[ 3.878185][ T100] udevd[100]: starting eudev-3.2.11 [ 4.847014][ T146] rm (146) used greatest stack depth: 23120 bytes left [ 7.537338][ T113] udevd (113) used greatest stack depth: 22576 bytes left [ 11.667329][ T30] kauditd_printk_skb: 50 callbacks suppressed [ 11.667341][ T30] audit: type=1400 audit(1716410713.584:61): avc: denied { transition } for pid=222 comm="sshd" path="/bin/sh" dev="sda1" ino=89 scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 11.671132][ T30] audit: type=1400 audit(1716410713.584:62): avc: denied { noatsecure } for pid=222 comm="sshd" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 11.673770][ T30] audit: type=1400 audit(1716410713.584:63): avc: denied { write } for pid=222 comm="sh" path="pipe:[1288]" dev="pipefs" ino=1288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 11.677030][ T30] audit: type=1400 audit(1716410713.584:64): avc: denied { rlimitinh } for pid=222 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 11.679791][ T30] audit: type=1400 audit(1716410713.584:65): avc: denied { siginh } for pid=222 comm="sh" scontext=system_u:system_r:sshd_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 12.748123][ T226] sftp-server (226) used greatest stack depth: 22096 bytes left Warning: Permanently added '10.128.1.52' (ED25519) to the list of known hosts. 2024/05/22 20:45:20 fuzzer started 2024/05/22 20:45:20 dialing manager at 10.128.0.163:30008 [ 18.773641][ T30] audit: type=1400 audit(1716410720.684:66): avc: denied { node_bind } for pid=281 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 18.776609][ T30] audit: type=1400 audit(1716410720.684:67): avc: denied { name_bind } for pid=281 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 18.802904][ T30] audit: type=1400 audit(1716410720.714:68): avc: denied { setattr } for pid=290 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=162 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 18.819187][ T289] cgroup: Unknown subsys name 'net' [ 18.831537][ T289] cgroup: Unknown subsys name 'devices' [ 18.832330][ T30] audit: type=1400 audit(1716410720.734:69): avc: denied { integrity } for pid=289 comm="syz-executor" lockdown_reason="debugfs access" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=lockdown permissive=1 [ 18.858972][ T30] audit: type=1400 audit(1716410720.734:70): avc: denied { mounton } for pid=289 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 18.881573][ T30] audit: type=1400 audit(1716410720.734:71): avc: denied { mount } for pid=289 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 18.886613][ T295] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 18.903736][ T30] audit: type=1400 audit(1716410720.744:72): avc: denied { unmount } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 18.932218][ T30] audit: type=1400 audit(1716410720.764:73): avc: denied { mounton } for pid=292 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 18.956729][ T30] audit: type=1400 audit(1716410720.764:74): avc: denied { mount } for pid=292 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 18.979745][ T30] audit: type=1400 audit(1716410720.844:75): avc: denied { relabelto } for pid=295 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 18.981532][ T294] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 19.066951][ T289] cgroup: Unknown subsys name 'hugetlb' [ 19.072375][ T289] cgroup: Unknown subsys name 'rlimit' 2024/05/22 20:45:21 starting 5 executor processes [ 19.800131][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 19.807041][ T305] bridge0: port 1(bridge_slave_0) entered disabled state [ 19.814199][ T305] device bridge_slave_0 entered promiscuous mode [ 19.827408][ T304] bridge0: port 1(bridge_slave_0) entered blocking state [ 19.834240][ T304] bridge0: port 1(bridge_slave_0) entered disabled state [ 19.841454][ T304] device bridge_slave_0 entered promiscuous mode [ 19.848896][ T304] bridge0: port 2(bridge_slave_1) entered blocking state [ 19.855764][ T304] bridge0: port 2(bridge_slave_1) entered disabled state [ 19.862904][ T304] device bridge_slave_1 entered promiscuous mode [ 19.869186][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 19.876039][ T305] bridge0: port 2(bridge_slave_1) entered disabled state [ 19.883071][ T305] device bridge_slave_1 entered promiscuous mode [ 19.946923][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 19.953758][ T308] bridge0: port 1(bridge_slave_0) entered disabled state [ 19.960997][ T308] device bridge_slave_0 entered promiscuous mode [ 19.979712][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 19.986570][ T308] bridge0: port 2(bridge_slave_1) entered disabled state [ 19.993628][ T308] device bridge_slave_1 entered promiscuous mode [ 20.003069][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.009912][ T307] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.017075][ T307] device bridge_slave_0 entered promiscuous mode [ 20.024563][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.031461][ T307] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.038463][ T307] device bridge_slave_1 entered promiscuous mode [ 20.090978][ T306] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.097846][ T306] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.104855][ T306] device bridge_slave_0 entered promiscuous mode [ 20.123217][ T306] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.130086][ T306] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.137241][ T306] device bridge_slave_1 entered promiscuous mode [ 20.212823][ T305] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.219669][ T305] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.226762][ T305] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.233540][ T305] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.248571][ T304] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.255418][ T304] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.262484][ T304] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.269318][ T304] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.317002][ T307] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.323822][ T307] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.330939][ T307] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.337724][ T307] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.350335][ T308] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.357178][ T308] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.364248][ T308] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.371071][ T308] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.396052][ T321] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.403037][ T321] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.410018][ T321] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.416980][ T321] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.423916][ T321] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.430804][ T321] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.438177][ T321] bridge0: port 1(bridge_slave_0) entered disabled state [ 20.445076][ T321] bridge0: port 2(bridge_slave_1) entered disabled state [ 20.452795][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 20.459973][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.487785][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.495493][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.503380][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.510148][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.517317][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.525159][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.531970][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.539277][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 20.546974][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 20.554591][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.562438][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.569269][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.576451][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.584397][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.591218][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.616448][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 