz_io_uring_setup(0x3570, &(0x7f0000000240), 0x0, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48) open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r1}, 0x10) socket$packet(0x11, 0x2, 0x300) socket$inet6(0xa, 0x800000000000002, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x3, &(0x7f00000000c0)=[{0x25}, {0x25}, {0x16}]}) syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) chown(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) close(0xffffffffffffffff) r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5) sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}]}, 0x1c}}, 0x0) write$nci(r3, &(0x7f000000a600)=ANY=[@ANYBLOB="6105061802030207081ffca2a1f782fc90eae4"], 0x13) dup(r2) getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) 719.672271ms ago: executing program 2 (id=3869): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000100)={'veth0_to_team\x00', 0x400}) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000002c0)={'pimreg1\x00', 0x600}) close(0x3) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$BTRFS_IOC_GET_FEATURES(r4, 0x80189439, &(0x7f0000000180)) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="1802000000000017000000000000000085000000bc00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TLS_TX(r6, 0x6, 0x1, &(0x7f00000000c0)=@gcm_128={{}, "43898657bcc809e8", "835179bc41e8b949acca0097dc2c8001", "a303c0c8", "08248006f13a2001"}, 0x28) fchmod(r3, 0x61) setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) connect$inet6(r6, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58) sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000010000000900010073797a300000000078000000090a010400000000000000000100000008000a40000000000900020073797a30000000000900010073797a300000000008000540000000213c0011800a0001006c696d69740000002c0002800c000240000000000000"], 0xc0}}, 0x0) 580.874443ms ago: executing program 4 (id=3870): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000001c0)={0x8, 0x200}, 0x10) r1 = socket$inet(0x2, 0x6, 0x0) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000580)='pim6reg\x00', 0x10) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10) writev(r1, &(0x7f0000000800)=[{&(0x7f00000001c0)="a4", 0x1}], 0x1) socket$vsock_stream(0x28, 0x1, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendto$inet(r0, &(0x7f0000000080)='<', 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10) 580.176723ms ago: executing program 2 (id=3871): r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$802154_dgram(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0x2}}, 0x14, 0x0}, 0x20000801) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_read_part_table(0x105c, &(0x7f0000001080)="$eJzsz71Rw0AQBeCnQ0gioBUSOqAHEopBKZUQ0Ae9uAaPPeuR/NeB7eD7gpt7N+9mZ8N9tWxr8V+pLsmwHHPLW6bkJW0tffRTltynxlQyX77XuD91fp6/h7RNxjV9vXe7quuY1+TpePvtz29dPv9utSYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLJDAAAA//+4SRWs") ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg2\x00'}) syz_genetlink_get_family_id$wireguard(&(0x7f0000000340), 0xffffffffffffffff) epoll_create1(0x0) openat$sysfs(0xffffff9c, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0) getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x9801}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gre={{0x8}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x34}}, 0x0) sendmmsg$inet(r1, &(0x7f0000005ac0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @local, @local}}}], 0x20, 0x11000000}}], 0x1, 0x0) 512.378208ms ago: executing program 4 (id=3872): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x35}, {0x6}]}, 0x10) sendmsg$MPTCP_PM_CMD_SET_LIMITS(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000680)=ANY=[], 0x24}}, 0x0) 459.877553ms ago: executing program 4 (id=3873): r0 = socket$inet6_udplite(0xa, 0x2, 0x88) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x5}}, 0x1c) write$P9_RGETLOCK(r0, &(0x7f0000000040)=ANY=[], 0xe6da) r1 = socket$nl_route(0x10, 0x3, 0x0) socket$key(0xf, 0x3, 0x2) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newsa={0x154, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback, @in=@rand_addr=0x3}, {@in=@remote, 0x0, 0x32}, @in=@local, {}, {}, {}, 0x0, 0x0, 0xa, 0x1, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x2, 0x0, 0x0, @in=@private=0xa010102}}]}, 0x154}}, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x58, &(0x7f0000000a00)={[{@inode_readahead_blks}, {@grpid}, {@nomblk_io_submit}, {@stripe={'stripe', 0x3d, 0x4ffff}}, {@norecovery}, {@errors_remount}, {}]}, 0xfe, 0x799, &(0x7f00000001c0)="$eJzs3c1rHGUYAPBnNp+m1UYQbL00Jy2UbtoaWwWh8SSChYKebcNmG2I22ZLdlCbkYBFBEEGLB0Evnv2oN28ievZv8CIiLVXTYsWDrMx+JJtukm7TTdI2vx9M8r4zs/PMs7Pzvu/uDLsB7FpD6Z9MxIGI+CiJ2Fefn0RET7XUHTFaW+/20mIunZKoVN74M6muc2tpMRdNj0ntqVf2R8SP70UczrTGLc0vTI0VCvnZen24PH1huDS/cGRyemwiP5GfOXFsZOT4yRdOnuhcrn//vLD3+sevPvfN6L/vPn31w5+SGI299WXNeXTKUAzVn5Oe9Cms+b7TUR4MyU7vAJuSnppdtbM8DsS+6KqWAIBHWdr/VwCAXSbR/wPALtP4HODW0mKuMe3sJxLb68YrEdFfy79xfbO2pLt+za6/eh104Fay6spIEhGDHYi/PyI+/+6tr9Iptug6JMBa3rkcEecGh1rb/2TlnoVNOtrGOkN31LV/sH1+SMc/L641/sssj39ijfFP3xrn7mYMRfTWN1fVev5nrq0K2nCqA8Hr47+Xa/e2pYk2jf+Wb1ob7KrXHk8rByNispBP27YnIuJQ9PSdnyzkj20Q49DN/26ut2yoafz315W3v0zjp/9X1shc6+5b/ZjxsfLY/eTc7MbliGe6V+7tu93S/jeOeuv498xGGz64Unztpfc/W2+1NP8038bUmv/WqnwR8WysnX9DsuH9icPp4T9a+7t2jG9//XRgvfjNxz+d0viN9wLbIT3+AxvnP5g0369Z6mz8u+e//Ppf3qH09d+bvFkt99bnXRorl2ePRfQmr7fOP76ytUa9sX6af23Di72xKv+V9i9Zo/1L3xOeazPH7ut/fL35/LdWmv/4PR3/ey9cvT3VtV789o7/SLV0qD6nnfav3R28n+cOAAAAAAAAAAAAAAAAAAAAAAAAANqViYi9kWSyy+VMJput/Yb3UzGQKRRL5cPni3Mz41H9rezB6Mk0vupyX62eNL7/dLCpfvyO+vMR8WREfNL3WLWezRUL4zudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU7Vnn9/9Tv/ft9N4BAFumv2VOpVKpNNdv5jdcDAA8dFr7fwDgUaf/B4DdR/8PALuP/h8Adh/9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvszOnT6VT5Z2kxl9bHL87PTRUvHhnPl6ay03O5bK44eyE7USxOFPLZXHH6btsrFIsXRmJm7tJwOV8qD5fmF85OF+dmymcnp8dOxdl8z7ZkBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3pjS/MDVWKORnH4nCBxHxAOyGQmcLvx35Zf9G61y5y8t4tI1Y/fUT4gFJeecLO9wwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwk/g8AAP//Ez0kyA==") r3 = openat(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) r5 = socket$rxrpc(0x21, 0x2, 0xa) setsockopt$RXRPC_SECURITY_KEY(r5, 0x110, 0x1, &(0x7f0000000040)='cpu.stat\x00', 0x9) ioctl$IOC_WATCH_QUEUE_SET_FILTER(r4, 0x5761, &(0x7f0000000a80)={0x5, 0x0, [{0x6, 0x401, 0x0, [0x0, 0x0, 0x0, 0x1, 0x9, 0x80, 0x1600000, 0x6]}, {0x6, 0x0, 0xf92, [0x6, 0xa, 0x7f, 0x3, 0xfffffffc, 0x6, 0x9, 0x2]}, {0x60000, 0xcccc, 0xffffffff, [0x8, 0x7, 0x1b86, 0xe, 0x3, 0x7, 0xc000, 0x9]}, {0x8, 0x3, 0x5, [0x7fff, 0xa8, 0xc0, 0xffffff43, 0x5, 0x40, 0x9, 0xa]}, {0x64d, 0x7, 0x3, [0x0, 0x7, 0xf247, 0x7, 0x200, 0xff, 0x0, 0x2]}]}) msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x0) open_by_handle_at(r3, &(0x7f0000000240)=@reiserfs_2={0x4b, 0x2, {0xb}}, 0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r7], 0x20}}, 0x0) 225.860132ms ago: executing program 1 (id=3874): bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x3, 0x18, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040001f0ffffffb70200000800000018230000a43668528cfcdea56c32a2a11abc3ca5790e880c8dc19361320ec028eb8abccbac60f886d0639f5f9a8ff87cbacd0df5c9212a399d5e04446d5906f31dc825b07d614e048774afb912f1e95993193dd357b774a0e479dc7c7324400a1bd177037498b44f5bcff3f4a736be4e630046162fbc7afe88086eb528f0e0a262f94a889fb7c99e640cf2a4b6581234ebbca76d29b71b48db5942653c8a9e9259172d4a659a84ff801260271f03422f54f1432cc18635d043f407766791c8d778776b8583209a7e", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan1\x00', 0x0}) connect$can_bcm(r1, &(0x7f0000000300)={0x1d, r2}, 0x10) sendmsg$can_bcm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) sendmsg$can_bcm(r1, &(0x7f00000001c0)={&(0x7f0000000040), 0x10, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="0500"/14, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000000001"], 0x48}}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) socket$rxrpc(0x21, 0x2, 0x2) bpf$MAP_CREATE(0x0, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r5}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 137.83171ms ago: executing program 1 (id=3875): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000580)={0x0, 0x0, 0x0, 'queue0\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000100)) 118.856791ms ago: executing program 1 (id=3876): r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r0, &(0x7f00000001c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000300), 0xffffffffffffffff, 0x7}}, 0x18) 95.222693ms ago: executing program 1 (id=3877): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000001840)='wg0\x00', 0x4) bind$xdp(r1, &(0x7f0000001880), 0x10) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB="00000000010000001400030073797a5f74756e00000000000000000008000a00", @ANYRES32=r2], 0x3c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e6400000000040002800a000100ffffffffffbf0000"], 0x40}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00'/12, @ANYRES32, @ANYBLOB="0d00ff0000000000830000000000000045"], 0x0, 0x6}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x0, 0x0) preadv(r4, &(0x7f0000000400)=[{&(0x7f0000000300)=""/113, 0x71}], 0x1, 0x401, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x89f1, &(0x7f0000000580)='\x1a\xca\x10\xea\x1a\x87\xe7\xebz\xbd\xb5B\x99\xf9\x96]\xe7\xb7N\n\xaa.y\xc2V\x04`\n\x00\x00\x00\x00\x02\b\x00\x00\x9d\xf2u\x94\xa2\x86(\xf9\xc1\x9c\x05W\x80\x17T\'\xcd\x8e\xe2\xaf$\xc4\xc0\x90\xf3~\x1dV\xc6\x12!\xc2\xf5I\t\xed;$\v\xdcz\xc7e\xa0](\t\xca\xadj\xa4\xd1>\xb8#\xe7`\xf0 \xe4P\xbe\f\x10B\xd2\xcd\xf1\x18\"\x11D\x8d\x93ME\xe6\as\x9d\x86\xde\xc2\r\xde*1\x89\t\xe3&\xf6W9]\xae\xfc\x04w\xc1g\xbc\xec\x15C\x8e\x83\x8a\xac\xde`\xc4\xfb\xb9K\x89\xf2\x90\xba+S1\xf2=L\xdez\xc0L\xb5\xd1|z\x192\xce\x1d\tr\x83g\xcbg\xef\x9b\x947H\xb6sT)\v\xe03\x189\xb8RKt\xe5W\t8\x0e\x10\x86\x8d\xac4\xb0\xe4\xb2^\xcf\x88%\xac\x96\x0e\xb9\xf7\x1e\xcc!\x13\xe6\t\xd3\x1b\x84\xee\x1d\xfew\xb0\x947\xcd!`r\x9aV\x1d\x89\x89\xe9\xfa\x1e\xc3\xacc7\x02\xa6\v\x9f\xc8H\x91m\xe7\x13\xa1t=j\xeck\x9a\xc8z&\x8a\x8c]&A\xc1Z:\xb9\xc8j\xdfs\xcc\xfc\x15\r!\xfd\xb2\xeb\x97f\xf5\xc2\x1d}5&\x85\xac\xfe\x9az\x15\xfd\xf9\xccH\xc1`\xd9n\xf3\b\x8b\x01\xd5\xbc\xe7\x9a\'76R9ag\x16\xfc\x83') r5 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r5, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000540)={r4, 0xffffffffffffffff, 0x33, 0x0, @val=@tcx={@prog_fd=r4}}, 0x40) r6 = io_uring_setup(0x7bde, &(0x7f0000000080)={0x0, 0x3617}) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0x1a, 0x20000009, r7) 94.829003ms ago: executing program 1 (id=3878): unshare(0x22020600) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00') r1 = socket$inet_udplite(0x2, 0x2, 0x88) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000180)=@v1={0x0, @adiantum, 0x0, @desc1}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYBLOB], 0x0}, 0x90) add_key$keyring(&(0x7f0000000340), 0x0, 0x0, 0x0, 0xffffffffffffffff) socket$nl_audit(0x10, 0x3, 0x9) r5 = socket$nl_generic(0x10, 0x3, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]}) timer_create(0x0, 0x0, &(0x7f0000000100)) timer_gettime(0x0, &(0x7f0000000000)) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB="063b5329632d3331746a4a76ca1069a12145d6cac7ee24", @ANYRES16=r6, @ANYBLOB="0100000000000000000039000000080001007063690011000200303030303a30303a31302e300000000008007300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000800030000200000"], 0x60}}, 0x11) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0106000000000000000009000016240004801300010062726f6164636173742d6c696e6b00000c0007800800050002"], 0x38}}, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48) sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=ANY=[], 0x44}}, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r7) fstat(r0, &(0x7f0000000900)) r8 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x103302) ioctl$LOOP_CLR_FD(r8, 0x125e) 0s ago: executing program 4 (id=3879): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x1000e, &(0x7f00000002c0)={[{@init_itable}, {@resuid}, {@stripe}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000240)=@reiserfs_2={0x4b}, 0x0) kernel console output (not intermixed with test programs): vhci_hcd: release socket [ 326.094342][ T9291] vhci_hcd: disconnect device [ 326.122590][T16005] bridge0: port 1(bridge_slave_0) entered blocking state [ 326.122611][T16043] vhci_hcd: connection closed [ 326.122718][ T9313] vhci_hcd: stop threads [ 326.129708][T16005] bridge0: port 1(bridge_slave_0) entered disabled state [ 326.134340][ T9313] vhci_hcd: release socket [ 326.141114][T16005] bridge_slave_0: entered allmulticast mode [ 326.145601][ T9313] vhci_hcd: disconnect device [ 326.161199][T16005] bridge_slave_0: entered promiscuous mode [ 326.168457][T16005] bridge0: port 2(bridge_slave_1) entered blocking state [ 326.175585][T16005] bridge0: port 2(bridge_slave_1) entered disabled state [ 326.182890][T16005] bridge_slave_1: entered allmulticast mode [ 326.189462][T16005] bridge_slave_1: entered promiscuous mode [ 326.207461][T16005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 326.217953][T16005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 326.240025][T16005] team0: Port device team_slave_0 added [ 326.246692][T16005] team0: Port device team_slave_1 added [ 326.261842][T16005] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 326.268878][T16005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 326.294964][T16005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 326.306253][T16005] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 326.313346][T16005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 326.339337][T16005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 326.364028][T16005] hsr_slave_0: entered promiscuous mode [ 326.370285][T16005] hsr_slave_1: entered promiscuous mode [ 326.376351][T16005] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 326.384042][T16005] Cannot create hsr debugfs directory [ 326.584733][T16048] loop1: detected capacity change from 0 to 8192 [ 326.627490][T16048] loop1: p1 p2 p3 p4 [ 326.631566][T16048] loop1: p1 size 108922248 extends beyond EOD, truncated [ 326.635867][T16050] loop3: detected capacity change from 0 to 512 [ 326.647096][T16048] loop1: p2 start 861536256 is beyond EOD, truncated [ 326.653804][T16048] loop1: p3 start 851968 is beyond EOD, truncated [ 326.660362][T16048] loop1: p4 size 65536 extends beyond EOD, truncated [ 326.699808][T16050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 326.715321][T16050] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 326.745256][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.800720][T16071] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 326.807419][T16071] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 326.815091][T16071] vhci_hcd vhci_hcd.0: Device attached [ 326.824933][T16073] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0 [ 326.831900][T16071] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 326.831974][ T9291] vhci_hcd: stop threads [ 