last executing test programs: 9.30979247s ago: executing program 1 (id=323): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x10, 0x3, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) mremap(&(0x7f0000919000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f00008d8000/0x1000)=nil) r4 = socket$nl_generic(0x10, 0x3, 0x10) capset(&(0x7f0000000080)={0x19980330}, &(0x7f00000000c0)) syz_open_dev$sg(0x0, 0x0, 0x2) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2400000037000900000000000000000004000000040000000c0001"], 0x24}}, 0x0) fadvise64(r3, 0xfffffffffffffffd, 0xfffffffffffeffff, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0) unshare(0x2c040000) r5 = socket$igmp(0x2, 0x3, 0x2) getsockopt$sock_int(r5, 0x1, 0x25, 0x0, &(0x7f00000001c0)) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) pipe2(&(0x7f0000000000), 0x0) unshare(0xe020600) io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0xf, 0x0, 0x18) 8.462788599s ago: executing program 1 (id=337): syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x6) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x8, 0x1debc8e4722ebd85}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffff020003000008000000b704000000000000850000006b000000950000000000000070f6376996c26617c8f4d0ee23e10d17de234cef76a4f5e2997d256a623005f8184c721eaaf7759ddc67d371198b1dc697fdcfb83dda887909a6e1c382ac45455096f658d922a3ae81c8f74bebce4dca0eb942d7d861d61568b57779f89d6532388f00e954268e4161886b07969bbd7e260b821caf138e"], &(0x7f0000000180)='GPL\x00', 0x5e55e2aa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/custom0\x00', 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r4 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_group_source_req(r4, 0x0, 0x2e, &(0x7f0000000100)={0x4, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @dev}}}, 0x108) socket$netlink(0x10, 0x3, 0x0) writev(r4, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007208", 0x39}], 0x1) close_range(r3, 0xffffffffffffffff, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x254, &(0x7f0000000840)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzLTn1EkpvTXssvYReWgo9pW0O6aXQhh4aemgPW2Znt2yTDW2zyU7JfD4wO/P2vZnfDMz37V5mN4DCGo2IyYgoR8RYRFQjIuke8H62jLabK7X12Yhm85t7SWtc1s509huJiEZEfBZR6fQtrf2w9WDjq4/+Wax+eGrt+9qgrq/b9tbm1zsnp/8+O/Xp0pVrd6aTmIx6u6/7Og5T0uO9ShLxxlEUe0kklbzPgOcx8+eZ62nu34yID1r5r0apHdl/F165WI1PTuy37393r749yHMFDl+zWU0/AxtNoHBKEVGPpDQeEdl2qTQ+nn2Hv1EeLv02v/DH2K/zi3O/5D1TAYelHrH55fmhcyO78n+7nOUfOL7S/H87s3oz3d4p5302wEC8k63S/I/9tPxxyD8UjvxDcck/FJf8wzFwwOzKPxSX/ENxyT8cY9XORqNnt/xDcck/FJf8Q3F15x8AKJbmUN5PIAN5yXv+AQAAAAAAAAAAAAAAAAAA9lqprc92lkHVvPR/xPYXEVHpVb/c+j/iiFdbr8P3k3TYE0m2W19+fK/PA/TpdM5PX792K9/6l989muP+9XSztt+45bmIRjp4olLZe/8l7fvv4F5/Rn/15z4LvKBkV/vz7wZbf7dHq/nWn9qIuJDOPxO95p9SvNVa955/6t0/sXxAvz/s8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMzOMAAAD//7MNbSk=") setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = open(&(0x7f00000000c0)='./bus\x00', 0xca942, 0x0) ftruncate(r6, 0x8002007ffb) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c00000018000100000000000500"/28], 0x1c}}, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendto$packet(0xffffffffffffffff, &(0x7f0000000080)="e7feeeb53d72", 0x6, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r8, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r7, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bind$unix(0xffffffffffffffff, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) 8.064309362s ago: executing program 1 (id=342): open(&(0x7f0000000140)='./file0\x00', 0x22a5c0, 0x80) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) write$sndseq(r1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 7.401075736s ago: executing program 1 (id=348): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f00000001c0)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c666c7573682c726f6469722c726f6469722c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c001762a07a915c8f6c3378b924fc250bdae45cd22bb33f29d72cf1c8410df88b83b9710b49374a748455718cc4af5f3ced9aa10632d595e9c8c3a89f41b650b9ebd4886ae65bf02b7c8ea4e76ef2cc241ac9f89f2753df98db0ba9558c753363f296424ec60e703fac2db7e9f31283852e115cf6acb8d77b3e5d68"], 0x9b, 0x2a5, &(0x7f0000000500)="$eJzs3b1rQ1UUAPDz0jQJOiSCkwg+0MGptF1dUqQFsZOSQR202BakCUILBT8wdnJ1cXR1EQQ3/wkX/wPBVXCzYOHJ+zJpm8akmtaP32/p5d1z7jv35pXS4Z288+zo5DCN44uPf4xOJ4lGP/pxmUQvGlH7NK7pfx4AwL/ZZZbFL1lpmbwkIjqrKwsAWKGl//5/u/KSAIAVe/2NN1/d2d/ffS1NO7E3+ux8kP9nn/8s53eO470YxlFsRjeuIrI/lONmRIybaa4XL4zG54M8c/T299X6Oz9HFPlb0Y1ecela/t4r+7tbaWkqf5zX8UR1/36evx3dePr2/fP87Rn5MWjFi89P1b8R3fjh3Xg/hnFYFFHmRyPik600fTn74teP3srLy/OT8fmgXcRNZGsP/NEAAAAAAAAAAAAAAAAAAAAAAPAftlH1zmlH0b8nIomk7L+zdpXPr0da613vz1PmJ/VCN/oDjbP4su7Ps5mmaVYFTvKb8Uwzmo+0bQAAAAAAAAAAAAAAAAAAAPhHOfvgw5OD4fDo9G8Z1N0A6tf677tOf+rKczE/uD25V6Mazlk51uqYJGJuGfkmFq75t6LpwX23/NRdNX/9zcLrfPXne68G6wvE/MVB/XSdHCSzz7Ad9ZVOfWLfTce0YsF7te6aypb6LFozp7pL7731ZDEYz4mJZF5hL/1Unlx1Jbm5i1ZxqjPT16vBJP3GE95Z/HnOf1NuSXTrAAAAAAAAAAAAAAAAAACAlZq89Dtj8mJuaiNrr6wsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhQk+//X2IwrpIXCG7F6dkjbxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/gd8DAAD//1lVW7Q=") mount$nfs(&(0x7f0000000100)='-..', 0x0, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) syz_emit_ethernet(0x7e, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000088a8000081"], 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) statx(0xffffffffffffffff, &(0x7f0000000380)='./file1\x00', 0x1000, 0x10, &(0x7f0000000a00)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x49000000, 0x0, 0x0, 0x0, 0x0, 0x0) 5.960253414s ago: executing program 0 (id=368): perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r1, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8000000}, 0x48) 5.928850426s ago: executing program 0 (id=369): pipe2$9p(&(0x7f0000000140), 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) write$sndseq(r1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 5.902136438s ago: executing program 0 (id=370): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='rss_stat\x00', r0}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x7000000) 5.39796559s ago: executing program 0 (id=372): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000d00), 0x4) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) recvmsg(r0, &(0x7f00000033c0)={&(0x7f00000003c0)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000002040)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f0000000f80)=""/4096, 0xffffffe1}, {0x0}, {&(0x7f0000000100)=""/102, 0x66}, {&(0x7f00000021c0)=""/4096, 0x1000}], 0x5, &(0x7f0000001f80)=""/178, 0xb2}, 0x120) sendmmsg$inet(r0, &(0x7f0000007780)=[{{&(0x7f0000000980)={0x2, 0x4e23, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000009c0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @rand_addr=0x64010102}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xfffffff7}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@noop, @cipso={0x86, 0x1d, 0xfffffffffffffffd, [{0x5, 0xd, "2818a2de580b532a5a1234"}, {0x7, 0xa, "3c32dc1930f3f3b4"}]}, @generic={0x88, 0x3, 'A'}, @rr={0x7, 0xf, 0xf0, [@private=0xa010102, @multicast1, @multicast1]}, @ssrr={0x89, 0xb, 0xad, [@multicast2, @rand_addr=0x64010102]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @dev={0xac, 0x14, 0x14, 0x38}}}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@timestamp={0x44, 0x20, 0xa7, 0x0, 0x1, [0x2, 0x7b8f5d3a, 0x5, 0x7, 0x5fbce4d9, 0x5, 0xca]}, @lsrr={0x83, 0xb, 0x5e, [@rand_addr=0x5, @rand_addr=0x64010101]}, @timestamp_addr={0x44, 0xc, 0x25, 0x1, 0x5, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}]}, @end, @ra={0x94, 0x4, 0x1}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @empty}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}, @ip_tos_int={{0x14}}, @ip_retopts={{0x30, 0x0, 0x7, {[@cipso={0x86, 0x14, 0x3, [{0x5, 0x2}, {0x5, 0xc, "00079088fea626a9009d"}]}, @timestamp={0x44, 0xc, 0xf2, 0x0, 0x6, [0x22b, 0x0]}]}}}], 0x190}}, {{0x0, 0x0, &(0x7f0000006bc0)=[{&(0x7f00000069c0)="d96fcbb10313e009395d445af73d3b9a63b4588745c5a0d2e3d63c156524ff3b6d7e42e6bf4252b550cc3d9adccd981d37f39d53d9702c655a1ed2817cdc2388f6f3c767eae675159881b6d1388d7689302f726546cbda39af450a76bbe1bf4abbc37b23b2316759c5dd176aa1d175e02b", 0x71}], 0x1}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000006fc0), 0x0, &(0x7f0000007000)}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000007480)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x18}}], 0x5, 0x4080) 5.376850452s ago: executing program 0 (id=373): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x10, 0x3, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) mremap(&(0x7f0000919000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f00008d8000/0x1000)=nil) r4 = socket$nl_generic(0x10, 0x3, 0x10) capset(&(0x7f0000000080)={0x19980330}, &(0x7f00000000c0)) syz_open_dev$sg(0x0, 0x0, 0x2) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2400000037000900000000000000000004000000040000000c0001"], 0x24}}, 0x0) fadvise64(r3, 0xfffffffffffffffd, 0xfffffffffffeffff, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0) unshare(0x2c040000) r5 = socket$igmp(0x2, 0x3, 0x2) getsockopt$sock_int(r5, 0x1, 0x25, 0x0, &(0x7f00000001c0)) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) pipe2(&(0x7f0000000000), 0x0) unshare(0xe020600) openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) 4.477367575s ago: executing program 0 (id=380): syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f00000001c0)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c666c7573682c726f6469722c726f6469722c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c001762a07a915c8f6c3378b924fc250bdae45cd22bb33f29d72cf1c8410df88b83b9710b49374a748455718cc4af5f3ced9aa10632d595e9c8c3a89f41b650b9ebd4886ae65bf02b7c8ea4e76ef2cc241ac9f89f2753df98db0ba9558c753363f296424ec60e703fac2db7e9f31283852e115cf6acb8d77b3e5d68"], 0x9b, 0x2a5, &(0x7f0000000500)="$eJzs3b1rQ1UUAPDz0jQJOiSCkwg+0MGptF1dUqQFsZOSQR202BakCUILBT8wdnJ1cXR1EQQ3/wkX/wPBVXCzYOHJ+zJpm8akmtaP32/p5d1z7jv35pXS4Z288+zo5DCN44uPf4xOJ4lGP/pxmUQvGlH7NK7pfx4AwL/ZZZbFL1lpmbwkIjqrKwsAWKGl//5/u/KSAIAVe/2NN1/d2d/ffS1NO7E3+ux8kP9nn/8s53eO470YxlFsRjeuIrI/lONmRIybaa4XL4zG54M8c/T299X6Oz9HFPlb0Y1ecela/t4r+7tbaWkqf5zX8UR1/36evx3dePr2/fP87Rn5MWjFi89P1b8R3fjh3Xg/hnFYFFHmRyPik600fTn74teP3srLy/OT8fmgXcRNZGsP/NEAAAAAAAAAAAAAAAAAAAAAAPAftlH1zmlH0b8nIomk7L+zdpXPr0da613vz1PmJ/VCN/oDjbP4su7Ps5mmaVYFTvKb8Uwzmo+0bQAAAAAAAAAAAAAAAAAAAPhHOfvgw5OD4fDo9G8Z1N0A6tf677tOf+rKczE/uD25V6Mazlk51uqYJGJuGfkmFq75t6LpwX23/NRdNX/9zcLrfPXne68G6wvE/MVB/XSdHCSzz7Ad9ZVOfWLfTce0YsF7te6aypb6LFozp7pL7731ZDEYz4mJZF5hL/1Unlx1Jbm5i1ZxqjPT16vBJP3GE95Z/HnOf1NuSXTrAAAAAAAAAAAAAAAAAACAlZq89Dtj8mJuaiNrr6wsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhQk+//X2IwrpIXCG7F6dkjbxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/gd8DAAD//1lVW7Q=") mount$nfs(&(0x7f0000000100)='-..', 0x0, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}}, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) syz_emit_ethernet(0x7e, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000088a8000081"], 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) statx(0xffffffffffffffff, &(0x7f0000000380)='./file1\x00', 0x1000, 0x10, &(0x7f0000000a00)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x49000000, 0x0, 0x0, 0x0, 0x0, 0x0) 1.920110403s ago: executing program 4 (id=392): r0 = memfd_create(&(0x7f00000002c0)='D\xa3\xd5Wj\x00\x00\x8b\x14\xc2\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x9b\x12\x0eW\xcf\t\xb0\xa9 +H/\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2y\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xde\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4\x86\xd4\xc9\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg(\x03\xa7\x92\xe5\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xf8A\xaf\\\xaa\xf5u\xde\xfa\xa1\xc0\xf9&gR\x81.\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\b\x00'/244, 0x0) write(r0, &(0x7f00000000c0)='i', 0x1) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) r1 = socket$inet(0x2, 0x6, 0x0) getsockopt$inet_pktinfo(r1, 0x10d, 0xee, 0xfffffffffffffffe, &(0x7f0000000000)=0x300) 1.882667016s ago: executing program 4 (id=393): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000003440)=[{{0x0, 0x0, 0x0, 0xc03e, 0x0, 0x0, 0x80}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB="1c0000000000000001"], 0x150, 0x8001}}], 0x2, 0x0) 1.824139702s ago: executing program 4 (id=394): r0 = socket$kcm(0x2, 0x3, 0x84) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030073797a5f74756e0000000000000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30"], 0xec}}, 0x0) (async) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0) (async) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r3, &(0x7f0000000540)={0xf, 0x8, 0xfa00, {r5}}, 0x10) (async) write$RDMA_USER_CM_CMD_LISTEN(r2, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r5, 0x9}}, 0x10) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) (async) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) (async) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000540)={0x103, 0x29, 0x0, {0x0, [{{}, 0x0, 0x0, 0x7, './file1'}, {{0x0, 0x1}, 0x0, 0x0, 0x7, './file0'}, {{0x0, 0x0, 0x1}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x80000000, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{0x20}, 0x0, 0x0, 0x7, './file1'}, {{}, 0xfffffffffffffff9, 0x0, 0x7, './file0'}]}}, 0x103) r8 = dup(r7) (async) pipe2$9p(&(0x7f00000001c0), 0x0) (async) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRES64, @ANYBLOB=',wfdno=', @ANYRESHEX=r7]) write$P9_RLERRORu(r8, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000300000000000000000000001801000020a0702500000000008000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000000400000006000000180100002020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$binfmt_elf64(r8, &(0x7f0000000340)=ANY=[], 0x7c8) (async) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@access_any}], [], 0x6b}}) (async, rerun: 64) chmod(&(0x7f0000000180)='./file0\x00', 0x0) (async, rerun: 64) sendmsg$inet(r0, &(0x7f0000000a00)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000100)="99d8b3f2", 0x4}], 0x1}, 0x0) 1.820712652s ago: executing program 4 (id=395): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4216, &(0x7f0000000440)=ANY=[], 0x4, 0x331, &(0x7f0000000900)="$eJzs3M9LG2kYwPHHGGOMa5LDsssuLL7sXnYvg8Y9LxsWhWUDK9EsqwsLo052Q6aJZIJtSql66rX03lOhB7E3b0LrP+Clt/bSS29eCqXUQ+mUmcyYH0YTYjRWvx+QefO+72Ped+ad8EzIzMHf92/ks5aW1csSCCv5QkTkUCQuAfENeNuAWw5JvQ35afTti+/mFhb/SKZS02mlZpLzU4kn6WrziNdtd1j24/8evEm83v9q/5uDj/P/5yyVs1ShWFa6Wiq+KutLTt+cldeUmjUN3TJUrmAZpWp7sawvmYbKmsXV1YrSCytjkdWSYVlKL1RU3qioclGVSxWl/6fnCkrTNDUWEbST2Uqn9WSXwcs9HgzOSamU1AfrTsaazFZfBgQAAPqqOf8POCl9V/m/RN383+k8lVBKRcef3ryz/f1eefSvnaiX/++GWuX/P7+s/i9DrdTy/7CIdJP/PxQv/7/1rv3sj2dE18uZ8n9cDuOhY1UDDa+c/D/inb+uzX+2J9wC+T8AAAAAAAAAAAAAAAAAAAAAAJ+DQ9uO2bYd87f+X+0WAu81rqSTjv+wiISdo29z/K+yuYVFCbs37gWjIua9tcxaprr1OuyJiCmGTEhMPrjrweOU/TuPlCMuz8x1L359LTPotiSzknPjJyUm8eZ42575PTU9qaq8+KPblCL18QmJyZet4xON8d77h+THH+riNYnJ82Upiikr7rquxd+dVOq3P1NN8SNuPwAAAAAArgJNHWl5/a5pJ7VXnzJydH3d8vuB6vX1RMvr82Ds22C/Zw8AAAAAwPVgVW7nddM0SqcURqR9n+4Lwc46h5pqhk7rPFg3w07HE3J/7yIyLCJnmdejDvdqQ8H/IUVDU9ir7G73+vPv2fHaqK8JSAdRwebBjzsV6qzj8b82Cp2wn2X2eFTglJUw1LP1/PWDx+97d4L8suOvgPadN53CZhfvFW5edW5h6CI+ewAAAABcrFrS79f8Wt880JdBAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABwzZzLI/2aCv2eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBZfAoAAP//ZID32A==") r0 = syz_open_dev$sg(0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) close(r0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000200)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r1, 0xc0182101, &(0x7f0000000180)={r2}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, 0x0) syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000002c0)={'team_slave_0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_MASTER={0x8, 0x3, r5}]}, 0x28}, 0x1, 0x8}, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, 0x0) socket(0x1d, 0x2, 0x0) r7 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000001880)={'vcan0\x00'}) bind$can_j1939(r7, 0x0, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48) r8 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$rfkill(r8, 0x0, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="70000000000101040000000000000000fe00000108000200000000000c000280a1ff010000000000240002801400018008000100ac141400080002007f0000010c0002800500010000000000fb00074000000000080003400000000004000f80000002400000000000000340000000000000034000000000000002400000000000000140000000000000024000"/160], 0x70}}, 0x0) close(r8) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.426730914s ago: executing program 2 (id=396): socket$phonet_pipe(0x23, 0x5, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) socket$nl_rdma(0x10, 0x3, 0x14) r1 = getpid() r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYRES16=r1], 0x34}, 0x1, 0x0, 0x0, 0x20000005}, 0x0) r3 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x36, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x4, 0x1ff}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x18) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x100}, 0x0, 0x0, r3, 0x0) add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630b00c145f94cd977", 0x18, 0xffffffffffffffff) r4 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', 0x0}) bind$can_raw(r4, &(0x7f0000000240)={0x1d, r5}, 0x10) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) r7 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r7, &(0x7f0000000180)='=', 0x1, 0x4000000, &(0x7f0000000200)={0xa, 0x4, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}, 0x80000000}, 0x1c) shutdown(r7, 0x1) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r8, 0x84, 0xc, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x7c, &(0x7f0000000340)={r9}, 0x8) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[], 0x24}}, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) setsockopt$inet6_tcp_int(r10, 0x6, 0x3, &(0x7f00000002c0)=0x9, 0x4) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000005, 0x10012, r10, 0x0) statx(0xffffffffffffffff, &(0x7f00000007c0)='./file0\x00', 0x1000, 0x400, &(0x7f0000000800)) write$UHID_CREATE2(r6, &(0x7f0000000380)=ANY=[@ANYRES16=r0, @ANYRES64=r6], 0x118) socket$xdp(0x2c, 0x3, 0x0) write$binfmt_script(r4, &(0x7f0000000100), 0x10) syz_pidfd_open(r1, 0x0) 1.34997429s ago: executing program 2 (id=397): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newnexthop={0x5c, 0x68, 0x1, 0x0, 0x0, {}, [@NHA_FDB={0x4}, @NHA_GROUP_TYPE={0x6}, @NHA_BLACKHOLE={0x4}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x3}}, @NHA_ID={0x8, 0x1, 0x2}, @NHA_GROUP={0x1c, 0x2, [{0x1, 0x5}, {}, {0x2, 0x4}]}, @NHA_FDB={0x4}]}, 0x5c}}, 0x0) 1.339527381s ago: executing program 1 (id=351): bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) r0 = io_uring_setup(0x17c7, &(0x7f00000002c0)) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000000), &(0x7f0000048000)=0x1, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = dup(r1) pipe2$9p(&(0x7f00000001c0), 0x0) syz_emit_ethernet(0x176, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaa48847000000000000000000000000603f599001340600fe8000000000000000000000000000aafe8000000000000000000000000000000000000000000000c204000000000000000c000000000000fc02000000000000000000000000000000000000000000000000ffff00000000fe800000000000000000000000000000fe80000000000000000000000000000000000000000000000000000000000000fc00"/190, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50000000907800006c3e4af6e95497a4e1f23137ae5d9ab0d6a6a3ff1ff52b15b109af0f93abe7bddfe72723968479f91c26bda6d7d589fb8cb68c4f8760051117d27ab8434eb2818254ab55825a80ba277e953c42c3e3a34d6f1998abd85935442e96e25dc77ffb0469578ffae16aa69caf18e96b08085370c0c242147969cf393604407755c55c4b539a2e36241dc73a3d65b8b2585660c1365e7ec6c7a536a08d21e53aa4e60cad0bd8eb60a00943"], 0x0) write$P9_RLERRORu(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f00000008c0)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000380)={0x1a}, 0x8) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="000100"/16], &(0x7f00000001c0)='syzkaller\x00'}, 0x90) r3 = socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'netdevsim0\x00', 0x0}) r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000d00000295"], &(0x7f0000000700)='GPL\x00'}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r5, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000780)={r6}, 0x4) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000004c0)={@ifindex=r4, 0x32, 0x0, 0x9, &(0x7f0000000200)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000440)=[0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40) 1.308898944s ago: executing program 2 (id=398): pipe2$9p(0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) write$sndseq(r1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 1.283047706s ago: executing program 2 (id=399): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, 0x0, 0x0) bind$inet6(r0, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) r1 = openat2(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000080)) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000100)={0x0, 0x0, 0xffffffffffffffff, 