20.624977][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 20.633215][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.640345][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.648305][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.655123][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.662532][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.670620][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.677448][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.684588][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.691808][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 20.699749][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 20.706570][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 20.713672][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 20.721612][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 20.728442][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 20.735612][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 20.743252][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 20.759674][ T304] device veth0_vlan entered promiscuous mode [ 20.767527][ T305] device veth0_vlan entered promiscuous mode [ 20.781555][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 20.789794][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 20.797494][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 20.804589][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 20.811793][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 20.819740][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 20.827486][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 20.835208][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 20.843652][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 20.851347][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 20.863348][ T304] device veth1_macvtap entered promiscuous mode [ 20.870093][ T326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 20.877231][ T326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 20.889490][ T305] device veth1_macvtap entered promiscuous mode [ 20.900988][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 20.909221][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 20.917123][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 20.924413][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 20.931583][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 20.938817][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 20.946885][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 20.954872][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 20.962873][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 20.970892][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 20.978889][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.002892][ T306] device veth0_vlan entered promiscuous mode [ 21.008858][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 21.017218][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 21.025067][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 21.031861][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 21.038989][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 21.046992][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 21.054830][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 21.061634][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 21.068749][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.076760][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.084720][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 21.092472][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 21.100244][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 21.108000][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 21.115748][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.123668][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.131782][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.139781][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.147783][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.155344][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.163187][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.170390][ T60] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.179268][ T308] device veth0_vlan entered promiscuous mode [ 21.190907][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready executing program 2: sendmsg$tipc(0xffffffffffffffff, &(0x7f0000004440)={0x0, 0x0, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53", 0x101}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000001100208500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='sched_switch\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20) recvmsg$unix(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)=""/160, 0xa0}], 0x1, 0x0, 0x18}, 0x0) sendmsg$inet(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0x1}], 0x1}, 0x0) executing program 1: syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="1201000064172f2057155081ed29010203010902120001"], 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0xfffffffb) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='global_dirty_state\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000900), 0x71, r1}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000002000000008000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='global_dirty_state\x00', r2}, 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r3, &(0x7f0000000180), 0x40001) [ 21.198655][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.206642][ T326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.213833][ T326] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.240340][ T306] device veth1_macvtap entered promiscuous mode [ 21.254448][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.262772][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.271037][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.286181][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.294114][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready executing program 2: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000000dc0)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000080)={0x7b, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r1}, &(0x7f0000000080), &(0x7f0000000200)='%-010d \x00'}, 0x20) syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000011c0), 0x18) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000880)=@v1={0x0, @adiantum, 0x0, @desc1}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x8, &(0x7f0000000340)=ANY=[@ANYBLOB="620af8ff25200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fa093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415bd1966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b7845e6b607130c89f18c0c1089d8b853289d01aa27ae82e61b0f9223684198e1148f49faf2ad0000000000000026fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364145835108333719acd97cfa107d40224edc5465a932b77e74e80140d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf560fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e68242aff9fa740b5b763296b652d40229b24a96759823481cf32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734ff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000009731e6e8861c46495ba585a4b2d02edc3e28dd271c896249edc9981b5f240a2e57244b9fc9df0ff285b980680b000020435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da2a6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce5dfd3467decb05d1dbe5d2bc159ce262d9d10a64c1083d5e71b5565b1748ee58969c41595229df17bcad70fb4021428ce909000000b78100788f11f761036cd3f7ec4e7fb8bc6ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec57c92f7285acd324d2c91be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c55609a6e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a061887a20639b41c8c12ee86c50984042b3eac1f879b13634c31da2c25cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f233e22de