326.838438][T16071] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 326.838527][T16071] vhci_hcd vhci_hcd.0: Device attached [ 326.842811][ T9291] vhci_hcd: release socket [ 326.842819][ T9291] vhci_hcd: disconnect device [ 326.867308][T16076] vhci_hcd: connection closed [ 326.867504][ T9291] vhci_hcd: stop threads [ 326.876564][ T9291] vhci_hcd: release socket [ 326.881011][ T9291] vhci_hcd: disconnect device [ 326.886181][T16079] netlink: 'syz.1.3504': attribute type 10 has an invalid length. [ 326.906332][T16079] bond0: (slave netdevsim1): Enslaving as an active interface with an up link [ 326.944901][T16081] loop3: detected capacity change from 0 to 128 [ 327.000249][T15906] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.059812][T15906] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.110150][T15906] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.168472][T10464] bridge_slave_1: left allmulticast mode [ 327.174137][T10464] bridge_slave_1: left promiscuous mode [ 327.179858][T10464] bridge0: port 2(bridge_slave_1) entered disabled state [ 327.187744][T10464] bridge_slave_0: left allmulticast mode [ 327.193423][T10464] bridge_slave_0: left promiscuous mode [ 327.199049][T10464] bridge0: port 1(bridge_slave_0) entered disabled state [ 327.273424][T10464] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 327.284110][T10464] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 327.294451][T10464] bond0 (unregistering): Released all slaves [ 327.319837][T16005] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.378167][T16005] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.409248][T10464] hsr_slave_0: left promiscuous mode [ 327.414959][T10464] hsr_slave_1: left promiscuous mode [ 327.420937][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 327.428437][T10464] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 327.436031][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 327.443454][T10464] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 327.452611][T10464] veth1_macvtap: left promiscuous mode [ 327.458146][T10464] veth0_macvtap: left promiscuous mode [ 327.463751][T10464] veth1_vlan: left promiscuous mode [ 327.469097][T10464] veth0_vlan: left promiscuous mode [ 327.556871][T10464] team0 (unregistering): Port device team_slave_1 removed [ 327.567850][T10464] team0 (unregistering): Port device team_slave_0 removed [ 327.611560][T16005] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.700664][T16005] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.857950][T15906] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 327.866711][T16005] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 327.879633][T16005] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 327.889207][T15906] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 327.898169][T16005] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 327.908902][T16005] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 327.918629][T15906] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 327.925863][T16106] loop1: detected capacity change from 0 to 2048 [ 327.935009][T16108] loop2: detected capacity change from 0 to 128 [ 327.944467][T16108] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 327.948054][T15906] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 327.956811][T16108] ext4 filesystem being mounted at /120/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 328.003870][T16108] FAULT_INJECTION: forcing a failure. [ 328.003870][T16108] name failslab, interval 1, probability 0, space 0, times 0 [ 328.016709][T16108] CPU: 0 PID: 16108 Comm: syz.2.3514 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0 [ 328.026947][T16108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 328.037038][T16108] Call Trace: [ 328.039805][T16005] 8021q: adding VLAN 0 to HW filter on device bond0 [ 328.040306][T16108] [ 328.040314][T16108] dump_stack_lvl+0xf2/0x150 [ 328.054388][T16108] dump_stack+0x15/0x20 [ 328.057843][T16005] 8021q: adding VLAN 0 to HW filter on device team0 [ 328.058540][T16108] should_fail_ex+0x229/0x230 [ 328.058571][T16108] ? security_inode_alloc+0x32/0xd0 [ 328.058601][T16108] __should_failslab+0x92/0xa0 [ 328.058619][T16108] should_failslab+0x9/0x20 [ 328.075518][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 328.079733][T16108] kmem_cache_alloc_noprof+0x4c/0x290 [ 328.079771][T16108] security_inode_alloc+0x32/0xd0 [ 328.084267][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 328.091230][T16108] inode_init_always+0x428/0x470 [ 328.113780][T16108] ? __pfx_ext4_alloc_inode+0x10/0x10 [ 328.119244][T16108] alloc_inode+0x7d/0x160 [ 328.123606][T16108] new_inode+0x1d/0x130 [ 328.127004][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 328.127755][T16108] __ext4_new_inode+0x13f/0x2270 [ 328.134825][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 328.139695][T16108] ? __rcu_read_unlock+0x4e/0x70 [ 328.151829][T16108] ? __dquot_initialize+0x13a/0x760 [ 328.157037][T16108] ? avc_has_perm+0xd4/0x160 [ 328.161633][T16108] ext4_mkdir+0x27f/0x740 [ 328.165999][T16108] vfs_mkdir+0x1f4/0x320 [ 328.170277][T16108] do_mkdirat+0x12f/0x2a0 [ 328.174675][T16108] __x64_sys_mkdirat+0x50/0x60 [ 328.178830][T15906] 8021q: adding VLAN 0 to HW filter on device bond0 [ 328.179430][T16108] x64_sys_call+0x2ce5/0x2d70 [ 328.190662][T16108] do_syscall_64+0xc9/0x1c0 [ 328.195191][T16108] ? clear_bhb_loop+0x55/0xb0 [ 328.199873][T16108] ? clear_bhb_loop+0x55/0xb0 [ 328.204574][T16108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.210586][T16108] RIP: 0033:0x7f6bcbe93517 [ 328.215048][T16108] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.220312][T16005] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 328.234648][T16108] RSP: 002b:00007f6bcb115e78 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 328.234670][T16108] RAX: ffffffffffffffda RBX: 00007f6bcb115f00 RCX: 00007f6bcbe93517 [ 328.234683][T16108] RDX: 00000000000001ff RSI: 0000000020000100 RDI: 00000000ffffff9c [ 328.247194][T15906] 8021q: adding VLAN 0 to HW filter on device team0 [ 328.249793][T16108] RBP: 0000000020000000 R08: 0000000020000000 R09: 0000000000000000 [ 328.262207][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 328.265688][T16108] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000020000100 [ 328.272355][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 328.280200][T16108] R13: 00007f6bcb115ec0 R14: 0000000000000000 R15: 0000000000000000 [ 328.302959][T15906] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 328.310267][T16108] [ 328.324314][T15906] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 328.346175][T14629] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 328.357126][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 328.364181][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 328.454400][T15906] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 328.467027][ T29] kauditd_printk_skb: 132 callbacks suppressed [ 328.467041][ T29] audit: type=1326 audit(1720138823.007:3631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16135 comm="syz.1.3521" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x0 [ 328.533841][T16005] veth0_vlan: entered promiscuous mode [ 328.543614][T16005] veth1_vlan: entered promiscuous mode [ 328.565627][T16005] veth0_macvtap: entered promiscuous mode [ 328.577203][T16005] veth1_macvtap: entered promiscuous mode [ 328.593726][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.604253][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.614110][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.624548][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.634510][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.645064][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.654902][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.665420][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.675228][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.685635][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.695449][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.705870][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.715764][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.726251][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.736131][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.746660][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.757617][T16005] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 328.768324][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.778860][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.785456][T16167] loop3: detected capacity change from 0 to 1024 [ 328.788740][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.788755][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.788770][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.825871][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.828657][T16167] EXT4-fs: Ignoring removed oldalloc option [ 328.835735][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.852086][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.854445][T16167] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 328.861885][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.881319][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.891160][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.901617][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.911423][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.921891][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.931704][T16005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.942110][T16005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.953019][T16005] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 328.963080][T16167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 328.987761][T16167] netlink: 7 bytes leftover after parsing attributes in process `syz.3.3526'. [ 328.991082][T16005] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.005558][T16005] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.014285][T16005] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.022979][T16005] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.032711][T16175] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 329.039290][T16175] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 329.047008][T16175] vhci_hcd vhci_hcd.0: Device attached [ 329.061434][T16179] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 329.067981][T16179] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 329.075821][T16179] vhci_hcd vhci_hcd.0: Device attached [ 329.086967][T16181] vhci_hcd: connection closed [ 329.087171][T16176] vhci_hcd: connection closed [ 329.093037][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.093470][T10467] vhci_hcd: stop threads [ 329.111294][T10467] vhci_hcd: release socket [ 329.115698][T10467] vhci_hcd: disconnect device [ 329.120735][T10467] vhci_hcd: stop threads [ 329.124972][T10467] vhci_hcd: release socket [ 329.129570][T10467] vhci_hcd: disconnect device [ 329.139620][T15906] veth0_vlan: entered promiscuous mode [ 329.148051][T15906] veth1_vlan: entered promiscuous mode [ 329.163744][T15906] veth0_macvtap: entered promiscuous mode [ 329.171589][T15906] veth1_macvtap: entered promiscuous mode [ 329.183913][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.194800][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.204675][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.215215][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.225089][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.235509][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.245341][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.255872][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.265869][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.276793][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.286601][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.297553][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.307441][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.317871][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.327709][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.338122][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.348049][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.358480][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.373244][T15906] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 329.381923][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.392423][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.402284][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.412706][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.422564][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.432993][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.442897][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.453469][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.463293][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.473843][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.483679][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.494087][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.503889][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.514434][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.524237][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.534690][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.544508][T15906] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.555022][T15906] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.569899][T15906] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 329.582826][T15906] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.591580][T15906] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.600311][T15906] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.609052][T15906] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.665620][T16209] loop1: detected capacity change from 0 to 128 [ 329.665842][T16211] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3451'. [ 329.674076][T16209] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 329.694941][T16209] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 329.719973][T15755] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 329.761322][T16220] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 329.779965][ T29] audit: type=1400 audit(1720138824.317:3632): avc: denied { setopt } for pid=16215 comm="syz.0.3537" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 329.848133][T16235] FAULT_INJECTION: forcing a failure. [ 329.848133][T16235] name failslab, interval 1, probability 0, space 0, times 0 [ 329.861011][T16235] CPU: 0 PID: 16235 Comm: syz.2.3543 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0 [ 329.871217][T16235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 329.881266][T16235] Call Trace: [ 329.884618][T16235] [ 329.887587][T16235] dump_stack_lvl+0xf2/0x150 [ 329.892246][T16235] dump_stack+0x15/0x20 [ 