0x7}) getsockopt$PNPIPE_IFINDEX(r1, 0x113, 0x2, &(0x7f0000000140)=0x0, &(0x7f0000000180)=0x4) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f00000001c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', r2}, 0x14) syz_genetlink_get_family_id$tipc(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, 0x0}, 0x845) getpeername$packet(r1, 0x0, &(0x7f0000000a80)) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f0000001800)={@initdev}, 0x0) r3 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000001b40), 0x1, 0x0) ioctl$AUTOFS_IOC_EXPIRE(r3, 0x810c9365, &(0x7f0000001b80)={{0x1000, 0x1}, 0x100, './file0\x00'}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_MPP(r1, &(0x7f0000001e00)={&(0x7f0000001cc0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001dc0)={&(0x7f0000000340)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="04002abd7000fddbdf256b0000000c009900440c0000620000000a001a00ffffffffffff00000a000600ffffffffffff00000a00060408021100000000000a001a00ffffffffffff00000a001a000802110000000000dfff2fa42765866d1b174b8b1944dc20a63a85987fde46fc1460c3c1f157ba3062fea38b64211a4922e77da0ad2db4bb8be0dd68d48cc1170b41b9e0436f7425f0a6bfc8e7332a888c10c988fd45871d8154713c1f8fb34b585efc60430fe3853c97175d20a27c2ad75a7eba8717bde38a34355f73201a3d3828eea4095cbedf73a1ab636ce6a47eaaab35f749d0d6108489631ff4f7ed7d417c9991dd45b6f5ef6b1cba684f8b96157df367f197ff36011a6eb648081ea7d2c2d6ace707710783e851de8c1a6d4d91cfecbac126baae04f28093bd952401e9c7093473d170d6d5a69f442a8e44eb31cf48cbf06a5a9cd511735fca1aa0833b28828241d149f1c96f7d2e6a199abe422b134fa21783168188ca01aaafab6ddc60a9cbc1959655408ab93bb41f6aab174a3dcb04617e511df7d467af219ced0dd6d57a"], 0x5c}, 0x1, 0x0, 0x0, 0x8080}, 0x90) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, 0x0, &(0x7f0000001f00)) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001f80)={'wlan0\x00'}) sendmsg$NL80211_CMD_GET_MPATH(r1, 0x0, 0x20000) writev(r3, &(0x7f0000004340)=[{0x0}, {&(0x7f00000041c0)="dbbd188814dadf75356a6d37124cc68bd85b7f84cf5ff4545128588e420c7c3c0706bbae4b20adb1b4184aa63af52f6d19f1f0cba20d2305957becf5259d69e9463847f68e3d2f1a048ff2207ba9efbad62d1ccb67284d5916ce5f01fcd1ce1b5f13d6b21643c0c81b66da2a57a5279de315ddcfc63895b735eb9a8c10e327d7f0feee", 0x83}, {&(0x7f0000004280)}, {&(0x7f00000042c0)="9fa0b0e905d89adae92d6ca230a40403ac0f0e506da6eaf886e4ed84a4156cb200b48b13615d9da97712111e9958ab366c2f697e9f069e6ffb026c144a3983767cd18ac1cc41db5e3a3912f3a6f43a806640eaae381ba72fe8658d67f26650ee657547da40aeba9a51307ff184f6ea5b798ed972e6bdaed51e76eb51f168d6", 0x7f}], 0x4) (fail_nth: 5) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_DELETE(r5, 0x0, 0x4000004) ioctl$AUTOFS_IOC_ASKUMOUNT(r5, 0x80049370, 0x0) 1.200156113s ago: executing program 2 (id=400): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x10, 0x3, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) mremap(&(0x7f0000919000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f00008d8000/0x1000)=nil) r4 = socket$nl_generic(0x10, 0x3, 0x10) capset(&(0x7f0000000080)={0x19980330}, &(0x7f00000000c0)) syz_open_dev$sg(0x0, 0x0, 0x2) sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2400000037000900000000000000000004000000040000000c0001"], 0x24}}, 0x0) fadvise64(r3, 0xfffffffffffffffd, 0xfffffffffffeffff, 0x0) unshare(0x8000000) semget$private(0x0, 0x4000, 0x0) semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0) unshare(0x2c040000) r5 = socket$igmp(0x2, 0x3, 0x2) getsockopt$sock_int(r5, 0x1, 0x25, 0x0, &(0x7f00000001c0)) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0) pipe2(&(0x7f0000000000), 0x0) unshare(0xe020600) openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) 620.17113ms ago: executing program 4 (id=402): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f00000024c0)=0x7, 0x4) r1 = dup(r0) read$usbmon(r1, &(0x7f00000037c0)=""/97, 0x61) r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) socket(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendto(r3, 0x0, 0x0, 0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYRES32, @ANYBLOB="100008"], 0x38}}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r4}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x200080d1}, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000000580)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000500)={&(0x7f00000002c0)={0x160, 0x0, 0x400, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x48, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x800}]}, @TIPC_NLA_SOCK_CON={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2e}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x400}]}, @TIPC_NLA_MEDIA={0xac, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc861}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x410}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6347}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}]}]}, @TIPC_NLA_LINK={0x58, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x3c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb91}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}]}, 0x160}}, 0x4000) r6 = socket$packet(0x11, 0x3, 0x300) bind$packet(r6, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x14) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00') perf_event_open(&(0x7f00000013c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r7 = socket$l2tp6(0xa, 0x2, 0x73) sendto$l2tp6(r7, 0x0, 0x0, 0x8000, &(0x7f0000000400)={0xa, 0x0, 0x2b6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xffffff00, 0x2}, 0x20) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$IP_VS_SO_SET_DEL(r1, 0x0, 0x484, &(0x7f0000000140)={0x2f, @rand_addr=0x64010102, 0x4e24, 0x1, 'wrr\x00', 0x62, 0x81, 0x62}, 0x2c) 447.519054ms ago: executing program 1 (id=404): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000d00), 0x4) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) recvmsg(r0, &(0x7f00000033c0)={&(0x7f00000003c0)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000002040)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f0000000f80)=""/4096, 0xffffffe1}, {0x0}, {&(0x7f0000000100)=""/102, 0x66}, {&(0x7f00000021c0)=""/4096, 0x1000}], 0x5, &(0x7f0000001f80)=""/178, 0xb2}, 0x120) sendmmsg$inet(r0, &(0x7f0000007780)=[{{&(0x7f0000000980)={0x2, 0x4e23, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000009c0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @rand_addr=0x64010102}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xfffffff7}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@noop, @cipso={0x86, 0x1d, 0xfffffffffffffffd, [{0x5, 0xd, "2818a2de580b532a5a1234"}, {0x7, 0xa, "3c32dc1930f3f3b4"}]}, @generic={0x88, 0x3, 'A'}, @rr={0x7, 0xf, 0xf0, [@private=0xa010102, @multicast1, @multicast1]}, @ssrr={0x89, 0xb, 0xad, [@multicast2, @rand_addr=0x64010102]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @dev={0xac, 0x14, 0x14, 0x38}}}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@timestamp={0x44, 0x20, 0xa7, 0x0, 0x1, [0x2, 0x7b8f5d3a, 0x5, 0x7, 0x5fbce4d9, 0x5, 0xca]}, @lsrr={0x83, 0xb, 0x5e, [@rand_addr=0x5, @rand_addr=0x64010101]}, @timestamp_addr={0x44, 0xc, 0x25, 0x1, 0x5, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}]}, @end, @ra={0x94, 0x4, 0x1}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @empty}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}, @ip_tos_int={{0x14}}, @ip_retopts={{0x30, 0x0, 0x7, {[@cipso={0x86, 0x14, 0x3, [{0x5, 0x2}, {0x5, 0xc, "00079088fea626a9009d"}]}, @timestamp={0x44, 0xc, 0xf2, 0x0, 0x6, [0x22b, 0x0]}]}}}], 0x190}}, {{0x0, 0x0, &(0x7f0000006bc0)=[{&(0x7f00000069c0)="d96fcbb10313e009395d445af73d3b9a63b4588745c5a0d2e3d63c156524ff3b6d7e42e6bf4252b550cc3d9adccd981d37f39d53d9702c655a1ed2817cdc2388f6f3c767eae675159881b6d1388d7689302f726546cbda39af450a76bbe1bf4abbc37b23b2316759c5dd176aa1d175e02bb7e1de1afd0bf7dc", 0x79}], 0x1}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000006fc0), 0x0, &(0x7f0000007000)}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000007480)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x18}}], 0x5, 0x4080) 351.534611ms ago: executing program 4 (id=405): r0 = syz_open_procfs(0xffffffffffffffff, 0x0) fchdir(r0) r1 = openat$incfs(r0, &(0x7f00000000c0)='.log\x00', 0x0, 0x174) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1008002, &(0x7f0000000100)={[{@grpquota}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) rt_sigprocmask(0x0, &(0x7f0000000200)={[0xfffffbfd]}, 0x0, 0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) ptrace(0xffffffffffffffff, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x18, 0x8, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x3}, [@map_idx_val={0x18, 0x8, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1546}, @generic={0x1, 0x7, 0x6, 0x80}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @jmp={0x5, 0x1, 0x7, 0x5, 0x9, 0xfffffffffffffff4}]}, &(0x7f0000000300)='syzkaller\x00', 0x4, 0xe, &(0x7f00000003c0)=""/14, 0x41000, 0x2, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f0000000400)={0x7, 0x4}, 0x8, 0x10, &(0x7f0000000480)={0x2, 0x8, 0x1, 0x6}, 0x10, 0x0, 0x0, 0x3, &(0x7f00000004c0)=[r0, r1, r1, r0, r1, r0, r1], &(0x7f0000000500)=[{0x2, 0x2, 0x8, 0x2}, {0x3, 0x1, 0x3, 0xb}, {0x1, 0x2, 0x6, 0x1}]}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r4}, 0x62) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@deltaction={0x14, 0x18, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x1d, 0x0, 0x1}, {0x20}, {0x6}]}, 0x10) write(r2, 0x0, 0x0) creat(&(0x7f0000000240)='./bus\x00', 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r7, &(0x7f0000004200)='t', 0x1) sendfile(r7, r6, 0x0, 0x3ffff) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r7, r6, 0x0, 0x7ffff000) 351.174882ms ago: executing program 2 (id=406): chmod(&(0x7f0000000080)='./bus\x00', 0x14) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x51}, 0x9c) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x6, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='signal_generate\x00', r1}, 0x10) close(0x3) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r2, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) accept4$inet6(r2, 0x0, 0x0, 0x0) connect$inet(r3, &(0x7f0000000000)={0x2, 0x2, @empty}, 0x10) sendmmsg$inet(r3, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="e2", 0x1}], 0x1}}], 0x1, 0x48044) close_range(r2, 0xffffffffffffffff, 0x2000000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000200)='sys_enter\x00'}, 0x2b) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x2, 0x10}, 0xc) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000f00)=ANY=[@ANYBLOB="5c0001000000460000805eb008a296f1dfe2078272e72c269d542ee5ec00b241c1c3d16a8c9fe4a0b7f099c1f9feb351ff21b8bf61a1790730b0592e06e5b55c3553789347d95ec697013a640000"], 0x5c}}, 0x0) 240.083021ms ago: executing program 3 (id=408): pipe2$9p(&(0x7f0000000140), 0x0) r0 = syz_open_procfs(0x0, 0x0) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) write$sndseq(r1, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 212.876133ms ago: executing program 3 (id=409): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@noacl}, {@acl}]}, 0x3, 0x451, &(0x7f00000015c0)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==") chdir(&(0x7f00000001c0)='./file0\x00') r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_sys\x00', 0x275a, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, 0x0, 0x10) sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x44041) r2 = syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="480000001f53cc5813377b37238e1e7fff9b8cf5f616d7cc536916d756d175e5ba94b787c4f51f42d4bd4d7028ce6ce8b01b5aa4dbb96332f208ed3fb6421f7df0ade9eae837eeb183aad48627971161de4a13acbc6c57c1848adf928e4d0141b5f99a2d81a62b1b91d56cda2cc7e9bb6192ea1a8a6473f738dd528e067e8256", @ANYRES16=r2, @ANYRESHEX=r2], 0x48}, 0x1, 0x0, 0x0, 0x4004000}, 0x40000) sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a200000dfff0901020000000000000000010000000900010073797a30000000001400e8ff010a010000000000000000000000000030000000160a01010092764e048c23584602eec76e85a74dd6dab00b000000000000010000000900020073797a30000016000900010073797a30000000000475"], 0x8c}}, 0x0) sendmsg$IPSET_CMD_SWAP(r1, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000200}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)=ANY=[@ANYBLOB="340000000606010300000000000000000a0000010900020073797a301000000005000100070000000900020073797a3000000000"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x10054) r3 = dup2(r1, r1) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000940), r5) sendmsg$IEEE802154_LLSEC_GETPARAMS(r5, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="bfbc60edda0d072a506baa01000000000000000000220000000a00010077bd871ab3291178ef0001007770616e310000000a0001b5262cd0326cc1"], 0x38}}, 0x0) sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r4, &(0x7f0000000980)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x14, r6, 0x10, 0x70bd2a, 0x25dfdbfe, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44001}, 0x24040091) perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x8f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) utimensat(0xffffffffffffffff, 0x0, &(0x7f0000000580)={{0x0, 0x3ffffffe}, {0x0, 0x3ffffffe}}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000080)={'wpan1\x00'}) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=ANY=[@ANYBLOB="76701113e941f9ee45c05d753f7d16505e949947a7db79000000000000000180f6acef8ff95d2dee92fe0346f83a1ca4770fd9f7", @ANYRES16=r7, @ANYBLOB="0100000000000000000021000000"], 0x14}}, 0x0) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r3, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[@ANYBLOB="20000000051415e432e7a0167a14000198ce0403502abd7000fcdbdf25080001000200000008"], 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) syz_open_procfs(0x0, &(0x7f0000001580)='sessionid\x00') 158.198257ms ago: executing program 3 (id=410): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x7, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="080100001600010000000000000000007f000001000000000000000000000000fc0200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff0100000000000000000000000000ed3d00000033000000000000000000000000000000000000000000000000d3d9e6525a5f97c90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000fe5d000008001e000000000008000c0000000000"], 0x108}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x46, 0x46, 0x8, [@datasec={0x5, 0x1, 0x0, 0xf, 0x2, [{0x5}], "e457"}, @func_proto={0x0, 0x4, 0x0, 0xd, 0x0, [{0xb, 0x3}, {0x8}, {0xe, 0x3}, {0xd, 0x5}]}]}, {0x0, [0x0, 0x0, 0x61, 0x61, 0x0, 0x2e]}}, &(0x7f0000000480)=""/116, 0x68, 0x74, 0x1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r5}, 0x11) r6 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x11}}]}}]}, 0x44}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000280)={'team0\x00', 0x0}) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000b40)={{0x1, 0x1, 0x18, r0, {0xff}}, './file0\x00'}) io_uring_register$IORING_REGISTER_PERSONALITY(r10, 0x9, 0x0, 0x0) r11 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01000000000000000002060000000c00018008000100", @ANYRES32=r9, @ANYBLOB], 0x20}}, 0x0) r12 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_CTHELPER_NEW(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="5800000000090101000000000000000000000000100004800800014000000200240002000c0002800500010a0000000014000280080001000000000008000200ac1414000800054000000000090001"], 0x58}}, 0x0) socket(0x10, 0x3, 0x0) pipe(&(0x7f0000000100)) r13 = socket$nl_route(0x10, 0x3, 0x0) r14 = socket(0x1, 0x803, 0x0) getsockname$packet(r14, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r13, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=ANY=[@ANYBLOB="700000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004000128008000100687372003400028008000100", @ANYBLOB="5b8162c6b88568785552e134f807a6132c256dddfe773c76370cef3b9399eba8", @ANYBLOB="0500070001000000050007000100000008000200", @ANYRES32=r15, @ANYBLOB="03000100", @ANYRES32=r9, @ANYBLOB="06000500f9ff000008000500", @ANYRES32, @ANYBLOB="0c09fd66036e01582e642572a168ef2ea1950000000f0000"], 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x0) 88.390303ms ago: executing program 3 (id=411): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000033000100000000000000000004"], 0x24}}, 0x0) (fail_nth: 8) 316.53µs ago: executing program 3 (id=412): socket$inet(0x2, 0x4000000000000001, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x46) close(r0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket(0x22, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_ACTIVATE(r2, 0x4b4a, 0x10000000000004) 0s ago: executing program 3 (id=413): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000d00), 0x4) sendto$inet(r0, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef) recvmsg(r0, &(0x7f00000033c0)={&(0x7f00000003c0)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000002040)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f0000000f80)=""/4096, 0xffffffe1}, {0x0}, {&(0x7f0000000100)=""/102, 0x66}, {&(0x7f00000021c0)=""/4096, 0x1000}], 0x5, &(0x7f0000001f80)=""/178, 0xb2}, 0x120) sendmmsg$inet(r0, &(0x7f0000007780)=[{{&(0x7f0000000980)={0x2, 0x4e23, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000009c0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @rand_addr=0x64010102}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xfffffff7}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@noop, @cipso={0x86, 0x1d, 0xfffffffffffffffd, [{0x5, 0xd, "2818a2de580b532a5a1234"}, {0x7, 0xa, "3c32dc1930f3f3b4"}]}, @generic={0x88, 0x3, 'A'}, @rr={0x7, 0xf, 0xf0, [@private=0xa010102, @multicast1, @multicast1]}, @ssrr={0x89, 0xb, 0xad, [@multicast2, @rand_addr=0x64010102]}, @noop]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @remote, @dev={0xac, 0x14, 0x14, 0x38}}}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@timestamp={0x44, 0x20, 0xa7, 0x0, 0x1, [0x2, 0x7b8f5d3a, 0x5, 0x7, 0x5fbce4d9, 0x5, 0xca]}, @lsrr={0x83, 0xb, 0x5e, [@rand_addr=0x5, @rand_addr=0x64010101]}, @timestamp_addr={0x44, 0xc, 0x25, 0x1, 0x5, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}]}, @end, @ra={0x94, 0x4, 0x1}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010102, @empty}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x20}}, @ip_tos_int={{0x14}}, @ip_retopts={{0x30, 0x0, 0x7, {[@cipso={0x86, 0x14, 0x3, [{0x5, 0x2}, {0x5, 0xc, "00079088fea626a9009d"}]}, @timestamp={0x44, 0xc, 0xf2, 0x0, 0x6, [0x22b, 0x0]}]}}}], 