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ece0ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9af04bffb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2b90d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4d58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6006e56237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b7030c1743d70e3aac9ef6c45c4c49b3bc19faa5449609b0a3dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d122a7cca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710db8f3e5c7ebfd6d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aed7a1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea500000000b4ba686fcdf240430a537a395dc73bda367bf12cb7d81643a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de553101cae9e48b0ed1254a83100e45b2569dc0d90b075225f728d44d0973171ad47d6b70ebc660309e1e245b00001743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933bee24c7e8000f2c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b606000000000000001a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e000000000000037010632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5d6d4523497e4d64f95f08493564a1df87111c9bf3194fef96ccecc467acc45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127cf72748a028daf5fc4d4e6d5265bec44219ee8fbfe84f441c724fa7b3d1ff0555e63ad00a1c7f9f72f10154f1e109dc3f7dd87ea308a1fb5a983490c6c93610864623613dabec4c0b64461d21f807515d8fadec636c99aa95ff895c25aad5ac0993a65c7668ca2b6d46edbad410df7390d27e4ddc8f47d5a918b14da4ec07c8199259b8e3dd36de9b35ce25d39686f2470afb1b1db18221841cee6e5531280d65f1d28886e0f06856a5ca37a91ea6e19977c517b10fb66858a05b03084d1f3bd5542d2796a33cfe545be3dc03d302e48301b9f97f694142e48f23271787d3a2360996ca3c9b18000000000700000000000000000000004882ce2e7a68512b23b0ab1f7a6c960bd002984955dc620614f97a234c8e1df96d5e7a67c8d26cd7a4bbacc4a08600000000f5fab1f01e2b7cf653f9d25f942b1cff6d738e17df64464fbc9d89911829458645ef2d2d23f55eb1b09855cc74d29cbca2aeff07a9bf56c3fa68a7d71aad094d5d968ad88fdda027c65e434e9a6bc68ec751d6d21fa471c38646d714ce68f1f46f6ec4c1e87d720385be6f3a70fe730ccad42a9051cd07f356023e855e5acd5ec7d990cebcac66cbd3229d18511bfa1e3d2c82af72932cfd875584d0fc2daff4dfebe41c37494b8136a37f12caecba3e09a31a00410ff161089935db303df012b165663cc1f915d65f69f9d2c1d853b0150445d088da47c170155cd0cc863f4efc2bd7e2246916e0322494eb7bbc0f6c4efeac3d49b5318c410ddd8892aae7e22a558acfc4c2c08d54bd8f64469c43feaf6c9d49e701af9471f9d0cc02ed80f05f0a196bf4695cec437bea2d62515882d856c8a70f8f158da96ec472655529a4e87fc743080d59d747d4377e7e9d1d62b1d08eb1f051412b309208c8be79f66271b4ebd6800688955132ecc654d0e3bcb258b1da03b77cb17d2f4c1e557462f0a710b68056f3e272000d3bf4f49631f8d3677e5803ea1e52727c69afe25f0905a1dfaa0ffc168601e0fddaeff35269e24ba5675504f0c4f735cfa668aab6fca35eef66f9dcbabb5710f20a75e99c5bdc0f95deca2efa57ffb35dc5f555419b712cb63f8ae93fa5ccf0268617f9bb26c767cc1215d29e426aaab79f500d53e0be9cd41ad42da2d54a31e0eeab9faac817d99ec2d862074088fb8dffe3cd11d1b56d3712c2cf486f0017e013d3f80fe602501c4e4f87001eaa4e4d7f653dabfa7273598211be7f42401d0bd68f47076894dcc004bbce94423bf925a39e6a58ab08b26aca704ff47dbca3e05f6715cd9c5c40e4d02d98b0b32b9c528e235605a4baac3b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffe9}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r4}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0) faccessat(r5, &(0x7f0000000000)='./file0\x00', 0x5) [ 21.302453][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.310590][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 21.325442][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 21.333499][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 21.342105][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready executing program 4: r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r0, 0x0, 0x0, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3) [ 21.350030][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 21.370567][ T307] device veth0_vlan entered promiscuous mode [ 21.377036][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 21.384679][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 21.397451][ T307] device veth1_macvtap entered promiscuous mode [ 21.405965][ T308] device veth1_macvtap entered promiscuous mode [ 21.417280][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.424877][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 21.432374][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 21.439572][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 21.447714][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready executing program 3: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000040)={'sit0\x00', @local}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r1], 0x0}, 0x90) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000e00)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'sit0\x00', @random="4f33e363a4b1"}) [ 21.455692][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 21.463112][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.471306][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.479475][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.487552][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000004fad413e550000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f00000002c0)='mm_page_alloc\x00', r2}, 0x10) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r0}, 0x10) r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8) write$cgroup_int(r4, &(0x7f00000001c0), 0xfffffdef) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x4, 0x1, 0x3ff, 0x23, 0x1, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x2, 0x1, 0xd}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0) ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000440)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x23}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r8}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='ext4_ext_handle_unwritten_extents\x00', r10}, 0x9) ioctl$SIOCSIFHWADDR(r9, 0x40305839, &(0x7f0000000540)={'\x00', @link_local={0x1, 0x80, 0xc2, 0x5}}) [ 21.515449][ T327] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 21.526694][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 21.534690][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 21.545066][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 21.553220][ T321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready executing program 3: bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r0, 0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4 \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000080007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, 0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0xa, 0xc000, 0x37b0, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48) executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000200000000000000000818110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x8, 0x4, 0x4, 0x10000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x48) executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x2, 0x4, 0x1, 0xbf22}, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={0xffffffffffffffff, &(0x7f0000000080), 0x0}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00) sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x810100, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1, 0x0, 0x0, 0x3}, 0x40000000) sendmsg(r1, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) [ 21.585554][ T339] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 21.613691][ T350] device sit0 entered promiscuous mode executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f50850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000640)='fib6_table_lookup\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000480)='syzkaller\x00', 0x0, 0xffffffffffffff2c, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r2) recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r3, &(0x7f0000000640)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd"], 