329.896396][T16235] should_fail_ex+0x229/0x230 [ 329.901086][T16235] ? dst_alloc+0xc0/0x100 [ 329.905417][T16235] __should_failslab+0x92/0xa0 [ 329.910185][T16235] should_failslab+0x9/0x20 [ 329.914755][T16235] kmem_cache_alloc_noprof+0x4c/0x290 [ 329.920223][T16235] ? ip6_dst_lookup_tail+0x6e7/0x940 [ 329.925528][T16235] dst_alloc+0xc0/0x100 [ 329.929722][T16235] ip6_blackhole_route+0x42/0x2b0 [ 329.929803][T16238] loop3: detected capacity change from 0 to 1024 [ 329.934735][T16235] xfrm_lookup_route+0xbe/0x110 [ 329.945906][T16235] ip6_dst_lookup_flow+0x98/0xc0 [ 329.946603][T16238] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 329.950994][T16235] sctp_v6_get_dst+0x329/0xa10 [ 329.951032][T16235] sctp_transport_route+0xad/0x1b0 [ 329.965911][T16238] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 329.969526][T16235] sctp_assoc_add_peer+0x3c0/0xba0 [ 329.969578][T16235] sctp_connect_new_asoc+0x1f8/0x3b0 [ 329.969609][T16235] sctp_sendmsg+0xf05/0x1920 [ 329.997006][T16235] ? __pfx_sctp_sendmsg+0x10/0x10 [ 330.002111][T16235] inet_sendmsg+0xc5/0xd0 [ 330.006531][T16235] __sock_sendmsg+0x102/0x180 [ 330.011207][T16235] __sys_sendto+0x1e5/0x260 [ 330.015830][T16235] __x64_sys_sendto+0x78/0x90 [ 330.020497][T16235] x64_sys_call+0x16d7/0x2d70 [ 330.025213][T16235] do_syscall_64+0xc9/0x1c0 [ 330.029707][T16235] ? clear_bhb_loop+0x55/0xb0 [ 330.034394][T16235] ? clear_bhb_loop+0x55/0xb0 [ 330.039164][T16235] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.045111][T16235] RIP: 0033:0x7f6bcbe94bd9 [ 330.049509][T16235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.069141][T16235] RSP: 002b:00007f6bcb116048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 330.077560][T16235] RAX: ffffffffffffffda RBX: 00007f6bcc022f60 RCX: 00007f6bcbe94bd9 [ 330.085518][T16235] RDX: 0000000000000001 RSI: 0000000020847fff RDI: 0000000000000005 [ 330.093480][T16235] RBP: 00007f6bcb1160a0 R08: 000000002005ffe4 R09: 000000000000001c [ 330.101443][T16235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 330.109407][T16235] R13: 000000000000000b R14: 00007f6bcc022f60 R15: 00007ffd43492558 [ 330.117368][T16235] [ 330.128265][T16237] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3544'. [ 330.138573][T16240] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 330.145088][T16240] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 330.152659][T16243] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 330.159157][T16243] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 330.166822][T16240] vhci_hcd vhci_hcd.0: Device attached [ 330.166841][T16243] vhci_hcd vhci_hcd.0: Device attached [ 330.180398][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.194358][T16244] vhci_hcd: connection closed [ 330.194514][ T9313] vhci_hcd: stop threads [ 330.203606][ T9313] vhci_hcd: release socket [ 330.208116][ T9313] vhci_hcd: disconnect device [ 330.212946][T16242] vhci_hcd: connection closed [ 330.213231][ T9313] vhci_hcd: stop threads [ 330.222263][ T9313] vhci_hcd: release socket [ 330.226727][ T9313] vhci_hcd: disconnect device [ 330.431036][T16252] loop3: detected capacity change from 0 to 512 [ 330.438321][T16252] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 330.487730][T16252] EXT4-fs (loop3): 1 truncate cleaned up [ 330.494078][T16252] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 330.748987][T16258] netlink: 'syz.1.3549': attribute type 10 has an invalid length. [ 330.767444][T16258] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 330.777498][T16258] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 330.802736][T16264] loop2: detected capacity change from 0 to 512 [ 330.811197][T16264] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 330.832174][T16264] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 330.845049][T16264] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 330.871512][T14629] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 330.889578][T16275] loop0: detected capacity change from 0 to 1024 [ 330.902957][T16279] loop1: detected capacity change from 0 to 1024 [ 330.909943][T16279] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 330.916611][T16275] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3556'. [ 330.930833][T16279] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 330.945533][T16279] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3558'. [ 330.962433][T16286] FAULT_INJECTION: forcing a failure. [ 330.962433][T16286] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 330.975503][T16286] CPU: 1 PID: 16286 Comm: syz.0.3560 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0 [ 330.985776][T16286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 330.995814][T16286] Call Trace: [ 330.999072][T16286] [ 331.001995][T16286] dump_stack_lvl+0xf2/0x150 [ 331.006591][T16286] dump_stack+0x15/0x20 [ 331.010729][T16286] should_fail_ex+0x229/0x230 [ 331.015487][T16286] should_fail+0xb/0x10 [ 331.019701][T16286] should_fail_usercopy+0x1a/0x20 [ 331.024703][T16286] _copy_to_user+0x1e/0xa0 [ 331.029120][T16286] put_itimerspec64+0x69/0x120 [ 331.033901][T16286] __x64_sys_timerfd_gettime+0x80/0xc0 [ 331.039433][T16286] x64_sys_call+0x2d2b/0x2d70 [ 331.044114][T16286] do_syscall_64+0xc9/0x1c0 [ 331.048770][T16286] ? clear_bhb_loop+0x55/0xb0 [ 331.053426][T16286] ? clear_bhb_loop+0x55/0xb0 [ 331.058113][T16286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.064257][T16286] RIP: 0033:0x7fe6c1d24bd9 [ 331.068648][T16286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.088411][T16286] RSP: 002b:00007fe6c0fa6048 EFLAGS: 00000246 ORIG_RAX: 000000000000011f [ 331.096815][T16286] RAX: ffffffffffffffda RBX: 00007fe6c1eb2f60 RCX: 00007fe6c1d24bd9 [ 331.104779][T16286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 331.112736][T16286] RBP: 00007fe6c0fa60a0 R08: 0000000000000000 R09: 0000000000000000 [ 331.120697][T16286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 331.128717][T16286] R13: 000000000000000b R14: 00007fe6c1eb2f60 R15: 00007fffaa8b3628 [ 331.136706][T16286] [ 331.150537][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.162538][ T29] audit: type=1326 audit(1720138825.707:3633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16288 comm="syz.0.3561" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0 [ 331.203692][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.245400][T16294] 9pnet_fd: Insufficient options for proto=fd [ 331.254305][T16294] loop3: detected capacity change from 0 to 256 [ 331.261773][T16294] FAT-fs (loop3): Unrecognized mount option "n" or missing value [ 331.297665][T16300] 9pnet_fd: Insufficient options for proto=fd [ 331.306221][T16294] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 331.312628][T16294] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 331.364578][T16303] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 331.378743][T16303] FAULT_INJECTION: forcing a failure. [ 331.378743][T16303] name failslab, interval 1, probability 0, space 0, times 0 [ 331.391472][T16303] CPU: 0 PID: 16303 Comm: syz.3.3566 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0 [ 331.401695][T16303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 331.411753][T16303] Call Trace: [ 331.415031][T16303] [ 331.418032][T16303] dump_stack_lvl+0xf2/0x150 [ 331.422700][T16303] dump_stack+0x15/0x20 [ 331.426888][T16303] should_fail_ex+0x229/0x230 [ 331.431575][T16303] ? __alloc_skb+0x10b/0x300 [ 331.436181][T16303] __should_failslab+0x92/0xa0 [ 331.440946][T16303] should_failslab+0x9/0x20 [ 331.445485][T16303] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 331.451322][T16303] ? nlmon_xmit+0x51/0x60 [ 331.455712][T16303] __alloc_skb+0x10b/0x300 [ 331.460138][T16303] netlink_ack+0xef/0x4f0 [ 331.464580][T16303] netlink_rcv_skb+0x19c/0x230 [ 331.469357][T16303] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 331.474829][T16303] rtnetlink_rcv+0x1c/0x30 [ 331.479259][T16303] netlink_unicast+0x58d/0x660 [ 331.484095][T16303] netlink_sendmsg+0x5ca/0x6e0 [ 331.488901][T16303] ? __pfx_netlink_sendmsg+0x10/0x10 [ 331.494220][T16303] __sock_sendmsg+0x140/0x180 [ 331.498909][T16303] ____sys_sendmsg+0x312/0x410 [ 331.503680][T16303] __sys_sendmsg+0x1e9/0x280 [ 331.508305][T16303] __x64_sys_sendmsg+0x46/0x50 [ 331.513069][T16303] x64_sys_call+0xb25/0x2d70 [ 331.517749][T16303] do_syscall_64+0xc9/0x1c0 [ 331.522297][T16303] ? clear_bhb_loop+0x55/0xb0 [ 331.527021][T16303] ? clear_bhb_loop+0x55/0xb0 [ 331.531782][T16303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.537924][T16303] RIP: 0033:0x7fa815826bd9 [ 331.542342][T16303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.561953][T16303] RSP: 002b:00007fa814aa8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 331.570386][T16303] RAX: ffffffffffffffda RBX: 00007fa8159b4f60 RCX: 00007fa815826bd9 [ 331.578377][T16303] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 331.586354][T16303] RBP: 00007fa814aa80a0 R08: 0000000000000000 R09: 0000000000000000 [ 331.594324][T16303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 331.602327][T16303] R13: 000000000000000b R14: 00007fa8159b4f60 R15: 00007ffe239f7648 [ 331.610346][T16303] [ 331.628075][T16305] loop3: detected capacity change from 0 to 256 [ 331.643377][T16305] FAT-fs (loop3): Directory bread(block 64) failed [ 331.650152][T16305] FAT-fs (loop3): Directory bread(block 65) failed [ 331.659202][T16305] FAT-fs (loop3): Directory bread(block 66) failed [ 331.665924][T16305] FAT-fs (loop3): Directory bread(block 67) failed [ 331.675264][T16305] FAT-fs (loop3): Directory bread(block 68) failed [ 331.683942][T16305] FAT-fs (loop3): Directory bread(block 69) failed [ 331.690534][T16305] FAT-fs (loop3): Directory bread(block 70) failed [ 331.698961][T16305] FAT-fs (loop3): Directory bread(block 71) failed [ 331.705776][T16305] FAT-fs (loop3): Directory bread(block 72) failed [ 331.705794][T16305] FAT-fs (loop3): Directory bread(block 73) failed [ 331.723176][T16309] loop1: detected capacity change from 0 to 1024 [ 331.730916][T16309] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 331.741475][T16309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 331.755196][T16309] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3569'. [ 331.771412][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.840710][ T29] audit: type=1326 audit(1720138826.377:3634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16312 comm="syz.1.3570" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x0 [ 331.886001][T16314] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3567'. [ 332.506564][T16326] loop3: detected capacity change from 0 to 1024 [ 332.513396][T16326] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 332.524223][T16326] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 332.538865][T16326] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3572'. [ 332.554738][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.695183][T16336] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0) [ 332.761918][T16346] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 332.768455][T16346] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 332.776173][T16346] vhci_hcd vhci_hcd.0: Device attached [ 332.786489][T16347] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0 [ 332.795393][ T29] audit: type=1326 audit(1720138827.327:3635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16348 comm="syz.3.3581" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x0 [ 332.819098][T10464] vhci_hcd: stop threads [ 332.820678][T16340] loop0: detected capacity change from 0 to 8192 [ 332.823370][T10464] vhci_hcd: release socket [ 332.834401][T16346] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 332.834421][T16346] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 332.848644][T10464] vhci_hcd: disconnect device [ 332.848652][T16346] vhci_hcd vhci_hcd.0: Device attached [ 332.861116][T16351] vhci_hcd: connection closed [ 332.861286][T10464] vhci_hcd: stop threads [ 332.870354][T10464] vhci_hcd: release socket [ 332.874784][T10464] vhci_hcd: disconnect device [ 332.876954][T16340] loop0: p1 p2 p3 p4 [ 332.883467][T16340] loop0: p1 size 108922248 extends beyond EOD, truncated [ 332.891150][T16340] loop0: p2 start 861536256 is beyond EOD, truncated [ 332.897877][T16340] loop0: p3 start 851968 is beyond EOD, truncated [ 332.904299][T16340] loop0: p4 size 65536 extends beyond EOD, truncated [ 332.994495][T16359] sctp: [Deprecated]: syz.0.3582 (pid 16359) Use of struct sctp_assoc_value in delayed_ack socket option. [ 332.994495][T16359] Use struct sctp_sack_info instead [ 333.014168][T16359] loop0: detected capacity change from 0 to 512 [ 333.160575][T16363] loop4: detected capacity change from 0 to 1024 [ 333.167743][T16363] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 333.178278][T16363] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.192236][T16363] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3583'. [ 333.210269][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.283454][T16369] loop4: detected capacity change from 0 to 1024 [ 333.290402][T16369] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 333.300907][T16369] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.314795][T16369] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3585'. [ 333.332184][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.378387][T16372] loop1: detected capacity change from 0 to 512 [ 333.384991][T16372] EXT4-fs: Ignoring removed orlov option [ 333.387904][T16374] loop4: detected capacity change from 0 to 512 [ 333.397872][T16372] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102] [ 333.405895][T16372] System zones: 1-12 [ 333.410253][T16372] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz.1.3587: casefold flag without casefold feature [ 333.419634][T16374] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.423219][T16372] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.3587: couldn't read orphan inode 15 (err -117) [ 333.437251][T16374] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 333.449351][T16372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 333.475013][T16372] EXT4-fs (loop1): shut down requested (0) [ 333.502879][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.587139][ T29] audit: type=1326 audit(1720138828.127:3636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16382 comm="syz.1.3589" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x0 [ 333.625304][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.769505][T16400] loop4: detected capacity change from 0 to 512 [ 333.776286][T16400] EXT4-fs: Ignoring removed nobh option [ 333.784028][T16400] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 333.826631][T16403] loop0: detected capacity change from 0 to 1024 [ 333.846048][T16400] EXT4-fs (loop4): 1 truncate cleaned up [ 333.852418][T16400] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.886118][T16407] loop0: detected capacity change from 0 to 1024 [ 333.927730][T16409] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 