0x190}}, {{&(0x7f0000000dc0)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000003640)=[{&(0x7f00000047c0)="52a1a3373a2d6c6ff98f3f500776d272780211f0c30f88b0798a43c439ad28eb927428bc492677361a7c22d301eb7815fce8ee07ea7d58bf1e10025f2736b44ae354736ad5017443f59bfd7609b2d5e4f41676f06b9c0cf7dc7be5a880800e92c3c6b7adea3c28e61ae3f36a791f0acf2f15c08dca022c9bffc0c7c23a0a606d1f667f87cc792e98f2643482e549feacc6349ccd9fc4d4e1d8b32124c7ee05c91d053a22747f85a178a9d4c27b8e168d2d000340ae960bfa81a8dba8ac6d0eb57c0915b846981245839375a5afa9cc319424d22131da23623ff15f1ebb8b3fe3f54db18234c4b4917a95dd29e946d9ad4128dde55d68a37d1ea84c11c5466b545036cd2e17cb852c1d63ab1c79e309bc8eea1a9704c638869617c3e4a7704ba89428637cfe9d74d44893fbddee7ac77f31213f83714258d2cfa68cf84fca2fa1f81cd48fdba5fe27ad0b4d70d982bab6d8ca16e1e5fb0b4f466d982b13929f016e49250378268c0ba0073c3b39a4e827922ea5ca553ab9447151d3e575e106f19be58eb70c6584949876c4ee988d39ce8e398d64a5872638d0a302d6bf1a64bebdfee915d47bbadf13b4232ab062a56ae9c858cf99255a0fa52d73ee136a9318aca67c313eb95deed8a10bad6466df0504af2188fe4a78c3d88e24badcbc19d914785bdfaa5ed3fa6e31e613e4e10c7a2faacd154fbf0551cc30512a176562cec24a8ba82df4fae6cdc604047dffd6b3c42696a96f9ac576f6d285a68f769fbc7bdedcefebc44dd1a2971e536ca516725295c63a742ba293c3d55d492fbd4338be2e1811063a43877e9f430940c107d73be72f1f472c0a736c3bd94dc0258e0d587b01510f526a05de86bd9fa1e50517037f3ae91200d70596e4cc76e8618f7b9cbbeaeff0cd71d3c09425d4d0eef702da89ed78356525a2a59bd6eb254cd71c2301a363651aca1cd4cd1a0b8994ff58d433ef55b2e072975bf95ca4abbff56931a175420cc10c74f39897ed0d1e39c22d6c3346346b555cafa06446b8c4d4fe6c8436ed012de26a280c100903da69df0db145fba47e3facad8f56ae01e9aa298069cd4295d4617dfba0f3ccb92df38fcfc58b3a3f38ee7c8fa96eb1718cb553bdd9dfdc4282df49096b7835505ca834e04eff0dc90f268cc202b5dadfab890bbf0317fbfe29bd1d29a0ff478f096b85609c147579a9b7622fcab10950ac15580e091647eacd5928d718575231cae21cf77313051747d8011ca26a6410ec8e9a4067fc398687d51f9991c2baf1b0e0c19cdc3f5c31499f407a4c8d749e008fef1fae18c91d348cd2aef20caf6edf03b0e63ae3895e716911896cf82d9e29966da2f937677c3eec129f9834964894e68897d66bca7cc5067ec6c67e0dcf1310d4a8bc243facb9ffedd2738efcd4f1926238f9e8dc742866b30e2ae3d024679827def7c61a765f5e5360d1ba0611a75494f2d8396768efe406ab6f8f07364c45a0364bf7c9f39c27c71e9b56d2175091ba02de62dd27ba46b8d72e2554f26a36bdac3c2daa6b9c0a95bea91599bbeb26b8b68c1967ba037a8a4e7aca16adf2d72dd0ec4441697490852834ce2e092660da7ea4b286e1b0434ffb5dbfe7c9d1865dfad462ffc965197b983bf5d60a275ee02f06a27065291a98f5f6dbf17834e99ef0b4ed459675d01ee0bd56ce35a6d7cbd74fcd60f628a7f90e8840cdd5fcec5b2be88bf2dbc8764897460c9913a4409aeddce24a67534483f76b0e1df7d80f834381c55c98ee99c712eb9a4efbc616ea5d963559a5d25ca489a85eb449ac0db564db5c4df63f443a8028366d6523c06c5acd4c78fbe8f7b94cbc7566c507108536671a45297464d79f435c9c25700e730c69922c3448f8d66782e20e96eb4ffd3e39cc630b09256ec5e838292e5b4a436ef237d229ab48b725145817836615a72284cfae3c1b81752b41478344a181a6f25b26847a58f01f2e96e540bbbf7a1db45d80f509c1fa4dbb73931044720567acfae12b0ff0f1dc7d4e16d58293331de44701a09922474438f43e6afae3b94a3a042966ef4dd700e992c7a77a4bfee5d4ee96b82d4f517f1166db7197b718e4cf3feda33ab3c993ea02ab1c86a13e8102e91569d13c72dd15b925ffced899ac5f83ddf7a5372f13149f5f394f8ab53598765f538d31a50a979558cd934c5cf4f04765bbbe5f50cda77855d596fc9063659234c9b7e7fb96518152befbac8fa75ca132970b30f22a9d1d502bb03544b63030a93fe53436cb49f67eb600294e87f72615418b71bc3399a9b95c91c782283a350cad3188fea989df1a69bfd8fb077f5beb379e20222de5ba497ecf8941b8f2e9251920a11f0eba8569fd914c797cfb163ba7af4f7ad17ce1c8857a7a2fb2a3d9a54dc81985b08693e7d2c0a94ce9aafdaebca414ac95be030aeb5cd21089367f4593db7fd3ff34b8c1d0ceda257d8987747868719f4cddd04da5431e1513b8313eb708532f62cfe0d9b543e5826d87a4597a93ecd568d4f0ab9e33b87789604cc8736c765510d16b6d95e026568d8466d7557c352ab393d7622dc980a888dc7b39408335a8e814b4126979d7967e3f48dd9c1cfb6bf2015f9f4a960a30d32921feca86a5f70516386b4bf1c620a24d668a4e1141d8bf73a8aac7630edfb26354740c80d0ab3d5ccf161f7f5234ddf687ae089628414b65fe46e070cf5e316f9aa115ab03f8c17041566eeedefd4e2185155a62197786919c9400e9e14ab7b6c87946b1d4be40bab40af7e0c4bd9da4dbaccff811d1aac4deab6b38d6506e6e7aacead7268ad7d706874e8dde7802e45d03bfebcc9e02961af87c8f48f8d9db0a7c7e3a62bf5bc070e092174885c10e9a5d4da7fa2fadb0e5b55c49760366b58844f39dda300e5c125ba681ec02b28d8ab3b7c143763ea29812e8e1df0c2a7b1a1e04a5ceb53c1a6e49fae4e26477c8ca1e73f44dc892eabfd1990ab858986755b1aed98fd880ac275f6e222fb68f560618a302b5b80ca47671bad6a7fcb919acb91780b74c7055cc753e14c002cff9c80f336bd09d53b6b2a5ac1b10b59a702b5165f091bf92ccb8bd418d0077bad3a232ac459e2e95dec16d07a432952e7fcbc5fb8e98e4c17d0f53942a376842decc0905b76e0858e974109bbe63ecf8d3b189dd57f7ba5a8adf476a4434ded0ca59b14b0bf9536f91208457d8ce966bec0a7724600bdb5888ff178ac909c5f4f017b22ccdb4343b3c88f55b0c46fb299bb3e725672daab54098b776069560ae646344e9084a6fef1167feb77891763932d31d8e379543abf76369e1c2065c96b2ef938776451b920c68148c18faf61ca9078126c623af9773c475157e8d26df3cc1d0449baef8ad7058c692269ab917dc1f7a851a58c68a77120b51e12c348120f002354daa6bdf47b8f93fbebc49df4a3308936814b8b207c81b1e83b28ef5e24dc76d615b84c1f26b02534cbdd3a0dbd16db8513ca344cd4a0c5fcdc5d5e2940919d63c6758586927d6b6a209eacc9753d889d563ab6527ff9390edf241e38082b91f0698421f59d1c0b839a2664d6b6b6f5d4f03bac4b1e88f7235d61cb8f00264d93ed8916cf51c00006b13c07cbc6a5d64018cf4efef477fd61fcae4a0044783e03638d86e93eb04f04d5603cf28114e1c10922146f598b68c96f1945a963692085ad597dac5efdff929bbe038a02f6dcde936a0db02edfa2bd59dbb04b606552920f6d05f7d2821be8c81f4db6881b56e1ecbbc55c0cbfe477f284c47a18fd73cc9919769238afbec30ed57af9c3ef5a80402e7854e91b2de21233411a969a6fde030a6a371d96226d7dc4bf64b93fba1fd39db31e852d92583024d2aa6f4756f6e0a4948ba3f05e307ca7eee8f4d219a8d89d7ad24df66eb76a5d9e494a786445a73b76217cdacaea1a38cb10ed1e8a9b1c52b0ed716124db8b05c39f09d17b4fc7d9998851fef34a5cb049c83b5fdf27223990f7b48b02a38d4569f48c56f15d309e4dd6300e23e3a0cc2b8518d25dad7f092634ddb5648252b27cd28d95c59166401b36779f08f5a2d5c81650d5af313352e1fdadd7aa902efafd04f535b3b811e71dc64f8480671d1c657b89e2cbc57cbac11f8359f2753ec2f583fad6bbdb88ebacebcbe8376d9f5627e1abe1e0ed10c3c8ecd8c6cbef38d830a9f2fc56ced1f94f3ed621ecbd81740de182b906d208fc81968e6eee0b3fdbc87b71bd89750f5e74c89aee400bf3c1a2a49217a8fc83494c05bc690e60f3c4b9fdf91836e45f8691f651e1e24a7bf8424179d3aee581325bf2b32eb306130986ffed63f490536861e7ada6a5e0b8c51380b5d5569f1a0c167e2927ebdfa7aad99a59d8c3a59ca7b033752fe533422a0eef2214f45797e6e0cddf690d0317bef433a0bad2b721a10ec340d948fea8b7992389837ab5dd128b39bf6ec256577e64d83c9e799cca5a1233bdadee5bdc36b6b3aadb75dc8760d6123e4cf68d15671cb9e3b7e63f4303940fdfc26ec7e56bb586a8dca7b4fd9d4b067734a1a676e50f8b4adc779e469e6027ead869579d4c524390dfcafa28dfa97e1e78ef468941bf7e46d55b164f1ef464289a47a62a7d824096c8af6620d4ba71787f664290c84bbb9205d43215f9db84b56b2c1d467ece7ddd43987702c7eb8b118fd4048dcd12e8dbe9b1a1fffb696988d59c20cac26e402fa773d83e0676f7054ffed6159b7f82d81ccc3743ae87ca6e775868778693de6c7371ac33177a0e39d3d75f80d0635957866a9b830e186d98aa53274be2cfe1422b55ef19e28e802465b4d4047c4692f504c3329f66aaed28b2b91f16a13690380bb59bc66b41d6bec0516b91362b430aac28a67ad54706206230974930ec258c41556548793871b53444b17a524e432c7e7e0df518d3c2a5702a548c4efb5060fa1daae1288c0e0f856888528a5157895497ecd14695f902aeeffc52fecd495112aac7c1002e77be1b1f767910018d2752a42841ddb07669bfed05a8b8b9f79d82f2f505ded6a44b714a64e57718b16a34027a605206b1acfe3d65788bae9591d2bbbaae8191f7d866d0cc0c834de00da91c8336a2cf11e5555bf2a7b830019a71094f808fa444237ce84c2d21848ce6a357c132c50ddbf02c2e5347c311ed3cf67bebcddf00cb9c5ba06620d2d2ad4536bba9577bca3c36ca567d9927fd0c685ba3dd3eb5d4d405048250c9f03b90790ba1524386aec6f6a4039395a0155d680ef3c09d6b93166f2d7548464d648ce06ef88706574c894b0e32ed691385c7d697244b208042832167d681d2e11727eeea96e805036c49bbedd134bf193dfc22ff211f4db758d445f92bf5536fa8a0f14741fdcb650ffe3a1ce2f4e23ea6aa59cf0791c59ce437bb1b6653eaa84404c4051139837606c17cb4d8e7a147caa991253e2b4a19d0152a8c34c6a737f9f57aecf8fac9a2e5ba92200cfb499ed3d4b8ad1f4d57e11447915b97eccae363d2177ea32f495c0469bf5f8a2ecaeb9f51c08f2a6a991e501f5bc420ac106abbedc6eea87be737488991288c7b288f130244c90ee9bfce72df8c35a06c0918aac5192482e77bc670335b6d6cf9e75dcea", 0xf80}, {&(0x7f0000000e00)="002521f740646d53d2b61f29f43fe29021f61e012d2c40a8897b56", 0x1b}, {&(0x7f0000000e40)="825b4ba0af82aa3d5a1a6761b4b1bfb375cc5611b08677e077e5130a574db01550a73a8fe20005feb09b47fa5d3acf995d3099acc9fdffd1d8929a927bef04dc082a9570d792f20e061f4890e666f10ab614c358c8ee05824d8284814391a354622741377200aa3a033b99a1b6bdab55b6bcbeab977998504b9214b5775e636735fbe6855df715597612875940db373fd63ef958e33c11e3b357d7b5f56bc0ed670671879869f727fb83b30dd6ea9fa5", 0xb0}, {&(0x7f0000000f00)="9e3f21dd0cf1d90df128037c447ac1c42f787ab2ca6cbbed6b29acc8593eaddb2d1a38d21c3557c3770ecf8486a4d12fd9d0d1c80e18e6742c3ba0df79f95c9c505be693fe42809fc44affeb2432f485fc6cac458d9818c93076e1572a25a13701f0ae664b0b8a688b", 0x69}, {&(0x7f00000031c0)="e8b0dff4012896dd23be8e979af167633f71f04e18d04b3e165b7608d3e2ed40e43b49ca50a89424fd0e121a47b3ac98d72f9e333c140fd6d3e27d24b27bdcaaea426a0c671a3bcb4f32b880b31b3f941bd6f7b99ca033a627475bacdab4475d655090986f549256531a60363bd151bdb959fae59028e13dc50f4a700084d0c4daf63f1135d43eba176840a2bc5336967e2eef9b9eadfecb2128eac06adf502d9608778cab8aec2a1f4d81c0d1b86e222eaf8b0c36beefb8ce9ece15174cbe1fd4757b9246c21959cd5e71767c4e23400c4c90a68526b687b8a5c4509419c05e31d1befe9733d3d9a74e6a0e8971df", 0xef}, {&(0x7f00000032c0)="484440acf6c65362b8ca307d95ed48a83f5c018e38f260da926851e4d974ba9146d78e7f7f9407501f19e7880d6789616931b286241ef435856b48b6720e37023c77f790511da0535628cbc90ef73886b14870962e773888933dd7274832bb9bc8e2eddfff4fd5a680689603c27a24fed7fdb74c3b7aa084812a4538e4e1092e4e906948e62de9cf0a651344fbe72d90ecedf497472aceac763c7bb699941da2e544938257c23b5bfae4f61e7b77cdf12e99d6a2e9976cd7e69516219b0fd82d810fdcf61c00df97ace42707b3", 0xcd}, {&(0x7f0000003400)="a7a165acd176110e7a0654ed8ab877b8b28c75fa19f00fc2c93264e45595c8a4b588ce81aa69948f8f64f542692cfd70f39b0a890de1cad051e6530432a3bb2c47fa0eac68e4327c0f80246e2a701b63e0117837e5fb696eaa17eef6b6094e8a630ee6a765f3c142f1fe92e1e5a9b8e547fd2ff407c4e23e35718f7aabf70ba4ae8104b69150dd1735ae52", 0x8b}, {&(0x7f00000034c0)="f9293517947c21970283a7ea997b1730e29b8fc90a84bd220e643e1a59fd6702ec144cefce028a51d6178c540c3278c81c53f99e39fe6ce43bfbe95218bfdcd316cc", 0x42}, {&(0x7f0000003540)="4bd028b7576083d693af4d5f", 0xc}, {&(0x7f0000003580)="f5f3dcadff35b2974ec4aacb390a4810dfc783c1495d7e016068c6f1646f4d6f1b40cde7b579c46daea27137c947ea96865c7f7a8a24b264afb6c9e760b4b43059506585869b7ad3c3b7405436cd4ccb927e50", 0x53}], 0xa}}, {{&(0x7f0000003700)={0x2, 0x4e21, @rand_addr=0x64010102}, 0x10, &(0x7f0000006900)=[{&(0x7f00000057c0)="36a6cd6e817295ecf9cf73f0d1c229731e488a19c4732d7d26a26665f1645545ff75f2217f875b82d40b7f41b0cb59caf12f8a1c0d379223b41c27b71559c81534bf307ba5a39f89a850008a1c1e9e6a9c2c5f1f244c755b72b1c2b0d79525c261177584e99460f2c9f92d3f8730aef82f394b9c363e25a5e02bb160f2fe9a8f66ce1171", 0x84}, {&(0x7f0000005880)="fa3124b9d00795fb5d69b776f08c53345ca4011348c5f25116f61f65b9a37914661bdf56482db784da9542f793c4db30b82b5316ceedfae89f2b8b757645fd07e614579c05b897236b22ec83a175220e490bbba7ff660b660069e006c3ad28eb89c882803d876e12ed683de4997f6433a0c31512c18c0d4ef79b96e0af61c21707d45657f916cf4afe6e8bc8d8ef1caddaef857d3e5c253759c5ad7dda07652c0f0788101ed6ab5275f47cb703bebccd114fb6774c547adbcfa7c0dafa256d4075a5876eb13e8ee0a9b1e1c77e294b8a232467306db8ad677520e9822d888b8fb57019c59cebe1159064a1c75b0021b5fffc72f65bda294c312ea62fd8322878bea0088477bec2c3916a3c2c7d041325505291a78f58b6e25b2cb85e6ce3680133915799610d6fbd8a213f2f4481273a5dc49ae1b6b0f3a8e849e2b212d392c3e531f0c0c4715e32b2e61622fbd2c477920bc6bc4cbb827f841fd61ddcf1dba894e4868f6ab6a65f9cceb6ab9942fd222fcf3881b5b1840d38e41b6a14e51087d362e9766608c58b08f500cd63b0f3e8e4ea62563d900bf61d90003e22b4d44313ec2647d31d8e0e6df6f3cb16609aeb4562479f8b95b98a8379c22bc9500b7baf8055163da03c6909cb24a48d9008d36c5d833a5deac4c5867720623a1315445a971539f3962bcbb0ff39aef65b05b2321cd60a29f131e18b8385214eb683f6c17f3d22c1b4a51a7bbc4bb4676a55dd94e5571ede3fd3f783c1e6e2cf1d8dbc7650ddaec52dc2520fba4bdcabe13fdab3f6422e2e87cfd1d400a529c4a574f0338b03211165a923e134e619f0387873ef9791e2bf5f00c400c357cf65f86bbfa8b7c497c3e1b7e0e93c95c7aa3025374c96f8ce545c07bd56bb336f4f1256643e0e2581af6c365ea27adbae2ff015c8b22678b76361f065b6936a771260b8dafc3b87670fd5b476180a13a1b445c21e4fcf9325aede838e774efcb6783e4c24b4c7e38426faa7a7f3c15e5bab2d84ac3ec49216a24aef3305a0abd3054fa70fa8c2b57c502c34c234123ff95256c1f034e014539518ce85915d7d14b55b8815b9ba2df4e0d544a7d5083a89df0b83954578f78a763b9075c23b9745d9d4abcb821b53085d6d207da86489640b1ba8b1e0de814b6673953873f93c79643671f54bccbcde1a109d603576c70029e65b73eca6815ffc3ab1db518763bf4b19b03613f81c08a18123912e3df0d5d3791ebc113a5e54ef79c3120ca19a01ab123159c9a32f59dbc41992de96eb78f0764db328d8efdc32a2141fa8852cee81c1b3fbf9a2e73d28c193a34bcdb66649d7d84be6c3f8d32391553995ef28f0938fed5703d65ffddc553e205c2df996f876617bf4ed499836ab07e08b0e2c7241bbb4570f283bf91e68d6f729056d0e84f8388bf90a18f20d5b225253345162ad269ad5dc5a28e77123263c7b842993755047cd780159b8899a60c820983403daeb8633159b8e342ab2a59940e6e025d6e1a817290555b0f32232a6f4c9c7c378215f0248f51774e1913e4537aca732d46ae8a31221d6e5d04bf128e3ba9716b7acdc1cf329c84214a2552d989d3ccb2aa1f6441c6b17fb487578a653141fbff26135940defe92481b2ccd2cd587d45e3ebede4500bd15ee1ab95ee9284bfaf1d6467813e2cfa0041dbc5f6538f9e1d26fa34a3938b85a69c29869466a29c1b5eb5968102aa5abcb4db713e752bb6d220b8c63aedfba5b359e41394dc8f9d49a94fdaa0891a6ef8046d0aaa5b67bd5b625683677e88e09e5a0fcd8d8b947c806f3dd235c7807228c8c2d13b5d66d606a76f45e9a56f80d6c6f4b29e8a783ba1d2c174fb945b8580b3314153897ef4df315e98c5f8a8b1317f1ae6aa3aebbae5757ef050dade82a5dc27e467b934c2191a391194e25c49ad8db017cfa3b4c05d8e5d7fa25e3f16b7bb14f3c7311e4477213b422294eab43e7ea41718692fe3159fd56d79606f73746868f2210bdd792bda9b1216728f3a4f9717ea3fcb09d1e17c54e038b10ce9ec6f7e0bca645a85e99578d85327c08bf73bf3b7177eb74fea37d731489baf932627bfbbb5d1577870947c71a8bc61fe4a3678ee7edf102d61e452128fdd1d5581787376f22bc7088ec0f603037979f6a09a198cb23088563f1d15517d0a65c50860edb2185a41fac6574888b8f8c05496b91dfb662a8556699695c648c0046d5d2c04150ecc840e3418343c68e8ddf3bc2bbb12cd61b5f1359ae6b6a7ed33a1d099551110b0a7fa3eddad09ea5bf3d19000ff7a379b0b977040b40feeef0a44bad0b3ed9254cc4835aed52af8a3b8f8a0511bdd145f65221e63a86f57be221edef1233e57fe4955b9f748ed967fb52066969b0fe7ead2a1f14c3a9d5a0b8a031be1d65c22ec733ca64c64f7f25a88f1b93860a7ef85fc713d967294cb7def029f9991204fb4ba82798b2e1c4db3b2aadc9ba0660fcaf1176ad1c9117f97a58580fd024abbd65c55104cd237629aaf7b362c0d610977ea7725f32778412f737a387c5f10e042cfa67d3952b9e408900b6132e68219bbf65d587ceec98b63537c08722b5b7191e15877225ccfb44365b8c7413f98f29e69ceb884f2d4c58257d5f82935666d351f11538b1e4d342fcdd1fbdf67e39da42d28697bb0e3d16bce1b9952d13ad79e72113edf859eb45e6fe10aaf8352770b906e1af623d0be532938abd1936f67925344537dfb6d67ff6f539ef8d8ce7842b82eca38e898c774015bfd8e7b02c91cadebbb2b5ece80b7553791ccf8a600d7acd1ca03cb075632713fadce2b28d80ec9749279d89529b5312e8143b0a98a7f98d0224ff8a77cbd272713458ec171ec431cf105e4df840ed1f41c97e84216c5a83ed2642d0ae86e849ceab438d7c564fcd30d9ecb7b9f02ba6ab62b33768f9791b9dd546b9a54949bb63321ee9b54703366f2d5ee9685ec629eb28060aa3b81be423dc934ecadd198e6303ab832c3b9a6f88eae87f64d3f79f87012b6e896f68b5e2e69dd9b5899f4d631e991803ddf9ef480b10469dc92bf64d4b74d38655df5dba7d3a6cd5fb8cbcd0d0ec5921efc1ac5864f338cb99c47e56467e461d11c8389df3a33a25a9aa140edf30ae87f203df70c7841d3f4ba45925bfd08b39ed4b41d2b703a4cbe8bfb100845b98bfacc1fe27f9f2dc3aa0e2a1191c9ab3f873d30e8d73be82f534bd41020a58107a8d4d452c76a3d8e2732dd8dbdae5576ac438e35682ca33feb0e12edd6f2f40a2e8a014f8a375c206570603dd44b5c285dc2d53a697f3397f98f055904484c832b49190b440b71b84d063e7852d387fd6545879e38bbe66d2e2a72e29bb5cb1b8197d7cf8f0f0097875d4dcf133d9bc2a9ae31ccebb527c925c1b9b174cf23962b659c09988022c1a3e8a55608186baa3b343df6706e7b90cd2f0ec8d60013bec946b66cfe04a35b11c470920e4da7b73088cad2497923f90f1171400f99cd5196f02ed714fe8768d2286c9c1f55d7a88cac48a672bd5b133ec2d5dfe42d37e05110e6f2fdb10feeaa2e6d06c08b9731968b3a3ad9a370ec17d347d6e3243812d2db828465d2a8502fc39f7209f874f94a60029f8ab0030503288ddb1c39b11e93592f4a60c7fb24f64145a3bace98f4e2db5bcc52563eb352d6b00e0bff733436273668b341155c4d2bbe869db4f1d703c41a3b5b3db3ee76752d52bde195f9eaa96179a41c9b6a7cff1f8e7a83f7e2e129d6a933bd1ae9060bf938844b156126a6813e6ab730c7cbdf2c70dda846b22dbd1f795e031b76553f9fd977f6b4bf1b6f9a2fcb5f05017d2fcec14837ab4e408889f33533f1502daaaba0cdc77f6a70d7805880d06f71388809e252c5826348224e5d40f19ae001c7fe9e86b0d514872aa1c858772737a5fe27aa9732659d3d47ec8dc6a47e6ea776fb7a14851db52eb051c1890c2f29885fb8ab3dc785092f556562be997503ebd0038d6614e0f31987570f17cc83f7bf48bbe9d825ed4ff347775bba9a14b9b0f2524ee8745a93c001bddb6c801ae8c17de841d7b63ffb72660f0ea39b7168a8213bde2c1ebc9aabd716e2a598cbda205402eb001257413d78decaa6485c87788eedf5816f8e266ce27860e090dd805a6648cd84e0747224fce0ebbe9e4e2a57d03930b8292c72fc46c86485cfbc687d94b8f2acfff41905a20ed3ebb2cd332cef12697714522ce61757180336ca78ad7a79bede68892819a2a46b0ea7999433f23a7eb1755badc9e42ce6dd62b33dc9a71d07b6f15b1148c5211136d308f467b4c7feabaaf12fe3f3b3eb9269ff903217090ac8bb3c4e3df9829a3aad053e3afa9fc8440b191cf95d2d7a604601482b576c22e23dbd6d9f622ecacd73dfc2b995289f1610053f60d939740cc989bfe71df812da7fa5f11ffb3c977edc6d31bc0954cb660fc911d7f4eb74e14beca02c489445d7a01807faae76a092a89dce03ae2f1f25b131ea9b6cc23e91a16d53c9be31a7c41a637001c8afcbb71e4330560a7454cdf815aa995b64942cd3fa9c551557d6e5aa002f36168223a138be32ddabe675d341f8dfc3661bb3f0861c49334b7e8dec6ff63356bcc08bd61e1fd084a6b3fd0af3caafcf9ae00f233f6f65745f621727f827886ae85e8aeaf9d9097d688095fd6ab17681e3f4ed713cd4852335760f3556f931b86ce7e81e83ba2c3adeb8d6d14726ad26bd52036baa1e3ec744dcf18dc66f613f48bb6d6cfa27030f29f6f3d3b7524597402a8742f4ab85c1e040bfd17cad42864d6700188b373135e3980d97f735d4a170bcc6a4ae06f59175b49292ec19f8673c57aa0e574fd7712fd5fb5ab793328f52bd8e6c15a05d17be9708441201243112c87dd9a55b1d461b0d1a1b1fad2471bfa31b4cd10705ae3f4c4b0b0cf48711a96908309e3ca2be90f483f5a144ab074cf828bb6d13de87e097e7882a833557a130c1fb4c0e95d7214100fc7a956216cf1da01bb39e7a37cd7438de7e66eeacaf859fad7269c635ad901a40546a24cf324ce35aa661579d355b2d94f284b7198fb6df9f3e700175369fed248783e0480f85ea1fe8fb67a7b49d973e5a703f4fca2960ab053e513001c28e67e87438456b2e98d01f38f0aa2c30ace42fc89b0ab952615b4ae8123a88dfec6ac3ac90363938f96a171b6a483eed60c8d34673cd240af774aaec41f0303df99dac09125694b6b7f00f9f7a2edd52b83817243394bd1d8b014cd759f2405dae18495161fe6b86d5466364433a3f2de799c110cd20ae5622f7b903c30e020ab35bd41dcb7cfc1e4a541c3e69ea52d6cb240ea83f597ded8ad1593c168cb600bc98ba151ea21ae0c263689fd85409c9061a60ea962ac69ad4be5fe4f584ab214130f32900491143b273a70ebedb8c8375c44183a13a5156ee1c18d93f03", 0xf00}, {&(0x7f0000006880)="1708ed8aee3279125b2ff660209a6b3459f2c329e94ef73ef274515fc58ef3bf06f17cd2a8baa9b70fa7b9f04d82928f26f1f7b6ef60cf87be09e09f6041ad593ef2b340116e874fbff301c6ebb45857209c4dbfd935dd46020e314542e79ebc9cc6443c748208413f788ceb0ae5985318182fd0375a80d37b", 0x79}], 0x3, &(0x7f0000006940)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @private=0xa010101}}}], 0x20}}, {{&(0x7f0000006980)={0x2, 0x4e23, @broadcast}, 0x10, &(0x7f0000006bc0)=[{&(0x7f00000069c0)="d96fcbb10313e009395d445af73d3b9a63b4588745c5a0d2e3d63c156524ff3b6d7e42e6bf4252b550cc3d9adccd981d37f39d53d9702c655a1ed2817cdc2388f6f3c767eae675159881b6d1388d7689302f726546cbda39af450a76bbe1bf4abbc37b23b2316759c5dd176aa1d175e02bb7e1de1afd0bf7dc4625c74af2ed5d8f89636056d344c6ea3f02c462adfb2e41ed2e6d5232521f1991d88ac852d185646a", 0xa2}, {&(0x7f0000006a80)="92f02425fe996c83f8a8fb311cbf209b613213dd804ce4bce107dc86ed6774288796e98a7b19251b1f7df94eaf554f52041a8204fb0fb1be69343cd37fb4f98560cc17294f49aaf714ff2b353c685bd6e176f45b62a885e92c6f7ccee6dca0357a939a1ee0c3d05814901d6581b22d1c4185133fa04b3448136fb2462e3ca57eba00f78065f6763c9f5dc6b51ca6cec31024558ffac1a400e8dec556354972fd9ec5af780382be68248dc18e0e44e2ae67", 0xb1}, {&(0x7f0000006b80)="5d933ee23db769ce23b56181621934f9ac29b065", 0x14}], 0x3, &(0x7f0000007200)=[@ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}], 0x30}}, {{&(0x7f0000006c40)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f0000006ec0)=[{&(0x7f0000006c80)="ecbdf0b0876813aedc413331d62a30f9", 0x10}, {&(0x7f0000006cc0)="1e33c1ad836c836b27b03692", 0xc}, {&(0x7f0000006d00)="e92bc5d985331b07fc852bc0", 0xc}, {&(0x7f0000006d40)="e07d2cf3b5fa39201b1a9257dafdbae49dd69ae0dbe2cc70a9218467877fe2a0888543de186d2c897743e7d5674b57808b4db83f36257d2acafb48c6b431b06689a5a7df1af165617d22ab6a73492d1914e33fd863489e1719ee359f939fc7673059c047f58e70106ca9fdafdb09afd7a1db7439d688a8f6d13941e57321ccc344b3649d7c30574a8bd800f22bda720f616c9a2779533e8cbb44fe8168154f2642b8e901fbd3a9d664f489a15c993f91b1d57e7bc5876260ab495d511565747a60a1643910b54eb2e4039bd427848ddf7b5bea2be9c9e88dcd8ddaf9ce2e91c160", 0xe1}], 0x4, &(0x7f0000006f40)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @broadcast, @rand_addr=0x64010102}}}], 0x20}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000007000)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_ttl={{0x14}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6}}, @ip_tos_int={{0x14}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xffffffe1}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x401}}, @ip_ttl={{0x14, 0x0, 0x2, 0x81}}], 0xd8}}, {{&(0x7f0000007100)={0x2, 0x4e23, @dev}, 0x10, 0x0}}], 0x7, 0x4080) kernel console output (not intermixed with test programs): et a fully working HSR network [ 40.816432][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.823712][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.893726][ T3584] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.983569][ T3584] veth0_vlan: entered promiscuous mode [ 40.994811][ T3584] veth1_vlan: entered promiscuous mode [ 41.016973][ T3584] veth0_macvtap: entered promiscuous mode [ 41.025507][ T3584] veth1_macvtap: entered promiscuous mode [ 41.040258][ T3584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.050818][ T3584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.060833][ T3584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.071296][ T3584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.081142][ T3584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.091881][ T3584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.101741][ T3584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.112727][ T3584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.128139][ T3584] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.142735][ T3584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.153548][ T3584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.163546][ T3584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.174015][ T3584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.183864][ T3584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.194461][ T3584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.204434][ T3584] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.214998][ T3584] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.226210][ T3584] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.236277][ T3584] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.245107][ T3584] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.253850][ T3584] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.262870][ T3584] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.481342][ T3820] loop2: detected capacity change from 0 to 512 [ 41.489014][ T3820] EXT4-fs: Ignoring removed oldalloc option [ 41.495662][ T3820] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 41.509237][ T3820] EXT4-fs (loop2): 1 truncate cleaned up [ 41.525732][ T3820] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.607033][ T3820] loop2: detected capacity change from 512 to 0 [ 41.614118][ T3820] syz.2.86: attempt to access beyond end of device [ 41.614118][ T3820] loop2: rw=12288, sector=26, nr_sectors = 2 limit=0 [ 41.662565][ T3820] EXT4-fs error (device loop2): __ext4_find_entry:1641: inode #2: comm syz.2.86: reading directory lblock 0 [ 41.676483][ T3820] syz.2.86: attempt to access beyond end of device [ 41.676483][ T3820] loop2: rw=145409, sector=2, nr_sectors = 2 limit=0 [ 41.689683][ T3820] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 41.702516][ T3820] EXT4-fs (loop2): I/O error while writing superblock [ 41.709461][ T3832] syz.2.86: attempt to access beyond end of device [ 41.709461][ T3832] loop2: rw=12288, sector=26, nr_sectors = 2 limit=0 [ 41.722752][ T3832] EXT4-fs error (device loop2): __ext4_find_entry:1641: inode #2: comm syz.2.86: reading directory lblock 0 [ 41.734563][ T3832] syz.2.86: attempt to access beyond end of device [ 41.734563][ T3832] loop2: rw=145409, sector=2, nr_sectors = 2 limit=0 [ 41.747741][ T3832] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 41.760346][ T3832] EXT4-fs (loop2): I/O error while writing superblock [ 41.790609][ T3835] netlink: 8 bytes leftover after parsing attributes in process `syz.4.92'. [ 41.808841][ T3831] loop1: detected capacity change from 0 to 256 [ 41.866066][ T3266] syz-executor: attempt to access beyond end of device [ 41.866066][ T3266] loop2: rw=12288, sector=26, nr_sectors = 2 limit=0 [ 41.881969][ T3843] loop4: detected capacity change from 0 to 8192 [ 41.891103][ T3266] EXT4-fs warning (device loop2): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -5 reading directory block [ 41.906690][ T3266] syz-executor: attempt to access beyond end of device [ 41.906690][ T3266] loop2: rw=524288, sector=12, nr_sectors = 2 limit=0 [ 41.925118][ T3266] syz-executor: attempt to access beyond end of device [ 41.925118][ T3266] loop2: rw=524288, sector=14, nr_sectors = 2 limit=0 [ 41.938878][ T3266] syz-executor: attempt to access beyond end of device [ 41.938878][ T3266] loop2: rw=524288, sector=16, nr_sectors = 2 limit=0 [ 41.952979][ T3266] syz-executor: attempt to access beyond end of device [ 41.952979][ T3266] loop2: rw=524288, sector=18, nr_sectors = 2 limit=0 [ 41.966902][ T3843] loop4: p1 < > p2 p3 p4 < p5 > [ 41.973310][ T3266] syz-executor: attempt to access beyond end of device [ 41.973310][ T3266] loop2: rw=12288, sector=10, nr_sectors = 2 limit=0 [ 41.989898][ T3266] EXT4-fs error (device loop2): ext4_get_inode_loc:4574: inode #2: block 5: comm syz-executor: unable to read itable block [ 42.002962][ T3843] loop4: p3 size 16744448 extends beyond EOD, truncated [ 42.015422][ T29] kauditd_printk_skb: 47 callbacks suppressed [ 42.015436][ T29] audit: type=1400 audit(1723271854.915:403): avc: denied { create } for pid=3842 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 42.042193][ T2961] loop4: p1 < > p2 p3 p4 < p5 > [ 42.046294][ T3266] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 42.049479][ T29] audit: type=1400 audit(1723271854.945:404): avc: denied { create } for pid=3842 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 42.055616][ T3266] EXT4-fs (loop2): I/O error while writing superblock [ 42.075037][ T29] audit: type=1400 audit(1723271854.945:405): avc: denied { getopt } for pid=3842 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 42.081701][ T3266] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5810: IO failure [ 42.084097][ T3266] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 42.102806][ T2961] loop4: p3 size 16744448 extends beyond EOD, [ 42.111815][ T3266] EXT4-fs (loop2): I/O error while writing superblock [ 42.117958][ T2961] truncated [ 42.134173][ T3266] EXT4-fs error (device loop2): ext4_dirty_inode:6014: inode #2: comm syz-executor: mark_inode_dirty error [ 42.148590][ T3266] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 42.157824][ T3266] EXT4-fs (loop2): I/O error while writing superblock [ 42.185491][ T28] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4559: inode #18: block 9: comm kworker/u8:1: unable to read itable block [ 42.211607][ T28] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 42.221141][ T28] EXT4-fs (loop2): I/O error while writing superblock [ 42.230083][ T28] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4559: inode #2: block 5: comm kworker/u8:1: unable to read itable block [ 42.245434][ T28] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 42.254520][ T28] EXT4-fs (loop2): I/O error while writing superblock [ 42.265925][ T3266] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.279501][ T3266] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 42.292734][ T3266] EXT4-fs (loop2): I/O error while writing superblock [ 42.330704][ T3249] udevd[3249]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory [ 42.331097][ T3251] udevd[3251]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 42.342482][ T3503] udevd[3503]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 42.352551][ T3844] udevd[3844]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 42.372216][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 42.425435][ T3258] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 42.433188][ T3258] FAT-fs (loop1): Filesystem has been set read-only [ 42.440406][ T3258] FAT-fs (loop1): error, corrupted directory (invalid entries) [ 42.563785][ T29] audit: type=1400 audit(1723271855.465:406): avc: denied { getopt } for pid=3863 comm="syz.4.105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 42.606713][ T29] audit: type=1326 audit(1723271855.505:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3867 comm="syz.4.106" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f855b3f79f9 code=0x0 [ 42.733031][ T1617] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.772244][ T3865] chnl_net:caif_netlink_parms(): no params data found [ 42.785582][ T1617] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.834933][ T3865] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.842183][ T3865] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.857337][ T3865] bridge_slave_0: entered allmulticast mode [ 42.864031][ T3865] bridge_slave_0: entered promiscuous mode [ 42.873263][ T29] audit: type=1400 audit(1723271855.775:408): avc: denied { write } for pid=3892 comm="syz.0.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 42.895567][ T1617] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.913192][ T3865] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.920415][ T3865] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.927807][ T3865] bridge_slave_1: entered allmulticast mode [ 42.934553][ T3865] bridge_slave_1: entered promiscuous mode [ 42.963429][ T1617] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.983615][ T3865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.000815][ T3865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.075077][ T3898] loop0: detected capacity change from 0 to 256 [ 43.104032][ T3865] team0: Port device team_slave_0 added [ 43.112784][ T1617] bridge_slave_1: left allmulticast mode [ 43.118582][ T1617] bridge_slave_1: left promiscuous mode [ 43.124479][ T1617] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.151671][ T1617] bridge_slave_0: left allmulticast mode [ 43.157471][ T1617] bridge_slave_0: left promiscuous mode [ 43.163227][ T1617] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.172428][ T29] audit: type=1400 audit(1723271856.065:409): avc: denied { read } for pid=3904 comm="syz.3.112" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 43.360692][ T1617] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 43.371620][ T1617] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 43.382515][ T1617] bond0 (unregistering): Released all slaves [ 43.400668][ T3865] team0: Port device team_slave_1 added [ 43.459011][ T3865] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 43.466045][ T3865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.492021][ T3865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 43.510210][ T3882] chnl_net:caif_netlink_parms(): no params data found [ 43.569977][ T1617] hsr_slave_0: left promiscuous mode [ 43.575710][ T1617] hsr_slave_1: left promiscuous mode [ 43.582343][ T1617] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 43.590013][ T1617] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 43.598156][ T1617] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 43.605713][ T1617] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 43.614814][ T1617] veth1_macvtap: left promiscuous mode [ 43.620332][ T1617] veth0_macvtap: left promiscuous mode [ 43.625848][ T1617] veth1_vlan: left promiscuous mode [ 43.631156][ T1617] veth0_vlan: left promiscuous mode [ 43.716358][ T1617] team0 (unregistering): Port device team_slave_1 removed [ 43.726672][ T1617] team0 (unregistering): Port device team_slave_0 removed [ 43.766608][ T3865] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 43.773714][ T3865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.799878][ T3865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 43.906232][ T3882] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.913468][ T3882] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.924600][ T3882] bridge_slave_0: entered allmulticast mode [ 43.931230][ T3882] bridge_slave_0: entered promiscuous mode [ 43.940401][ T3882] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.947543][ T3882] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.955485][ T3882] bridge_slave_1: entered allmulticast mode [ 43.963986][ T3882] bridge_slave_1: entered promiscuous mode [ 43.978533][ T3865] hsr_slave_0: entered promiscuous mode [ 43.984665][ T3865] hsr_slave_1: entered promiscuous mode [ 43.990836][ T3865] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 43.998467][ T3865] Cannot create hsr debugfs directory [ 44.055000][ T3882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.078264][ T3882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.111043][ T3882] team0: Port device team_slave_0 added [ 44.117688][ T3882] team0: Port device team_slave_1 added [ 44.145772][ T3882] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.152859][ T3882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.178906][ T3882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.222231][ T3882] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.229363][ T3882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.255407][ T3882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.306109][ T3882] hsr_slave_0: entered promiscuous mode [ 44.314634][ T3882] hsr_slave_1: entered promiscuous mode [ 44.322084][ T3882] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 44.329830][ T3882] Cannot create hsr debugfs directory [ 44.382615][ T1617] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.476211][ T1617] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.558746][ T1617] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.601459][ T3865] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 44.620886][ T1617] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.654902][ T3865] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 44.663908][ T3865] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 44.673213][ T3865] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 44.746863][ T1617] bridge_slave_1: left allmulticast mode [ 44.752681][ T1617] bridge_slave_1: left promiscuous mode [ 44.758748][ T1617] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.786959][ T1617] bridge_slave_0: left allmulticast mode [ 44.792769][ T1617] bridge_slave_0: left promiscuous mode [ 44.798487][ T1617] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.909984][ T1617] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 44.920616][ T1617] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 44.931123][ T1617] bond0 (unregistering): Released all slaves [ 44.950868][ T3865] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.965979][ T3865] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.976533][ T28] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.983726][ T28] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.004142][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.011263][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.080469][ T1617] hsr_slave_0: left promiscuous mode [ 45.086498][ T1617] hsr_slave_1: left promiscuous mode [ 45.094015][ T1617] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 45.101577][ T1617] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 45.113334][ T1617] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 45.121007][ T1617] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 45.130995][ T1617] veth1_macvtap: left promiscuous mode [ 45.136577][ T1617] veth0_macvtap: left promiscuous mode [ 45.142704][ T1617] veth1_vlan: left promiscuous mode [ 45.148079][ T1617] veth0_vlan: left promiscuous mode [ 45.259373][ T1617] team0 (unregistering): Port device team_slave_1 removed [ 45.272947][ T1617] team0 (unregistering): Port device team_slave_0 removed [ 45.323169][ T3865] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.400517][ T3865] veth0_vlan: entered promiscuous mode [ 45.413542][ T3865] veth1_vlan: entered promiscuous mode [ 45.430010][ T3882] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 45.439768][ T3882] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 45.449772][ T3882] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 45.460896][ T3882] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 45.471223][ T3865] veth0_macvtap: entered promiscuous mode [ 45.479847][ T3865] veth1_macvtap: entered promiscuous mode [ 45.493379][ T3865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.503857][ T3865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.513782][ T3865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.524276][ T3865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.534128][ T3865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 45.544652][ T3865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.555730][ T3865] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.569056][ T3865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.579791][ T3865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.589701][ T3865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.600195][ T3865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.610139][ T3865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 45.620580][ T3865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 45.631813][ T3865] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.643315][ T3865] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.652142][ T3865] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.661031][ T3865] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.669882][ T3865] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.740820][ T3882] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.774817][ T3882] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.782499][ T29] audit: type=1400 audit(1723271858.685:410): avc: denied { relabelfrom } for pid=4036 comm="syz.2.104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 45.786260][ T1617] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.802472][ T29] audit: type=1400 audit(1723271858.685:411): avc: denied { relabelto } for pid=4036 comm="syz.2.104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 45.809421][ T1617] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.842604][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.849969][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.881599][ T3882] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 45.946135][ T3882] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.016866][ T3882] veth0_vlan: entered promiscuous mode [ 46.025238][ T3882] veth1_vlan: entered promiscuous mode [ 46.041251][ T3882] veth0_macvtap: entered promiscuous mode [ 46.048959][ T3882] veth1_macvtap: entered promiscuous mode [ 46.058961][ T3882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.069683][ T3882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.079782][ T3882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.090331][ T3882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.100311][ T3882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.110884][ T3882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.121059][ T3882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.131505][ T3882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.142450][ T3882] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.154837][ T3882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.165575][ T3882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.175733][ T3882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.186441][ T3882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.196389][ T3882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.207036][ T3882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.216872][ T3882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.227570][ T3882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.238591][ T3882] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.250274][ T3882] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.259166][ T3882] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.267908][ T3882] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.276704][ T3882] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.305485][ T4051] netlink: 8 bytes leftover after parsing attributes in process `syz.3.115'. [ 46.342591][ T29] audit: type=1400 audit(1723271859.245:412): avc: denied { read } for pid=4055 comm="syz.3.116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 46.362656][ T4056] loop3: detected capacity change from 0 to 1024 [ 46.378393][ T4056] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.546996][ T4069] netlink: 20 bytes leftover after parsing attributes in process `syz.3.116'. [ 46.614105][ T4059] loop1: detected capacity change from 0 to 512 [ 46.628391][ T4059] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001) [ 46.799027][ T4055] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 46.814169][ T4055] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 46.826482][ T4055] EXT4-fs (loop3): This should not happen!! Data will be lost [ 46.826482][ T4055] [ 46.836229][ T4055] EXT4-fs (loop3): Total free blocks count 0 [ 46.842237][ T4055] EXT4-fs (loop3): Free/Dirty block details [ 46.848190][ T4055] EXT4-fs (loop3): free_blocks=68451041280 [ 46.853998][ T4055] EXT4-fs (loop3): dirty_blocks=32 [ 46.859136][ T4055] EXT4-fs (loop3): Block reservation details [ 46.865132][ T4055] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 46.872231][ T4055] syz.3.116 (4055) used greatest stack depth: 10768 bytes left [ 46.883869][ T3584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.913574][ T4097] loop3: detected capacity change from 0 to 2048 [ 46.920531][ T4097] ext4: Unknown parameter 'fsname' [ 47.370073][ T4108] loop3: detected capacity change from 0 to 512 [ 47.376884][ T4108] EXT4-fs: test_dummy_encryption option not supported [ 47.407180][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 47.407195][ T29] audit: type=1400 audit(1723271860.255:414): avc: denied { name_bind } for pid=4103 comm="syz.3.120" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 47.434810][ T29] audit: type=1400 audit(1723271860.265:415): avc: denied { create } for pid=4103 comm="syz.3.120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 48.064636][ T4113] loop1: detected capacity change from 0 to 128 [ 48.081209][ T3336] kernel write not supported for file /snd/seq (pid: 3336 comm: kworker/0:3) [ 48.082194][ T29] audit: type=1400 audit(1723271860.985:416): avc: denied { mounton } for pid=4111 comm="syz.1.123" path="/2/file0" dev="loop1" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 48.167747][ T29] audit: type=1400 audit(1723271861.075:417): avc: denied { bind } for pid=4118 comm="syz.1.