0xfdef) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280)=@generic={0x0, "6f170d12df70358adb888ff5ef17b29276e644e8aa561499e7dacbd39856fab17c10110bb0776a3e3126e8ad9d5ffccc9cd0086ded8af08d86bb3026ac6dc0936fac7777d275e599ecc6c99fa213fc656430d89f4758161cb93ac47fce56e4689240cc24072b41415cc0cce9453a472ce996fda4b7f16db0515e20924fc6"}, 0x80, 0x0}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000020004000000bb7f1a00c600feff0000000a9500000000000001"], &(0x7f0000000000)='syzkaller\x00', 0x5, 0xf4240, &(0x7f0000000100)=""/147}, 0x80) bpf$PROG_LOAD(0x5, 0x0, 0x0) close(0xffffffffffffffff) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x40086607, 0x20001419) executing program 0: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0xb) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) rt_tgsigqueueinfo(0x0, 0x0, 0x0, 0x0) executing program 0: bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r0}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) executing program 0: bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001100)={{r0, 0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4 \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000080007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, 0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0xa, 0xc000, 0x37b0, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x48) executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x0, 0x9}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0xe) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000740)=@framed={{}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfe00}, {0x7, 0x0, 0x8}, {}, {0x5}, {0x7, 0x0, 0x0, 0x0}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0xa3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r5 = getpid() sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x52, '\x00', 0x0, 0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_da_write_pages\x00', r8}, 0x10) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) write$cgroup_type(r9, &(0x7f0000000180), 0x2000) [ 21.806502][ T327] usb 2-1: Using ep0 maxpacket: 32 executing program 0: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W") r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r1 = open(0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) r4 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) renameat2(r1, &(0x7f0000000000)='./file0\x00', r4, &(0x7f00000004c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00', 0x5) [ 21.855438][ T339] usb 3-1: Using ep0 maxpacket: 32 [ 21.863940][ T371] loop0: detected capacity change from 0 to 512 [ 21.926601][ T327] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 21.936775][ T327] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 executing program 0: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000000, &(0x7f00000000c0)={[{@errors_remount}]}, 0xfe, 0x53d, &(0x7f0000000540)="$eJzs3d9rZFcdAPDvncxks7vRRO1DFVoXW9gtujO7rbXBh+4WxLeCUn1eQ3YSQiaZkJm0m1Aki3+AIKIFX/TJF8E/QJD9E0Qo2HdRURbdKtgH7ZX7Y0w2O9NMdjOZZfL5wJl77r3nzvecJHN/nTO5AZxZlyLiZkRMRcRLETFXLq+UKfaKlJX78MG7S1lKIk3f+nsSSbksK5aUKXOx3GymmPTV2dldW2y1mlvlfKO7vtno7OxeXV1fXGnOlEtfW3h14dpxmjMzaEXWrte/8Zef/PCX33z9t19554+3/nbl+1l9Z8v1vXactOJnUnuoYtWI2BpFsDGYKttTi94LAABPs+wc/7MR8aX8/H8upvKzucGmD+STkdcOAAAAOAnpjdn4TxKRAgAAABOrko+BTSr1cizAbFQq9XoxhveZuFBptTvdLy+3tzduF2Nl56NWWV5tNa+VY2rno5Zk89f/f0ehmH85X5el5KExwD+eO5+vry+1W7fHccMDAAAAzqCLh67//zVXXP8DAAAAE2Z+3BUAAAAARs71PwAAAEy+x7j+nx5FPQAAAICR+Nabb2Yp7T3/+vbbO9tr7bev3m521urr20v1pfbWZn2l3R7yYX+tdnvzq7GxfafRbXa6jc7O7q319vZG99bq4GdzAwAAAKP1mS/e+yC7tN/7+vk8Ra9vf2rABr4rABOjMmS5NHv582jrApyuQYd5YPJVP3m1Yb4wwWrFZMjefWASHbUDmBlU4nejqA0AADAKlz9/74M0ebT/v7p/bwCYUMP2/wOTZ0D/fzp32hUBTt0R/f/ABKsZAQhn3tH9/wMM3f+fpke+FwAAMFKzeUoq9bIvcDYqH6WFmI9asrzaal6LiE9HxB/mauey+ev5lokvDQAAAAAAAAAAAAAAAAAAAAAAAADAkNI0ifQxVB9rKwAAAGAcIip/Tcrnf12ee3H28P2B6eSj/FHAH6dp+s7P3vrpncVud+t6tvwf+fLpiOi+Vy5/eRx3MAAAAICe3lP+i+v02phrAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCk+vDBu0u9dJpx778REfOPxr8Z1ZjJS8xELSIu/DOJ6oHtkoiYOoH4e3cj4tl+7U+yasV8WYvD8SsRcT6vxcjjP5emad/4F584Opxt997IdzZ9Pn+VuJRP+3/+q0W68aTxB+3/svi9/d/U4fjVYv/3qSFjfOH9XzcOzH53P3uuWF/tv//pxU8G7H9f6Bes+uii731nd3dQ3dJfRFzue/xJHorV6K5vNjo7u1dX1xdXmivNjVdeuf61hdcWXl241lhebTXL174xfvTcbz4eFP/+pYgLZfzpXp3KA8t8MblZtn/xcPtfzDK1Qe+877/v33nwuSJbO/QWcf9uxJUX+v/+n82nfX/+P/93msuPA9n6y+UxIdkr8gc9/6vfPz+w/Xdnytzxf/9Xjm567qVv/+BPQxYFAE5BZ2d3bbHVam6NPPNemqbDFc7OSp8sVnYCd8KtOB8Rx9oqhi38zElX9TQyN45TOD13rD+2ZO8paOAZzkznf5Dj3jMBAAAnbf/sf9w1AQAAAAAAAAAAAAAAAAAAgLPrNP6v2OGYe+NpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJ/pfAAAA//+alNPW") syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000300)='./bus/file0\x00', 0x1c917, &(0x7f0000000380)={[{}, {@noblock_validity}, {@usrquota}, {@barrier_val}, {@nogrpid}, {@resgid={'resgid', 0x3d, 0xee01}}, {@noinit_itable}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@resgid={'resgid', 0x3d, 0xee00}, 0x32}]}, 0x1b, 0x4f2, &(0x7f0000000a40)="$eJzs3V1rHNcZAOB3Rlp/ypVMe+Ea6praRXJb70pWbYteuB+U9srQ1r2urUorIbTSCu3KtoRpZfoDCqW0hUKhV7kJ5AcEgn9CCBiS+5CEhJDYyYUvEm/YL3/Iu5KMV1qhfR4YzTlnZvSed5ed3TMzzATQs05HxJmIeFypVM5FxGCjPW1MP6pW1uvrPXxwZ6o6JVGpXPssiUjqbdVVRp75n0frm8ShiPjDbyP+nLwYt7S6Nj9ZKOSXG/VceWEpV1pdOz+3MDmbn80vjo+PXZq4PHFxYrQjeQ5ExJVff/Svv7/2mytv/eTW+9c/GflL0miPeJpHp9VTz9Rei6b+iFjeiWBd0NfIJ9NsaPFeAwCwdzR/5/8gIs7FYPTVfs0BAAAA+0nl5wPxVRJRAQAAAPattHYNbJJmG9cBDESaZrP1a3i/E0fSQrFU/vFMcWVxun6t7FBk0pm5Qn60ca3wUGSSan2sVn5av7ChPh4RxyPin4OHa/XsVLEw3e2DHwAAANAjjm4Y/385WB//AwAAAPvMULc7AAAAAOw4438AAADY/4z/AQAAYF/73dWr1anSfP719M3VlfnizfPT+dJ8dmFlKjtVXF7KzhaLs7V79i1s9f8KxeLST2Nx5XaunC+Vc6XVtesLxZXF8vW55x6BDQAAAOyi49+/914SEes/O1ybqg50u1PAruh/mZU/3Ll+ALuvr9sdALrmpb7/gX0l0+0OAF2XRMT/Nlne9uKdt3emPwAAQOcNf7f1+f9ky2MD6+kudRHYIY7/Qe9y/h96l/P/0Lsy0RcG8tDbki2Wv/r5/0rlpToEAAB03EBtStJsRO04wECkaTYbcaz2WIBMMjNXyI9GxLci4t3BzMFqfay2ZbLlmAEAAAAAAAAAAAAAAAAAAAAAAAAAqKtUkqgAAAAA+1pE+nHSeP7X8ODZgY3HBw4kjwZr84i49d9r/749WS4vj1XbP3/SXv5Po/1CN45gAAAAABs1x+nNcTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNLDB3emmtNuxv30lxEx1Cp+fxyqzQ9FJiKOfJFE/zPbJRHR14H463cj4ld/ahE/qXYrhhq9aBX/cKfin2iV/+bx04g42oH40MvuVfc/v2j1+UvjdG2+8fN38Mm2/R2I337/lz7Z//W12f8c22aMk/ffyLWNfzfiZH/r/U8zftIm/pltxr/xx7W1dssq/48Ybvn9kzwXK1deWMqVVtfOzy1MzuZn84vj42OXJi5PXJwYzc3MFfKNvy1j/ON7bz7eLP8jbeIPbZH/2W3m//X92w++XS9mWsUfOdP6/T/RJn7a+O77YaNcXT7cLK/Xy8869fo7pzbLf7pN/lu9/yPbzP/c7//2wTZXBQB2QWl1bX6yUMgv93ThlV6N6s+iPZGFwlaFSmPw1mz5617p2B4sND8Tj7qzYwIAADruxTHwdtzYuQ4BAAAAAAAAAAAAAAAAAABAD+rMPcOa98Te/O56Tev12Qv3QgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6KZvAgAA//9F0tDB") r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x4, &(0x7f0000000300)=@framed={{}, [@call]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) [ 21.975505][ T339] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 21.982477][ T371] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 21.986342][ T339] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 21.997402][ T371] ext4 filesystem being mounted at /root/syzkaller-testdir3611103088/syzkaller.lrFAKb/5/file1 supports timestamps until 2038 (0x7fffffff) [ 22.094611][ T376] loop0: detected capacity change from 0 to 512 [ 22.105589][ T327] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 22.114486][ T327] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 22.122585][ T327] usb 2-1: Product: syz [ 22.126254][ T376] EXT4-fs (loop0): Number of reserved GDT blocks insanely large: 2048 [ 22.128533][ T339] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 22.144199][ T327] usb 2-1: Manufacturer: syz [ 22.148738][ T327] usb 2-1: SerialNumber: syz [ 22.153517][ T339] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 22.162184][ T327] usb 2-1: config 0 descriptor?? [ 22.167942][ T339] usb 3-1: Product: syz [ 22.171882][ T339] usb 3-1: Manufacturer: syz [ 22.216007][ T339] hub 3-1:4.0: USB hub found [ 22.239764][ T376] loop0: detected capacity change from 0 to 512 [ 22.327321][ T376] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 22.337299][ T376] EXT4-fs (loop0): orphan cleanup on readonly fs [ 22.344000][ T376] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 19 vs 41 free clusters [ 22.358235][ T376] EXT4-fs (loop0): 1 truncate cleaned up [ 22.375699][ T376] EXT4-fs (loop0): mounted filesystem without journal. Opts: bsddf,noblock_validity,usrquota,barrier=0x0000000000000000,nogrpid,resgid=0x000000000000ee01,noinit_itable,inode_readahead_blks=0x0000000000000080,resgid=0x000000000000ee002,errors=continue. Quota mode: writeback. [ 22.402637][ T376] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended [ 22.418690][ T376] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback. executing program 0: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0) ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) [ 22.426760][ T376] syz-executor.0 (376) used greatest stack depth: 21536 bytes left [ 22.435506][ T339] hub 3-1:4.0: 2 ports detected [ 22.440940][ T26] usb 2-1: USB disconnect, device number 2 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x6, 0x4, 0x0, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2000480, &(0x7f0000000080)={[{@nogrpid}, {@noauto_da_alloc}, {@sysvgroups}]}, 0x5, 0x762, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9GxdNttQs8mW7KY0IaAighdBxYOgl579UW/exB9X/S88SEvVtFjxIJHZzKbbZrfJpkmWup8PTPt9M7N5892Zee/tzrATQM8aTf/JRRyOiA+TiOFsfhIRA/WoP+Lk2no3V5aL6ZTE6uqrfyT1dW6sLBej6TWpg1nh0Yj48b2II7mN9VYXl2YK5XJpPiuP12bPj1cXl46emy1Ml6ZLc8cnJiePnXjmxPGdy/WvX5YOXf3opSe/PvnPu49c/uCnJE7GoWxZcx47ZTRGs/dkIH0Lb/PiTlfWZUm3N4BtSU/NvrWzPA7HcPTVIwDg/+ytiFgFAHpMov8HgB7T+B7gxspysTF19xuJvXXthYjYv5Z/4/rm2pL+7Jrd/vp10KEbyW1XRpKIGNmB+kcj4vNvX/8ynWKXrkMCtPL2d1mwof1PNtyz0KmntrDO6B1l7R/sne/T8c+zrcZ/ufXxT7QY/wy2OHe3Y/PzP3dlB6ppKx3/Pd90b9vNpvwzI31Z6YH6mG8gOXuuXErbtgcjYiwGBtPyxF3qGLv+7/V2y5rHf39+/OYXaf3p/7fWyF3pH7z9NVOFWuFecm527Z2Ix/pb5Z+s7/+kzfj39BbrePm59z9rtyzNP823MW3Mf3etXop4ouX+v3VHW3LX+xPH64fDeOOgaOGbXz8dald/8/5Pp7T+xmeBvZDu/6G75z+SNN+vWe28jp8vDf/Qbtnm+bc+/vclr9Xjfdm8i4VabX4iYl/yysb5x269tlFurJ/mP/Z4Pf8D2Sob2r9Wx3/6mfCNzRLPNqL/6u9fbT//3ZXmP9XR/u88uHxzpq9d/Vvb/5P1aCybs5X2b6sbeC/vHQAAAAAAAAAAAAAAAAAAAAAAAABsVS4iDkWSy6/HuVw+v/YM74djKFeuVGtHzlYW5qai/qzskRjINX7qcrjp91Anst/Db5SP3VF+OiIeiohPBg/Uy/lipTzV7eQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHOwzfP/U78NdnvrAIBds7/bGwAA7Dn9PwD0nk77f+MFALj/6c8BoPfo/wGg9+j/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2GWnT51Kp9W/V5aLaXnqwuLCTOXC0alSdSY/u1DMFyvz5/PTlcp0uZQvVmY3+3vlSuX8ZMwtXByvlaq18eri0pnZysJc7cy52cJ06UxpYE+yAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDOVBeXZgrlcmleIBAI1oNut0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA94f/AgAA///tuiN0") r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r2, 0x0, 0x0, 0x1000f4) r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3) executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000d00)=@base={0x1, 0x3, 0x20009, 0x8}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r0, 0xffffffffffffffff}, 0x0, &(0x7f00000000c0)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r1, &(0x7f0000000000), 0x0}, 0x20) executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x10) epoll_create1(0x0) [ 22.530020][ T384] loop4: detected capacity change from 0 to 2048 [ 22.546696][ T384] EXT4-fs (loop4): mounted filesystem without journal. Opts: nogrpid,noauto_da_alloc,sysvgroups,,errors=continue. Quota mode: none. executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x5, 0x8, 0x1}, 0x48) r1 = socket$inet_udp(0x2, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000940)={r0, &(0x7f0000000780), &(0x7f0000000900)=@udp=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000300)='kfree\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0xe, 0x0, &(0x7f0000000380)="0000ffffffffa00076b8638b6b0a", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) [ 22.622715][ T392] device pim6reg1 entered promiscuous mode [ 122.625431][ C1] rcu: INFO: rcu_preempt self-detected stall on CPU [ 122.631895][ C1] rcu: 1-...!: (10000 ticks this GP) idle=80b/1/0x4000000000000000 softirq=2416/2416 fqs=0 last_accelerate: 935e/ba6e dyntick_enabled: 1 [ 122.645769][ C1] (t=10000 jiffies g=1021 q=325) [ 122.650625][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 9999 jiffies! g1021 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 122.662603][ C1] rcu: Possible timer handling issue on cpu=1 timer-softirq=428 [ 122.670153][ C1] rcu: rcu_preempt kthread starved for 10000 jiffies! g1021 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 122.681263][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 122.691073][ C1] rcu: RCU grace-period kthread stack dump: [ 122.696804][ C1] task:rcu_preempt state:I stack:28328 pid: 14 ppid: 2 flags:0x00004000 [ 122.705841][ C1] Call Trace: [ 122.708959][ C1] [ 122.711740][ C1] __schedule+0xccc/0x1590 [ 122.715982][ C1] ? __sched_text_start+0x8/0x8 [ 122.720667][ C1] ? __kasan_check_write+0x14/0x20 [ 122.725617][ C1] schedule+0x11f/0x1e0 [ 122.729606][ C1] schedule_timeout+0x18c/0x370 [ 122.734300][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 122.739329][ C1] ? console_conditional_schedule+0x30/0x30 [ 122.745057][ C1] ? update_process_times+0x200/0x200 [ 122.750266][ C1] ? prepare_to_swait_event+0x308/0x320 [ 122.755647][ C1] rcu_gp_fqs_loop+0x2af/0xf80 [ 122.760246][ C1] ? debug_smp_processor_id+0x17/0x20 [ 122.765455][ C1] ? __note_gp_changes+0x4ab/0x920 [ 122.770401][ C1] ? rcu_gp_init+0xc30/0xc30 [ 122.774827][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 122.779862][ C1] ? rcu_gp_init+0x9cf/0xc30 [ 122.784288][ C1] rcu_gp_kthread+0xa4/0x350 [ 122.788713][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 122.793402][ C1] ? rcu_barrier_callback+0x50/0x50 [ 122.798435][ C1] ? __kasan_check_read+0x11/0x20 [ 122.803295][ C1] ? __kthread_parkme+0xb2/0x200 [ 122.808071][ C1] kthread+0x421/0x510 [ 122.811973][ C1] ? rcu_barrier_callback+0x50/0x50 [ 122.817009][ C1] ? kthread_blkcg+0xd0/0xd0 [ 122.821436][ C1] ret_from_fork+0x1f/0x30 [ 122.825690][ C1] [ 122.828557][ C1] rcu: Stack dump where RCU GP kthread last ran: [ 122.834719][ C1] NMI backtrace for cpu 1 [ 122.838896][ C1] CPU: 1 PID: 395 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 122.848861][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 122.858757][ C1] Call Trace: [ 122.861882][ C1] [ 122.864571][ C1] dump_stack_lvl+0x151/0x1b7 [ 122.869085][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 122.874553][ C1] dump_stack+0x15/0x17 [ 122.878546][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 122.883318][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 122.889317][ C1] ? panic+0x751/0x751 [ 122.893212][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 122.899128][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 122.904934][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 122.910834][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 122.916561][ C1] rcu_check_gp_kthread_starvation+0x1e3/0x250 [ 122.922548][ C1] ? rcu_check_gp_kthread_expired_fqs_timer+0x18e/0x230 [ 122.929319][ C1] print_cpu_stall+0x310/0x5f0 [ 122.933920][ C1] rcu_sched_clock_irq+0x989/0x12f0 [ 122.938956][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 122.944942][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 122.949978][ C1] update_process_times+0x198/0x200 [ 122.955010][ C1] tick_sched_timer+0x188/0x240 [ 122.959697][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 122.965079][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 122.970113][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 122.975059][ C1] ? clockevents_program_event+0x22f/0x300 [ 122.980700][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 122.986605][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 122.991378][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 122.997106][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 123.002572][ C1] [ 123.005351][ C1] [ 123.008127][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.013953][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 123.018717][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 123.038159][ C1] RSP: 0018:ffffc90005b86d20 EFLAGS: 00000246 [ 123.044061][ C1] RAX: 0000000000000001 RBX: 1ffff92000b70da8 RCX: 1ffffffff0d1aa9c [ 123.051877][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4 [ 123.059684][ C1] RBP: ffffc90005b86dd0 R08: dffffc0000000000 R09: ffffed103ee26fdb [ 123.067493][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 