last executing test programs: 11.312508025s ago: executing program 3 (id=898): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_kthread_stop\x00', r1}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0) 11.207856774s ago: executing program 3 (id=902): personality(0x6000003) unlink(&(0x7f0000000000)='./file0\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000a40), 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000001180)) 11.182300006s ago: executing program 3 (id=904): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) (async) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r0) (async) close(r0) r2 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) connect$unix(0xffffffffffffffff, 0x0, 0x0) (async) connect$unix(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_TREAD(r3, 0x40045402, &(0x7f0000000040)=0x1) ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f00000000c0)={0x0, 0x8, 0x0, 0x0, 0xf}) (async) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f00000000c0)={0x0, 0x8, 0x0, 0x0, 0xf}) read(r3, &(0x7f00000003c0)=""/4096, 0x1000) (async) read(r3, &(0x7f00000003c0)=""/4096, 0x1000) read(r3, &(0x7f00000002c0)=""/200, 0x39) (async) read(r3, &(0x7f00000002c0)=""/200, 0x39) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0xe, &(0x7f0000001880)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x10, 0x0, 0x2}, 0x10, 0x0, r2}, 0x90) prlimit64(0x0, 0x4, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000200)=0x4) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x60000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000001640)=ANY=[@ANYBLOB="1800f8080000000010e93b621d7b1ea294bbac623206f00750181100000e2de81fd12cdca31617c441f4bab8128248e148457d2af01992889b2be2cae0c32e177e21c5f66bdae8c095a49f5ed64576a0b0a92031c188758330c68a945fb1a6040b028ea981ddc4a7", @ANYRES32=r4, @ANYRESOCT=r3], &(0x7f0000000000)='syzkaller\x00', 0xfffffffd, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000001640)=ANY=[@ANYBLOB="1800f8080000000010e93b621d7b1ea294bbac623206f00750181100000e2de81fd12cdca31617c441f4bab8128248e148457d2af01992889b2be2cae0c32e177e21c5f66bdae8c095a49f5ed64576a0b0a92031c188758330c68a945fb1a6040b028ea981ddc4a7", @ANYRES32=r4, @ANYRESOCT=r3], &(0x7f0000000000)='syzkaller\x00', 0xfffffffd, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x90) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000013c0)={&(0x7f0000001580)=ANY=[@ANYBLOB="780000000206010800000000000000000a000009050004000200000044000780060005404e2300000800124000000001180001801400024000000000000000000000000000000000060005404e220004060005404e20000008000a4080000000050004000000000005000100070000000500040002000000"], 0x78}, 0x1, 0x0, 0x0, 0x40820}, 0x800) openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) (async) r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'team0\x00', 0x800}) (async) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'team0\x00', 0x800}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x90) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x90) socket$netlink(0x10, 0x3, 0x0) r6 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) 11.00785466s ago: executing program 3 (id=908): mount(0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, 0x0, 0x0, 0x44, &(0x7f0000000e00)=ANY=[@ANYRESHEX=0x0]) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==") openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x141842, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r0, &(0x7f0000004200)='t', 0x1) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000180)={0x1, 0x6}, 0x4b) shutdown(r1, 0x0) r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r2, &(0x7f0000000400)=[{&(0x7f0000000980)='\x00', 0x1}], 0x1, 0x7bff, 0x0, 0x3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r3, 0x0, r6, 0x0, 0x39000, 0x0) r7 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x580000a, 0x13, r7, 0x0) r8 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) splice(r5, 