333.934269][T16409] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 333.941997][T16409] vhci_hcd vhci_hcd.0: Device attached [ 333.949247][T16410] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0 [ 333.949930][T16409] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 333.960853][T10467] vhci_hcd: stop threads [ 333.962665][T16409] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 333.966933][T10467] vhci_hcd: release socket [ 333.974574][T16409] vhci_hcd vhci_hcd.0: Device attached [ 333.979003][T10467] vhci_hcd: disconnect device [ 333.986479][T16415] loop0: detected capacity change from 0 to 512 [ 334.000571][T16412] vhci_hcd: connection closed [ 334.000800][ T29] audit: type=1400 audit(1720138828.537:3637): avc: denied { mounton } for pid=16414 comm="syz.0.3598" path="/dev/ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 334.029238][T10467] vhci_hcd: stop threads [ 334.033657][T10467] vhci_hcd: release socket [ 334.038145][T10467] vhci_hcd: disconnect device [ 334.147792][ T29] audit: type=1326 audit(1720138828.687:3638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16421 comm="syz.0.3600" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0 [ 334.431694][T16430] loop1: detected capacity change from 0 to 128 [ 334.439983][T16430] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 334.452792][T16430] ext4 filesystem being mounted at /52/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 334.489125][ T29] audit: type=1400 audit(1720138829.027:3639): avc: denied { setattr } for pid=16429 comm="syz.1.3601" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 334.517637][T15755] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 334.559410][T16437] loop2: detected capacity change from 0 to 512 [ 334.578891][T16437] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.586756][T16441] loop1: detected capacity change from 0 to 512 [ 334.592724][T16437] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 334.618840][T16441] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.633681][T16441] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 334.666940][T16437] loop2: detected capacity change from 512 to 0 [ 334.667132][T16444] syz.2.3605: attempt to access beyond end of device [ 334.667132][T16444] loop2: rw=12288, sector=88, nr_sectors = 4 limit=0 [ 334.706561][T16444] EXT4-fs error (device loop2): __ext4_find_entry:1684: inode #2: comm syz.2.3605: reading directory lblock 0 [ 334.731714][T16444] syz.2.3605: attempt to access beyond end of device [ 334.731714][T16444] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0 [ 334.745090][T16444] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 334.755521][T16444] EXT4-fs (loop2): I/O error while writing superblock [ 334.792070][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.812658][T14629] syz-executor: attempt to access beyond end of device [ 334.812658][T14629] loop2: rw=12288, sector=88, nr_sectors = 4 limit=0 [ 334.849008][T16448] loop1: detected capacity change from 0 to 1024 [ 334.859546][T15208] syz.2.3232: attempt to access beyond end of device [ 334.859546][T15208] loop2: rw=524288, sector=140, nr_sectors = 4 limit=0 [ 334.860614][T16448] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 334.877745][T15208] syz.2.3232: attempt to access beyond end of device [ 334.877745][T15208] loop2: rw=524288, sector=144, nr_sectors = 4 limit=0 [ 334.885966][T16448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.895443][T15208] syz.2.3232: attempt to access beyond end of device [ 334.895443][T15208] loop2: rw=12288, sector=136, nr_sectors = 4 limit=0 [ 334.913175][T16448] __nla_validate_parse: 2 callbacks suppressed [ 334.913186][T16448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3606'. [ 334.921909][T15208] EXT4-fs error (device loop2): ext4_get_inode_loc:4495: inode #2: block 34: comm syz.2.3232: unable to read itable block [ 334.934593][T16452] loop3: detected capacity change from 0 to 1024 [ 334.936900][T15208] syz.2.3232: attempt to access beyond end of device [ 334.936900][T15208] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0 [ 334.961855][T16452] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 334.968619][T15208] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 334.982062][T16452] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 334.986511][T15208] EXT4-fs (loop2): I/O error while writing superblock [ 335.002700][T16452] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3608'. [ 335.004627][T15208] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5731: IO failure [ 335.004733][T15208] syz.2.3232: attempt to access beyond end of device [ 335.004733][T15208] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0 [ 335.014258][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.022191][T15208] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 335.022298][T15208] EXT4-fs (loop2): I/O error while writing superblock [ 335.060692][T15208] EXT4-fs error (device loop2): ext4_dirty_inode:5935: inode #2: comm syz.2.3232: mark_inode_dirty error [ 335.061423][T15208] syz.2.3232: attempt to access beyond end of device [ 335.061423][T15208] loop2: rw=145409, sector=0, nr_sectors = 4 limit=0 [ 335.085587][T15208] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 335.094549][T15208] EXT4-fs (loop2): I/O error while writing superblock [ 335.101506][ T9315] kworker/u8:26: attempt to access beyond end of device [ 335.101506][ T9315] loop2: rw=524288, sector=140, nr_sectors = 4 limit=0 [ 335.103425][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.124739][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.127068][ T9315] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4480: inode #3: block 34: comm kworker/u8:26: unable to read itable block [ 335.148458][ T9315] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 335.157635][ T9315] EXT4-fs (loop2): I/O error while writing superblock [ 335.169294][ T9315] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4480: inode #18: block 35: comm kworker/u8:26: unable to read itable block [ 335.183580][ T9315] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 335.191928][ T9315] EXT4-fs (loop2): I/O error while writing superblock [ 335.191967][ T9315] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4480: inode #2: block 34: comm kworker/u8:26: unable to read itable block [ 335.191998][ T9315] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 335.192012][ T9315] EXT4-fs (loop2): I/O error while writing superblock [ 335.194617][T15208] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.195283][T15208] Buffer I/O error on dev loop2, logical block 0, lost sync page write [ 335.195297][T15208] EXT4-fs (loop2): I/O error while writing superblock [ 335.201030][T16462] ipip0: entered promiscuous mode [ 335.291972][T16438] Buffer I/O error on dev loop2, logical block 12, lost sync page write [ 335.301338][ T29] audit: type=1326 audit(1720138829.847:3640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16463 comm="syz.3.3611" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x0 [ 335.302759][T16471] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 335.330898][T16471] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 335.338520][T16471] vhci_hcd vhci_hcd.0: Device attached [ 335.354467][T16471] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 335.354489][T16471] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 335.354541][T16471] vhci_hcd vhci_hcd.0: Device attached [ 335.381537][T16474] vhci_hcd: connection closed [ 335.393593][T16476] loop4: detected capacity change from 0 to 512 [ 335.405917][T16472] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0 [ 335.413250][ T9291] vhci_hcd: stop threads [ 335.417510][ T9291] vhci_hcd: release socket [ 335.421907][ T9291] vhci_hcd: disconnect device [ 335.429060][T16476] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 335.441884][T16476] EXT4-fs (loop4): 1 truncate cleaned up [ 335.448265][T16476] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 335.468725][ T9291] vhci_hcd: stop threads [ 335.472978][ T9291] vhci_hcd: release socket [ 335.477440][ T9291] vhci_hcd: disconnect device [ 335.546696][ T4178] vhci_hcd: vhci_device speed not set [ 335.642143][T10464] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.683360][T10464] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.720736][T10464] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.769883][T10464] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 335.809651][T16483] chnl_net:caif_netlink_parms(): no params data found [ 335.848417][T10464] bridge_slave_1: left allmulticast mode [ 335.854141][T10464] bridge_slave_1: left promiscuous mode [ 335.859854][T10464] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.867488][T10464] bridge_slave_0: left allmulticast mode [ 335.873138][T10464] bridge_slave_0: left promiscuous mode [ 335.878819][T10464] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.907402][T16498] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3616'. [ 335.923689][T16498] loop1: detected capacity change from 0 to 512 [ 335.930322][T16498] EXT4-fs: Ignoring removed mblk_io_submit option [ 335.938304][T16498] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 335.949658][T16498] EXT4-fs (loop1): 1 truncate cleaned up [ 335.955680][T16498] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 335.968948][T16498] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3616'. [ 336.003836][T10464] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 336.025737][T16501] loop0: detected capacity change from 0 to 512 [ 336.035742][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.048717][T10464] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 336.063697][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.064405][T10464] bond0 (unregistering): Released all slaves [ 336.081600][T10464] bond1 (unregistering): Released all slaves [ 336.101350][T10464] bond2 (unregistering): Released all slaves [ 336.133449][T16507] loop4: detected capacity change from 0 to 512 [ 336.147267][T16483] bridge0: port 1(bridge_slave_0) entered blocking state [ 336.154326][T16483] bridge0: port 1(bridge_slave_0) entered disabled state [ 336.174692][T16508] loop3: detected capacity change from 0 to 1024 [ 336.182579][T16507] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 336.186858][T16483] bridge_slave_0: entered allmulticast mode [ 336.203105][T16483] bridge_slave_0: entered promiscuous mode [ 336.205809][T16508] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 336.210587][T16507] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 336.222766][T16513] loop0: detected capacity change from 0 to 256 [ 336.242035][T16483] bridge0: port 2(bridge_slave_1) entered blocking state [ 336.249337][T16483] bridge0: port 2(bridge_slave_1) entered disabled state [ 336.259033][T16508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 336.260594][T16483] bridge_slave_1: entered allmulticast mode [ 336.278165][T16483] bridge_slave_1: entered promiscuous mode [ 336.288515][T16516] loop1: detected capacity change from 0 to 1024 [ 336.293952][T16505] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3620'. [ 336.304191][T16516] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 336.320348][T16516] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 336.326863][T10464] hsr_slave_0: left promiscuous mode [ 336.335844][T16516] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3621'. [ 336.351084][T16507] loop4: detected capacity change from 512 to 0 [ 336.357630][T10464] hsr_slave_1: left promiscuous mode [ 336.363225][T16519] EXT4-fs error (device loop4): __ext4_find_entry:1684: inode #2: comm syz.4.3619: reading directory lblock 0 [ 336.364060][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.377011][T16519] Buffer I/O error on dev loop4, logical block 0, lost sync page write [ 336.392384][T16519] EXT4-fs (loop4): I/O error while writing superblock [ 336.399333][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 336.406915][T10464] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 336.418119][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 336.425574][T10464] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 336.433193][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.450106][T10464] veth1_macvtap: left promiscuous mode [ 336.455614][T10464] veth0_macvtap: left promiscuous mode [ 336.461135][T10464] veth1_vlan: left promiscuous mode [ 336.466376][T10464] veth0_vlan: left promiscuous mode [ 336.473502][ T29] audit: type=1326 audit(1720138831.007:3641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16518 comm="syz.0.3622" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0 [ 336.582186][T16535] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 336.588777][T16535] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 336.596369][T16535] vhci_hcd vhci_hcd.0: Device attached [ 336.606939][T16536] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0 [ 336.609271][T16535] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 336.614184][T10467] vhci_hcd: stop threads [ 336.620409][T16535] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 336.620531][T16535] vhci_hcd vhci_hcd.0: Device attached [ 336.624677][T10467] vhci_hcd: release socket [ 336.642361][T10467] vhci_hcd: disconnect device [ 336.672691][T10464] team0 (unregistering): Port device team_slave_1 removed [ 336.683533][T10464] team0 (unregistering): Port device team_slave_0 removed [ 336.733549][T16522] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3623'. [ 336.748034][T16538] vhci_hcd: connection closed [ 336.748334][ T9291] vhci_hcd: stop threads [ 336.752205][T16483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 336.753021][ T9291] vhci_hcd: release socket [ 336.770756][ T9291] vhci_hcd: disconnect device [ 336.776297][T16483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 336.797233][T15906] EXT4-fs error (device loop4): ext4_get_inode_loc:4495: inode #2: block 34: comm syz-executor: unable to read itable block [ 336.814380][T15906] EXT4-fs (loop4): I/O error while writing superblock [ 336.821198][T15906] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5731: IO failure [ 336.830333][T15906] EXT4-fs (loop4): I/O error while writing superblock [ 336.837114][T15906] EXT4-fs error (device loop4): ext4_dirty_inode:5935: inode #2: comm syz-executor: mark_inode_dirty error [ 336.849368][T15906] EXT4-fs (loop4): I/O error while writing superblock [ 336.861652][ T9313] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4480: inode #3: block 34: comm kworker/u8:25: unable to read itable block [ 336.876080][ T9313] EXT4-fs (loop4): I/O error while writing superblock [ 336.883179][ T9313] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4480: inode #18: block 35: comm kworker/u8:25: unable to read itable block [ 336.897254][ T9313] EXT4-fs (loop4): I/O error while writing superblock [ 336.904107][ T9313] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4480: inode #2: block 34: comm kworker/u8:25: unable to read itable block [ 336.918251][ T9313] EXT4-fs (loop4): I/O error while writing superblock [ 336.919652][T16483] team0: Port device team_slave_0 added [ 336.932257][T16483] team0: Port device team_slave_1 added [ 336.932458][T15906] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 336.949453][T15906] EXT4-fs (loop4): I/O error while writing superblock [ 336.965370][T16483] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 336.972409][T16483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 336.998340][T16483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 337.011926][T16483] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 337.018963][T16483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 337.045247][T16483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 337.063304][T16548] loop3: detected capacity change from 0 to 512 [ 337.070472][T16548] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 337.108563][T16483] hsr_slave_0: entered promiscuous mode [ 337.114916][T16483] hsr_slave_1: entered promiscuous mode [ 337.125407][T16483] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 337.132999][T16483] Cannot create hsr debugfs directory [ 337.159936][T16548] EXT4-fs (loop3): 1 truncate cleaned up [ 337.343979][T16555] loop1: detected capacity change from 0 to 512 [ 337.362820][T10464] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.379718][T16555] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 337.441121][T10464] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.478333][T16571] loop0: detected capacity change from 0 to 1024 [ 337.509417][T16483] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 337.524114][T16483] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 337.533551][T16571] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3634'. [ 337.550029][T10464] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.570128][T16483] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 337.580538][T16483] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 337.592091][T16556] chnl_net:caif_netlink_parms(): no params data found [ 337.610429][T10464] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.704983][T16556] bridge0: port 1(bridge_slave_0) entered blocking state [ 337.712139][T16556] bridge0: port 1(bridge_slave_0) entered disabled state [ 337.721289][T16556] bridge_slave_0: entered allmulticast mode [ 337.727899][T16556] bridge_slave_0: entered promiscuous mode [ 337.770934][T16578] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3635'. [ 337.783109][T10464] bridge_slave_1: left allmulticast mode [ 337.788781][T10464] bridge_slave_1: left promiscuous mode [ 337.794511][T10464] bridge0: port 2(bridge_slave_1) entered disabled state [ 337.808214][T16578] loop3: detected capacity change from 0 to 512 [ 337.815139][T10464] bridge_slave_0: left allmulticast mode [ 337.820851][T10464] bridge_slave_0: left promiscuous mode [ 337.826735][T10464] bridge0: port 1(bridge_slave_0) entered disabled state [ 337.826945][T16578] EXT4-fs: Ignoring removed mblk_io_submit option [ 337.840968][T16578] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 337.854057][T16578] EXT4-fs (loop3): 1 truncate cleaned up [ 337.864276][T16578] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3635'. [ 337.972017][T10464] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 337.984556][T10464] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 337.996006][T10464] bond0 (unregistering): Released all slaves [ 338.005058][T16556] bridge0: port 2(bridge_slave_1) entered blocking state [ 338.012258][T16556] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.021388][T16556] bridge_slave_1: entered allmulticast mode [ 338.027891][T16556] bridge_slave_1: entered promiscuous mode [ 338.058966][T16556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 338.081747][T16556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 338.093822][T10464] hsr_slave_0: left promiscuous mode [ 338.096889][T16589] FAULT_INJECTION: forcing a failure. [ 338.096889][T16589] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 338.112237][T16589] CPU: 0 PID: 16589 Comm: syz.3.3639 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0 [ 338.122426][T16589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 338.132534][T16589] Call Trace: [ 338.135804][T16589] [ 338.138757][T16589] dump_stack_lvl+0xf2/0x150 [ 338.143391][T16589] dump_stack+0x15/0x20 [ 338.147619][T16589] should_fail_ex+0x229/0x230 [ 338.152301][T16589] should_fail+0xb/0x10 [ 338.156484][T16589] should_fail_usercopy+0x1a/0x20 [ 338.161508][T16589] _copy_from_user+0x1e/0xd0 [ 338.166130][T16589] __se_sys_cachestat+0x77/0x6d0 [ 338.171081][T16589] ? kmem_cache_free+0xd8/0x280 [ 338.175954][T16589] ? xfd_validate_state+0x46/0xf0 [ 338.180975][T16589] ? ksys_write+0x169/0x1b0 [ 338.185509][T16589] __x64_sys_cachestat+0x55/0x70 [ 338.190534][T16589] x64_sys_call+0x26eb/0x2d70 [ 338.195221][T16589] do_syscall_64+0xc9/0x1c0 [ 338.199812][T16589] ? clear_bhb_loop+0x55/0xb0 [ 338.204511][T16589] ? clear_bhb_loop+0x55/0xb0 [ 338.209190][T16589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.215083][T16589] RIP: 0033:0x7fa815826bd9 [ 338.219547][T16589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.239147][T16589] RSP: 002b:00007fa814aa8048 EFLAGS: 00000246 ORIG_RAX: 00000000000001c3 [ 338.247609][T16589] RAX: ffffffffffffffda RBX: 00007fa8159b4f60 RCX: 00007fa815826bd9 [ 338.255574][T16589] RDX: 00000000200008c0 RSI: 0000000020000880 RDI: 0000000000000003 [ 338.263570][T16589] RBP: 00007fa814aa80a0 R08: 0000000000000000 R09: 0000000000000000 [ 338.271540][T16589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 338.279560][T16589] R13: 000000000000000b R14: 00007fa8159b4f60 R15: 00007ffe239f7648 [ 338.287527][T16589] [ 338.291104][T10464] hsr_slave_1: left promiscuous mode [ 338.309689][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 338.317140][T10464] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 338.330810][T10464] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 338.338366][T10464] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 338.354652][T10464] veth1_macvtap: left promiscuous mode [ 338.360249][T10464] veth0_macvtap: left promiscuous mode [ 338.365817][T10464] veth1_vlan: left promiscuous mode [ 338.371266][T10464] veth0_vlan: left promiscuous mode [ 338.400638][ T29] audit: type=1326 audit(1720138832.937:3642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16590 comm="syz.0.3641" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0 [ 338.511790][T10464] team0 (unregistering): Port device team_slave_1 removed [ 338.525932][T10464] team0 (unregistering): Port device team_slave_0 removed [ 338.589569][T16556] team0: Port device team_slave_0 added [ 338.604900][T16556] team0: Port device team_slave_1 added [ 338.610890][T16606] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 338.617395][T16606] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 338.625144][T16606] vhci_hcd vhci_hcd.0: Device attached [ 338.639690][T16607] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0 [ 338.661605][T16556] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 338.668615][T16556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 338.694574][T16556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 338.713610][T16611] loop1: detected capacity change from 0 to 512 [ 338.724732][T16611] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 338.740666][T16606] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 338.747182][T16606] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 338.754910][T16606] vhci_hcd vhci_hcd.0: Device attached [ 338.764175][T16611] EXT4-fs (loop1): 1 truncate cleaned up [ 338.772680][T10467] vhci_hcd: stop threads [ 338.777052][T10467] vhci_hcd: release socket [ 338.781524][T10467] vhci_hcd: disconnect device [ 338.791075][T16609] vhci_hcd: connection closed [ 338.792283][T16556] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 338.803950][T16556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 338.829898][T16556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 338.843982][ T35] vhci_hcd: vhci_device speed not set [ 338.850231][T10467] vhci_hcd: stop threads [ 338.854611][T10467] vhci_hcd: release socket [ 338.859145][T10467] vhci_hcd: disconnect device [ 338.872929][T16483] 8021q: adding VLAN 0 to HW filter on device bond0 [ 338.890688][T16483] 8021q: adding VLAN 0 to HW filter on device team0 [ 338.913971][ T923] bridge0: port 1(bridge_slave_0) entered blocking state [ 338.921044][ T923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 338.937818][T16556] hsr_slave_0: entered promiscuous mode [ 338.943780][T16556] hsr_slave_1: entered promiscuous mode [ 338.950684][T16556] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 338.958270][T16556] Cannot create hsr debugfs directory [ 338.964490][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 338.971596][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 338.993895][T16483] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 339.004237][T16483] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 339.084137][T16483] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 339.162445][T16483] veth0_vlan: entered promiscuous mode [ 339.171772][T16483] veth1_vlan: entered promiscuous mode [ 339.184187][T16483] veth0_macvtap: entered promiscuous mode [ 339.195332][T16483] veth1_macvtap: entered promiscuous mode [ 339.210796][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 339.221327][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.231141][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 339.241565][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.251432][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 339.261875][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.271669][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 339.282073][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.291904][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 339.302302][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.312185][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 339.322820][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.332719][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 339.343472][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.353334][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 339.364082][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.383014][T16483] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 339.394925][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.405409][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.415212][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.425640][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.435503][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.445936][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.455857][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.466309][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.476162][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.486579][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.496497][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.507279][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.517183][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.527598][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.537400][T16483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 339.547817][T16483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 339.558630][T16483] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 339.574580][T16483] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.576495][T16632] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 339.583441][T16483] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.589791][T16632] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 339.589907][T16632] vhci_hcd vhci_hcd.0: Device attached [ 339.598608][T16483] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.620464][T16483] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 339.622365][T16633] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 0 [ 339.639454][ T9313] vhci_hcd: stop threads [ 339.643728][ T9313] vhci_hcd: release socket [ 339.648185][ T9313] vhci_hcd: disconnect device [ 339.676972][T16556] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 339.689219][T16639] loop1: detected capacity change from 0 to 1024 [ 339.690732][T16556] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 339.696080][T16639] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 339.712907][T16556] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 339.721668][T16556] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 339.774186][T16556] 8021q: adding VLAN 0 to HW filter on device bond0 [ 339.793407][T16556] 8021q: adding VLAN 0 to HW filter on device team0 [ 339.795162][T16642] loop2: detected capacity change from 0 to 8192 [ 339.802640][T16644] loop1: detected capacity change from 0 to 512 [ 339.810414][ T2751] bridge0: port 1(bridge_slave_0) entered blocking state [ 339.819963][ T2751] bridge0: port 1(bridge_slave_0) entered forwarding state [ 339.831099][ T2751] bridge0: port 2(bridge_slave_1) entered blocking state [ 339.838229][ T2751] bridge0: port 2(bridge_slave_1) entered forwarding state [ 339.850519][T16644] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 339.861355][T16642] loop2: p1 p2 p3 p4 [ 339.862913][T16556] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 339.865350][T16642] loop2: p1 size 108922248 extends beyond EOD, [ 339.875735][T16556] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 339.875855][ T35] vhci_hcd: vhci_device speed not set [ 339.882009][T16642] truncated [ 339.912801][T16642] loop2: p2 start 861536256 is beyond EOD, truncated [ 339.919619][T16642] loop2: p3 start 851968 is beyond EOD, truncated [ 339.926071][T16642] loop2: p4 size 65536 extends beyond EOD, truncated [ 339.988846][T16556] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 340.050951][T16659] loop2: detected capacity change from 0 to 512 [ 340.070666][T16659] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 340.167095][T16556] veth0_vlan: entered promiscuous mode [ 340.172864][T16674] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 340.176188][T16556] veth1_vlan: entered promiscuous mode [ 340.179363][T16674] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 340.179482][T16674] vhci_hcd vhci_hcd.0: Device attached [ 340.193638][T16556] veth0_macvtap: entered promiscuous mode [ 340.209815][T16556] veth1_macvtap: entered promiscuous mode [ 340.215901][ T29] audit: type=1326 audit(1720138834.747:3643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16671 comm="syz.0.3654" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0 [ 