123.075305][ C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff92000b70dac [ 123.083121][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.089107][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 123.094055][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 123.099956][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 123.106204][ C1] ? __reset_page_owner+0x190/0x190 [ 123.111237][ C1] ? free_unref_page+0xe8/0x750 [ 123.115927][ C1] ? __free_pages+0x61/0xf0 [ 123.120265][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 123.125039][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 123.130073][ C1] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 123.135366][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 123.140402][ C1] ? kvfree+0x35/0x40 [ 123.144220][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xb78 [ 123.149604][ C1] bpf_trace_run2+0xec/0x210 [ 123.154028][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 123.158715][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 123.164358][ C1] ? kvfree+0x35/0x40 [ 123.168173][ C1] ? free_unref_page+0x2b3/0x750 [ 123.172949][ C1] ? kvfree+0x35/0x40 [ 123.176767][ C1] __bpf_trace_kfree+0x6f/0x90 [ 123.181371][ C1] ? kvfree+0x35/0x40 [ 123.185187][ C1] kfree+0x1f3/0x220 [ 123.188921][ C1] kvfree+0x35/0x40 [ 123.192562][ C1] __vunmap+0x850/0x8f0 [ 123.196558][ C1] vfree+0x7f/0xb0 [ 123.200113][ C1] bpf_prog_calc_tag+0x69a/0x8f0 [ 123.204889][ C1] ? __bpf_prog_free+0xe0/0xe0 [ 123.209490][ C1] resolve_pseudo_ldimm64+0xe2/0x1240 [ 123.214696][ C1] ? check_attach_btf_id+0x40f/0xef0 [ 123.219818][ C1] ? bpf_check+0x12bf0/0x12bf0 [ 123.224419][ C1] ? check_attach_btf_id+0xef0/0xef0 [ 123.229537][ C1] ? __mark_reg_known+0x1b0/0x1b0 [ 123.234398][ C1] ? security_capable+0x87/0xb0 [ 123.239088][ C1] bpf_check+0x3174/0x12bf0 [ 123.243428][ C1] ? 0xffffffffa0010488 [ 123.247417][ C1] ? is_bpf_text_address+0x172/0x190 [ 123.252544][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 123.257398][ C1] ? __kernel_text_address+0x9b/0x110 [ 123.262606][ C1] ? unwind_get_return_address+0x4d/0x90 [ 123.268074][ C1] ? bpf_get_btf_vmlinux+0x60/0x60 [ 123.273021][ C1] ? arch_stack_walk+0xf3/0x140 [ 123.277711][ C1] ? stack_trace_save+0x113/0x1c0 [ 123.282569][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 123.287515][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 123.292463][ C1] ? __stack_depot_save+0x34/0x470 [ 123.297411][ C1] ? ____kasan_kmalloc+0xed/0x110 [ 123.302270][ C1] ? ____kasan_kmalloc+0xdb/0x110 [ 123.307131][ C1] ? __kasan_kmalloc+0x9/0x10 [ 123.311644][ C1] ? kmem_cache_alloc_trace+0x115/0x210 [ 123.317025][ C1] ? selinux_bpf_prog_alloc+0x51/0x140 [ 123.322319][ C1] ? security_bpf_prog_alloc+0x62/0x90 [ 123.327615][ C1] ? bpf_prog_load+0x9ee/0x1b50 [ 123.332300][ C1] ? __sys_bpf+0x4bc/0x760 [ 123.336555][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 123.340980][ C1] ? do_syscall_64+0x3d/0xb0 [ 123.345409][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 123.351312][ C1] ? __kasan_kmalloc+0x9/0x10 [ 123.355824][ C1] ? memset+0x35/0x40 [ 123.359640][ C1] ? bpf_obj_name_cpy+0x196/0x1e0 [ 123.364501][ C1] bpf_prog_load+0x12ac/0x1b50 [ 123.369107][ C1] ? map_freeze+0x370/0x370 [ 123.373442][ C1] ? selinux_bpf+0xcb/0x100 [ 123.377782][ C1] ? security_bpf+0x82/0xb0 [ 123.382123][ C1] __sys_bpf+0x4bc/0x760 [ 123.386201][ C1] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 123.391408][ C1] ? __kasan_check_read+0x11/0x20 [ 123.396270][ C1] __x64_sys_bpf+0x7c/0x90 [ 123.400522][ C1] do_syscall_64+0x3d/0xb0 [ 123.404867][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 123.410597][ C1] RIP: 0033:0x7f9fef131ee9 [ 123.414945][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 123.434376][ C1] RSP: 002b:00007f9fedea60c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 123.442621][ C1] RAX: ffffffffffffffda RBX: 00007f9fef260f80 RCX: 00007f9fef131ee9 [ 123.450433][ C1] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 123.458244][ C1] RBP: 00007f9fef17e49e R08: 0000000000000000 R09: 0000000000000000 [ 123.466057][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.473868][ C1] R13: 000000000000000b R14: 00007f9fef260f80 R15: 00007ffc28226378 [ 123.481681][ C1] [ 123.484607][ C1] NMI backtrace for cpu 1 [ 123.488711][ C1] CPU: 1 PID: 395 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 123.498690][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 123.508585][ C1] Call Trace: [ 123.511711][ C1] [ 123.514401][ C1] dump_stack_lvl+0x151/0x1b7 [ 123.518914][ C1] ? io_uring_drop_tctx_refs+0x190/0x190 [ 123.524383][ C1] ? ttwu_do_wakeup+0x187/0x430 [ 123.529070][ C1] dump_stack+0x15/0x17 [ 123.533060][ C1] nmi_cpu_backtrace+0x2f7/0x300 [ 123.537837][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 123.543822][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 123.549117][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 123.553804][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 123.559705][ C1] nmi_trigger_cpumask_backtrace+0x15d/0x270 [ 123.565523][ C1] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 123.571425][ C1] arch_trigger_cpumask_backtrace+0x10/0x20 [ 123.577153][ C1] rcu_dump_cpu_stacks+0x1d8/0x330 [ 123.582099][ C1] print_cpu_stall+0x315/0x5f0 [ 123.586699][ C1] rcu_sched_clock_irq+0x989/0x12f0 [ 123.591732][ C1] ? rcu_boost_kthread_setaffinity+0x340/0x340 [ 123.597723][ C1] ? hrtimer_run_queues+0x15f/0x440 [ 123.602763][ C1] update_process_times+0x198/0x200 [ 123.607792][ C1] tick_sched_timer+0x188/0x240 [ 123.612481][ C1] ? tick_setup_sched_timer+0x480/0x480 [ 123.617861][ C1] __hrtimer_run_queues+0x41a/0xad0 [ 123.622894][ C1] ? hrtimer_interrupt+0xaa0/0xaa0 [ 123.627840][ C1] ? clockevents_program_event+0x22f/0x300 [ 123.633479][ C1] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 123.639383][ C1] hrtimer_interrupt+0x40c/0xaa0 [ 123.644159][ C1] __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 123.649885][ C1] sysvec_apic_timer_interrupt+0x95/0xc0 [ 123.655354][ C1] [ 123.658129][ C1] [ 123.660908][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.666722][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 123.671496][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 123.690938][ C1] RSP: 0018:ffffc90005b86d20 EFLAGS: 00000246 [ 123.696839][ C1] RAX: 0000000000000001 RBX: 1ffff92000b70da8 RCX: 1ffffffff0d1aa9c [ 123.704652][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4 [ 123.712462][ C1] RBP: ffffc90005b86dd0 R08: dffffc0000000000 R09: ffffed103ee26fdb [ 123.720274][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 123.728093][ C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff92000b70dac [ 123.735908][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 123.741887][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 123.746834][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 123.752735][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 123.758986][ C1] ? __reset_page_owner+0x190/0x190 [ 123.764018][ C1] ? free_unref_page+0xe8/0x750 [ 123.768706][ C1] ? __free_pages+0x61/0xf0 [ 123.773044][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 123.777823][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 123.782852][ C1] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 123.788147][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 123.793180][ C1] ? kvfree+0x35/0x40 [ 123.797002][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xb78 [ 123.802381][ C1] bpf_trace_run2+0xec/0x210 [ 123.806812][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 123.811493][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 123.817136][ C1] ? kvfree+0x35/0x40 [ 123.820955][ C1] ? free_unref_page+0x2b3/0x750 [ 123.825730][ C1] ? kvfree+0x35/0x40 [ 123.829549][ C1] __bpf_trace_kfree+0x6f/0x90 [ 123.834149][ C1] ? kvfree+0x35/0x40 [ 123.837968][ C1] kfree+0x1f3/0x220 [ 123.841698][ C1] kvfree+0x35/0x40 [ 123.845342][ C1] __vunmap+0x850/0x8f0 [ 123.849341][ C1] vfree+0x7f/0xb0 [ 123.852895][ C1] bpf_prog_calc_tag+0x69a/0x8f0 [ 123.857670][ C1] ? __bpf_prog_free+0xe0/0xe0 [ 123.862269][ C1] resolve_pseudo_ldimm64+0xe2/0x1240 [ 123.867476][ C1] ? check_attach_btf_id+0x40f/0xef0 [ 123.872597][ C1] ? bpf_check+0x12bf0/0x12bf0 [ 123.877197][ C1] ? check_attach_btf_id+0xef0/0xef0 [ 123.882318][ C1] ? __mark_reg_known+0x1b0/0x1b0 [ 123.887179][ C1] ? security_capable+0x87/0xb0 [ 123.891866][ C1] bpf_check+0x3174/0x12bf0 [ 123.896209][ C1] ? 