0x0, r8, 0x0, 0xe92, 0x8) write$binfmt_elf64(r4, &(0x7f0000000100)=ANY=[], 0xfffffe3e) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r9 = socket(0x10, 0x803, 0x0) sendto(r9, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) socket$packet(0x11, 0x0, 0x300) fchdir(r10) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) recvmmsg(r9, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{0x0}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {0x0}, {0x0}], 0x5}}], 0x1, 0x0, 0x0) 10.210759115s ago: executing program 3 (id=922): getresuid(0x0, &(0x7f0000000980), 0x0) 10.14800402s ago: executing program 3 (id=923): openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) r0 = socket$inet6_sctp(0xa, 0x801, 0x84) getsockopt$bt_hci(r0, 0x84, 0x84, &(0x7f0000003140)=""/4095, &(0x7f0000000000)=0xfff) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001800dd88000000000000000002060015150a68540014001680100008800c000380050001000100"/56], 0x38}}, 0x40000) connect$inet6(r1, &(0x7f0000000340)={0xa, 0x0, 0x0, @private1}, 0x1c) pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x0, &(0x7f0000000100)={0xb}, 0x0, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="300000004a00010000000000000000000a008000", @ANYRES32=0x0, @ANYBLOB="0000000014000100ff"], 0x30}}, 0x80) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(0xffffffffffffffff, 0x2def, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x33}, 0x7}]}, &(0x7f0000000100)=0x10) shutdown(r1, 0x1) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ptrace(0x10, 0x1) inotify_init1(0x0) r5 = getpgid(0xffffffffffffffff) fcntl$setown(r4, 0x8, r5) r6 = getpgid(0x0) ptrace$setsig(0x4203, r6, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x7f}) syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102) socket$inet6(0xa, 0x803, 0x2) syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000240)={@local, @dev}, &(0x7f0000000280)=0xc) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000400)={0x0, 0xca03, 0x10}, 0xc) 4.46138708s ago: executing program 4 (id=1038): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x60, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x40000000}, @IPSET_ATTR_MAXELEM={0x8}]}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x60}}, 0x0) r1 = socket(0x1d, 0x2, 0x6) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f00000001c0), r2) sendmsg$NFC_CMD_LLC_SET_PARAMS(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000100000000600110000000000080001"], 0x2c}}, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8000, &(0x7f0000000000), 0x80, 0x62d, &(0x7f0000000c40)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNv3szue98dvZ03MzuaAEprKhulEfsi4lwSMdmybCIaC6eK9R5+fft8NiRRr///qySSIq+5/qNiujsbJY3XfHwy4neV9eUu3bx1cbZWb7gTcXj50tXDSzdvHVq8NHth/sL85Zkj/zx6bPpfMx9uTZy7i+mp0//70+svv/iPhU9qh5I4HmdHX5qLtji2ylTj040sxNb8kYg4liU6fC6wnSrF3+NoRPwhJqOSzzVMxuJrA60c0Ff1SmP/VB+rA6WTxKBrAAxGsx/QPLbvx3HwMHtwIhvf6BD/SHH0vjM/Ntr1MGk5MspyI/ZsQfkrEfHj7f1vZ0N0OQ8xsgXldC3/bkT8sdP2T/L49+SRZvGnkba8LktPF+c2svr9ZxN1SFrSvf393dlEaT/3S+Jv3Q5Z/MeLaZZ/ssv7P+0Uz1TbfNnaHwCDsXqi2JFnHZFY2/9lPcNm/yfa+z/19/NrQ+37ro3ovv9Lt+Ddny7v/4102v839/c783142tYPS2Ll2zOd33K0PePzV0+92a38qZb+XzZk5Tf7gj3YdNfwwd2I/W3xv5J/9Mnj7Z906P9mq5zrsYz/fvrlqW7LNhn/ptXvRRzoePyz1ivNUm3XJ5NoXp88OnN4YbE2P90Ydyzjg49eeLdb+YOOP9v+u7rE/6Ttn+Vd7bGM987cu9RI7Vi3bOKp8adfjCVn89RYPl5rXmPJ6WKVxuTG7PLytSNPrktznXw604j/4F87t/8u8ecHH+PNr8weXH3u4sNuyza5/R/Ve1yxmyz+uQ1u/zd6LOO756//uduy9fGvnZMY32hQAAAAAAAAUFJpfg02SauP02laLS68/T52pbUrS8t/W7hy/fJcxMH895CjafNK92RjPsnmZ4rfwzbnj7TN/z0i9kbEW5XxfL56/kptbtDBAwAAAAAAAAAAAAAAAAAAwJDYXdz//6h4Htg3lTStVgddK2Db9PMBc8Bw0/6hvPL2vz3PWwOGjP0/lFfH9u9LAUpBU4fy0v6hvLR/KC/tH8pL+4fy6t7+1y252++6AAAAAABbZu9fVu+PRMTKv8fzITNWLBsdaM2AftPGobwqg64AMDCPL/C7/R9Kp6f+//fFPwfsf3WAAUg6Zeadg/qTG/9qx1cCAAAAAAAAAAAAAH1wYN/q/cT9/1BKbvuD8trY/f+Vjb8UGBqd/vW/x4FAOTjGh5Lr4STAzm4L3P8PAAAAAAAAAAAAANtmIh+StFr8DHgi0rRajfhNROyJ0WRhsTY/HRG/jYjPKqM7svmZQVcaAAAAAAAAAAAAAAAAAAAAnjFLN29dnK3V5q+1Jn5Yl/NsJ5pPPB2W+rQmIul7EWm05YxHxDDE3p/ESEtOErGSbfmteOdk838/MQyfT5EY8BcTAAAAAAAAAAAAAAAAAACUUMu9x53tf2ebawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA22/t+f/9Sww6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg1+mnAAAA//+EYjvS") r4 = socket$kcm(0xa, 0x2, 0x73) sendmsg$inet(r4, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x1b, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0x1000}, {&(0x7f00000011c0)="9d7fcf3efc6316a6a555ba8b4726d7ccaf8a060000009cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71ad21b965f615b31105d60a4b16fa2fa1371850a1be85ffcad45b49422b2121d709014f49cf6bd1d18acc4c19e4356669a2ac3e05d5cdc6f0f485c1eb52ea8faf7e83a1468b6a491e71ae3d03cd9677e72413954feae71b5775a6e3e9fa9db9e1ed56e56bff66a7a86214d8145d878e26fa35bd55db98ecdef374d26a5d9cd0e89f3ae45be2d8e1d98ee0865fb64d6dd1e8c89608733370f12be1495d81b36dd72cc28e9c9b2c45f925b38b21818d93ce604772c21824e45793c4073eb44773f8e42c9ebb297dd5e76e856a22253c0e8a80f33b4d015c3f9c0c26bcdd6b440322a23b10d507eecead59faa166bdac1bd840211336dc0c", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x3e}}, @ip_tos_u8={{0x38, 0x29, 0x2}}, @ip_tos_u8={{0x100000000000000}}], 0x50}, 0x0) r5 = inotify_init() ioctl$F2FS_IOC_MOVE_RANGE(r5, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) read(r6, 0x0, 0x2600) r7 = io_uring_setup(0x7d8, &(0x7f0000000180)={0x0, 0x0, 0x200}) socket(0x22, 0x2, 0x1) close_range(r7, 0xffffffffffffffff, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) syz_emit_ethernet(0x4e, &(0x7f0000000480)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0x0, @remote, @mcast2, {[], @mld={0x2, 0x0, 0x0, 0x0, 0x0, @private0}}}}}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0x104, 0x18, 0xa, 0x403, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFTA_FLOWTABLE_HOOK={0x84, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14, 0x1, 'pimreg1\x00'}, {0x14, 0x1, 'rose0\x00'}, {0x14, 0x1, 'veth0_vlan\x00'}, {0x14, 0x1, 'veth0_to_batadv\x00'}, {0x14, 0x1, 'veth1_to_bridge\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_HOOK={0x6c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'batadv_slave_0\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xffff8000}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'macvlan1\x00'}, {0x14, 0x1, 'vxcan1\x00'}, {0x14, 0x1, 'pimreg1\x00'}]}]}]}, @NFT_MSG_DELRULE={0x144, 0x8, 0xa, 0x61618252586f2d38, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_RULE_USERDATA={0xf3, 0x7, 0x1, 0x0, "c6bd0cca828300b2f05166ca0e970bf26615bdb3102d56a487afcc826cc7d3ee6f9f1b3687fa082fb92765cffd0227b30006ae5675badfdf7f87ac5524b123b2d9e9a654cd298502786c3369acb6b09ee604e320b2863ad0d964dfbbfc4bd3d1e9cabf92946267d988702b91ac0367c30c642e7e92c746764d8f9ad3f76b44af54259f06f72ce26088e8042b49aace2c0a878c301ef724c65e8ace9935c46e9b1814378f0d94268838421bc5d2d394af99160d15b51f2faa14c2120c73404945e933d388fa247ab7098cde32fcea0cfa7285cad1f4ad8d8ba03cad5d46d05a9f15f9c9dd2924147dae2f6e84973ec7"}, @NFTA_RULE_COMPAT={0x3c, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x80f3}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_RULE_COMPAT_FLAGS={0x8}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x88e5}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0xbc}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x89}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x7e}]}]}], {0x14}}, 0x270}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) bind$can_j1939(r1, &(0x7f0000000380)={0x1d, r8, 0x1}, 0x18) r9 = epoll_create(0x1) epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r1, &(0x7f0000000080)) sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x2}}, 0x0) 4.347313918s ago: executing program 4 (id=1041): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x4e20, @multicast2}}, 0xfffffffc, 0x0, 0x3fc, 0x0, 0x32, 0x1, 0x7}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c) socket(0x15, 0x6, 