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 48.192700][ T29] audit: type=1400 audit(1723271861.075:418): avc: denied { setopt } for pid=4118 comm="syz.1.126" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 48.215686][ T29] audit: type=1400 audit(1723271861.115:419): avc: denied { create } for pid=4112 comm="syz.3.124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 48.237456][ T29] audit: type=1400 audit(1723271861.115:420): avc: denied { getopt } for pid=4112 comm="syz.3.124" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 48.283082][ T29] audit: type=1400 audit(1723271861.185:421): avc: denied { mount } for pid=4123 comm="syz.1.128" name="/" dev="gadgetfs" ino=6372 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1 [ 48.309139][ T29] audit: type=1400 audit(1723271861.185:422): avc: denied { write } for pid=4123 comm="syz.1.128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 48.323788][ T4122] loop3: detected capacity change from 0 to 8192 [ 48.336166][ T4122] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 48.362293][ T29] audit: type=1400 audit(1723271861.255:423): avc: denied { write } for pid=4125 comm="syz.1.129" path="socket:[6375]" dev="sockfs" ino=6375 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 48.364169][ T4126] loop1: detected capacity change from 0 to 1024 [ 48.403531][ T4126] EXT4-fs: Ignoring removed nomblk_io_submit option [ 48.419820][ T4126] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 48.434801][ T4126] netlink: 'syz.1.129': attribute type 1 has an invalid length. [ 48.442525][ T4126] netlink: 224 bytes leftover after parsing attributes in process `syz.1.129'. [ 48.463264][ T3882] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.492427][ T4122] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 48.495447][ T4130] bridge: RTM_NEWNEIGH with invalid ether address [ 48.501272][ T4122] FAT-fs (loop3): Filesystem has been set read-only [ 48.501828][ T4122] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 48.523977][ T4122] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 48.536526][ T4127] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 48.546878][ T4133] netlink: 172 bytes leftover after parsing attributes in process `syz.1.130'. [ 48.558546][ T4133] FAULT_INJECTION: forcing a failure. [ 48.558546][ T4133] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 48.571653][ T4133] CPU: 0 UID: 0 PID: 4133 Comm: syz.1.130 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 48.582260][ T4133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 48.592488][ T4133] Call Trace: [ 48.595764][ T4133] [ 48.598691][ T4133] dump_stack_lvl+0xf2/0x150 [ 48.603298][ T4133] dump_stack+0x15/0x20 [ 48.607488][ T4133] should_fail_ex+0x229/0x230 [ 48.612182][ T4133] should_fail+0xb/0x10 [ 48.616458][ T4133] should_fail_usercopy+0x1a/0x20 [ 48.621513][ T4133] _copy_from_user+0x1e/0xd0 [ 48.626114][ T4133] kstrtouint_from_user+0x76/0xe0 [ 48.631169][ T4133] proc_fail_nth_write+0x4f/0x160 [ 48.636452][ T4133] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 48.642169][ T4133] vfs_write+0x28b/0x900 [ 48.646437][ T4133] ? __fget_files+0x1da/0x210 [ 48.651235][ T4133] ksys_write+0xeb/0x1b0 [ 48.655638][ T4133] __x64_sys_write+0x42/0x50 [ 48.660293][ T4133] x64_sys_call+0x27dd/0x2d60 [ 48.664995][ T4133] do_syscall_64+0xc9/0x1c0 [ 48.669557][ T4133] ? clear_bhb_loop+0x55/0xb0 [ 48.674309][ T4133] ? clear_bhb_loop+0x55/0xb0 [ 48.679005][ T4133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 48.684930][ T4133] RIP: 0033:0x7f93176464df [ 48.689351][ T4133] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8d 02 00 48 [ 48.708979][ T4133] RSP: 002b:00007f93162a6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 48.717405][ T4133] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f93176464df [ 48.725464][ T4133] RDX: 0000000000000001 RSI: 00007f93162a60a0 RDI: 0000000000000006 [ 48.733487][ T4133] RBP: 00007f93162a6090 R08: 0000000000000000 R09: 0000000000000000 [ 48.741477][ T4133] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 48.749459][ T4133] R13: 0000000000000001 R14: 00007f93177d6058 R15: 00007ffed07b8288 [ 48.757446][ T4133] [ 48.794579][ T4137] loop1: detected capacity change from 0 to 128 [ 48.802072][ T4137] vfat: Unknown parameter 'shor ' [ 48.889679][ T4140] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 49.195648][ T4144] loop1: detected capacity change from 0 to 128 [ 49.220390][ T4144] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 49.272150][ T4157] FAULT_INJECTION: forcing a failure. [ 49.272150][ T4157] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 49.285390][ T4157] CPU: 1 UID: 0 PID: 4157 Comm: syz.2.139 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 49.296004][ T4157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 49.306168][ T4157] Call Trace: [ 49.309467][ T4157] [ 49.312412][ T4157] dump_stack_lvl+0xf2/0x150 [ 49.317064][ T4157] dump_stack+0x15/0x20 [ 49.321254][ T4157] should_fail_ex+0x229/0x230 [ 49.325994][ T4157] should_fail+0xb/0x10 [ 49.330276][ T4157] should_fail_usercopy+0x1a/0x20 [ 49.335372][ T4157] _copy_to_user+0x1e/0xa0 [ 49.339825][ T4157] simple_read_from_buffer+0xa0/0x110 [ 49.345290][ T4157] proc_fail_nth_read+0xfc/0x140 [ 49.350329][ T4157] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 49.355908][ T4157] vfs_read+0x1a2/0x6e0 [ 49.360122][ T4157] ? __rcu_read_unlock+0x4e/0x70 [ 49.365078][ T4157] ? __fget_files+0x1da/0x210 [ 49.369799][ T4157] ksys_read+0xeb/0x1b0 [ 49.374104][ T4157] __x64_sys_read+0x42/0x50 [ 49.378774][ T4157] x64_sys_call+0x27d3/0x2d60 [ 49.383563][ T4157] do_syscall_64+0xc9/0x1c0 [ 49.388104][ T4157] ? clear_bhb_loop+0x55/0xb0 [ 49.392823][ T4157] ? clear_bhb_loop+0x55/0xb0 [ 49.397532][ T4157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 49.403471][ T4157] RIP: 0033:0x7fee4e3e643c [ 49.407904][ T4157] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 49.427706][ T4157] RSP: 002b:00007fee4d067030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 49.436150][ T4157] RAX: ffffffffffffffda RBX: 00007fee4e575f80 RCX: 00007fee4e3e643c [ 49.444146][ T4157] RDX: 000000000000000f RSI: 00007fee4d0670a0 RDI: 0000000000000005 [ 49.452163][ T4157] RBP: 00007fee4d067090 R08: 0000000000000000 R09: 0000000000000000 [ 49.460158][ T4157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 49.468153][ T4157] R13: 0000000000000000 R14: 00007fee4e575f80 R15: 00007ffe2815fb78 [ 49.476176][ T4157] [ 49.552285][ T4163] 9pnet_fd: Insufficient options for proto=fd [ 49.683351][ T2925] IPVS: starting estimator thread 0... [ 49.690004][ T4175] IPVS: dh: TCP 127.0.0.1:0 - no destination available [ 49.725988][ T4161] loop2: detected capacity change from 0 to 32768 [ 49.777330][ T4176] IPVS: using max 2400 ests per chain, 120000 per kthread [ 49.788279][ T4184] loop2: p1 p3 < > [ 49.799051][ T4161] loop2: p1 p3 < > [ 49.810166][ T2961] loop2: p1 p3 < > [ 49.847496][ T4161] loop2: detected capacity change from 0 to 2048 [ 49.900440][ T4161] loop2: p2 < > [ 49.913215][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 49.924908][ T3503] udevd[3503]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 49.949408][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 49.950952][ T3503] udevd[3503]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 50.005031][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 50.007071][ T3503] udevd[3503]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 50.039054][ T4189] loop2: detected capacity change from 0 to 512 [ 50.052409][ T4189] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 50.063994][ T4189] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it [ 50.074298][ T4189] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.149: Corrupt directory, running e2fsck is recommended [ 50.115350][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 50.135382][ T4189] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 50.145460][ T4189] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.149: corrupted in-inode xattr: invalid ea_ino [ 50.171870][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 50.185248][ T4180] loop1: detected capacity change from 0 to 65536 [ 50.202232][ T4189] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.149: couldn't read orphan inode 15 (err -117) [ 50.217047][ T3502] udevd[3502]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 50.222413][ T4189] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.318575][ T4192] FAULT_INJECTION: forcing a failure. [ 50.318575][ T4192] name failslab, interval 1, probability 0, space 0, times 0 [ 50.331276][ T4192] CPU: 0 UID: 0 PID: 4192 Comm: syz.2.149 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 50.341914][ T4192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 50.351990][ T4192] Call Trace: [ 50.355333][ T4192] [ 50.358289][ T4192] dump_stack_lvl+0xf2/0x150 [ 50.362978][ T4192] dump_stack+0x15/0x20 [ 50.367214][ T4192] should_fail_ex+0x229/0x230 [ 50.372014][ T4192] ? tcp_sendmsg_fastopen+0x163/0x4f0 [ 50.377418][ T4192] should_failslab+0x8f/0xb0 [ 50.382071][ T4192] __kmalloc_cache_noprof+0x4b/0x2a0 [ 50.387856][ T4192] tcp_sendmsg_fastopen+0x163/0x4f0 [ 50.393128][ T4192] ? __pfx_tcp_sendmsg+0x10/0x10 [ 50.398116][ T4192] tcp_sendmsg_locked+0x2445/0x2640 [ 50.403342][ T4192] ? mntput+0x49/0x70 [ 50.407355][ T4192] ? __rcu_read_unlock+0x4e/0x70 [ 50.412334][ T4192] ? avc_has_perm_noaudit+0x1cc/0x210 [ 50.417811][ T4192] ? avc_has_perm+0xd4/0x160 [ 50.422507][ T4192] ? _raw_spin_unlock_bh+0x36/0x40 [ 50.427664][ T4192] ? __pfx_tcp_sendmsg+0x10/0x10 [ 50.432636][ T4192] tcp_sendmsg+0x30/0x50 [ 50.437112][ T4192] inet_sendmsg+0x77/0xd0 [ 50.441742][ T4192] __sock_sendmsg+0x102/0x180 [ 50.446564][ T4192] __sys_sendto+0x1e5/0x260 [ 50.451108][ T4192] __x64_sys_sendto+0x78/0x90 [ 50.455832][ T4192] x64_sys_call+0x2959/0x2d60 [ 50.460539][ T4192] do_syscall_64+0xc9/0x1c0 [ 50.465122][ T4192] ? clear_bhb_loop+0x55/0xb0 [ 50.469838][ T4192] ? clear_bhb_loop+0x55/0xb0 [ 50.474618][ T4192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.480633][ T4192] RIP: 0033:0x7fee4e3e79f9 [ 50.485065][ T4192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.504701][ T4192] RSP: 002b:00007fee4d046038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 50.513171][ T4192] RAX: ffffffffffffffda RBX: 00007fee4e576058 RCX: 00007fee4e3e79f9 [ 50.521222][ T4192] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 50.529277][ T4192] RBP: 00007fee4d046090 R08: 0000000020000040 R09: 0000000000000010 [ 50.537295][ T4192] R10: 00000000200007fd R11: 0000000000000246 R12: 0000000000000001 [ 50.545357][ T4192] R13: 0000000000000000 R14: 00007fee4e576058 R15: 00007ffe2815fb78 [ 50.553363][ T4192] [ 50.833124][ T3865] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.865621][ T4205] 9pnet_fd: Insufficient options for proto=fd [ 51.166892][ T4211] FAULT_INJECTION: forcing a failure. [ 51.166892][ T4211] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 51.180028][ T4211] CPU: 0 UID: 0 PID: 4211 Comm: syz.4.157 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 51.190729][ T4211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 51.200788][ T4211] Call Trace: [ 51.204065][ T4211] [ 51.207065][ T4211] dump_stack_lvl+0xf2/0x150 [ 51.211683][ T4211] dump_stack+0x15/0x20 [ 51.215851][ T4211] should_fail_ex+0x229/0x230 [ 51.220557][ T4211] should_fail+0xb/0x10 [ 51.224728][ T4211] should_fail_usercopy+0x1a/0x20 [ 51.229764][ T4211] _copy_from_iter+0xd3/0xb00 [ 51.234501][ T4211] ? __virt_addr_valid+0x1ed/0x250 [ 51.239640][ T4211] ? __check_object_size+0x35b/0x510 [ 51.244953][ T4211] mptcp_sendmsg+0x80f/0xe60 [ 51.249567][ T4211] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 51.255129][ T4211] inet_sendmsg+0xc5/0xd0 [ 51.259489][ T4211] __sock_sendmsg+0x102/0x180 [ 51.264334][ T4211] ____sys_sendmsg+0x312/0x410 [ 51.269153][ T4211] __sys_sendmsg+0x1e9/0x280 [ 51.273768][ T4211] __x64_sys_sendmsg+0x46/0x50 [ 51.278608][ T4211] x64_sys_call+0x2689/0x2d60 [ 51.283294][ T4211] do_syscall_64+0xc9/0x1c0 [ 51.287859][ T4211] ? clear_bhb_loop+0x55/0xb0 [ 51.292775][ T4211] ? clear_bhb_loop+0x55/0xb0 [ 51.297492][ T4211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.303420][ T4211] RIP: 0033:0x7f855b3f79f9 [ 51.307890][ T4211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.327532][ T4211] RSP: 002b:00007f855a077038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 51.335990][ T4211] RAX: ffffffffffffffda RBX: 00007f855b585f80 RCX: 00007f855b3f79f9 [ 51.343996][ T4211] RDX: 0000000000000000 RSI: 0000000020000880 RDI: 0000000000000003 [ 51.352050][ T4211] RBP: 00007f855a077090 R08: 0000000000000000 R09: 0000000000000000 [ 51.360040][ T4211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.368118][ T4211] R13: 0000000000000000 R14: 00007f855b585f80 R15: 00007fff43910108 [ 51.376290][ T4211] [ 51.409768][ T4213] loop4: detected capacity change from 0 to 2048 [ 51.419323][ T4213] EXT4-fs error (device loop4): __ext4_fill_super:5435: inode #2: comm syz.4.158: casefold flag without casefold feature [ 51.433039][ T4213] EXT4-fs (loop4): get root inode failed [ 51.438850][ T4213] EXT4-fs (loop4): mount failed [ 51.450184][ T4215] loop1: detected capacity change from 0 to 2048 [ 51.462446][ T4213] sctp: [Deprecated]: syz.4.158 (pid 4213) Use of struct sctp_assoc_value in delayed_ack socket option. [ 51.462446][ T4213] Use struct sctp_sack_info instead [ 51.480648][ T4215] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.495389][ T4215] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 51.512226][ T4215] EXT4-fs (loop1): Delayed block allocation failed for inode 13 at logical offset 512 with max blocks 1 with error 28 [ 51.524847][ T4215] EXT4-fs (loop1): This should not happen!! Data will be lost [ 51.524847][ T4215] [ 51.534657][ T4215] EXT4-fs (loop1): Total free blocks count 0 [ 51.540727][ T4215] EXT4-fs (loop1): Free/Dirty block details [ 51.546703][ T4215] EXT4-fs (loop1): free_blocks=2415919104 [ 51.552452][ T4215] EXT4-fs (loop1): dirty_blocks=16 [ 51.557601][ T4215] EXT4-fs (loop1): Block reservation details [ 51.563597][ T4215] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 51.616158][ T3882] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.644296][ T4223] netlink: 8 bytes leftover after parsing attributes in process `syz.1.160'. [ 51.750510][ T4225] netlink: 'syz.2.161': attribute type 1 has an invalid length. [ 51.758281][ T4225] netlink: 'syz.2.161': attribute type 2 has an invalid length. [ 51.766147][ T4225] netlink: 4 bytes leftover after parsing attributes in process `syz.2.161'. [ 51.776819][ T4225] netlink: 16 bytes leftover after parsing attributes in process `syz.2.161'. [ 51.785819][ T4225] netlink: 40 bytes leftover after parsing attributes in process `syz.2.161'. [ 51.859318][ T4223] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 51.867893][ T4223] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 51.919509][ T4228] loop2: detected capacity change from 0 to 128 [ 51.936121][ T4228] loop2: detected capacity change from 0 to 256 [ 51.942813][ T4228] msdos: Unknown parameter 'xœìÝ1oÓ@' [ 52.394569][ T4234] loop4: detected capacity change from 0 to 512 [ 52.394874][ T4236] 9pnet_fd: Insufficient options for proto=fd [ 52.524427][ T4244] loop1: detected capacity change from 0 to 512 [ 52.531276][ T4244] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 52.542260][ T4244] EXT4-fs (loop1): 1 truncate cleaned up [ 52.548618][ T4244] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.566075][ T29] kauditd_printk_skb: 118 callbacks suppressed [ 52.566090][ T29] audit: type=1400 audit(1723271865.465:542): avc: denied { create } for pid=4243 comm="syz.1.168" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 52.593582][ T29] audit: type=1326 audit(1723271865.475:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93176479f9 code=0x7ffc0000 [ 52.617225][ T29] audit: type=1326 audit(1723271865.475:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93176479f9 code=0x7ffc0000 [ 52.640563][ T29] audit: type=1326 audit(1723271865.475:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f93176479f9 code=0x7ffc0000 [ 52.663946][ T29] audit: type=1326 audit(1723271865.475:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93176479f9 code=0x7ffc0000 [ 52.688230][ T29] audit: type=1326 audit(1723271865.475:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f93176479f9 code=0x7ffc0000 [ 52.711547][ T29] audit: type=1326 audit(1723271865.475:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93176479f9 code=0x7ffc0000 [ 52.734946][ T29] audit: type=1326 audit(1723271865.475:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f93176479f9 code=0x7ffc0000 [ 52.758633][ T29] audit: type=1326 audit(1723271865.475:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f93176479f9 code=0x7ffc0000 [ 52.781873][ T29] audit: type=1326 audit(1723271865.475:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.1.168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9317647a33 code=0x7ffc0000 [ 52.820111][ T3882] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.895754][ T4256] 9pnet_fd: Insufficient options for proto=fd [ 52.902662][ T4256] xt_TPROXY: Can be used only with -p tcp or -p udp [ 53.094151][ T4259] chnl_net:caif_netlink_parms(): no params data found [ 53.129654][ T4259] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.136802][ T4259] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.144084][ T4259] bridge_slave_0: entered allmulticast mode [ 53.150713][ T4259] bridge_slave_0: entered promiscuous mode [ 53.157764][ T4259] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.164939][ T4259] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.172683][ T4259] bridge_slave_1: entered allmulticast mode [ 53.179236][ T4259] bridge_slave_1: entered promiscuous mode [ 53.203529][ T4259] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.217230][ T4259] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.238437][ T4259] team0: Port device team_slave_0 added [ 53.257941][ T4259] team0: Port device team_slave_1 added [ 53.274418][ T4259] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.275795][ T4281] loop4: detected capacity change from 0 to 128 [ 53.281503][ T4259] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.291059][ T35] kernel write not supported for file /snd/seq (pid: 35 comm: kworker/1:1) [ 53.313814][ T4259] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.314624][ T4259] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.340081][ T4259] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 53.366104][ T4259] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.389808][ T4284] loop4: detected capacity change from 0 to 128 [ 53.426542][ T4259] hsr_slave_0: entered promiscuous mode [ 53.435688][ T4259] hsr_slave_1: entered promiscuous mode [ 53.444728][ T4290] loop4: detected capacity change from 0 to 128 [ 53.470038][ T4290] bio_check_eod: 16 callbacks suppressed [ 53.470059][ T4290] syz.4.179: attempt to access beyond end of device [ 53.470059][ T4290] loop4: rw=2049, sector=145, nr_sectors = 896 limit=128 [ 53.495649][ T4289] syz.4.179: attempt to access beyond end of device [ 53.495649][ T4289] loop4: rw=524288, sector=145, nr_sectors = 224 limit=128 [ 53.511253][ T4289] syz.4.179: attempt to access beyond end of device [ 53.511253][ T4289] loop4: rw=0, sector=177, nr_sectors = 8 limit=128 [ 53.524782][ T4289] syz.4.179: attempt to access beyond end of device [ 53.524782][ T4289] loop4: rw=0, sector=177, nr_sectors = 8 limit=128 [ 53.538088][ T4289] syz.4.179: attempt to access beyond end of device [ 53.538088][ T4289] loop4: rw=0, sector=177, nr_sectors = 8 limit=128 [ 53.551311][ T4289] syz.4.179: attempt to access beyond end of device [ 53.551311][ T4289] loop4: rw=0, sector=177, nr_sectors = 8 limit=128 [ 53.564644][ T4289] syz.4.179: attempt to access beyond end of device [ 53.564644][ T4289] loop4: rw=0, sector=177, nr_sectors = 8 limit=128 [ 53.577815][ T4289] syz.4.179: attempt to access beyond end of device [ 53.577815][ T4289] loop4: rw=0, sector=177, nr_sectors = 8 limit=128 [ 53.591299][ T4289] syz.4.179: attempt to access beyond end of device [ 53.591299][ T4289] loop4: rw=0, sector=177, nr_sectors = 8 limit=128 [ 53.605221][ T4289] syz.4.179: attempt to access beyond end of device [ 53.605221][ T4289] loop4: rw=0, sector=177, nr_sectors = 8 limit=128 [ 53.648365][ T4294] loop4: detected capacity change from 0 to 1024 [ 53.650181][ T4259] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.655722][ T4294] EXT4-fs: Ignoring removed nobh option [ 53.698575][ T4298] FAULT_INJECTION: forcing a failure. [ 53.698575][ T4298] name failslab, interval 1, probability 0, space 0, times 0 [ 53.700448][ T4294] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.711235][ T4298] CPU: 1 UID: 0 PID: 4298 Comm: syz.3.182 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 53.711268][ T4298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 53.711281][ T4298] Call Trace: [ 53.748125][ T4298] [ 53.751131][ T4298] dump_stack_lvl+0xf2/0x150 [ 53.755807][ T4298] dump_stack+0x15/0x20 [ 53.760006][ T4298] should_fail_ex+0x229/0x230 [ 53.764713][ T4298] ? skb_clone+0x154/0x1f0 [ 53.769227][ T4298] should_failslab+0x8f/0xb0 [ 53.773886][ T4298] kmem_cache_alloc_noprof+0x4c/0x290 [ 53.779502][ T4298] skb_clone+0x154/0x1f0 [ 53.783967][ T4298] __netlink_deliver_tap+0x2bd/0x4c0 [ 53.789269][ T4298] netlink_unicast+0x641/0x670 [ 53.794081][ T4298] netlink_sendmsg+0x5cc/0x6e0 [ 53.798910][ T4298] ? __pfx_netlink_sendmsg+0x10/0x10 [ 53.804254][ T4298] __sock_sendmsg+0x140/0x180 [ 53.808956][ T4298] ____sys_sendmsg+0x312/0x410 [ 53.813810][ T4298] __sys_sendmsg+0x1e9/0x280 [ 53.818447][ T4298] __x64_sys_sendmsg+0x46/0x50 [ 53.823310][ T4298] x64_sys_call+0x2689/0x2d60 [ 53.828077][ T4298] do_syscall_64+0xc9/0x1c0 [ 53.832597][ T4298] ? clear_bhb_loop+0x55/0xb0 [ 53.839198][ T4298] ? clear_bhb_loop+0x55/0xb0 [ 53.843910][ T4298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.849820][ T4298] RIP: 0033:0x7f59f27479f9 [ 53.854239][ T4298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.873913][ T4298] RSP: 002b:00007f59f13c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 53.882339][ T4298] RAX: ffffffffffffffda RBX: 00007f59f28d5f80 RCX: 00007f59f27479f9 [ 53.890399][ T4298] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 53.898451][ T4298] RBP: 00007f59f13c7090 R08: 0000000000000000 R09: 0000000000000000 [ 53.906462][ T4298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.914439][ T4298] R13: 0000000000000000 R14: 00007f59f28d5f80 R15: 00007fff1351fd88 [ 53.922421][ T4298] [ 53.947588][ T4259] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.964245][ T4303] loop2: detected capacity change from 0 to 512 [ 53.981486][ T4303] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 53.992881][ T3267] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.018806][ T4308] loop4: detected capacity change from 0 to 128 [ 54.035531][ T4303] EXT4-fs (loop2): orphan cleanup on readonly fs [ 54.055652][ T4303] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.183: bg 0: block 248: padding at end of block bitmap is not set [ 54.058439][ T4259] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.087721][ T4303] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.183: Failed to acquire dquot type 1 [ 54.107219][ T3336] kernel write not supported for file /snd/seq (pid: 3336 comm: kworker/0:3) [ 54.115707][ T4303] EXT4-fs (loop2): 1 truncate cleaned up [ 54.123896][ T4303] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 54.178426][ T4259] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.342209][ T4259] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.357917][ T4259] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.370456][ T4333] netlink: 'syz.4.191': attribute type 1 has an invalid length. [ 54.385215][ T4259] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.401248][ T4259] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.462037][ T4303] syz.2.183 (4303) used greatest stack depth: 9408 bytes left [ 54.483508][ T4259] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.513577][ T3865] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.535011][ T4259] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.549697][ T1617] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.556935][ T1617] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.590825][ T4259] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 54.601286][ T4259] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 54.618340][ T1617] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.625547][ T1617] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.712514][ T4259] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.774713][ T4350] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check. [ 54.805309][ T4259] veth0_vlan: entered promiscuous mode [ 54.816281][ T4259] veth1_vlan: entered promiscuous mode [ 54.834233][ T4259] veth0_macvtap: entered promiscuous mode [ 54.841990][ T4259] veth1_macvtap: entered promiscuous mode [ 54.853133][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.863732][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.873830][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.884422][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.894386][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.904930][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.914842][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.925378][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.935251][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.945852][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.959508][ T4259] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.968452][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 54.978958][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.988890][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 54.999426][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.009321][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 55.019783][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.029658][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 55.040118][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.049966][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 55.060415][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 55.071754][ T4259] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.088581][ T4259] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.097441][ T4259] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.106160][ T4259] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.115292][ T4259] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.270249][ T4363] netlink: 'syz.1.199': attribute type 4 has an invalid length. [ 55.670269][ T4374] loop2: detected capacity change from 0 to 128 [ 55.679584][ T983] kernel write not supported for file /snd/seq (pid: 983 comm: kworker/0:2) [ 56.354608][ T4411] loop2: detected capacity change from 0 to 128 [ 56.368808][ T4411] 9pnet_fd: Insufficient options for proto=fd [ 56.513066][ T4415] loop2: detected capacity change from 0 to 1024 [ 56.520825][ T4415] EXT4-fs: Ignoring removed nobh option [ 56.550445][ T4415] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 56.576607][ T3865] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.666006][ T4425] loop2: detected capacity change from 0 to 2048 [ 56.679629][ T4425] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.920594][ T4432] netlink: 12 bytes leftover after parsing attributes in process `syz.1.220'. [ 56.941876][ T4432] loop1: detected capacity change from 0 to 1024 [ 56.948896][ T4432] EXT4-fs: Ignoring removed nomblk_io_submit option [ 56.969473][ T4432] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a043c018, mo2=0002] [ 56.977763][ T4432] System zones: 0-1, 3-12 [ 56.982696][ T4432] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.997661][ T4432] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 57.008165][ T4432] EXT4-fs error (device loop1): ext4_search_dir:1505: inode #2: block 16: comm syz.1.220: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0 [ 57.040228][ T4446] loop4: detected capacity change from 0 to 128 [ 57.049492][ T4446] 9pnet_fd: Insufficient options for proto=fd [ 57.070052][ T3882] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.142425][ T4456] loop3: detected capacity change from 0 to 512 [ 57.150920][ T4456] EXT4-fs: Ignoring removed nobh option [ 57.161582][ T4456] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 57.171455][ T4456] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.229: bad orphan inode 13 [ 57.182095][ T4456] ext4_test_bit(bit=12, block=4) = 1 [ 57.187542][ T4456] is_bad_inode(inode)=0 [ 57.191817][ T4456] NEXT_ORPHAN(inode)=0 [ 57.195902][ T4456] max_ino=32 [ 57.199165][ T4456] i_nlink=1 [ 57.207639][ T4456] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.290929][ T4456] EXT4-fs warning (device loop3): ext4_lookup:1823: Inconsistent encryption contexts: 2/12 [ 57.334621][ T4467] netlink: 28 bytes leftover after parsing attributes in process `syz.0.230'. [ 57.389019][ T3584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.041199][ T29] kauditd_printk_skb: 60 callbacks suppressed [ 58.041217][ T29] audit: type=1400 audit(1723271870.945:610): avc: denied { create } for pid=4479 comm="syz.0.235" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 58.041792][ T4480] x_tables: duplicate underflow at hook 2 [ 58.074628][ T29] audit: type=1400 audit(1723271870.975:611): avc: denied { write } for pid=4479 comm="syz.0.235" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 58.102342][ T29] audit: type=1400 audit(1723271871.005:612): avc: denied { ioctl } for pid=4481 comm="syz.0.236" path="socket:[8219]" dev="sockfs" ino=8219 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 58.155789][ T29] audit: type=1400 audit(1723271871.055:613): avc: denied { write } for pid=4481 comm="syz.0.236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 58.184698][ T4485] loop4: detected capacity change from 0 to 128 [ 58.190094][ T29] audit: type=1400 audit(1723271871.085:614): avc: denied { unmount } for pid=4259 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 58.216879][ T4485] 9pnet_fd: Insufficient options for proto=fd [ 58.254170][ T4491] loop4: detected capacity change from 0 to 256 [ 58.269781][ T4491] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 58.277576][ T4491] audit: out of memory in audit_log_start [ 58.355414][ T4497] FAULT_INJECTION: forcing a failure. [ 58.355414][ T4497] name failslab, interval 1, probability 0, space 0, times 0 [ 58.368119][ T4497] CPU: 1 UID: 0 PID: 4497 Comm: syz.3.243 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 58.378724][ T4497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 58.389152][ T4497] Call Trace: [ 58.392441][ T4497] [ 58.395405][ T4497] dump_stack_lvl+0xf2/0x150 [ 58.400043][ T4497] dump_stack+0x15/0x20 [ 58.404234][ T4497] should_fail_ex+0x229/0x230 [ 58.408936][ T4497] ? __alloc_skb+0x10b/0x310 [ 58.413682][ T4497] should_failslab+0x8f/0xb0 [ 58.418419][ T4497] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 58.424320][ T4497] __alloc_skb+0x10b/0x310 [ 58.428821][ T4497] netlink_alloc_large_skb+0xad/0xe0 [ 58.434199][ T4497] netlink_sendmsg+0x3b4/0x6e0 [ 58.439004][ T4497] ? __pfx_netlink_sendmsg+0x10/0x10 [ 58.444300][ T4497] __sock_sendmsg+0x140/0x180 [ 58.449078][ T4497] sock_write_iter+0x164/0x1b0 [ 58.453941][ T4497] do_iter_readv_writev+0x3b0/0x470 [ 58.459151][ T4497] vfs_writev+0x2e0/0x880 [ 58.463523][ T4497] ? putname+0xc5/0xe0 [ 58.467630][ T4497] do_writev+0xf8/0x220 [ 58.471804][ T4497] __x64_sys_writev+0x45/0x50 [ 58.476574][ T4497] x64_sys_call+0x1f18/0x2d60 [ 58.481325][ T4497] do_syscall_64+0xc9/0x1c0 [ 58.485903][ T4497] ? clear_bhb_loop+0x55/0xb0 [ 58.490662][ T4497] ? clear_bhb_loop+0x55/0xb0 [ 58.495358][ T4497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.501337][ T4497] RIP: 0033:0x7f59f27479f9 [ 58.505833][ T4497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.525539][ T4497] RSP: 002b:00007f59f13c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 58.533960][ T4497] RAX: ffffffffffffffda RBX: 00007f59f28d5f80 RCX: 00007f59f27479f9 [ 58.542009][ T4497] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000005 [ 58.550261][ T4497] RBP: 00007f59f13c7090 R08: 0000000000000000 R09: 0000000000000000 [ 58.558244][ T4497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.566273][ T4497] R13: 0000000000000000 R14: 00007f59f28d5f80 R15: 00007fff1351fd88 [ 58.574255][ T4497] [ 58.640717][ T29] audit: type=1400 audit(1723271871.545:615): avc: denied { bind } for pid=4510 comm="syz.3.248" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 58.690889][ T29] audit: type=1400 audit(1723271871.595:616): avc: denied { listen } for pid=4514 comm="syz.4.250" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 58.762404][ T29] audit: type=1326 audit(1723271871.665:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4517 comm="syz.3.251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59f27479f9 code=0x7ffc0000 [ 58.780723][ T4518] loop3: detected capacity change from 0 to 512 [ 58.793541][ T4518] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 58.810452][ T4518] netlink: 'syz.3.251': attribute type 11 has an invalid length. [ 59.667427][ T4418] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 59.690533][ T3865] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.276464][ T4587] loop3: detected capacity change from 0 to 512 [ 60.283246][ T4587] EXT4-fs: Ignoring removed orlov option [ 60.293538][ T4587] EXT4-fs error (device loop3): __ext4_iget:4985: inode #2: block 1: comm syz.3.264: invalid block [ 60.310986][ T4587] EXT4-fs (loop3): Remounting filesystem read-only [ 60.318113][ T4587] EXT4-fs (loop3): get root inode failed [ 60.323946][ T4587] EXT4-fs (loop3): mount failed [ 60.545406][ T4619] netlink: 8 bytes leftover after parsing attributes in process `syz.3.276'. [ 60.665764][ T4628] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0 [ 60.759336][ T4629] IPVS: stopping master sync thread 4628 ... [ 61.059618][ T4634] loop2: detected capacity change from 0 to 2048 [ 61.087508][ T4634] loop2: p2 < > [ 61.308744][ T4654] FAULT_INJECTION: forcing a failure. [ 61.308744][ T4654] name failslab, interval 1, probability 0, space 0, times 0 [ 61.321501][ T4654] CPU: 1 UID: 0 PID: 4654 Comm: syz.0.287 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 61.332117][ T4654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 61.342191][ T4654] Call Trace: [ 61.345502][ T4654] [ 61.348509][ T4654] dump_stack_lvl+0xf2/0x150 [ 61.353187][ T4654] dump_stack+0x15/0x20 [ 61.357479][ T4654] should_fail_ex+0x229/0x230 [ 61.362190][ T4654] ? vm_area_alloc+0xac/0x130 [ 61.366892][ T4654] should_failslab+0x8f/0xb0 [ 61.371550][ T4654] kmem_cache_alloc_noprof+0x4c/0x290 [ 61.377007][ T4654] vm_area_alloc+0xac/0x130 [ 61.381611][ T4654] mmap_region+0x88b/0x1620 [ 61.386132][ T4654] ? security_mmap_addr+0x4c/0x70 [ 61.391295][ T4654] ? __get_unmapped_area+0x2d1/0x300 [ 61.396594][ T4654] do_mmap+0x72a/0xb70 [ 61.400749][ T4654] ? security_mmap_file+0x128/0x150 [ 61.405970][ T4654] vm_mmap_pgoff+0x133/0x290 [ 61.410659][ T4654] ksys_mmap_pgoff+0xd0/0x340 [ 61.415360][ T4654] ? fpregs_assert_state_consistent+0x83/0xa0 [ 61.421551][ T4654] x64_sys_call+0x1884/0x2d60 [ 61.426251][ T4654] do_syscall_64+0xc9/0x1c0 [ 61.430795][ T4654] ? clear_bhb_loop+0x55/0xb0 [ 61.435570][ T4654] ? clear_bhb_loop+0x55/0xb0 [ 61.440387][ T4654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.446299][ T4654] RIP: 0033:0x7f9dcdef7a33 [ 61.450726][ T4654] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7 [ 61.470883][ T4654] RSP: 002b:00007f9dccb76e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 61.479371][ T4654] RAX: ffffffffffffffda RBX: 0000000000000483 RCX: 00007f9dcdef7a33 [ 61.487407][ T4654] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000 [ 61.495445][ T4654] RBP: 0000000020000dc2 R08: 00000000ffffffff R09: 0000000000000000 [ 61.503492][ T4654] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000005 [ 61.511559][ T4654] R13: 00007f9dccb76ef0 R14: 00007f9dccb76eb0 R15: 0000000020000180 [ 61.519546][ T4654] [ 61.532925][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 61.549532][ T4656] netlink: 28 bytes leftover after parsing attributes in process `syz.1.283'. [ 61.593244][ T4663] FAULT_INJECTION: forcing a failure. [ 61.593244][ T4663] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 61.606388][ T4663] CPU: 1 UID: 0 PID: 4663 Comm: syz.0.290 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 61.617072][ T4663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 61.627160][ T4663] Call Trace: [ 61.630458][ T4663] [ 61.633476][ T4663] dump_stack_lvl+0xf2/0x150 [ 61.638143][ T4663] dump_stack+0x15/0x20 [ 61.642340][ T4663] should_fail_ex+0x229/0x230 [ 61.647128][ T4663] should_fail+0xb/0x10 [ 61.651363][ T4663] should_fail_usercopy+0x1a/0x20 [ 61.656423][ T4663] _copy_from_user+0x1e/0xd0 [ 61.661126][ T4663] copy_msghdr_from_user+0x54/0x2a0 [ 61.666368][ T4663] __sys_sendmsg+0x17d/0x280 [ 61.671011][ T4663] __x64_sys_sendmsg+0x46/0x50 [ 61.675903][ T4663] x64_sys_call+0x2689/0x2d60 [ 61.680703][ T4663] do_syscall_64+0xc9/0x1c0 [ 61.685244][ T4663] ? clear_bhb_loop+0x55/0xb0 [ 61.689960][ T4663] ? clear_bhb_loop+0x55/0xb0 [ 61.694669][ T4663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.700661][ T4663] RIP: 0033:0x7f9dcdef79f9 [ 61.705094][ T4663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 61.724766][ T4663] RSP: 002b:00007f9dccb77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 61.733203][ T4663] RAX: ffffffffffffffda RBX: 00007f9dce085f80 RCX: 00007f9dcdef79f9 [ 61.741245][ T4663] RDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004 [ 61.749236][ T4663] RBP: 00007f9dccb77090 R08: 0000000000000000 R09: 0000000000000000 [ 61.757287][ T4663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.765292][ T4663] R13: 0000000000000000 R14: 00007f9dce085f80 R15: 00007ffd38f0b0f8 [ 61.773469][ T4663] [ 61.854890][ T24] kernel write not supported for file /snd/seq (pid: 24 comm: kworker/1:0) [ 61.904518][ T4678] netlink: 8 bytes leftover after parsing attributes in process `syz.0.297'. [ 61.924179][ T4680] mmap: syz.2.298 (4680) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 61.982913][ T4682] loop2: detected capacity change from 0 to 256 [ 61.991066][ T4682] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 62.004119][ T4682] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 62.162239][ T4684] loop2: detected capacity change from 0 to 4096 [ 62.280979][ T4684] loop2: detected capacity change from 0 to 512 [ 62.299013][ T4684] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 62.311787][ T4684] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 62.446355][ T4691] netlink: 'syz.3.301': attribute type 1 has an invalid length. [ 62.454834][ T4691] netlink: 'syz.3.301': attribute type 4 has an invalid length. [ 62.500435][ T4698] loop3: detected capacity change from 0 to 256 [ 62.506988][ T4698] vfat: Bad value for 'dmask' [ 62.530844][ T4700] loop3: detected capacity change from 0 to 512 [ 62.538202][ T4700] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 62.548498][ T4700] EXT4-fs (loop3): orphan cleanup on readonly fs [ 62.555901][ T4700] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.303: bg 0: block 248: padding at end of block bitmap is not set [ 62.570627][ T4700] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.303: Failed to acquire dquot type 1 [ 62.582823][ T4700] EXT4-fs (loop3): 1 truncate cleaned up [ 62.589132][ T4700] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 62.609113][ T4700] syz.3.303 (4700) used greatest stack depth: 8784 bytes left [ 62.616950][ T3584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.645196][ T4703] (unnamed net_device) (uninitialized): option lp_interval: invalid value (0) [ 62.654275][ T4703] (unnamed net_device) (uninitialized): option lp_interval: allowed values 1 - 2147483647 [ 62.756059][ T4716] FAULT_INJECTION: forcing a failure. [ 62.756059][ T4716] name failslab, interval 1, probability 0, space 0, times 0 [ 62.761174][ T3336] kernel write not supported for file /snd/seq (pid: 3336 comm: kworker/0:3) [ 62.769004][ T4716] CPU: 1 UID: 0 PID: 4716 Comm: syz.1.306 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 62.788453][ T4716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 62.798604][ T4716] Call Trace: [ 62.801909][ T4716] [ 62.804867][ T4716] dump_stack_lvl+0xf2/0x150 [ 62.809596][ T4716] dump_stack+0x15/0x20 [ 62.813822][ T4716] should_fail_ex+0x229/0x230 [ 62.818568][ T4716] ? v9fs_mount+0x53/0x560 [ 62.823002][ T4716] should_failslab+0x8f/0xb0 [ 62.827694][ T4716] __kmalloc_cache_noprof+0x4b/0x2a0 [ 62.833091][ T4716] v9fs_mount+0x53/0x560 [ 62.837359][ T4716] ? __pfx_v9fs_mount+0x10/0x10 [ 62.842319][ T4716] legacy_get_tree+0x77/0xd0 [ 62.846928][ T4716] vfs_get_tree+0x56/0x1d0 [ 62.851362][ T4716] do_new_mount+0x227/0x690 [ 62.855889][ T4716] path_mount+0x49b/0xb30 [ 62.860240][ T4716] __se_sys_mount+0x27c/0x2d0 [ 62.865067][ T4716] __x64_sys_mount+0x67/0x80 [ 62.869725][ T4716] x64_sys_call+0x203e/0x2d60 [ 62.874416][ T4716] do_syscall_64+0xc9/0x1c0 [ 62.878951][ T4716] ? clear_bhb_loop+0x55/0xb0 [ 62.883670][ T4716] ? clear_bhb_loop+0x55/0xb0 [ 62.888365][ T4716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.894296][ T4716] RIP: 0033:0x7f93176479f9 [ 62.898748][ T4716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.918439][ T4716] RSP: 002b:00007f93162a6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 62.926928][ T4716] RAX: ffffffffffffffda RBX: 00007f93177d6058 RCX: 00007f93176479f9 [ 62.935010][ T4716] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000 [ 62.943008][ T4716] RBP: 00007f93162a6090 R08: 00000000200004c0 R09: 0000000000000000 [ 62.950990][ T4716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 62.959030][ T4716] R13: 0000000000000000 R14: 00007f93177d6058 R15: 00007ffed07b8288 [ 62.967014][ T4716] [ 63.013705][ T3865] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 63.024204][ T4708] netlink: 'syz.0.305': attribute type 1 has an invalid length. [ 63.197127][ T29] kauditd_printk_skb: 86 callbacks suppressed [ 63.197144][ T29] audit: type=1400 audit(1723271876.075:702): avc: denied { map } for pid=4717 comm="syz.3.309" path="pipe:[3039]" dev="pipefs" ino=3039 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 63.320278][ T4724] loop2: detected capacity change from 0 to 128 [ 63.544374][ T4730] FAULT_INJECTION: forcing a failure. [ 63.544374][ T4730] name failslab, interval 1, probability 0, space 0, times 0 [ 63.557292][ T4730] CPU: 0 UID: 0 PID: 4730 Comm: syz.0.313 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 63.567890][ T4730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 63.578328][ T4730] Call Trace: [ 63.581616][ T4730] [ 63.584598][ T4730] dump_stack_lvl+0xf2/0x150 [ 63.589294][ T4730] dump_stack+0x15/0x20 [ 63.593552][ T4730] should_fail_ex+0x229/0x230 [ 63.598250][ T4730] ? alloc_pipe_info+0xb0/0x360 [ 63.603122][ T4730] should_failslab+0x8f/0xb0 [ 63.607808][ T4730] __kmalloc_cache_noprof+0x4b/0x2a0 [ 63.613378][ T4730] alloc_pipe_info+0xb0/0x360 [ 63.618071][ T4730] splice_direct_to_actor+0x615/0x670 [ 63.623475][ T4730] ? __pfx_direct_splice_actor+0x10/0x10 [ 63.629200][ T4730] ? selinux_file_permission+0x32c/0x360 [ 63.634938][ T4730] do_splice_direct+0xd7/0x150 [ 63.639739][ T4730] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 63.645677][ T4730] do_sendfile+0x3ab/0x950 [ 63.650136][ T4730] __x64_sys_sendfile64+0x110/0x150 [ 63.655354][ T4730] x64_sys_call+0xed5/0x2d60 [ 63.659972][ T4730] do_syscall_64+0xc9/0x1c0 [ 63.664539][ T4730] ? clear_bhb_loop+0x55/0xb0 [ 63.669277][ T4730] ? clear_bhb_loop+0x55/0xb0 [ 63.674061][ T4730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 