0xffffffffa0010488 [ 123.900198][ C1] ? is_bpf_text_address+0x172/0x190 [ 123.905318][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 123.910179][ C1] ? __kernel_text_address+0x9b/0x110 [ 123.915387][ C1] ? unwind_get_return_address+0x4d/0x90 [ 123.920855][ C1] ? bpf_get_btf_vmlinux+0x60/0x60 [ 123.925806][ C1] ? arch_stack_walk+0xf3/0x140 [ 123.930488][ C1] ? stack_trace_save+0x113/0x1c0 [ 123.935347][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 123.940299][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 123.945243][ C1] ? __stack_depot_save+0x34/0x470 [ 123.950192][ C1] ? ____kasan_kmalloc+0xed/0x110 [ 123.955051][ C1] ? ____kasan_kmalloc+0xdb/0x110 [ 123.959910][ C1] ? __kasan_kmalloc+0x9/0x10 [ 123.964423][ C1] ? kmem_cache_alloc_trace+0x115/0x210 [ 123.969806][ C1] ? selinux_bpf_prog_alloc+0x51/0x140 [ 123.975100][ C1] ? security_bpf_prog_alloc+0x62/0x90 [ 123.980394][ C1] ? bpf_prog_load+0x9ee/0x1b50 [ 123.985081][ C1] ? __sys_bpf+0x4bc/0x760 [ 123.989334][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 123.993760][ C1] ? do_syscall_64+0x3d/0xb0 [ 123.998187][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 124.004094][ C1] ? __kasan_kmalloc+0x9/0x10 [ 124.008603][ C1] ? memset+0x35/0x40 [ 124.012422][ C1] ? bpf_obj_name_cpy+0x196/0x1e0 [ 124.017284][ C1] bpf_prog_load+0x12ac/0x1b50 [ 124.021883][ C1] ? map_freeze+0x370/0x370 [ 124.026224][ C1] ? selinux_bpf+0xcb/0x100 [ 124.030561][ C1] ? security_bpf+0x82/0xb0 [ 124.034901][ C1] __sys_bpf+0x4bc/0x760 [ 124.038979][ C1] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 124.044187][ C1] ? __kasan_check_read+0x11/0x20 [ 124.049048][ C1] __x64_sys_bpf+0x7c/0x90 [ 124.053300][ C1] do_syscall_64+0x3d/0xb0 [ 124.057554][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 124.063282][ C1] RIP: 0033:0x7f9fef131ee9 [ 124.067536][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 124.086979][ C1] RSP: 002b:00007f9fedea60c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 124.095222][ C1] RAX: ffffffffffffffda RBX: 00007f9fef260f80 RCX: 00007f9fef131ee9 [ 124.103034][ C1] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 124.110845][ C1] RBP: 00007f9fef17e49e R08: 0000000000000000 R09: 0000000000000000 [ 124.118656][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.126468][ C1] R13: 000000000000000b R14: 00007f9fef260f80 R15: 00007ffc28226378 [ 124.134280][ C1] [ 155.005334][ C0] watchdog: BUG: soft lockup - CPU#0 stuck for 144s! [syz-executor.4:392] [ 155.013657][ C0] Modules linked in: [ 155.017382][ C0] CPU: 0 PID: 392 Comm: syz-executor.4 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 155.027360][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 155.037257][ C0] RIP: 0010:kvm_wait+0x147/0x180 [ 155.042030][ C0] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 155.061822][ C0] RSP: 0018:ffffc90005766880 EFLAGS: 00000246 [ 155.067805][ C0] RAX: 0000000000000003 RBX: 1ffff92000aecd14 RCX: ffffffff8154fa7f [ 155.075617][ C0] RDX: dffffc0000000000 RSI: 0000000000000003 RDI: ffff88810bac8ee8 [ 155.083431][ C0] RBP: ffffc90005766930 R08: dffffc0000000000 R09: ffffed10217591de [ 155.091241][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 155.099052][ C0] R13: ffff88810bac8ee8 R14: 0000000000000003 R15: 1ffff92000aecd18 [ 155.106863][ C0] FS: 00007f3d1efbe6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 155.115629][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.122051][ C0] CR2: 0000001b2e722000 CR3: 000000012c91a000 CR4: 00000000003506b0 [ 155.129868][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 155.137675][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 155.145489][ C0] Call Trace: [ 155.148611][ C0] [ 155.151303][ C0] ? show_regs+0x58/0x60 [ 155.155380][ C0] ? watchdog_timer_fn+0x4b1/0x5f0 [ 155.160328][ C0] ? proc_watchdog_cpumask+0xd0/0xd0 [ 155.165451][ C0] ? __hrtimer_run_queues+0x41a/0xad0 [ 155.170656][ C0] ? hrtimer_interrupt+0xaa0/0xaa0 [ 155.175604][ C0] ? clockevents_program_event+0x22f/0x300 [ 155.181245][ C0] ? ktime_get_update_offsets_now+0x2ba/0x2d0 [ 155.187147][ C0] ? hrtimer_interrupt+0x40c/0xaa0 [ 155.192095][ C0] ? __sysvec_apic_timer_interrupt+0xfd/0x3c0 [ 155.197999][ C0] ? sysvec_apic_timer_interrupt+0x95/0xc0 [ 155.203637][ C0] [ 155.206415][ C0] [ 155.209192][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 155.215181][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 155.221257][ C0] ? kvm_wait+0x147/0x180 [ 155.225425][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 155.231422][ C0] ? kvm_arch_para_hints+0x30/0x30 [ 155.236359][ C0] ? __pv_queued_spin_lock_slowpath+0x65f/0xc40 [ 155.242438][ C0] __pv_queued_spin_lock_slowpath+0x6bc/0xc40 [ 155.248341][ C0] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 155.254588][ C0] _raw_spin_lock_bh+0x139/0x1b0 [ 155.259360][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 155.264393][ C0] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 155.269688][ C0] sock_hash_delete_elem+0xb1/0x2f0 [ 155.274721][ C0] ? sock_map_unref+0x352/0x4d0 [ 155.279410][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xb78 [ 155.284789][ C0] bpf_trace_run2+0xec/0x210 [ 155.289218][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 155.293902][ C0] ? sock_map_unref+0x352/0x4d0 [ 155.298589][ C0] ? sock_map_unref+0x352/0x4d0 [ 155.303276][ C0] __bpf_trace_kfree+0x6f/0x90 [ 155.307876][ C0] ? sock_map_unref+0x352/0x4d0 [ 155.312563][ C0] kfree+0x1f3/0x220 [ 155.316296][ C0] sock_map_unref+0x352/0x4d0 [ 155.320811][ C0] sock_hash_delete_elem+0x274/0x2f0 [ 155.325929][ C0] ? skb_release_data+0x8a9/0xa80 [ 155.330789][ C0] bpf_prog_2c29ac5cdc6b1842+0x3a/0xb78 [ 155.336172][ C0] bpf_trace_run2+0xec/0x210 [ 155.340597][ C0] ? asm_sysvec_call_function_single+0x1b/0x20 [ 155.346586][ C0] ? bpf_trace_run1+0x1c0/0x1c0 [ 155.351273][ C0] ? skb_release_data+0x8a9/0xa80 [ 155.356134][ C0] ? irqentry_exit+0x30/0x40 [ 155.360559][ C0] ? skb_release_data+0x8a9/0xa80 [ 155.365423][ C0] __bpf_trace_kfree+0x6f/0x90 [ 155.370021][ C0] ? skb_release_data+0x8a9/0xa80 [ 155.374880][ C0] kfree+0x1f3/0x220 [ 155.378615][ C0] skb_release_data+0x8a9/0xa80 [ 155.383300][ C0] consume_skb+0xac/0x250 [ 155.387467][ C0] netlink_broadcast_filtered+0x10f4/0x1220 [ 155.393194][ C0] ? rt6_dump_route+0xa90/0xa90 [ 155.397882][ C0] nlmsg_notify+0x101/0x1c0 [ 155.402222][ C0] rtnl_notify+0x9c/0xd0 [ 155.406301][ C0] inet6_rt_notify+0x3c8/0x550 [ 155.410901][ C0] ? rt6_nh_dump_exceptions+0x650/0x650 [ 155.416282][ C0] fib6_add+0x23ac/0x3df0 [ 155.420450][ C0] ? skb_gro_incr_csum_unnecessary+0x260/0x260 [ 155.426438][ C0] ? ipv6_addr_prefix+0x42/0x180 [ 155.431211][ C0] ? fib6_update_sernum_stub+0x1a0/0x1a0 [ 155.436679][ C0] ? __kasan_check_write+0x14/0x20 [ 155.441624][ C0] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 155.446488][ C0] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 155.451520][ C0] ip6_route_add+0x8a/0x130 [ 155.455861][ C0] addrconf_add_dev+0x415/0x610 [ 155.460550][ C0] ? local_bh_enable+0x30/0x30 [ 155.465148][ C0] ? __kasan_check_read+0x11/0x20 [ 155.470007][ C0] addrconf_init_auto_addrs+0xad0/0x1060 [ 155.475476][ C0] ? addrconf_dad_run+0x610/0x610 [ 155.480334][ C0] ? __local_bh_enable_ip+0x58/0x80 [ 155.485370][ C0] ? _raw_write_unlock_bh+0x32/0x48 [ 155.490404][ C0] ? addrconf_permanent_addr+0xb40/0xba0 [ 155.495873][ C0] ? __kasan_check_write+0x14/0x20 [ 155.500818][ C0] ? addrconf_notify+0xdd0/0xdd0 [ 155.505594][ C0] ? igmpv3_del_delrec+0x740/0x740 [ 155.510540][ C0] ? __local_bh_enable_ip+0x58/0x80 [ 155.515574][ C0] ? __kasan_check_write+0x14/0x20 [ 155.520520][ C0] ? mutex_unlock+0xb2/0x260 [ 155.524948][ C0] ? irqentry_exit+0x30/0x40 [ 155.529374][ C0] ? sysvec_call_function_single+0x52/0xb0 [ 