0x3e) listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$inet_opts(r1, 0x0, 0xd, &(0x7f0000000340), 0x0) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000200)=0x632a, 0x4) setsockopt$inet6_int(r1, 0x29, 0x3a, &(0x7f0000000000)=0xb2, 0x17) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e00)=[{{&(0x7f0000000dc0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0) recvmmsg(r1, &(0x7f0000000780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2000, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1001}}, {@nombcache}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4c1, &(0x7f0000000680)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX9AofQX7VOf+lLocymU/AmlEGjfSyktoU3Shz60VZF81SSubMvEshLr84Hje8+9V/5+j4SOdO656AbQsU5FxFhEdEXE2YjoT7dn0hJr66V63IP7tyarJYlK5dqXSSTptvr/StLlkfRhvRHxr39E/Df5adzSyurcRKGQX0rrufL8Yq60snpudn5iJj+TXxgbGb44emn0wujQrrX18t8+e+WFt/5++f0/3vhk/Isz/6um1Zfue7wdzVhr8rj1pvfUnou67ohY2kmwZ1hX2p6edicCAEBTqt/xfx4Rv42Ih6+3OxsAAACgFSp/6Ytvk4gKAAAAsG9latfAJplsei1AX2Qy2ez6Nby/jMOZQrFU/sN0cXlhav1a2YHoyUzPFvJD6bXCA9GTVOvDtfVH9fMb6iMRcSwiXuo/VKtnJ4uFqXaf/AAAAIAOcWTD+P/r/vXxPwAAALDPDLQ7AQAAAKDljP8BAABg/9t0/J90720iAAAAQCv888qVaqnU7389dX1lea54/dxUvjSXnV+ezE4WlxazM8XiTO03++a3+3+FYnHxT7GwfDNXzpfKudLK6vh8cXmhPF67r/d43n2iAQAAYO8d+82dj5OIWPvzoVqpOpDua2KsPtba7IBWyuzs8KRVeQB7r6vdCQBt4wJf6Fzm44FtBvYvb6jv8LQBAADwLBj81VPN/5sPhOeYgTx0LvP/0LnM/0PnMv8PHe7g9of0brbjg13OBQAAaJm+Wkky2XQusC8ymWw24mjttgA9yfRsIT8UET+LiI/6ew5W68PtThoAAAAAAAAAAAAAAAAAAAAAAAAAnjOVShIVAAAAYF+LyHyepDfyH+w/3bfx/MCB5Jv+2jIibrxx7dWbE+Xy0nB1+1c/bi+/lm4/344zGAAAAMBG9XF6fRwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALvpwf1bk/Wyl3Hv/TUiBhrF747e2rL33f6IOPwwie7HHpdERNcuxF+7HRHHG8VPqmnFQJrFxviZiDjU5vhHdiE+dLI71f5nrNH7LxOnasvG77/utDyte6c26/8y9f6v1s816v+ONhnjxN13cpvGvx1xortx/1OPnzxl//uff6+ubrav8mbEYMPPn+SJWLny/GKutLJ6bnZ+YiY/k18YGRm+OHpp9MLoUG56tpBP/zaM8eKv3/t+q/Yf3iT+wDbtP91k+7+7e/P+L7aIf+Z3jV//41vErz73v08/B6r7B+vra+vrjzv59ocnt2r/1Cbt3+71P9Nk+89e/f+nTR4KAOyB0srq3EShkF+yYsXK/lu5mr7Rd/zwNndMAADArnv0pb/dmQAAAAAAAAAAAAAAAAAAAEDnavmPkB188pcFetvXVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALf0QAAD//9sy0wA=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r3, 0x5452, 0x0) r5 = eventfd(0x0) readv(r5, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/61, 0x3d}], 0x1) fcntl$setsig(r3, 0xa, 0x12) ppoll(&(0x7f0000000100)=[{r4}], 0x1, 0x0, 0x0, 0x0) dup2(r3, r4) fcntl$setown(r4, 0x8, r2) tkill(r2, 0x13) open(&(0x7f0000000300)='.\x00', 0x0, 0x0) 3.416875794s ago: executing program 2 (id=1056): r0 = socket$inet6_sctp(0xa, 0x0, 0x84) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0) shutdown(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb7, 0x2, 0x0, 0xfe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x1002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.time\x00', 0x275a, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) prctl$PR_GET_SPECULATION_CTRL(0x23, 0x6, 0x7fffffffeff3) r2 = mq_open(&(0x7f0000000240)='e\xeeQ\x00\x00\x00\x00\xef\x8e\t\x04\x1f\xa7\xea\xb8\xc6\x9d$kb\xb0\xbf\xf1\x9fG\x83\"\xa0\xc2\xbd\xc4\xea$#\xdc)\xb40n\x04q\xe5B\x05Pbb\xfa6\xf6e*)8J\x90\xb0\xd0_\xf7\x98\xad?\xa4\xcb\xae\xe9\x16!\xcf\xe7\xe6.\x00\xc8\xfe\xd4\xf8\xf7/\xe6\xd8:N\xba\xb7\xebp)Z\xf9\xca\x1a\xbc~1\\r1\xc3\xdc\xd0\x17\xde\xd6P\x01\xe2\xab\x8d\x03^\xee\xf1\xb1<<0\xe1\xe0\xab\xacHq\xdd\x95\xea\xdc\xae5T\xfb\xf2\xdeE\xb4\x15\xed(\xaa\xa7\x95\x8aG\x93]\b\xa9W8\xd1n\xd0\xd4W\v\x8c\xd70\xd1\xc1\xa5\x15\x87\x91n\x8cz\x91O\':@\xcbI.K2\xfd}\\\x15\xff\xe6u\xc5\x01\x05Y\x86\xfcV\xb9\xf16\x13\x9ao8,g\xbf\x98^a \xda(V\x18\xfd\x88\x04\x97Xq\xbf#\xf0o\x9a\xb0\x00\xdc\xf0o\xaf\xe4\xbf\xd0\xf4R\x9bW\xb9Xd\xfaQ\x02\xfb\xfc\xd9\'\\~S\xfb\xbc\xc0\xc3_\x06w\xdb\x84\x86\x80\xfc\x8d\xe6%eV\xdc8\xba\x116\x00*\\\fX\x12\x9e \x1d]r\x03\x9f\x8bQ\xc1\xed6\x7f\xa8\x99\x1b#3\x80\x01k\xe7\x85>\xee\xb9\xd7\xe5\x94\x8e\xbf\xe0\xd3\xc5z{j\xa62\x870\xe39\x19(\x9cM\xf2\xac\a<\xf8&\xc0k\x18\xdf\xd9\n\xb3\xf9\xe6\x8e\xaf\a\x83\xc0|\x0fV\x94\xa6\a>\x14\xd9\t\xbb\nh\xa0\x8a\x7fR\xe2\xc1X@\f\xf3\x1f\xa2\xbc\xe9Se\x18\xad\xe8y\xae\x91\xe1\x8a\xbd\xf8[h\xc1\x13y\xd2\xafh4\x84\xae\\}%\x9a\b\xb1\x8a\xcbE\xa3\rQ1\xc4\xad\'r\xa9\xcb\x12R\xaa\x1d\xfe\x8f{\xea]\xf4\x877\xc1;\xd8\xa6\xee\xabi\xfeJ(\x9eRs9\x82\xa3\xdc\x00\xbc\a\x95\xd8\xc3\xdb\xf3h\t\xef\xf0\xc1\xe3\x96\x12\t\x98H\xa5W\x9cI2\xb3\xa27\xa9\x9b\xc7\xe9\x8bX\x1d$\\W\xa7\xd5\xc4\x8a\xc2\x1cCG\xe9\x84$\xcc\xd0\xcd\xbcM\xcf\xb6\xcd\xb2\x14pO(o\x0f\xe1D\x8e\xfa6\xa8z\x01\xc1\xd1\xff:\x82\'\x9d\xbd\xf0\x00\xa9\x9e\x9ea}\x8c\xf5\xd1`\xc3\xa0\x8bY\f\x8c\x9f5@\x9f\xb9\xd6\xf8\"\xad\xeb\x18\x85\xa1\f', 0x42, 0x0, 0x0) mq_notify(r2, &(0x7f0000000000)={0x20000000, 0x0, 0x1}) mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x0, 0x0, 0x0, 0x894a, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x90) syz_read_part_table(0x609, &(0x7f0000000d40)="$eJzs1E9rXFUYB+DfnczMnSmGBC0oIjRQ6CrEhXQRcLBBVLppQ6niwp0gCHVhoWBXE9ouRYpbIW4qlFLIF9CNlLRQ3LgKLktxbxGhRDwy98aZli5cJBAtz7M45z3vPf8u59wb/tc6qcelVMOM/8n0+nvBS23VTymlTAdc//jyhWnj/VvHbyfra+fOJ0c2Pkqy9NoLycJ0rtlCd55etyzslgzzaDBLVZOim2QjyWcPbjRhdzbL4jObr/fx4jwXtkZf/Jjm3oyGGaSXb5LV79pn4w9efvPDTlXNbmF1ahr2Dmr97WPNxU2dnemcS8n8SvetJPf2MsuTTr+28Xb7rVVnnpyo01Zz7WfwtOEzmQPaPfu1NdpeuHrtYv/rbtN8+O3RB79c6eXEzUuvL7/YuzO+XrWHdyzJoD/5yVXNYc8d8r4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDnz9Zoe6G/F+98Xj9845PuXmux/FVKSVInmXQZtPkqw4UjZVJn42DWv3r/y2Hq0ac7j0sp5VRKOfvb5vxK724vZzf31l2uMn5i2OZuW/f3vwMOU3P+1y6+99Xl0R+329TgyuMzJwZVE9dNOUx+7w/GRy8l6czGDg9lxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf907755eWl87dz5J1R0k6Sze2J48OPlK26Ekr/5w8uaFe2urTXtlUvzZP13Xu+X+249uLf50/Oe7c1mv2+7fd5JSrc6n220TW03ZO4x349/9HQAA///wjWn4") getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x101482, 0x0) fallocate(r3, 0x3, 0x0, 0x2000) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_ACTIVATE(r4, 0x560d, 0x0) r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/power/image_size', 0x40042, 0x0) io_setup(0x20, &(0x7f0000001140)=0x0) io_submit(r6, 0x1, &(0x7f00000001c0)=[&(0x7f0000002040)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r5, &(0x7f00000000c0)="fc", 0xa}]) r7 = socket(0x2, 0x3, 0xff) getsockopt$IPT_SO_GET_REVISION_TARGET(r7, 0x0, 0x43, 0x0, &(0x7f00000002c0)=0x1e) readv(r7, &(0x7f0000000100), 0x0) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r7, 0x84, 0x4, &(0x7f0000000100), &(0x7f0000000140)=0x4) add_key$user(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, &(0x7f00000001c0)="1d8bca4f10ae0d246c49753778aebe69a413c115459a3cfd5809005fc42d0e5be8be577226c52c201175fee80000000000d73382d1c5e989ba0cc3f0ab5ce87071f53ca7690a6a1e66a9aa14740a2217abdeb55ab5c975ff5017a015c083b36debeda106a2e391a496c3c07d44aaa45cbf495074d81c0cb6a84da20c6170d8d88b74affc294362610b905b7568645831bcd581215ab4", 0x96, 0xfffffffffffffff9) 3.281764405s ago: executing program 2 (id=1059): iopl(0x3) keyctl$invalidate(0x15, 0x0) r0 = add_key$keyring(&(0x7f00000021c0), &(0x7f0000002200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000002c0)="97", 0x1, r0) r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000240)=@keyring={'key_or_keyring:', r1}) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x10, &(0x7f0000000680), 0xfe, 0x252, &(0x7f00000003c0)="$eJzs3TFoJFUcBvBvZne9y90ipzaCqAciooFwdoLN2SgcyHGICCqciNgoiRAT7BIrGwutVVKJEMTOaClpgo0iWEVNERtBg4XBQouV3Ulk3USjbrJzZH4/mGRm5735v2Hne7PN7AZorAtJLidpJZlO0klSDDe4WC0X9jZXpjauJ73eEz8Xg3bVdmW/3/kky0keSrJeFnmpnSyuPbP96+Zj97250Ln3/bWnpyZ6knt2trce333v6hsfX3lw8cuvf7xa5HK6fzmv41cc8lq7SG49iWI3iKJd9wj4N6699tE3/dzfluSeQf47KVO9eW/N37TeyQPv/l3ft3/66o5JjhU4fr1ep38PXO4BjVMm6aYoZ5JU62U5M1N9hv+2da58eW7+1ekX5xZmX6h7pgKOSzfZevTTM5+cH8n/D60q/8Dp1c//k9dWv+uv77bqHg0wEXdW//r5n35u6f7IPzSO/ENzyT8013j5v3giYwImw/0fmkv+obnkH06xzj/vln9oLvmH5pJ/aK7h/AMAzdI7U/cTyEBd6p5/AAAAAAAAAAAAAAAAAACAg1amNq7vL5Oq+fk7yc4jSdqH1W8Nfo84OTv4e+6Xot/sT0XVbSzP3j3mAcb0Yc1PX9/8fb31v7ir3vpLs8ny60kutdsHr79i7/r7/245Yn/n+TEL/EfFyPbDT022/qjfV0++xgdD62dH9l3ZTD7rzz+XDpt/ytw+1Gt0/uke/RXLR3rltzEPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMT8EQAA///wCW4b") r3 = creat(&(0x7f0000000300)='./bus\x00', 0x0) io_setup(0x800, &(0x7f0000000040)=0x0) r5 = open(&(0x7f0000000400)='./bus\x00', 0x4003e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, r5, 0x0) ftruncate(r3, 0x7fff) io_getevents(r4, 0x2, 0x2, &(0x7f0000000240)=[{}, {}], 0x0) io_submit(r4, 0x1, &(0x7f0000000540)=[&(0x7f0000002e80)={0x0, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f0000002740)='B', 0x1}]) io_destroy(r4) keyctl$KEYCTL_MOVE(0x1e, r1, r0, r2, 0x0) keyctl$KEYCTL_PKEY_QUERY(0x18, r2, 0x0, &(0x7f0000000080)='user\x00', &(0x7f00000000c0)) keyctl$get_security(0x11, r2, 0x0, 0x0) 3.241887058s ago: executing program 2 (id=1060): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000500)=ANY=[@ANYBLOB="611834000000000061134c0000000000bfa000000000000007000000080000002d03010000000000950000000000000069166a0000000000bf37000000000000350607000fff0720dc03000020000000260300000ee60060bf050000000000000f630000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f3fa039a196ee920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f625480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000008e69cc5c1e7319d39fa6f96c23c8ffd591ef011294c50a0a705549134c4aa3544a99edc9535105d3aeba9ec9441f912bdc65695e731c872278b64167aa46a07c68a9eace7fa485108f9d8cb4304c4b65d61d88aacea85b53893ee96edc310c23b1fc83b4b0f3d28c3861480840b7fe39a2bc2f6a558a20ae4d30b41f32e275faf92af8456141fde716d8d10a6b30981563db05312c39e8074fd5bb8bf95c24ccdb04e40e595927181d1138510fc6162da1a5898534fc2460b957e7b77bc5e192cc36ad2949c85e15142da926fbf6f830e1aaaa5dd9538e259e7f107e49b194c537ed4a"], &(0x7f0000000100)='GPL\x00'}, 0x48) perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/mnt\x00') r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1, 0x5, 0x103ba, 0x1}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000080), &(0x7f00000001c0)='%-5lx \x00'}, 0x20) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000140)={r2, &(0x7f0000000180), 0x20000000}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r2, &(0x7f0000000180), 0x0}, 0x20) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)) openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x5, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) pipe2(&(0x7f0000000dc0)={0xffffffffffffffff}, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r4, 0x541c, &(0x7f0000000e00)) socketpair(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000080)) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xda00) write$cgroup_devices(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="1e0308004d8c71ef2885634a8270021411"], 0xffdd) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xec, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000e40), 0x6}, 0x1, 0x7, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x5}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d80)={r0, 0xe0, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000003c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x5, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xe1, &(0x7f00000004c0)=[{}], 0x8, 0x10, &(0x7f0000000bc0), &(0x7f0000000c00), 0x8, 0xdd, 0x8, 0x8, &(0x7f0000000c40)}}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000f00)={&(0x7f0000001100)=ANY=[@ANYBLOB="9feb01001800000000000000980000009800000005000000060000000000000a030000000c0000000200008402000000070000000100000001000000080000000200000004000000000000000100000d000000000e000000050000000300000006000004b580000008000000030000000000000003000000020000003f0000000500000005008000060000000000000003000000010000000100000003000000ffffff7f09ffffff7f00302e2e00fd55554000000000000000"], &(0x7f0000000ec0)=""/45, 0xb5, 0x2d, 0x0, 0x29}, 0x20) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000f40)=@bloom_filter={0x1e, 0x0, 0xc7b, 0x4d, 0xdcafbc3081995031, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x4, 