63.679987][ T4730] RIP: 0033:0x7f9dcdef79f9 [ 63.684414][ T4730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 63.704080][ T4730] RSP: 002b:00007f9dccb77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 63.712555][ T4730] RAX: ffffffffffffffda RBX: 00007f9dce085f80 RCX: 00007f9dcdef79f9 [ 63.720603][ T4730] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005 [ 63.728610][ T4730] RBP: 00007f9dccb77090 R08: 0000000000000000 R09: 0000000000000000 [ 63.736590][ T4730] R10: 0000000100000001 R11: 0000000000000246 R12: 0000000000000001 [ 63.744567][ T4730] R13: 0000000000000000 R14: 00007f9dce085f80 R15: 00007ffd38f0b0f8 [ 63.752624][ T4730] [ 63.803610][ T4738] netlink: 8 bytes leftover after parsing attributes in process `syz.0.316'. [ 63.842971][ T35] kernel write not supported for file /snd/seq (pid: 35 comm: kworker/1:1) [ 63.860720][ T4746] netlink: 20 bytes leftover after parsing attributes in process `syz.3.320'. [ 63.874851][ T29] audit: type=1400 audit(1723271876.775:703): avc: denied { create } for pid=4745 comm="syz.3.320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 63.894366][ T29] audit: type=1400 audit(1723271876.785:704): avc: denied { bind } for pid=4745 comm="syz.3.320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 63.900429][ T4748] loop1: detected capacity change from 0 to 512 [ 63.922142][ T4748] EXT4-fs: Ignoring removed nomblk_io_submit option [ 63.935749][ T4748] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 63.949015][ T4748] EXT4-fs (loop1): 1 orphan inode deleted [ 63.954832][ T4748] EXT4-fs (loop1): 1 truncate cleaned up [ 63.963025][ T4748] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.976436][ T4748] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.024404][ T4751] loop1: detected capacity change from 0 to 2048 [ 64.031170][ T4751] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 64.124567][ T4755] loop3: detected capacity change from 0 to 2048 [ 64.132301][ T4755] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 64.153806][ T4755] FAULT_INJECTION: forcing a failure. [ 64.153806][ T4755] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 64.166954][ T4755] CPU: 1 UID: 0 PID: 4755 Comm: syz.3.324 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 64.177624][ T4755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 64.187701][ T4755] Call Trace: [ 64.190993][ T4755] [ 64.193993][ T4755] dump_stack_lvl+0xf2/0x150 [ 64.198632][ T4755] dump_stack+0x15/0x20 [ 64.202822][ T4755] should_fail_ex+0x229/0x230 [ 64.207653][ T4755] should_fail+0xb/0x10 [ 64.211915][ T4755] should_fail_usercopy+0x1a/0x20 [ 64.217062][ T4755] _copy_to_user+0x1e/0xa0 [ 64.221598][ T4755] copy_siginfo_to_user+0x24/0x90 [ 64.226705][ T4755] x64_setup_rt_frame+0x29a/0x570 [ 64.231738][ T4755] arch_do_signal_or_restart+0x287/0x4b0 [ 64.237396][ T4755] syscall_exit_to_user_mode+0x59/0x130 [ 64.243024][ T4755] do_syscall_64+0xd6/0x1c0 [ 64.247601][ T4755] ? clear_bhb_loop+0x55/0xb0 [ 64.252365][ T4755] ? clear_bhb_loop+0x55/0xb0 [ 64.256640][ T4761] netlink: 'syz.1.323': attribute type 1 has an invalid length. [ 64.257046][ T4755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.270835][ T4755] RIP: 0033:0x7f59f27479f9 [ 64.275293][ T4755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.294986][ T4755] RSP: 002b:00007f59f13c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 64.303411][ T4755] RAX: 0000000000000050 RBX: 00007f59f28d5f80 RCX: 00007f59f27479f9 [ 64.311426][ T4755] RDX: 00000000000000b8 RSI: 0000000020001fc0 RDI: 0000000000000007 [ 64.319426][ T4755] RBP: 00007f59f13c7090 R08: 0000000000000000 R09: 0000000000000000 [ 64.327406][ T4755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 64.335399][ T4755] R13: 0000000000000000 R14: 00007f59f28d5f80 R15: 00007fff1351fd88 [ 64.343402][ T4755] [ 64.665316][ T4774] netlink: 12 bytes leftover after parsing attributes in process `syz.4.330'. [ 64.671849][ T4781] 9pnet_fd: Insufficient options for proto=fd [ 64.674287][ T4774] tipc: Started in network mode [ 64.685230][ T4774] tipc: Node identity cgroup.pn, cluster identity 8 [ 64.700519][ T29] audit: type=1400 audit(1723271877.605:705): avc: denied { ioctl } for pid=4782 comm="syz.0.332" path="socket:[8725]" dev="sockfs" ino=8725 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 64.743911][ T4785] syzkaller1: entered promiscuous mode [ 64.749552][ T4785] syzkaller1: entered allmulticast mode [ 64.759077][ T29] audit: type=1400 audit(1723271877.665:706): avc: denied { read } for pid=4784 comm="syz.0.333" name="ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 64.774829][ T4789] loop4: detected capacity change from 0 to 164 [ 64.781723][ T29] audit: type=1400 audit(1723271877.665:707): avc: denied { open } for pid=4784 comm="syz.0.333" path="/dev/ppp" dev="devtmpfs" ino=116 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 64.815206][ T4789] Unable to read rock-ridge attributes [ 64.823186][ T29] audit: type=1400 audit(1723271877.725:708): avc: denied { mount } for pid=4788 comm="syz.4.335" name="/" dev="loop4" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 64.832576][ T4789] Unable to read rock-ridge attributes [ 64.851633][ T4789] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 64.863429][ T4789] netlink: 4 bytes leftover after parsing attributes in process `syz.4.335'. [ 64.884074][ T4789] hsr_slave_1 (unregistering): left promiscuous mode [ 64.913266][ T4791] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=4791 comm=syz.0.336 [ 64.926212][ T4791] netlink: 32 bytes leftover after parsing attributes in process `syz.0.336'. [ 64.942903][ T4791] (unnamed net_device) (uninitialized): option primary_reselect: invalid value (36) [ 64.961996][ T4794] loop1: detected capacity change from 0 to 128 [ 64.984182][ T4797] FAULT_INJECTION: forcing a failure. [ 64.984182][ T4797] name failslab, interval 1, probability 0, space 0, times 0 [ 64.992230][ T4794] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 64.997031][ T4797] CPU: 1 UID: 0 PID: 4797 Comm: syz.0.338 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 65.012939][ T4794] ext4 filesystem being mounted at /46/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 65.020713][ T4797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 65.062685][ T4797] Call Trace: [ 65.066050][ T4797] [ 65.069118][ T4797] dump_stack_lvl+0xf2/0x150 [ 65.073767][ T4797] dump_stack+0x15/0x20 [ 65.077953][ T4797] should_fail_ex+0x229/0x230 [ 65.082753][ T4797] ? qrtr_tun_write_iter+0x91/0x140 [ 65.088003][ T4797] should_failslab+0x8f/0xb0 [ 65.092614][ T4797] __kmalloc_noprof+0xa5/0x370 [ 65.097477][ T4797] qrtr_tun_write_iter+0x91/0x140 [ 65.102682][ T4797] aio_write+0x309/0x430 [ 65.107014][ T4797] io_submit_one+0xb18/0x1240 [ 65.111934][ T4797] __se_sys_io_submit+0xf5/0x280 [ 65.116945][ T4797] __x64_sys_io_submit+0x43/0x50 [ 65.121986][ T4797] x64_sys_call+0x1ebc/0x2d60 [ 65.126680][ T4797] do_syscall_64+0xc9/0x1c0 [ 65.131236][ T4797] ? clear_bhb_loop+0x55/0xb0 [ 65.135941][ T4797] ? clear_bhb_loop+0x55/0xb0 [ 65.140722][ T4797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.146670][ T4797] RIP: 0033:0x7f9dcdef79f9 [ 65.151124][ T4797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.171152][ T4797] RSP: 002b:00007f9dccb77038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 [ 65.179747][ T4797] RAX: ffffffffffffffda RBX: 00007f9dce085f80 RCX: 00007f9dcdef79f9 [ 65.187724][ T4797] RDX: 0000000020001380 RSI: 0000000000000001 RDI: 00007f9dce059000 [ 65.195702][ T4797] RBP: 00007f9dccb77090 R08: 0000000000000000 R09: 0000000000000000 [ 65.203722][ T4797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.211714][ T4797] R13: 0000000000000000 R14: 00007f9dce085f80 R15: 00007ffd38f0b0f8 [ 65.219696][ T4797] [ 65.226251][ T29] audit: type=1400 audit(1723271877.955:709): avc: denied { unmount } for pid=3267 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1 [ 65.291215][ T4804] netlink: 'syz.4.339': attribute type 12 has an invalid length. [ 65.299105][ T4804] netlink: 132 bytes leftover after parsing attributes in process `syz.4.339'. [ 65.311348][ T29] audit: type=1400 audit(1723271878.215:710): avc: denied { unlink } for pid=2943 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 65.311398][ T29] audit: type=1400 audit(1723271878.215:711): avc: denied { rmdir } for pid=3882 comm="syz-executor" name="lost+found" dev="loop1" ino=11 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 65.312483][ T4804] loop4: detected capacity change from 0 to 512 [ 65.352630][ T4804] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.339: corrupted in-inode xattr: invalid ea_ino [ 65.384380][ T4804] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.339: couldn't read orphan inode 15 (err -117) [ 65.385181][ T4804] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.402552][ T4812] loop3: detected capacity change from 0 to 512 [ 65.403993][ T4812] EXT4-fs: Ignoring removed oldalloc option [ 65.406627][ T4812] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.340: Parent and EA inode have the same ino 15 [ 65.406822][ T4812] EXT4-fs (loop3): Remounting filesystem read-only [ 65.406849][ T4812] EXT4-fs (loop3): 1 orphan inode deleted [ 65.409163][ T4812] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.409213][ T4812] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 65.410424][ T4812] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.419973][ T4804] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27 sclass=netlink_route_socket pid=4804 comm=syz.4.339 [ 65.420349][ T4804] netlink: 'syz.4.339': attribute type 13 has an invalid length. [ 65.437699][ T4804] gretap0: refused to change device tx_queue_len [ 65.438307][ T4804] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 65.470044][ T3267] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.498385][ T4802] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 65.563070][ T4820] netlink: 'syz.4.344': attribute type 12 has an invalid length. [ 65.658781][ T4820] netlink: 132 bytes leftover after parsing attributes in process `syz.4.344'. [ 65.678533][ T4826] loop4: detected capacity change from 0 to 512 [ 65.679209][ T4830] FAULT_INJECTION: forcing a failure. [ 65.679209][ T4830] name failslab, interval 1, probability 0, space 0, times 0 [ 65.697518][ T4830] CPU: 0 UID: 0 PID: 4830 Comm: syz.0.347 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 65.706315][ T4826] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.344: corrupted in-inode xattr: invalid ea_ino [ 65.708223][ T4830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 65.708240][ T4830] Call Trace: [ 65.708250][ T4830] [ 65.708259][ T4830] dump_stack_lvl+0xf2/0x150 [ 65.708303][ T4830] dump_stack+0x15/0x20 [ 65.722767][ T4826] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.344: couldn't read orphan inode 15 (err -117) [ 65.731570][ T4830] should_fail_ex+0x229/0x230 [ 65.736202][ T4826] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 65.737769][ T4830] ? hugetlb_reserve_pages+0x1a9/0xbc0 [ 65.751662][ T4820] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=27 sclass=netlink_route_socket pid=4820 comm=syz.4.344 [ 65.758212][ T4830] should_failslab+0x8f/0xb0 [ 65.758290][ T4830] __kmalloc_cache_noprof+0x4b/0x2a0 [ 65.758324][ T4830] hugetlb_reserve_pages+0x1a9/0xbc0 [ 65.766883][ T4820] netlink: 'syz.4.344': attribute type 13 has an invalid length. [ 65.775419][ T4830] hugetlbfs_file_mmap+0x417/0x4e0 [ 65.821423][ T4830] mmap_region+0xa5b/0x1620 [ 65.825990][ T4830] ? security_mmap_addr+0x4c/0x70 [ 65.831095][ T4830] ? __get_unmapped_area+0x2d1/0x300 [ 65.836513][ T4830] do_mmap+0x72a/0xb70 [ 65.840585][ T4830] ? security_mmap_file+0x128/0x150 [ 65.845937][ T4830] vm_mmap_pgoff+0x133/0x290 [ 65.850554][ T4830] ksys_mmap_pgoff+0x2ea/0x340 [ 65.855340][ T4830] x64_sys_call+0x1884/0x2d60 [ 65.860121][ T4830] do_syscall_64+0xc9/0x1c0 [ 65.864665][ T4830] ? clear_bhb_loop+0x55/0xb0 [ 65.869408][ T4830] ? clear_bhb_loop+0x55/0xb0 [ 65.874092][ T4830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.880145][ T4830] RIP: 0033:0x7f9dcdef79f9 [ 65.884560][ T4830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.904302][ T4830] RSP: 002b:00007f9dccb77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 65.912730][ T4830] RAX: ffffffffffffffda RBX: 00007f9dce085f80 RCX: 00007f9dcdef79f9 [ 65.920713][ T4830] RDX: 0000000000000002 RSI: 0000000000ff5000 RDI: 0000000020000000 [ 65.928698][ T4830] RBP: 00007f9dccb77090 R08: ffffffffffffffff R09: 0000000000000000 [ 65.936766][ T4830] R10: 000000000004c831 R11: 0000000000000246 R12: 0000000000000002 [ 65.944894][ T4830] R13: 0000000000000000 R14: 00007f9dce085f80 R15: 00007ffd38f0b0f8 [ 65.952896][ T4830] [ 65.956740][ T4830] HugeTLB: unable to allocate vma specific lock [ 65.960962][ T4820] gretap0: refused to change device tx_queue_len [ 65.971527][ T4820] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 66.003724][ T4836] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.015056][ T3267] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.062638][ T4836] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.193767][ T4836] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.259870][ T4861] netlink: 'syz.4.349': attribute type 1 has an invalid length. [ 66.339652][ T4836] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.601033][ T4876] loop2: detected capacity change from 0 to 2048 [ 66.633093][ T4836] bridge_slave_1: left allmulticast mode [ 66.638857][ T4836] bridge_slave_1: left promiscuous mode [ 66.642344][ T4880] 9pnet_fd: Insufficient options for proto=fd [ 66.644573][ T4836] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.667857][ T4876] loop2: p1 < > p4 [ 66.673116][ T4876] loop2: p4 size 8388608 extends beyond EOD, truncated [ 66.673256][ T4836] bridge_slave_0: left allmulticast mode [ 66.686272][ T4836] bridge_slave_0: left promiscuous mode [ 66.691993][ T4836] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.724762][ T4884] cgroup: Unknown subsys name 'euid>00000000000000000000' [ 66.733672][ T4884] loop3: detected capacity change from 0 to 128 [ 66.810905][ T4836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 66.823379][ T4836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 66.825244][ T4887] loop3: detected capacity change from 0 to 256 [ 66.843621][ T4836] bond0 (unregistering): Released all slaves [ 67.021749][ T4836] hsr_slave_0: left promiscuous mode [ 67.051040][ T4836] hsr_slave_1: left promiscuous mode [ 67.083162][ T4902] loop4: detected capacity change from 0 to 1024 [ 67.091657][ T4836] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 67.093086][ T4893] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2048 sclass=netlink_route_socket pid=4893 comm=syz.2.363 [ 67.099269][ T4836] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 67.122802][ T4836] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 67.122957][ T4902] EXT4-fs: inline encryption not supported [ 67.130453][ T4836] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 67.152348][ T4902] EXT4-fs: Ignoring removed oldalloc option [ 67.176175][ T4902] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 67.190425][ T4836] veth1_macvtap: left promiscuous mode [ 67.196043][ T4836] veth0_macvtap: left promiscuous mode [ 67.201703][ T4836] veth1_vlan: left promiscuous mode [ 67.206954][ T4836] veth0_vlan: left promiscuous mode [ 67.220661][ T4902] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.272744][ T3267] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.415667][ T4836] team0 (unregistering): Port device team_slave_1 removed [ 67.444509][ T4836] team0 (unregistering): Port device team_slave_0 removed [ 67.483100][ T983] kernel write not supported for file /snd/seq (pid: 983 comm: kworker/0:2) [ 67.541997][ T4846] chnl_net:caif_netlink_parms(): no params data found [ 67.611696][ T3584] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 67.619648][ T3584] FAT-fs (loop3): Filesystem has been set read-only [ 67.636710][ T4846] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.643991][ T4846] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.653261][ T3584] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 67.661206][ T4846] bridge_slave_0: entered allmulticast mode [ 67.675860][ T4846] bridge_slave_0: entered promiscuous mode [ 67.689152][ T4846] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.696323][ T4846] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.715259][ T4846] bridge_slave_1: entered allmulticast mode [ 67.723507][ T4846] bridge_slave_1: entered promiscuous mode [ 67.766763][ T4846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.782478][ T4846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.812613][ T4846] team0: Port device team_slave_0 added [ 67.824257][ T4846] team0: Port device team_slave_1 added [ 67.846918][ T4846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.853936][ T4846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.879887][ T4846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.893431][ T4846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.900517][ T4846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.926490][ T4846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.977961][ T4846] hsr_slave_0: entered promiscuous mode [ 67.991812][ T4846] hsr_slave_1: entered promiscuous mode [ 68.006054][ T4846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.016780][ T4846] Cannot create hsr debugfs directory [ 68.232248][ T4985] netlink: 'syz.0.373': attribute type 1 has an invalid length. [ 68.601517][ T4836] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.648899][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 68.648915][ T29] audit: type=1400 audit(1723271881.555:722): avc: denied { name_bind } for pid=5008 comm="syz.4.378" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 68.692433][ T4836] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.730642][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 68.765043][ T5009] loop4: detected capacity change from 0 to 512 [ 68.772806][ T5009] EXT4-fs: Ignoring removed nobh option [ 68.783386][ T4836] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.790644][ T5009] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.806699][ T5009] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 68.826529][ T5009] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.378: bg 0: block 224: padding at end of block bitmap is not set [ 68.841736][ T5009] EXT4-fs (loop4): Remounting filesystem read-only [ 68.863259][ T4989] chnl_net:caif_netlink_parms(): no params data found [ 68.864540][ T3267] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.888852][ T4836] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.927197][ T3278] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 68.950680][ T3278] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync! [ 69.014736][ T5043] 9pnet_fd: Insufficient options for proto=fd [ 69.030861][ T4989] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.038077][ T4989] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.064304][ T4989] bridge_slave_0: entered allmulticast mode [ 69.079040][ T4989] bridge_slave_0: entered promiscuous mode [ 69.101968][ T4846] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 69.112539][ T29] audit: type=1400 audit(1723271882.015:723): avc: denied { map } for pid=5047 comm="syz.4.381" path="socket:[10284]" dev="sockfs" ino=10284 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 69.140072][ T4846] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 69.150606][ T4989] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.158028][ T4989] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.167012][ T4989] bridge_slave_1: entered allmulticast mode [ 69.174544][ T4989] bridge_slave_1: entered promiscuous mode [ 69.184796][ T5048] loop4: detected capacity change from 0 to 2048 [ 69.190749][ T4846] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 69.212769][ T4846] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 69.239061][ T5048] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.264066][ T4989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.330110][ T5048] EXT4-fs error (device loop4): ext4_find_dest_de:2067: inode #2: block 16: comm syz.4.381: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0 [ 69.364311][ T4989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.379499][ T4836] bridge_slave_1: left allmulticast mode [ 69.385194][ T4836] bridge_slave_1: left promiscuous mode [ 69.391280][ T4836] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.400871][ T5052] EXT4-fs error (device loop4): ext4_search_dir:1505: inode #2: block 16: comm syz.4.381: bad entry in directory: inode out of bounds - offset=44, inode=185, rec_len=16, size=2048 fake=0 [ 69.422060][ T4836] bridge_slave_0: left allmulticast mode [ 69.428177][ T4836] bridge_slave_0: left promiscuous mode [ 69.433944][ T4836] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.456669][ T3267] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.650131][ T5084] FAULT_INJECTION: forcing a failure. [ 69.650131][ T5084] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 