340.231681][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.249494][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.259414][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.270075][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.279983][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.290594][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.300638][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.311220][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.321090][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.331526][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.341337][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.351795][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.361669][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.366858][T16678] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 340.372096][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.378550][T16678] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 340.388388][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.396064][T16678] vhci_hcd vhci_hcd.0: Device attached [ 340.406425][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.421952][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.432614][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.448261][T16556] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 340.460736][T16675] vhci_hcd: connection closed [ 340.460761][T16679] vhci_hcd: connection closed [ 340.465668][T10467] vhci_hcd: stop threads [ 340.467211][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.470396][T10467] vhci_hcd: release socket [ 340.474554][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.474565][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.474576][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.474585][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.474596][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.474605][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.485041][T10467] vhci_hcd: disconnect device [ 340.555419][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.565234][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.575676][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.585513][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.595956][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.605758][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.616180][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.616764][T10467] vhci_hcd: stop threads [ 340.626063][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.630326][T10467] vhci_hcd: release socket [ 340.630336][T10467] vhci_hcd: disconnect device [ 340.649892][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.659746][T16556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 340.670159][T16556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 340.687430][ T35] vhci_hcd: vhci_device speed not set [ 340.694047][T16556] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 340.705506][T16556] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.714418][T16556] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.723330][T16556] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.732228][T16556] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 340.893653][ T29] audit: type=1326 audit(1720138835.427:3644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16687 comm="syz.4.3640" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0 [ 340.961913][T16691] __nla_validate_parse: 2 callbacks suppressed [ 340.961927][T16691] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3656'. [ 341.051014][T16700] loop0: detected capacity change from 0 to 512 [ 341.191592][T16717] loop3: detected capacity change from 0 to 1024 [ 341.198682][T16717] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 341.230015][T16719] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3664'. [ 341.267348][T16722] loop3: detected capacity change from 0 to 512 [ 341.274232][T16722] EXT4-fs (loop3): unsupported inode size: 264 [ 341.280501][T16722] EXT4-fs (loop3): blocksize: 1024 [ 341.360169][ T29] audit: type=1326 audit(1720138835.897:3645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16725 comm="syz.3.3668" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x0 [ 341.673810][T16734] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 341.680432][T16734] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 341.688064][T16734] vhci_hcd vhci_hcd.0: Device attached [ 341.695346][T16736] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 1 [ 341.702538][ T9291] vhci_hcd: stop threads [ 341.703126][T16734] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 341.706971][ T9291] vhci_hcd: release socket [ 341.713241][T16734] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 341.713382][T16734] vhci_hcd vhci_hcd.0: Device attached [ 341.717775][ T9291] vhci_hcd: disconnect device [ 341.741368][T16738] vhci_hcd: connection closed [ 341.741743][ T9315] vhci_hcd: stop threads [ 341.750950][ T9315] vhci_hcd: release socket [ 341.755359][ T9315] vhci_hcd: disconnect device [ 341.766838][T16743] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:20002 [ 341.791494][T16743] SELinux: Context /sbin/dhclient is not valid (left unmapped). [ 341.799751][ T29] audit: type=1400 audit(1720138836.347:3646): avc: denied { relabelto } for pid=16742 comm="syz.1.3672" name="file0" dev="tmpfs" ino=418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="/sbin/dhclient" [ 341.814427][T16747] loop1: detected capacity change from 0 to 512 [ 341.824704][ T29] audit: type=1400 audit(1720138836.347:3647): avc: denied { associate } for pid=16742 comm="syz.1.3672" name="file0" dev="tmpfs" ino=418 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="/sbin/dhclient" [ 341.860161][ T29] audit: type=1400 audit(1720138836.347:3648): avc: denied { unlink } for pid=15755 comm="syz-executor" name="file0" dev="tmpfs" ino=418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="/sbin/dhclient" [ 341.878123][T16747] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 342.044377][T16752] vlan2: entered promiscuous mode [ 342.051780][T16752] syz_tun: entered promiscuous mode [ 342.058655][T16752] team0: Port device vlan2 added [ 342.143549][T16758] loop0: detected capacity change from 0 to 256 [ 342.287784][T16761] loop4: detected capacity change from 0 to 512 [ 342.296741][T16761] EXT4-fs (loop4): unsupported inode size: 264 [ 342.303043][T16761] EXT4-fs (loop4): blocksize: 1024 [ 342.348228][T16763] loop0: detected capacity change from 0 to 1024 [ 342.492884][ T29] audit: type=1326 audit(1720138837.027:3649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16767 comm="syz.0.3680" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0 [ 342.666626][T16776] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3681'. [ 342.692827][T16778] loop3: detected capacity change from 0 to 1024 [ 342.699970][T16778] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 342.712594][T16778] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3683'. [ 342.745700][T16787] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 342.752282][T16787] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 342.759916][T16787] vhci_hcd vhci_hcd.0: Device attached [ 342.766840][T16788] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0 [ 342.767325][T16787] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 342.777405][ T9291] vhci_hcd: stop threads [ 342.780182][T16787] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 342.784394][ T9291] vhci_hcd: release socket [ 342.796520][ T9291] vhci_hcd: disconnect device [ 342.796598][T16787] vhci_hcd vhci_hcd.0: Device attached [ 342.808192][T16794] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3685'. [ 342.817301][T16790] vhci_hcd: connection closed [ 342.818817][ T9315] vhci_hcd: stop threads [ 342.827815][ T9315] vhci_hcd: release socket [ 342.832229][ T9315] vhci_hcd: disconnect device [ 342.925578][T16804] loop3: detected capacity change from 0 to 128 [ 342.940547][T16803] FAULT_INJECTION: forcing a failure. [ 342.940547][T16803] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 342.953643][T16803] CPU: 0 PID: 16803 Comm: syz.3.3689 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0 [ 342.963794][T16803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 342.973910][T16803] Call Trace: [ 342.977171][T16803] [ 342.980100][T16803] dump_stack_lvl+0xf2/0x150 [ 342.984732][T16803] dump_stack+0x15/0x20 [ 342.988905][T16803] should_fail_ex+0x229/0x230 [ 342.993662][T16803] should_fail+0xb/0x10 [ 342.997913][T16803] should_fail_usercopy+0x1a/0x20 [ 343.002989][T16803] _copy_from_iter+0xd3/0xb00 [ 343.007702][T16803] ? kmalloc_reserve+0x16e/0x190 [ 343.012652][T16803] ? __build_skb_around+0x196/0x1f0 [ 343.018281][T16803] ? __alloc_skb+0x217/0x300 [ 343.022856][T16803] ? __virt_addr_valid+0x1dd/0x240 [ 343.027982][T16803] ? __check_object_size+0x35b/0x510 [ 343.033297][T16803] netlink_sendmsg+0x460/0x6e0 [ 343.038056][T16803] ? __pfx_netlink_sendmsg+0x10/0x10 [ 343.043790][T16803] __sock_sendmsg+0x140/0x180 [ 343.048589][T16803] ____sys_sendmsg+0x312/0x410 [ 343.053339][T16803] __sys_sendmsg+0x1e9/0x280 [ 343.057966][T16803] __x64_sys_sendmsg+0x46/0x50 [ 343.062731][T16803] x64_sys_call+0xb25/0x2d70 [ 343.067374][T16803] do_syscall_64+0xc9/0x1c0 [ 343.071885][T16803] ? clear_bhb_loop+0x55/0xb0 [ 343.076546][T16803] ? clear_bhb_loop+0x55/0xb0 [ 343.081205][T16803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.087080][T16803] RIP: 0033:0x7fa815826bd9 [ 343.091472][T16803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.111067][T16803] RSP: 002b:00007fa814aa8048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 343.119516][T16803] RAX: ffffffffffffffda RBX: 00007fa8159b4f60 RCX: 00007fa815826bd9 [ 343.127568][T16803] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000008 [ 343.135520][T16803] RBP: 00007fa814aa80a0 R08: 0000000000000000 R09: 0000000000000000 [ 343.143549][T16803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 343.151555][T16803] R13: 000000000000000b R14: 00007fa8159b4f60 R15: 00007ffe239f7648 [ 343.159583][T16803] [ 343.259770][ T29] audit: type=1326 audit(1720138837.797:3650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16807 comm="syz.3.3691" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x0 [ 343.299502][T16810] loop0: detected capacity change from 0 to 512 [ 343.343215][ T29] audit: type=1400 audit(1720138837.877:3651): avc: denied { setopt } for pid=16811 comm="syz.1.3693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 343.367447][T16812] loop1: detected capacity change from 0 to 1024 [ 343.375088][T16812] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 343.385501][T16812] JBD2: no valid journal superblock found [ 343.391317][T16812] EXT4-fs (loop1): Could not load journal inode [ 343.460617][T16812] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3693'. [ 343.472517][T16812] syzkaller1: entered promiscuous mode [ 343.476535][T16810] loop0: detected capacity change from 0 to 256 [ 343.478010][T16812] syzkaller1: entered allmulticast mode [ 343.556932][T16820] loop0: detected capacity change from 0 to 512 [ 343.618879][T16822] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3695'. [ 343.641397][T16824] loop0: detected capacity change from 0 to 1024 [ 343.695760][T16831] loop0: detected capacity change from 0 to 512 [ 343.796132][T16842] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 343.802767][T16842] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 343.810368][T16842] vhci_hcd vhci_hcd.0: Device attached [ 343.819437][T16843] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 1 [ 343.828397][T10464] vhci_hcd: stop threads [ 343.830437][T16842] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6) [ 343.832708][T10464] vhci_hcd: release socket [ 343.843628][T16842] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 343.851454][T10464] vhci_hcd: disconnect device [ 343.851499][T16842] vhci_hcd vhci_hcd.0: Device attached [ 343.867055][T16845] vhci_hcd: connection closed [ 343.867252][T10464] vhci_hcd: stop threads [ 343.876224][T10464] vhci_hcd: release socket [ 343.880860][T10464] vhci_hcd: disconnect device [ 344.298420][ T29] audit: type=1326 audit(1720138838.837:3652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16847 comm="syz.1.3704" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x0 [ 344.409543][T16855] loop4: detected capacity change from 0 to 512 [ 344.428144][T16855] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 344.528779][T16861] loop2: detected capacity change from 0 to 8192 [ 344.541178][T16864] loop3: detected capacity change from 0 to 512 [ 344.548309][T16864] EXT4-fs (loop3): unsupported inode size: 264 [ 344.554515][T16864] EXT4-fs (loop3): blocksize: 1024 [ 344.560242][T16861] loop2: p1 p2 p3 p4 [ 344.565918][T16861] loop2: p1 size 108922248 extends beyond EOD, truncated [ 344.573574][T16861] loop2: p2 start 861536256 is beyond EOD, truncated [ 344.573935][T16868] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3708'. [ 344.580302][T16861] loop2: p3 start 851968 is beyond EOD, truncated [ 344.595566][T16861] loop2: p4 size 65536 extends beyond EOD, truncated [ 344.615618][T16870] loop4: detected capacity change from 0 to 1024 [ 344.622668][T16870] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 344.701090][T16883] FAULT_INJECTION: forcing a failure. [ 344.701090][T16883] name failslab, interval 1, probability 0, space 0, times 0 [ 344.713761][T16883] CPU: 1 PID: 16883 Comm: syz.3.3712 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0 [ 344.723955][T16883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 344.733996][T16883] Call Trace: [ 344.737319][T16883] [ 344.740234][T16883] dump_stack_lvl+0xf2/0x150 [ 344.744825][T16883] dump_stack+0x15/0x20 [ 344.749002][T16883] should_fail_ex+0x229/0x230 [ 344.753739][T16883] ? usb_control_msg+0x59/0x240 [ 344.758680][T16883] __should_failslab+0x92/0xa0 [ 344.763449][T16883] should_failslab+0x9/0x20 [ 344.767983][T16883] kmalloc_trace_noprof+0x4b/0x2a0 [ 344.773162][T16883] usb_control_msg+0x59/0x240 [ 344.777838][T16883] hub_ext_port_status+0xbf/0x480 [ 344.782855][T16883] hub_activate+0x4c8/0xf30 [ 344.787374][T16883] hub_resume+0x48/0x1e0 [ 344.791612][T16883] ? mutex_lock+0xd/0x40 [ 344.795925][T16883] usb_resume_both+0x3ed/0x5b0 [ 344.800682][T16883] ? __pfx_usb_runtime_resume+0x10/0x10 [ 344.806218][T16883] usb_runtime_resume+0x21/0x30 [ 344.811082][T16883] __rpm_callback+0x299/0x720 [ 344.815790][T16883] ? __pfx_usb_runtime_resume+0x10/0x10 [ 344.821329][T16883] rpm_resume+0x8e6/0xd00 [ 344.825733][T16883] ? klist_dec_and_del+0xb7/0x270 [ 344.830796][T16883] __pm_runtime_resume+0xdc/0x100 [ 344.835814][T16883] usb_autoresume_device+0x25/0xd0 [ 344.840922][T16883] usbdev_open+0xfe/0x480 [ 344.845308][T16883] ? selinux_file_open+0x34c/0x3b0 [ 344.850404][T16883] chrdev_open+0x323/0x3a0 [ 344.854865][T16883] ? __pfx_chrdev_open+0x10/0x10 [ 344.859794][T16883] do_dentry_open+0x647/0xa60 [ 344.864494][T16883] vfs_open+0x3b/0x1f0 [ 344.868628][T16883] path_openat+0x1ad9/0x1fa0 [ 344.873213][T16883] ? _parse_integer+0x27/0x30 [ 344.877882][T16883] ? kstrtoull+0x110/0x140 [ 344.882286][T16883] do_filp_open+0xf7/0x200 [ 344.886737][T16883] do_sys_openat2+0xab/0x120 [ 344.891314][T16883] __x64_sys_openat+0xf3/0x120 [ 344.896065][T16883] x64_sys_call+0x1057/0x2d70 [ 344.900784][T16883] do_syscall_64+0xc9/0x1c0 [ 344.905329][T16883] ? clear_bhb_loop+0x55/0xb0 [ 344.909996][T16883] ? clear_bhb_loop+0x55/0xb0 [ 344.914661][T16883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.920543][T16883] RIP: 0033:0x7fa815825610 [ 344.924970][T16883] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 79 8d 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 cc 8d 02 00 8b 44 [ 344.944586][T16883] RSP: 002b:00007fa814a86b80 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 344.952984][T16883] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa815825610 [ 344.961004][T16883] RDX: 0000000000000000 RSI: 00007fa814a86c20 RDI: 00000000ffffff9c [ 344.969032][T16883] RBP: 00007fa814a86c20 R08: 0000000000000000 R09: 0000000000000000 [ 344.976986][T16883] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 344.985016][T16883] R13: 000000000000006e R14: 00007fa8159b5038 R15: 00007ffe239f7648 [ 344.992999][T16883] [ 344.996360][T16883] hub 7-0:1.0: hub_ext_port_status failed (err = -12) [ 345.000885][T16888] loop0: detected capacity change from 0 to 128 [ 345.021022][T16890] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3716'. [ 345.060541][T16888] loop0: detected capacity change from 0 to 512 [ 345.113434][T16894] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 345.120053][T16894] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 345.127662][T16894] vhci_hcd vhci_hcd.0: Device attached [ 345.134630][T16895] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0 [ 345.135337][T16894] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 345.141838][ T9313] vhci_hcd: stop threads [ 345.147950][T16894] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 345.148125][T16894] vhci_hcd vhci_hcd.0: Device attached [ 345.152192][ T9313] vhci_hcd: release socket [ 345.152200][ T9313] vhci_hcd: disconnect device [ 345.174674][T16897] vhci_hcd: connection closed [ 345.175026][ T9313] vhci_hcd: stop threads [ 345.184064][ T9313] vhci_hcd: release socket [ 345.188541][ T9313] vhci_hcd: disconnect device [ 345.495588][T16904] loop3: detected capacity change from 0 to 512 [ 345.508136][T16904] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 345.560213][T16908] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3720'. [ 345.630536][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 345.630549][ T29] audit: type=1326 audit(1720138840.167:3654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16912 comm="syz.0.3722" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0 [ 345.704589][T16920] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 345.711177][T16920] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 345.718760][T16916] wireguard0: entered promiscuous mode [ 345.718949][T16920] vhci_hcd vhci_hcd.0: Device attached [ 345.724220][T16916] wireguard0: entered allmulticast mode [ 345.790185][T16921] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 0 [ 345.797699][ T9313] vhci_hcd: stop threads [ 345.801965][ T9313] vhci_hcd: release socket [ 345.806385][ T9313] vhci_hcd: disconnect device [ 346.016168][ T29] audit: type=1326 audit(1720138840.547:3655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16935 comm="syz.2.3728" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17df46bbd9 code=0x0 [ 346.033276][T16934] loop1: detected capacity change from 0 to 8192 [ 346.047569][T16934] loop1: p1 p2 p3 p4 [ 346.051839][T16934] loop1: p1 size 108922248 extends beyond EOD, truncated [ 346.059405][T16934] loop1: p2 start 861536256 is beyond EOD, truncated [ 346.066126][T16934] loop1: p3 start 851968 is beyond EOD, truncated [ 346.072700][T16934] loop1: p4 size 65536 extends beyond EOD, truncated [ 346.141356][T16943] ALSA: seq fatal error: cannot create timer (-22) [ 346.159821][ T29] audit: type=1326 audit(1720138840.697:3656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16944 comm="syz.4.3730" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0 [ 346.481147][T16952] loop0: detected capacity change from 0 to 512 [ 346.633682][T16952] loop0: detected capacity change from 0 to 256 [ 346.691486][T16963] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 346.697989][T16963] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 346.705627][T16963] vhci_hcd vhci_hcd.0: Device attached [ 346.712804][T16964] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 2 [ 346.720304][T10467] vhci_hcd: stop threads [ 346.724598][T10467] vhci_hcd: release socket [ 346.729021][T10467] vhci_hcd: disconnect device [ 346.878980][T16967] wireguard0: entered promiscuous mode [ 346.884466][T16967] wireguard0: entered allmulticast mode [ 347.005894][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.020191][ T29] audit: type=1326 audit(1720138841.557:3657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16972 comm="syz.4.3738" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0 [ 347.125340][T16975] loop2: detected capacity change from 0 to 8192 [ 347.168063][T16975] loop2: p1 p2 p4 < > [ 347.172321][T16975] loop2: partition table partially beyond EOD, truncated [ 347.179612][T16975] loop2: p1 size 108986237 extends beyond EOD, truncated [ 347.188091][T16975] loop2: p2 start 65535 is beyond EOD, truncated [ 347.194610][T16975] loop2: p4 start 50331648 is beyond EOD, truncated [ 347.204277][T16975] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3739'. [ 347.226418][T16982] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3740'. [ 347.258927][T16975] team0: Port device team_slave_0 removed [ 347.329336][ T29] audit: type=1326 audit(1720138841.867:3658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16985 comm="syz.0.3743" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0 [ 347.394107][T16990] loop2: detected capacity change from 0 to 8192 [ 347.436215][ T29] audit: type=1326 audit(1720138841.967:3659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16995 comm="syz.1.3746" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x0 [ 347.460847][T16990] loop2: p1 p2 p3 p4 [ 347.464864][T16990] loop2: p1 size 108922248 extends beyond EOD, truncated [ 347.473005][T16990] loop2: p2 start 861536256 is beyond EOD, truncated [ 347.479871][T16990] loop2: p3 start 851968 is beyond EOD, truncated [ 347.486298][T16990] loop2: p4 size 65536 extends beyond EOD, truncated [ 347.854604][T17009] loop4: detected capacity change from 0 to 512 [ 347.862904][T17009] EXT4-fs (loop4): unsupported inode size: 264 [ 347.869077][T17009] EXT4-fs (loop4): blocksize: 1024 [ 347.898455][ T29] audit: type=1326 audit(1720138842.437:3660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17008 comm="syz.4.3747" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0 [ 348.186088][T17012] wireguard0: entered promiscuous mode [ 348.191757][T17012] wireguard0: entered allmulticast mode [ 348.238330][T17018] FAULT_INJECTION: forcing a failure. [ 348.238330][T17018] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 348.251418][T17018] CPU: 0 PID: 17018 Comm: syz.2.3750 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0 [ 348.261607][T17018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 348.271669][T17018] Call Trace: [ 348.274932][T17018] [ 348.277840][T17018] dump_stack_lvl+0xf2/0x150 [ 348.282512][T17018] dump_stack+0x15/0x20 [ 348.286782][T17018] should_fail_ex+0x229/0x230 [ 348.291449][T17018] should_fail+0xb/0x10 [ 348.295588][T17018] should_fail_usercopy+0x1a/0x20 [ 348.300656][T17018] _copy_from_user+0x1e/0xd0 [ 348.305415][T17018] copy_msghdr_from_user+0x54/0x2a0 [ 348.310604][T17018] __sys_sendmsg+0x17d/0x280 [ 348.315190][T17018] __x64_sys_sendmsg+0x46/0x50 [ 348.319946][T17018] x64_sys_call+0xb25/0x2d70 [ 348.324598][T17018] do_syscall_64+0xc9/0x1c0 [ 348.329135][T17018] ? clear_bhb_loop+0x55/0xb0 [ 348.333846][T17018] ? clear_bhb_loop+0x55/0xb0 [ 348.338543][T17018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.344469][T17018] RIP: 0033:0x7f17df46bbd9 [ 348.348878][T17018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.368495][T17018] RSP: 002b:00007f17de6ed048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 348.376905][T17018] RAX: ffffffffffffffda RBX: 00007f17df5f9f60 RCX: 00007f17df46bbd9 [ 348.384852][T17018] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004 [ 348.392803][T17018] RBP: 00007f17de6ed0a0 R08: 0000000000000000 R09: 0000000000000000 [ 348.400835][T17018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 348.408789][T17018] R13: 000000000000000b R14: 00007f17df5f9f60 R15: 00007ffe137f6628 [ 348.416781][T17018] [ 348.430816][T17020] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 348.437324][T17020] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 348.445044][T17020] vhci_hcd vhci_hcd.0: Device attached [ 348.458514][T17021] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 0 [ 348.465715][T10467] vhci_hcd: stop threads [ 348.469995][T10467] vhci_hcd: release socket [ 348.470389][T17024] loop1: detected capacity change from 0 to 1024 [ 348.474408][T10467] vhci_hcd: disconnect device [ 348.485794][T17024] EXT4-fs: Ignoring removed nobh option [ 348.491369][T17024] EXT4-fs: Ignoring removed orlov option [ 348.542204][T17026] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3753'. [ 348.563214][T17034] loop0: detected capacity change from 0 to 512 [ 348.632255][T17034] loop0: detected capacity change from 0 to 1024 [ 348.730089][ T29] audit: type=1326 audit(1720138843.267:3661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17045 comm="syz.4.3758" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0 [ 348.797964][T17053] loop0: detected capacity change from 0 to 8192 [ 348.837005][T17053] loop0: p1 p2 p3 p4 [ 348.841004][T17053] loop0: p1 size 108922248 extends beyond EOD, truncated [ 348.848535][T17053] loop0: p2 start 861536256 is beyond EOD, truncated [ 348.855206][T17053] loop0: p3 start 851968 is beyond EOD, truncated [ 348.861643][T17053] loop0: p4 size 65536 extends beyond EOD, truncated [ 349.029070][T17062] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3761'. [ 349.335616][T17064] ALSA: seq fatal error: cannot create timer (-22) [ 349.364901][T17070] wireguard0: entered promiscuous mode [ 349.370461][T17070] wireguard0: entered allmulticast mode [ 349.394342][ T29] audit: type=1326 audit(1720138843.927:3662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17073 comm="syz.1.3765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x7ffc0000 [ 349.419110][ T29] audit: type=1326 audit(1720138843.927:3663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17073 comm="syz.1.3765" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f067e986bd9 code=0x7ffc0000 [ 349.436027][T17074] loop1: detected capacity change from 0 to 8192 [ 349.487222][T17074] loop1: p1 < > p2 < p5 > p4 [ 349.493007][T17074] loop1: p4 size 16776960 extends beyond EOD, truncated [ 349.500368][T17074] loop1: p5 size 16776960 extends beyond EOD, truncated [ 349.537199][T17078] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3766'. [ 349.614293][T17089] ALSA: seq fatal error: cannot create timer (-22) [ 349.626165][T17093] loop1: detected capacity change from 0 to 1024 [ 349.635315][T17093] EXT4-fs: Ignoring removed nobh option [ 349.640991][T17093] EXT4-fs: Ignoring removed orlov option [ 349.656303][T17091] loop0: detected capacity change from 0 to 512 [ 349.871331][T17109] loop2: detected capacity change from 0 to 512 [ 349.888413][T17109] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 349.909161][T17111] loop4: detected capacity change from 0 to 1024 [ 350.032020][T17118] loop4: detected capacity change from 0 to 8192 [ 350.085179][T17121] loop2: detected capacity change from 0 to 8192 [ 350.106886][T17118] loop4: p1 p2 p3 p4 [ 350.110954][T17118] loop4: p1 size 108922248 extends beyond EOD, truncated [ 350.118455][T17118] loop4: p2 start 861536256 is beyond EOD, truncated [ 350.125214][T17118] loop4: p3 start 851968 is beyond EOD, truncated [ 350.127392][T17121] loop2: p1 < > p2 < p5 > p4 [ 350.131700][T17118] loop4: p4 size 65536 extends beyond EOD, truncated [ 350.138929][T17121] loop2: p4 size 16776960 extends beyond EOD, truncated [ 350.150536][T17121] loop2: p5 size 16776960 extends beyond EOD, truncated [ 350.460299][T15755] EXT4-fs unmount: 33 callbacks suppressed [ 350.460316][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.516288][T17142] loop1: detected capacity change from 0 to 256 [ 350.580045][T17144] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3785'. [ 351.078342][T17147] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3786'. [ 351.092632][T17147] loop0: detected capacity change from 0 to 512 [ 351.099331][T17147] EXT4-fs: Ignoring removed mblk_io_submit option [ 351.148984][T17155] loop0: detected capacity change from 0 to 512 [ 351.190042][T17156] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3788'. [ 351.295115][T17160] ipip0: entered promiscuous mode [ 351.337791][T17162] loop0: detected capacity change from 0 to 8192 [ 351.376888][T17162] loop0: p1 p2 p3 p4 [ 351.380987][T17162] loop0: p1 size 108922248 extends beyond EOD, truncated [ 351.390173][T17162] loop0: p2 start 861536256 is beyond EOD, truncated [ 351.396915][T17162] loop0: p3 start 851968 is beyond EOD, truncated [ 351.403389][T17162] loop0: p4 size 65536 extends beyond EOD, truncated [ 351.436140][T17166] loop1: detected capacity change from 0 to 1024 [ 351.443019][T17166] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 351.453664][T17166] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 351.477422][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.530412][ T29] kauditd_printk_skb: 148 callbacks suppressed [ 351.530427][ T29] audit: type=1326 audit(1720138846.067:3812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17172 comm="syz.0.3797" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6c1d24bd9 code=0x0 [ 351.551328][T17175] loop1: detected capacity change from 0 to 1024 [ 351.566483][T17175] EXT4-fs: Ignoring removed nobh option [ 351.572174][T17175] EXT4-fs: Ignoring removed orlov option [ 351.588536][T17175] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 351.629315][T17183] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3799'. [ 351.643159][T17183] loop2: detected capacity change from 0 to 512 [ 351.649970][T17183] EXT4-fs: Ignoring removed mblk_io_submit option [ 351.656594][T17183] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 351.669555][T17183] EXT4-fs (loop2): 1 truncate cleaned up [ 351.675409][T17183] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 351.690512][T17183] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3799'. [ 351.722265][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.775758][T17192] loop2: detected capacity change from 0 to 512 [ 351.782391][T17192] EXT4-fs: Ignoring removed mblk_io_submit option [ 