155.535014][ C0] ? __mutex_lock_slowpath+0x10/0x10 [ 155.540137][ C0] ? addrconf_link_ready+0xfb/0x1e0 [ 155.545169][ C0] addrconf_notify+0x91d/0xdd0 [ 155.549771][ C0] raw_notifier_call_chain+0x8c/0xf0 [ 155.554890][ C0] __dev_notify_flags+0x304/0x610 [ 155.559752][ C0] ? __dev_change_flags+0x6e0/0x6e0 [ 155.564785][ C0] ? __dev_change_flags+0x569/0x6e0 [ 155.569820][ C0] ? avc_denied+0x1b0/0x1b0 [ 155.574159][ C0] ? dev_get_flags+0x1e0/0x1e0 [ 155.578761][ C0] dev_change_flags+0xf0/0x1a0 [ 155.583359][ C0] dev_ifsioc+0x147/0x10c0 [ 155.587613][ C0] ? dev_ioctl+0xe70/0xe70 [ 155.591864][ C0] ? mutex_lock+0xb6/0x1e0 [ 155.596119][ C0] ? wait_for_completion_killable_timeout+0x10/0x10 [ 155.602541][ C0] dev_ioctl+0x54d/0xe70 [ 155.606621][ C0] sock_do_ioctl+0x34f/0x5a0 [ 155.611046][ C0] ? sock_show_fdinfo+0xa0/0xa0 [ 155.615734][ C0] ? alloc_empty_file_noaccount+0x80/0x80 [ 155.621288][ C0] ? put_pid+0xc3/0x110 [ 155.625280][ C0] ? selinux_file_ioctl+0x3cc/0x540 [ 155.630317][ C0] sock_ioctl+0x455/0x740 [ 155.634480][ C0] ? sock_poll+0x400/0x400 [ 155.638734][ C0] ? __fget_files+0x31e/0x380 [ 155.643248][ C0] ? security_file_ioctl+0x84/0xb0 [ 155.648194][ C0] ? sock_poll+0x400/0x400 [ 155.652449][ C0] __se_sys_ioctl+0x114/0x190 [ 155.656961][ C0] __x64_sys_ioctl+0x7b/0x90 [ 155.661387][ C0] do_syscall_64+0x3d/0xb0 [ 155.665639][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 155.671372][ C0] RIP: 0033:0x7f3d20249ee9 [ 155.675624][ C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 155.695062][ C0] RSP: 002b:00007f3d1efbe0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 155.703307][ C0] RAX: ffffffffffffffda RBX: 00007f3d20378f80 RCX: 00007f3d20249ee9 [ 155.711118][ C0] RDX: 0000000020000140 RSI: 0000000000008914 RDI: 0000000000000006 [ 155.718930][ C0] RBP: 00007f3d2029649e R08: 0000000000000000 R09: 0000000000000000 [ 155.726745][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.734552][ C0] R13: 000000000000000b R14: 00007f3d20378f80 R15: 00007ffe3ef3a418 [ 155.742366][ C0] [ 155.745230][ C0] Sending NMI from CPU 0 to CPUs 1: [ 155.750293][ C1] NMI backtrace for cpu 1 [ 155.750302][ C1] CPU: 1 PID: 395 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0 [ 155.750318][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 155.750326][ C1] RIP: 0010:kvm_wait+0x147/0x180 [ 155.750345][ C1] Code: 4c 89 e8 48 c1 e8 03 42 0f b6 04 20 84 c0 44 8b 74 24 1c 75 34 41 0f b6 45 00 44 38 f0 75 10 66 90 0f 00 2d 5b 03 f3 03 fb f4 24 ff ff ff fb e9 1e ff ff ff 44 89 e9 80 e1 07 38 c1 7c a3 4c [ 155.750356][ C1] RSP: 0018:ffffc90005b86d20 EFLAGS: 00000246 [ 155.750369][ C1] RAX: 0000000000000001 RBX: 1ffff92000b70da8 RCX: 1ffffffff0d1aa9c [ 155.750379][ C1] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff8881f7137ed4 [ 155.750389][ C1] RBP: ffffc90005b86dd0 R08: dffffc0000000000 R09: ffffed103ee26fdb [ 155.750399][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 155.750409][ C1] R13: ffff8881f7137ed4 R14: 0000000000000001 R15: 1ffff92000b70dac [ 155.750420][ C1] FS: 00007f9fedea66c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 155.750433][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.750443][ C1] CR2: 0000001b2ea22000 CR3: 000000012c94f000 CR4: 00000000003506a0 [ 155.750457][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 155.750465][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 155.750474][ C1] Call Trace: [ 155.750479][ C1] [ 155.750484][ C1] ? show_regs+0x58/0x60 [ 155.750500][ C1] ? nmi_cpu_backtrace+0x29f/0x300 [ 155.750518][ C1] ? nmi_trigger_cpumask_backtrace+0x270/0x270 [ 155.750535][ C1] ? kvm_wait+0x147/0x180 [ 155.750547][ C1] ? kvm_wait+0x147/0x180 [ 155.750560][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 155.750576][ C1] ? nmi_handle+0xa8/0x280 [ 155.750590][ C1] ? kvm_wait+0x147/0x180 [ 155.750603][ C1] ? default_do_nmi+0x69/0x160 [ 155.750618][ C1] ? exc_nmi+0xaf/0x120 [ 155.750632][ C1] ? end_repeat_nmi+0x16/0x31 [ 155.750647][ C1] ? kvm_wait+0x147/0x180 [ 155.750668][ C1] ? kvm_wait+0x147/0x180 [ 155.750681][ C1] ? kvm_wait+0x147/0x180 [ 155.750694][ C1] [ 155.750698][ C1] [ 155.750703][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 155.750717][ C1] ? kvm_arch_para_hints+0x30/0x30 [ 155.750732][ C1] __pv_queued_spin_lock_slowpath+0x41b/0xc40 [ 155.750751][ C1] ? __pv_queued_spin_unlock_slowpath+0x310/0x310 [ 155.750767][ C1] ? __reset_page_owner+0x190/0x190 [ 155.750781][ C1] ? free_unref_page+0xe8/0x750 [ 155.750795][ C1] ? __free_pages+0x61/0xf0 [ 155.750809][ C1] _raw_spin_lock_bh+0x139/0x1b0 [ 155.750825][ C1] ? _raw_spin_lock_irq+0x1b0/0x1b0 [ 155.750840][ C1] ? sock_hash_bucket_hash+0x36d/0x7e0 [ 155.750857][ C1] sock_hash_delete_elem+0xb1/0x2f0 [ 155.750872][ C1] ? kvfree+0x35/0x40 [ 155.750886][ C1] bpf_prog_2c29ac5cdc6b1842+0x3a/0xb78 [ 155.750898][ C1] bpf_trace_run2+0xec/0x210 [ 155.750915][ C1] ? bpf_trace_run1+0x1c0/0x1c0 [ 155.750929][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 155.750945][ C1] ? kvfree+0x35/0x40 [ 155.750957][ C1] ? free_unref_page+0x2b3/0x750 [ 155.750972][ C1] ? kvfree+0x35/0x40 [ 155.750984][ C1] __bpf_trace_kfree+0x6f/0x90 [ 155.750998][ C1] ? kvfree+0x35/0x40 [ 155.751010][ C1] kfree+0x1f3/0x220 [ 155.751026][ C1] kvfree+0x35/0x40 [ 155.751038][ C1] __vunmap+0x850/0x8f0 [ 155.751052][ C1] vfree+0x7f/0xb0 [ 155.751064][ C1] bpf_prog_calc_tag+0x69a/0x8f0 [ 155.751080][ C1] ? __bpf_prog_free+0xe0/0xe0 [ 155.751098][ C1] resolve_pseudo_ldimm64+0xe2/0x1240 [ 155.751114][ C1] ? check_attach_btf_id+0x40f/0xef0 [ 155.751129][ C1] ? bpf_check+0x12bf0/0x12bf0 [ 155.751144][ C1] ? check_attach_btf_id+0xef0/0xef0 [ 155.751158][ C1] ? __mark_reg_known+0x1b0/0x1b0 [ 155.751173][ C1] ? security_capable+0x87/0xb0 [ 155.751188][ C1] bpf_check+0x3174/0x12bf0 [ 155.751208][ C1] ? 0xffffffffa0010488 [ 155.751217][ C1] ? is_bpf_text_address+0x172/0x190 [ 155.751232][ C1] ? stack_trace_save+0x1c0/0x1c0 [ 155.751247][ C1] ? __kernel_text_address+0x9b/0x110 [ 155.751261][ C1] ? unwind_get_return_address+0x4d/0x90 [ 155.751276][ C1] ? bpf_get_btf_vmlinux+0x60/0x60 [ 155.751290][ C1] ? arch_stack_walk+0xf3/0x140 [ 155.751307][ C1] ? stack_trace_save+0x113/0x1c0 [ 155.751321][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 155.751335][ C1] ? stack_trace_snprint+0xf0/0xf0 [ 155.751350][ C1] ? __stack_depot_save+0x34/0x470 [ 155.751366][ C1] ? ____kasan_kmalloc+0xed/0x110 [ 155.751386][ C1] ? ____kasan_kmalloc+0xdb/0x110 [ 155.751399][ C1] ? __kasan_kmalloc+0x9/0x10 [ 155.751411][ C1] ? kmem_cache_alloc_trace+0x115/0x210 [ 155.751426][ C1] ? selinux_bpf_prog_alloc+0x51/0x140 [ 155.751440][ C1] ? security_bpf_prog_alloc+0x62/0x90 [ 155.751454][ C1] ? bpf_prog_load+0x9ee/0x1b50 [ 155.751467][ C1] ? __sys_bpf+0x4bc/0x760 [ 155.751479][ C1] ? __x64_sys_bpf+0x7c/0x90 [ 155.751492][ C1] ? do_syscall_64+0x3d/0xb0 [ 155.751505][ C1] ? entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 155.751528][ C1] ? __kasan_kmalloc+0x9/0x10 [ 155.751542][ C1] ? memset+0x35/0x40 [ 155.751555][ C1] ? bpf_obj_name_cpy+0x196/0x1e0 [ 155.751569][ C1] bpf_prog_load+0x12ac/0x1b50 [ 155.751584][ C1] ? map_freeze+0x370/0x370 [ 155.751600][ C1] ? selinux_bpf+0xcb/0x100 [ 155.751613][ C1] ? security_bpf+0x82/0xb0 [ 155.751626][ C1] __sys_bpf+0x4bc/0x760 [ 155.751640][ C1] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 155.751656][ C1] ? __kasan_check_read+0x11/0x20 [ 155.751675][ C1] __x64_sys_bpf+0x7c/0x90 [ 155.751688][ C1] do_syscall_64+0x3d/0xb0 [ 155.751701][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 155.751717][ C1] RIP: 0033:0x7f9fef131ee9 [ 155.751730][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 155.751741][ C1] RSP: 002b:00007f9fedea60c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 155.751755][ C1] RAX: ffffffffffffffda RBX: 00007f9fef260f80 RCX: 00007f9fef131ee9 [ 155.751765][ C1] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 155.751774][ C1] RBP: 00007f9fef17e49e R08: 0000000000000000 R09: 0000000000000000 [ 155.751783][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.751791][ C1] R13: 000000000000000b R14: 00007f9fef260f80 R15: 00007ffc28226378 [ 155.751804][ C1]