69.663526][ T5084] CPU: 0 UID: 0 PID: 5084 Comm: syz.4.383 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 69.674234][ T5084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 69.684393][ T5084] Call Trace: [ 69.687705][ T5084] [ 69.690738][ T5084] dump_stack_lvl+0xf2/0x150 [ 69.695384][ T5084] dump_stack+0x15/0x20 [ 69.699611][ T5084] should_fail_ex+0x229/0x230 [ 69.704347][ T5084] should_fail+0xb/0x10 [ 69.708726][ T5084] should_fail_usercopy+0x1a/0x20 [ 69.713802][ T5084] _copy_to_user+0x1e/0xa0 [ 69.718254][ T5084] simple_read_from_buffer+0xa0/0x110 [ 69.723751][ T5084] proc_fail_nth_read+0xfc/0x140 [ 69.728735][ T5084] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 69.734316][ T5084] vfs_read+0x1a2/0x6e0 [ 69.738587][ T5084] ? __rcu_read_unlock+0x4e/0x70 [ 69.743665][ T5084] ? __fget_files+0x1da/0x210 [ 69.748506][ T5084] ksys_read+0xeb/0x1b0 [ 69.752833][ T5084] __x64_sys_read+0x42/0x50 [ 69.757426][ T5084] x64_sys_call+0x27d3/0x2d60 [ 69.762221][ T5084] do_syscall_64+0xc9/0x1c0 [ 69.766826][ T5084] ? clear_bhb_loop+0x55/0xb0 [ 69.771632][ T5084] ? clear_bhb_loop+0x55/0xb0 [ 69.776352][ T5084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.782290][ T5084] RIP: 0033:0x7f855b3f643c [ 69.786743][ T5084] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 69.806461][ T5084] RSP: 002b:00007f8559f35030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 69.814903][ T5084] RAX: ffffffffffffffda RBX: 00007f855b586058 RCX: 00007f855b3f643c [ 69.822893][ T5084] RDX: 000000000000000f RSI: 00007f8559f350a0 RDI: 000000000000000a [ 69.830961][ T5084] RBP: 00007f8559f35090 R08: 0000000000000000 R09: 0000000000000010 [ 69.839017][ T5084] R10: 00000000200007fd R11: 0000000000000246 R12: 0000000000000002 [ 69.847164][ T5084] R13: 0000000000000000 R14: 00007f855b586058 R15: 00007fff43910108 [ 69.855219][ T5084] [ 69.862089][ T4836] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 69.873417][ T4836] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 69.883620][ T4836] bond0 (unregistering): Released all slaves [ 69.909554][ T4846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.922308][ T4989] team0: Port device team_slave_0 added [ 69.929504][ T4989] team0: Port device team_slave_1 added [ 69.953035][ T4846] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.994416][ T4989] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.001512][ T4989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.027473][ T4989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.043472][ T5109] netlink: 8 bytes leftover after parsing attributes in process `syz.4.384'. [ 70.138406][ T4989] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.145466][ T4989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.171782][ T4989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.200775][ T4836] hsr_slave_0: left promiscuous mode [ 70.206479][ T4836] hsr_slave_1: left promiscuous mode [ 70.215791][ T4836] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 70.223277][ T4836] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 70.231471][ T4836] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 70.238985][ T4836] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 70.261953][ T4836] veth1_macvtap: left promiscuous mode [ 70.267510][ T4836] veth0_macvtap: left promiscuous mode [ 70.273156][ T4836] veth1_vlan: left promiscuous mode [ 70.278440][ T4836] veth0_vlan: left promiscuous mode [ 70.356495][ T5123] FAULT_INJECTION: forcing a failure. [ 70.356495][ T5123] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 70.369871][ T5123] CPU: 1 UID: 0 PID: 5123 Comm: syz.4.386 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 70.380487][ T5123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 70.390585][ T5123] Call Trace: [ 70.393927][ T5123] [ 70.396879][ T5123] dump_stack_lvl+0xf2/0x150 [ 70.401592][ T5123] dump_stack+0x15/0x20 [ 70.405819][ T5123] should_fail_ex+0x229/0x230 [ 70.410581][ T5123] should_fail+0xb/0x10 [ 70.414787][ T5123] should_fail_usercopy+0x1a/0x20 [ 70.419869][ T5123] _copy_from_iter+0xd3/0xb00 [ 70.424686][ T5123] ? __virt_addr_valid+0x1ed/0x250 [ 70.429830][ T5123] ? __check_object_size+0x35b/0x510 [ 70.435807][ T5123] file_tty_write+0x335/0x690 [ 70.440583][ T5123] tty_write+0x28/0x30 [ 70.444911][ T5123] vfs_write+0x78f/0x900 [ 70.449340][ T5123] ? __pfx_tty_write+0x10/0x10 [ 70.454201][ T5123] ksys_write+0xeb/0x1b0 [ 70.458492][ T5123] __x64_sys_write+0x42/0x50 [ 70.463136][ T5123] x64_sys_call+0x27dd/0x2d60 [ 70.467907][ T5123] do_syscall_64+0xc9/0x1c0 [ 70.472446][ T5123] ? clear_bhb_loop+0x55/0xb0 [ 70.477158][ T5123] ? clear_bhb_loop+0x55/0xb0 [ 70.481939][ T5123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.487883][ T5123] RIP: 0033:0x7f855b3f79f9 [ 70.492326][ T5123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.512083][ T5123] RSP: 002b:00007f855a077038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 70.520568][ T5123] RAX: ffffffffffffffda RBX: 00007f855b585f80 RCX: 00007f855b3f79f9 [ 70.528564][ T5123] RDX: 0000000000001006 RSI: 00000000200012c0 RDI: 0000000000000004 [ 70.536550][ T5123] RBP: 00007f855a077090 R08: 0000000000000000 R09: 0000000000000000 [ 70.544530][ T5123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.552595][ T5123] R13: 0000000000000000 R14: 00007f855b585f80 R15: 00007fff43910108 [ 70.560581][ T5123] [ 70.636279][ T4836] team0 (unregistering): Port device team_slave_1 removed [ 70.651384][ T4836] team0 (unregistering): Port device team_slave_0 removed [ 70.703364][ T4837] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.710514][ T4837] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.739987][ T4989] hsr_slave_0: entered promiscuous mode [ 70.746128][ T4989] hsr_slave_1: entered promiscuous mode [ 70.780771][ T5144] 9pnet_fd: Insufficient options for proto=fd [ 70.804134][ T5145] netlink: 'syz.4.388': attribute type 1 has an invalid length. [ 70.844935][ T5147] FAULT_INJECTION: forcing a failure. [ 70.844935][ T5147] name failslab, interval 1, probability 0, space 0, times 0 [ 70.857708][ T5147] CPU: 0 UID: 0 PID: 5147 Comm: syz.2.390 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 70.868346][ T5147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 70.878595][ T5147] Call Trace: [ 70.882239][ T5147] [ 70.885210][ T5147] dump_stack_lvl+0xf2/0x150 [ 70.889830][ T5147] dump_stack+0x15/0x20 [ 70.894085][ T5147] should_fail_ex+0x229/0x230 [ 70.898798][ T5147] ? skb_clone+0x154/0x1f0 [ 70.903269][ T5147] should_failslab+0x8f/0xb0 [ 70.907962][ T5147] kmem_cache_alloc_noprof+0x4c/0x290 [ 70.913352][ T5147] skb_clone+0x154/0x1f0 [ 70.917681][ T5147] __netlink_deliver_tap+0x2bd/0x4c0 [ 70.922998][ T5147] netlink_unicast+0x641/0x670 [ 70.927850][ T5147] netlink_sendmsg+0x5cc/0x6e0 [ 70.932687][ T5147] ? __pfx_netlink_sendmsg+0x10/0x10 [ 70.937992][ T5147] __sock_sendmsg+0x140/0x180 [ 70.942701][ T5147] ____sys_sendmsg+0x312/0x410 [ 70.947492][ T5147] __sys_sendmsg+0x1e9/0x280 [ 70.952148][ T5147] __x64_sys_sendmsg+0x46/0x50 [ 70.956937][ T5147] x64_sys_call+0x2689/0x2d60 [ 70.961692][ T5147] do_syscall_64+0xc9/0x1c0 [ 70.966248][ T5147] ? clear_bhb_loop+0x55/0xb0 [ 70.970958][ T5147] ? clear_bhb_loop+0x55/0xb0 [ 70.975699][ T5147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.982304][ T5147] RIP: 0033:0x7fee4e3e79f9 [ 70.986737][ T5147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.006371][ T5147] RSP: 002b:00007fee4d067038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 71.014816][ T5147] RAX: ffffffffffffffda RBX: 00007fee4e575f80 RCX: 00007fee4e3e79f9 [ 71.023324][ T5147] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 [ 71.031407][ T5147] RBP: 00007fee4d067090 R08: 0000000000000000 R09: 0000000000000000 [ 71.039476][ T5147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 71.047526][ T5147] R13: 0000000000000000 R14: 00007fee4e575f80 R15: 00007ffe2815fb78 [ 71.055514][ T5147] [ 71.063297][ T4989] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.071224][ T4989] Cannot create hsr debugfs directory [ 71.077783][ T4837] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.085360][ T4837] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.301960][ T4836] IPVS: stop unused estimator thread 0... [ 71.303158][ T4846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 71.534400][ T4989] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 71.553529][ T4989] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 71.572000][ T4846] veth0_vlan: entered promiscuous mode [ 71.580396][ T4989] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 71.595209][ T4989] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 71.602000][ T5208] loop4: detected capacity change from 0 to 128 [ 71.622522][ T4846] veth1_vlan: entered promiscuous mode [ 71.649627][ T4846] veth0_macvtap: entered promiscuous mode [ 71.659575][ T4846] veth1_macvtap: entered promiscuous mode [ 71.689545][ T4846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.700212][ T4846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.710243][ T4846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.720766][ T4846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.730754][ T4846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.741280][ T4846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.751262][ T4846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 71.761743][ T4846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.775901][ T4846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 71.780857][ T5228] can: request_module (can-proto-0) failed. [ 71.789586][ T5221] all: renamed from team_slave_0 (while UP) [ 71.799653][ T5228] netlink: 36 bytes leftover after parsing attributes in process `syz.4.395'. [ 71.813975][ T4989] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.823202][ T4846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.833807][ T4846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.843718][ T4846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.854187][ T4846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.864026][ T4846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.874486][ T4846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.884345][ T4846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 71.894888][ T4846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 71.905890][ T4846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 71.914867][ T4846] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.923634][ T4846] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.932465][ T4846] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.941210][ T4846] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.960592][ T4989] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.975973][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.983119][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.997357][ T29] audit: type=1400 audit(1723271884.905:724): avc: denied { name_connect } for pid=5234 comm="syz.2.396" dest=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1 [ 72.001699][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.026038][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.105698][ T5244] 9pnet_fd: Insufficient options for proto=fd [ 72.132083][ T5248] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64 [ 72.139858][ T5248] audit: out of memory in audit_log_start [ 72.143087][ T4989] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.238750][ T4989] veth0_vlan: entered promiscuous mode [ 72.253410][ T4989] veth1_vlan: entered promiscuous mode [ 72.271574][ T4989] veth0_macvtap: entered promiscuous mode [ 72.282223][ T4989] veth1_macvtap: entered promiscuous mode [ 72.293141][ T4989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.303754][ T4989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.313727][ T4989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.324321][ T4989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.334268][ T4989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.344758][ T4989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.355081][ T4989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.365649][ T4989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.375574][ T4989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.386022][ T4989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.397451][ T4989] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.415787][ T4989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.426335][ T4989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.436301][ T4989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.446767][ T4989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.456711][ T4989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.467219][ T4989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.477194][ T4989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.487877][ T4989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.497731][ T4989] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.508201][ T4989] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.520477][ T5260] netlink: 'syz.2.400': attribute type 1 has an invalid length. [ 72.546125][ T4989] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.563223][ T4989] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.572219][ T4989] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.581167][ T4989] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.589998][ T4989] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.736083][ T5266] FAULT_INJECTION: forcing a failure. [ 72.736083][ T5266] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 72.749320][ T5266] CPU: 0 UID: 0 PID: 5266 Comm: syz.3.401 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 72.760338][ T5266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 72.770397][ T5266] Call Trace: [ 72.773671][ T5266] [ 72.776605][ T5266] dump_stack_lvl+0xf2/0x150 [ 72.781222][ T5266] dump_stack+0x15/0x20 [ 72.785415][ T5266] should_fail_ex+0x229/0x230 [ 72.790123][ T5266] should_fail+0xb/0x10 [ 72.794323][ T5266] should_fail_usercopy+0x1a/0x20 [ 72.799391][ T5266] strncpy_from_user+0x25/0x270 [ 72.804247][ T5266] ? kmem_cache_alloc_noprof+0x10c/0x290 [ 72.809897][ T5266] getname_flags+0xb0/0x3b0 [ 72.814416][ T5266] __x64_sys_mknodat+0x50/0x70 [ 72.819249][ T5266] x64_sys_call+0x22e6/0x2d60 [ 72.823933][ T5266] do_syscall_64+0xc9/0x1c0 [ 72.828647][ T5266] ? clear_bhb_loop+0x55/0xb0 [ 72.833348][ T5266] ? clear_bhb_loop+0x55/0xb0 [ 72.838346][ T5266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.844321][ T5266] RIP: 0033:0x7fc586d379f9 [ 72.848748][ T5266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.869049][ T5266] RSP: 002b:00007fc5859b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 72.877465][ T5266] RAX: ffffffffffffffda RBX: 00007fc586ec5f80 RCX: 00007fc586d379f9 [ 72.885522][ T5266] RDX: 0000000000004900 RSI: 0000000020000100 RDI: ffffffffffffffff [ 72.893489][ T5266] RBP: 00007fc5859b7090 R08: 0000000000000000 R09: 0000000000000000 [ 72.901556][ T5266] R10: 0000000000000c15 R11: 0000000000000246 R12: 0000000000000001 [ 72.909565][ T5266] R13: 0000000000000001 R14: 00007fc586ec5f80 R15: 00007ffcde9f2758 [ 72.917557][ T5266] [ 72.948460][ T29] audit: type=1326 audit(1723271885.855:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5268 comm="syz.3.403" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc586d379f9 code=0x0 [ 73.044018][ T5276] loop4: detected capacity change from 0 to 1024 [ 73.060969][ T5276] EXT4-fs: Ignoring removed nomblk_io_submit option [ 73.061196][ T5276] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 73.063883][ T5276] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 73.063919][ T5276] System zones: 0-1, 3-36 [ 73.066637][ T5276] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.129546][ T5286] netlink: 40 bytes leftover after parsing attributes in process `syz.3.407'. [ 73.156905][ T5288] 9pnet_fd: Insufficient options for proto=fd [ 73.167402][ T29] audit: type=1400 audit(1723271886.065:726): avc: denied { mounton } for pid=5275 comm="syz.4.405" path="/94/bus/bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 73.182357][ T5292] loop3: detected capacity change from 0 to 512 [ 73.196819][ T5292] ext4: Unknown parameter 'noacl' [ 73.262136][ T5296] netlink: 'syz.3.410': attribute type 1 has an invalid length. [ 73.270289][ T5296] netlink: 'syz.3.410': attribute type 2 has an invalid length. [ 73.278457][ T5296] netlink: 4 bytes leftover after parsing attributes in process `syz.3.410'. [ 73.288029][ T5296] netlink: 16 bytes leftover after parsing attributes in process `syz.3.410'. [ 73.297047][ T5296] netlink: 40 bytes leftover after parsing attributes in process `syz.3.410'. [ 73.325941][ T5298] netlink: 12 bytes leftover after parsing attributes in process `syz.3.411'. [ 73.558823][ T5290] ================================================================== [ 73.567045][ T5290] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode [ 73.576466][ T5290] [ 73.578803][ T5290] write to 0xffff888106509ce8 of 8 bytes by task 5276 on cpu 1: [ 73.586446][ T5290] writeback_single_inode+0x10e/0x4a0 [ 73.591859][ T5290] sync_inode_metadata+0x5c/0x90 [ 73.596830][ T5290] generic_buffers_fsync_noflush+0xe4/0x130 [ 73.602745][ T5290] ext4_sync_file+0x20b/0x6c0 [ 73.607458][ T5290] vfs_fsync_range+0x122/0x140 [ 73.612258][ T5290] ext4_buffered_write_iter+0x338/0x380 [ 73.617834][ T5290] ext4_file_write_iter+0x29f/0xe30 [ 73.623070][ T5290] iter_file_splice_write+0x5e6/0x970 [ 73.628473][ T5290] direct_splice_actor+0x16c/0x2c0 [ 73.633610][ T5290] splice_direct_to_actor+0x305/0x670 [ 73.639024][ T5290] do_splice_direct+0xd7/0x150 [ 73.643820][ T5290] do_sendfile+0x3ab/0x950 [ 73.648262][ T5290] __x64_sys_sendfile64+0x110/0x150 [ 73.653481][ T5290] x64_sys_call+0xed5/0x2d60 [ 73.658107][ T5290] do_syscall_64+0xc9/0x1c0 [ 73.662643][ T5290] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.668576][ T5290] [ 73.670906][ T5290] read to 0xffff888106509ce8 of 8 bytes by task 5290 on cpu 0: [ 73.678456][ T5290] generic_buffers_fsync_noflush+0x89/0x130 [ 73.684389][ T5290] ext4_sync_file+0x20b/0x6c0 [ 73.689100][ T5290] vfs_fsync_range+0x122/0x140 [ 73.693900][ T5290] ext4_buffered_write_iter+0x338/0x380 [ 73.699738][ T5290] ext4_file_write_iter+0x29f/0xe30 [ 73.704969][ T5290] iter_file_splice_write+0x5e6/0x970 [ 73.710371][ T5290] direct_splice_actor+0x16c/0x2c0 [ 73.715517][ T5290] splice_direct_to_actor+0x305/0x670 [ 73.720926][ T5290] do_splice_direct+0xd7/0x150 [ 73.725889][ T5290] do_sendfile+0x3ab/0x950 [ 73.730352][ T5290] __x64_sys_sendfile64+0x110/0x150 [ 73.735585][ T5290] x64_sys_call+0xed5/0x2d60 [ 73.740207][ T5290] do_syscall_64+0xc9/0x1c0 [ 73.744753][ T5290] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.750757][ T5290] [ 73.753092][ T5290] value changed: 0x0000000000000004 -> 0x0000000000000080 [ 73.760303][ T5290] [ 73.762637][ T5290] Reported by Kernel Concurrency Sanitizer on: [ 73.768803][ T5290] CPU: 0 UID: 0 PID: 5290 Comm: syz.4.405 Not tainted 6.11.0-rc2-syzkaller-00194-gafdab700f65e #0 [ 73.779503][ T5290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 73.789594][ T5290] ================================================================== [ 73.883827][ T29] audit: type=1400 audit(1723271886.785:727): avc: denied { unlink } for pid=3267 comm="syz-executor" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 73.884572][ T3267] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 73.927807][ T3267] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 74.149877][ T3267] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.161848][ T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.210558][ T36] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.260903][ T36] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.291927][ T36] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.372991][ T36] bridge_slave_1: left allmulticast mode [ 74.378769][ T36] bridge_slave_1: left promiscuous mode [ 74.384477][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.417748][ T36] bridge_slave_0: left allmulticast mode [ 74.423437][ T36] bridge_slave_0: left promiscuous mode [ 74.429175][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.561334][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 74.573201][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 74.584146][ T36] bond0 (unregistering): Released all slaves [ 74.629348][ T36] tipc: Left network mode [ 74.700787][ T36] hsr_slave_0: left promiscuous mode [ 74.707983][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 74.715436][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 74.732762][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 74.740255][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 74.750594][ T36] veth1_macvtap: left promiscuous mode [ 74.756097][ T36] veth0_macvtap: left promiscuous mode [ 74.761715][ T36] veth1_vlan: left promiscuous mode [ 74.766967][ T36] veth0_vlan: left promiscuous mode [ 74.870520][ T36] team0 (unregistering): Port device team_slave_1 removed [ 74.882773][ T36] team0 (unregistering): Port device team_slave_0 removed