351.789252][T17192] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 351.800387][T17192] EXT4-fs (loop2): 1 truncate cleaned up [ 351.806385][T17192] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 351.843329][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.894331][T17195] loop2: detected capacity change from 0 to 512 [ 351.908285][T17195] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 351.920793][T17195] ext4 filesystem being mounted at /28/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 352.004985][T17200] ipip0: entered promiscuous mode [ 352.046477][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.072649][T17205] loop4: detected capacity change from 0 to 8192 [ 352.105705][T17207] loop2: detected capacity change from 0 to 1024 [ 352.112743][T17207] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 352.121602][T17205] loop4: p1 p2 p3 p4 [ 352.123288][T17207] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.125676][T17205] loop4: p1 size 108922248 extends beyond EOD, truncated [ 352.145621][T17205] loop4: p2 start 861536256 is beyond EOD, truncated [ 352.152333][T17205] loop4: p3 start 851968 is beyond EOD, truncated [ 352.158849][T17205] loop4: p4 size 65536 extends beyond EOD, truncated [ 352.166319][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.268959][T17212] __nla_validate_parse: 1 callbacks suppressed [ 352.268969][T17212] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3806'. [ 352.383832][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.464733][T17232] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3814'. [ 352.484695][T17232] loop0: detected capacity change from 0 to 128 [ 352.508168][T17236] loop4: detected capacity change from 0 to 1024 [ 352.522039][T17236] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 352.534773][T17236] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.644481][T16556] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.670611][T17238] loop1: detected capacity change from 0 to 8192 [ 352.759230][T17238] loop1: p1 p2 p3 p4 [ 352.768530][T17238] loop1: p1 size 108922248 extends beyond EOD, truncated [ 352.814285][T17238] loop1: p2 start 861536256 is beyond EOD, truncated [ 352.821011][T17238] loop1: p3 start 851968 is beyond EOD, truncated [ 352.827471][T17238] loop1: p4 size 65536 extends beyond EOD, truncated [ 352.879362][ T29] audit: type=1326 audit(1720138847.397:3813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17246 comm="syz.4.3819" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0 [ 353.037984][T17257] loop1: detected capacity change from 0 to 1024 [ 353.044830][T17257] EXT4-fs: Ignoring removed nobh option [ 353.050502][T17257] EXT4-fs: Ignoring removed orlov option [ 353.086458][T17257] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 353.146919][T17267] netlink: 88 bytes leftover after parsing attributes in process `syz.3.3825'. [ 353.156015][T17267] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3825'. [ 353.317334][T17275] ALSA: seq fatal error: cannot create timer (-22) [ 353.388208][T17276] FAULT_INJECTION: forcing a failure. [ 353.388208][T17276] name failslab, interval 1, probability 0, space 0, times 0 [ 353.400890][T17276] CPU: 0 PID: 17276 Comm: syz.2.3827 Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0 [ 353.411075][T17276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 353.421123][T17276] Call Trace: [ 353.424435][T17276] [ 353.427363][T17276] dump_stack_lvl+0xf2/0x150 [ 353.432000][T17276] dump_stack+0x15/0x20 [ 353.436152][T17276] should_fail_ex+0x229/0x230 [ 353.440923][T17276] ? wakeup_source_sysfs_add+0x37/0x1a0 [ 353.446467][T17276] __should_failslab+0x92/0xa0 [ 353.451333][T17276] should_failslab+0x9/0x20 [ 353.455906][T17276] kmalloc_trace_noprof+0x4b/0x2a0 [ 353.461022][T17276] wakeup_source_sysfs_add+0x37/0x1a0 [ 353.466394][T17276] wakeup_source_register+0x106/0x250 [ 353.471762][T17276] ep_insert+0x7da/0xd20 [ 353.476037][T17276] do_epoll_ctl+0x628/0x950 [ 353.480581][T17276] __x64_sys_epoll_ctl+0xc6/0xf0 [ 353.485515][T17276] x64_sys_call+0x1304/0x2d70 [ 353.490199][T17276] do_syscall_64+0xc9/0x1c0 [ 353.494733][T17276] ? clear_bhb_loop+0x55/0xb0 [ 353.499425][T17276] ? clear_bhb_loop+0x55/0xb0 [ 353.504098][T17276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 353.510079][T17276] RIP: 0033:0x7f17df46bbd9 [ 353.514485][T17276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 353.534089][T17276] RSP: 002b:00007f17de6ab048 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 353.542491][T17276] RAX: ffffffffffffffda RBX: 00007f17df5fa110 RCX: 00007f17df46bbd9 [ 353.550456][T17276] RDX: 000000000000000a RSI: 0000000000000001 RDI: 000000000000000b [ 353.558421][T17276] RBP: 00007f17de6ab0a0 R08: 0000000000000000 R09: 0000000000000000 [ 353.566472][T17276] R10: 0000000020000100 R11: 0000000000000246 R12: 0000000000000001 [ 353.574437][T17276] R13: 000000000000006e R14: 00007f17df5fa110 R15: 00007ffe137f6628 [ 353.582494][T17276] [ 353.610765][T17279] loop3: detected capacity change from 0 to 1024 [ 353.621450][T17279] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 353.632643][T17279] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 353.654029][T14798] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.736714][T17287] loop3: detected capacity change from 0 to 8192 [ 353.761114][T17291] team0: mtu less than device minimum [ 353.766928][T17287] loop3: p1 p2 p3 p4 [ 353.771057][T17287] loop3: p1 size 108922248 extends beyond EOD, truncated [ 353.779112][T17287] loop3: p2 start 861536256 is beyond EOD, truncated [ 353.781396][T17291] loop4: detected capacity change from 0 to 256 [ 353.785798][T17287] loop3: p3 start 851968 is beyond EOD, truncated [ 353.785816][T17287] loop3: p4 size 65536 extends beyond EOD, truncated [ 353.868007][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.875089][T17297] netlink: 76 bytes leftover after parsing attributes in process `syz.3.3838'. [ 353.897980][T17299] loop4: detected capacity change from 0 to 1024 [ 353.904751][T17299] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 353.923413][T17301] ALSA: seq fatal error: cannot create timer (-22) [ 353.933485][T17303] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 353.940009][T17303] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 353.947673][T17303] vhci_hcd vhci_hcd.0: Device attached [ 353.959401][T17307] loop3: detected capacity change from 0 to 512 [ 353.966392][T17307] EXT4-fs (loop3): unsupported inode size: 264 [ 353.968611][T17304] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0 [ 353.972596][T17307] EXT4-fs (loop3): blocksize: 1024 [ 353.988135][ T9315] vhci_hcd: stop threads [ 353.992385][ T9315] vhci_hcd: release socket [ 353.996906][ T9315] vhci_hcd: disconnect device [ 354.003921][T17303] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 354.010437][T17303] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 354.018217][T17303] vhci_hcd vhci_hcd.0: Device attached [ 354.025588][ T29] audit: type=1326 audit(1720138848.557:3814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17309 comm="syz.4.3842" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f015e3febd9 code=0x0 [ 354.075347][ T29] audit: type=1326 audit(1720138848.597:3815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000 [ 354.098866][ T29] audit: type=1326 audit(1720138848.597:3816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000 [ 354.111362][T17308] vhci_hcd: connection closed [ 354.122355][ T29] audit: type=1326 audit(1720138848.597:3817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000 [ 354.128648][ T9291] vhci_hcd: stop threads [ 354.150496][ T29] audit: type=1326 audit(1720138848.597:3818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000 [ 354.150536][ T29] audit: type=1326 audit(1720138848.597:3819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa815825610 code=0x7ffc0000 [ 354.150625][ T29] audit: type=1326 audit(1720138848.597:3820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000 [ 354.150651][ T29] audit: type=1326 audit(1720138848.597:3821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17306 comm="syz.3.3841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa815826bd9 code=0x7ffc0000 [ 354.250589][ T9291] vhci_hcd: release socket [ 354.255500][ T9291] vhci_hcd: disconnect device [ 354.310179][T17324] loop2: detected capacity change from 0 to 8192 [ 354.347247][T17324] loop2: p1 p2 p3 p4 [ 354.351267][T17324] loop2: p1 size 108922248 extends beyond EOD, truncated [ 354.358695][T17324] loop2: p2 start 861536256 is beyond EOD, truncated [ 354.365506][T17324] loop2: p3 start 851968 is beyond EOD, truncated [ 354.372036][T17324] loop2: p4 size 65536 extends beyond EOD, truncated [ 354.454291][T17329] team0: mtu less than device minimum [ 354.462807][T17329] loop2: detected capacity change from 0 to 256 [ 354.547236][T17333] RDS: rds_bind could not find a transport for ae0c:91e3:ccfb:f02:0:5efe:150.125.240.108, load rds_tcp or rds_rdma? [ 354.627565][T17337] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3851'. [ 354.647410][T17343] ALSA: seq fatal error: cannot create timer (-22) [ 354.734761][T17348] loop2: detected capacity change from 0 to 512 [ 354.741932][T17348] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 354.752859][T17348] EXT4-fs (loop2): 1 truncate cleaned up [ 354.758797][T17348] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 354.800805][T17351] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3855'. [ 354.817441][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.863793][T17354] netlink: 'syz.4.3858': attribute type 2 has an invalid length. [ 354.874823][T17357] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3856'. [ 354.903648][T17356] loop1: detected capacity change from 0 to 8192 [ 354.912077][T17359] loop2: detected capacity change from 0 to 1024 [ 354.920978][T17359] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 354.939010][T17356] loop1: p1 p2 p3 p4 [ 354.943073][T17356] loop1: p1 size 108922248 extends beyond EOD, truncated [ 354.950656][T17356] loop1: p2 start 861536256 is beyond EOD, truncated [ 354.957378][T17356] loop1: p3 start 851968 is beyond EOD, truncated [ 354.963791][T17356] loop1: p4 size 65536 extends beyond EOD, truncated [ 355.028136][T17363] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3862'. [ 355.065364][T17371] ALSA: seq fatal error: cannot create timer (-22) [ 355.081638][T17373] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3864'. [ 355.102461][T17375] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3) [ 355.108984][T17375] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 355.116729][T17375] vhci_hcd vhci_hcd.0: Device attached [ 355.125293][T17379] loop2: detected capacity change from 0 to 512 [ 355.131976][T17376] vhci_hcd: cannot find a urb of seqnum 5 max seqnum 0 [ 355.139106][T17379] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 355.160636][T17375] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 355.161113][T17379] EXT4-fs (loop2): 1 truncate cleaned up [ 355.167187][T17375] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 355.167267][T17375] vhci_hcd vhci_hcd.0: Device attached [ 355.173232][T17379] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 355.180811][ T9315] vhci_hcd: stop threads [ 355.202328][ T9315] vhci_hcd: release socket [ 355.206777][ T9315] vhci_hcd: disconnect device [ 355.214792][T17380] vhci_hcd: connection closed [ 355.219441][ T9315] vhci_hcd: stop threads [ 355.228558][ T9315] vhci_hcd: release socket [ 355.233117][ T9315] vhci_hcd: disconnect device [ 355.238409][T16483] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.412377][T17395] loop2: detected capacity change from 0 to 8192 [ 355.448464][T17395] loop2: p1 p2 p3 p4 [ 355.452600][T17395] loop2: p1 size 108922248 extends beyond EOD, truncated [ 355.457441][T17402] loop4: detected capacity change from 0 to 2048 [ 355.460494][T17395] loop2: p2 start 861536256 is beyond EOD, truncated [ 355.466223][T17402] EXT4-fs: Ignoring removed nomblk_io_submit option [ 355.472691][T17395] loop2: p3 start 851968 is beyond EOD, truncated [ 355.472708][T17395] loop2: p4 size 65536 extends beyond EOD, truncated [ 355.498267][T17402] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 355.515736][T17402] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.3873: bg 0: block 2: invalid block bitmap [ 355.530766][T17402] EXT4-fs (loop4): Remounting filesystem read-only [ 355.546047][T17402] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 355.557691][T17402] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 355.566584][T17402] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 355.576556][T17402] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=11 [ 355.811841][T17409] ALSA: seq fatal error: cannot create timer (-22) [ 355.900643][T16556] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.911009][T16556] ================================================================== [ 355.919100][T16556] BUG: KCSAN: data-race in __lru_add_drain_all / folio_add_lru_vma [ 355.926975][T16556] [ 355.929277][T16556] read-write to 0xffff888237d2ac08 of 1 bytes by task 17416 on cpu 1: [ 355.937401][T16556] folio_add_lru_vma+0x74/0x170 [ 355.942228][T16556] handle_mm_fault+0x2411/0x2a80 [ 355.947155][T16556] exc_page_fault+0x3b9/0x650 [ 355.951823][T16556] asm_exc_page_fault+0x26/0x30 [ 355.956660][T16556] [ 355.958963][T16556] read to 0xffff888237d2ac08 of 1 bytes by task 16556 on cpu 0: [ 355.966572][T16556] __lru_add_drain_all+0x12c/0x410 [ 355.971676][T16556] lru_add_drain_all+0x10/0x20 [ 355.976425][T16556] invalidate_bdev+0x47/0x70 [ 355.981003][T16556] ext4_put_super+0x51b/0x7e0 [ 355.985674][T16556] generic_shutdown_super+0xde/0x210 [ 355.990943][T16556] kill_block_super+0x2a/0x70 [ 355.995604][T16556] ext4_kill_sb+0x44/0x80 [ 355.999921][T16556] deactivate_locked_super+0x7d/0x1c0 [ 356.005277][T16556] deactivate_super+0x9f/0xb0 [ 356.009934][T16556] cleanup_mnt+0x268/0x2e0 [ 356.014338][T16556] __cleanup_mnt+0x19/0x20 [ 356.018739][T16556] task_work_run+0x13a/0x1a0 [ 356.023318][T16556] syscall_exit_to_user_mode+0xbe/0x130 [ 356.028849][T16556] do_syscall_64+0xd6/0x1c0 [ 356.033338][T16556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.039238][T16556] [ 356.041541][T16556] value changed: 0x0f -> 0x10 [ 356.046204][T16556] [ 356.048515][T16556] Reported by Kernel Concurrency Sanitizer on: [ 356.054652][T16556] CPU: 0 PID: 16556 Comm: syz-executor Not tainted 6.10.0-rc6-syzkaller-00163-g661e504db04c #0 [ 356.065062][T16556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 356.075104][T16556] ================================================================== [ 356.131577][T17420] loop4: detected capacity change from 0 to 512 [ 356.138401][T17420] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 356.153505][T17420] EXT4-fs (loop4): 1 truncate cleaned up [ 356.160119][T17420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.177534][T16556] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.