0xa}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001040)={0x6, 0xf, &(0x7f00000002c0)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x3ff, 0x24, &(0x7f0000000380)=""/36, 0x41100, 0x8, '\x00', r6, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff, r7, r1, 0xffffffffffffffff], &(0x7f0000001000)=[{0x0, 0x5, 0x10}, {0xffffffff, 0x2, 0x4}], 0x10, 0x2}, 0x90) 3.041063135s ago: executing program 2 (id=1061): open$dir(0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x6f, &(0x7f00000006c0)={@random="e10931d8640a", @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "014100", 0x39, 0x88, 0x0, @rand_addr=' \x01\x00', @local, {[], {0x0, 0x0, 0x39, 0x0, @gue={{0x2}, "ac82ec82f3f672932314fe7f6e032f157b16d76ad4f799f0ed65c788ecb903832bc6cd56513608fe22"}}}}}}}, 0x0) 3.039079964s ago: executing program 2 (id=1062): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000004e00)={0x0, 0x0, &(0x7f0000004dc0)={&(0x7f0000004d40)=ANY=[@ANYBLOB="20000000111401000000000000000000"], 0x20}}, 0x0) 3.022076356s ago: executing program 2 (id=1063): r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80, &(0x7f0000000440)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESHEX], 0x1, 0x124b, &(0x7f0000001880)="$eJzs3DFvW1UUAOBjN03clMQBSqEd4AoWJqvJwMQSoVRCsQQqNVKLhOQqDlgxdpRnRTJChE6sjPwGxMgGQvyBrPwCtiwVUwbEQ/FzSJwq0ELqIPp9yzvJvefec9+TLD3rXu+9+dUnG+tZbb3Zj3KpFOXNiLSfIkU5Dr28Wlzv3F1drtdXbqV0c/n24hsppflXfvzgs29f/al/+f3v5r+fid2FD/ceLP2ye3X32t7vtz9uZ6mdpW6vn5rpXq/Xb97rtNJaO9uopfRup9XMWqndzVpbY+3rnd7m5iA1u2tzs5tbrSxLze4gbbQGqd9L/a1Ban7UbHdTrVZLc7PBqS7+fZfGN/t5/kNEnl+M6cjzPL8Us1GKZ2Iu5uOLiHg2novn40q8EFfjxXgprg17TaJ8AAAAAAAAAAAAAAAAAAAAeHrsD0/zj5//vzw6/1+NBef/AQAAAAAAAAAAAAAAAAAAYALeu3N3dbleX7mVUiWi8+V2Y7tRXIv25fVoRydacSOq8VsMT/8Xivjm2/WVG2noQkTsjPJ3thsHfz44GKLIXxz+nMAof2o49mH+YpGf4n7nWP5MzBbzVyKiFUtRjSvH5q8c5S89nD+93ajE668dq78W1XwnohedWBvOfZT/+WJKb71TPzH/9WE/AAAA+D+opT8tjL//Xijaa6e1F/mP8f3Aiffrqbg+db5rJyIbfLrR7HRaW+NB5aH/PKkgShF/2WdmImU8fjA9uoMnlnMQlP/NyDNxalN5rOnrnyPO+yb8J4LK6EmcxYClJ1rqYaVnPfL9M1n7eHBOH0hM1NFDP63HpckWBAAAAAAAAAAAwCN5lP2Av8Y/3kU4FSd3luXVc1srAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+wA8cCAAAAAML8rdPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+CgAA//+48LyQ") r3 = open(&(0x7f00000000c0)='./bus\x00', 0x24142, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r4, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) r5 = open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0) sendfile(r3, r5, 0x0, 0x1000000201005) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = add_key$keyring(&(0x7f0000000240), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) r8 = open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r8, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) arch_prctl$ARCH_SHSTK_ENABLE(0x1003, 0x0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f00000001c0)='asymmetric\x00', &(0x7f00000000c0)=@chain) sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newtaction={0x14, 0x30, 0xb}, 0x14}}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'}) 1.197561563s ago: executing program 4 (id=1083): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000c00), 0x1, 0x5de, &(0x7f0000000600)="$eJzs3c9vFFUcAPDv2/6gpWgLMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIlZOePHjxZEiIGo4mrtntTum2sy0t7U5lPp9k6cy8Hd53uv32vX19bzaA0hqs/VOJ2BsR0ymiP80vlnVGo3Bw4Xn3/v7kdO2Rolp9488UqXEse35qfO1rnNwTET//lGJPx8p6Z+aunB+fmpq83Ngfnr0wPTwzd+XguQvjZyfPTl4cfWn02NEjR4+NHNrQdV3NOXby+vsf9n829vZ33/yTRr7/bSzF8Xi18cSl17FZBmOw/j1JK4v6jm12ZQXpaPycLH2JU2eBAbEu2evXFRFPRX90xP0Xrz8+fa3Q4IAtVU0RVaCkkvyHksr6Adl7++XvgyuF9EqAdrh7YmEAYGX+dy6MDUZPfWxg570US4d1UkRsbGSu2a6IuH1r7PqZW2PXY4vG4YB889ci4um8/E/1/B+Inhio53+lKf9r/YJTja+1469vsP7lQ8XyH9pnIf97Vs3/aJH/7yzJ/3c3WP/g/c33epvyv3ejlwQAAAAAAACldfNERLyY9/f/yuL8n8iZ/9MXEcc3of7BZfsr//5fubMJ1QA57p6IeCV3/m8lm/070NHYeqw+H6ArnTk3NXkoIh6PiAPRtaO2P7JKHQc/3/N1q7LBxvy/7FGr/3ZjLmAjjjudO5rPmRifHX/Y6wYi7l6LeCZ3/m9abP9TTvtf+30w/YB17Hn+xqlWZWvnP7BVqt9G7M9t/+/ftSKtfn+O4Xp/YDjrFaz07Mdf/NCq/o3mv1tMwMOrtf87V8//gbT0fj0z66/j8FxntVXZRvv/3enN+i1nuhvHPhqfnb08EtGdTnbUjjYdH11/zPAoyvIhy5da/h94bvXxv7z+f29EzC/7v9NfzWuKM0/+2/d7q3j0/6E4tfyfWFf7v/6N0RsDP7aq/8Ha/yP1tv5A44jxP1jwVZam3c3Hc9KxM6+o3fECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKOgEhG7IlWGFrcrlaGhiL6IeCJ2VqYuzcy+cObSBxcnamX1z/+vZJ/027+wn7LP/x9Ysj+6bP9wROyOiC87euv7Q6cvTU0UffEAAAAAAAAAAAAAAAAAAACwTfS1WP9f80dH0dEBW66z6ACAwuTk/y9FxAG0X3773932OID20/+H8pL/UF7yH8pL/kN5yX8oL/kP5SX/AQAAAADgkbJ7381fU0TMv9xbf8SShT9dhUYGbLVK0QEAhXGLHygvU3+gvLzHB9Ia5T0tT1rrzNVMn36IkwEAAAAAAAAAAACgdPbvtf4fysr6fygv6/+hvLL1//sKjgNoP+/xgVhjJX/u+v81zwIAAAAAAAAAAAAANtPM3JXz41NTk5dtvLU9wmjnRrVavVr7Kdgu8fzPN7Kp8NslnmUb2Vq/BzuruN9JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs/8CAAD//8/XJMs=") chdir(&(0x7f0000000100)='./file0\x00') r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000200)=""/218, 0xda}], 0x1, 0xffff, 0xfffffff5) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, &(0x7f0000000000)=0x84) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080)={r1, 0x4}, 0x8) gettid() syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r2, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"]) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10) ioctl$USBDEVFS_GET_CAPABILITIES(r2, 0x8004551a, &(0x7f0000000280)) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1}, 0x48) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3002, 0x2000006, 0x28011, r3, 0x0) set_mempolicy_home_node(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0) rename(&(0x7f0000000600)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.097302812s ago: executing program 1 (id=1084): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$tmpfs(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000180)={[{@mpol={'mpol', 0x3d, {'local', '=static', @void}}}]}) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01) ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5177bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905d7dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6221b03472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c334a90a37bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0b35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f600"}) ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, &(0x7f0000004840)) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0) shutdown(0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb7, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x2) add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.time\x00', 0x275a, 0x0) recvmsg(r2, &(0x7f0000000680)={&(0x7f00000000c0)=@tipc, 0x80, &(0x7f0000000280)=[{&(0x7f0000000140)=""/12, 0xc}, {&(0x7f0000000300)=""/247, 0xf7}, {&(0x7f0000000400)=""/207, 0xcf}, {&(0x7f0000000500)=""/192, 0xc0}], 0x4, &(0x7f00000005c0)=""/164, 0xa4}, 0x2) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) 777.255407ms ago: executing program 4 (id=1087): r0 = socket(0x23, 0x5, 0x0) socket$packet(0x11, 0x2, 0x300) sendto(0xffffffffffffffff, &(0x7f00000000c0)="12", 0x1, 0x0, 0x0, 0x0) ptrace(0x10, 0x0) setpgid(0x0, 0x0) getsockopt$nfc_llcp(r0, 0x113, 0x4, 0x0, 0x20000024) setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, &(0x7f00000001c0)=ANY=[@ANYBLOB="2f02020400000000fc0100000000000008000000000000cc"], 0x18) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073797a317153000008000440000000000900010073797a3000000000080003400000000114000000110001"], 0x64}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x68, &(0x7f0000000000)={&(0x7f0000001940)=ANY=[@ANYBLOB="140000001000010000000000e80000000000000a50000000120a09000000000000000000020000000900020073797a3100000000080004400000000f0900010073797a30000000000800034000000001"], 0x64}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r3, &(0x7f00000002c0)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r3, 0x0) r4 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_MMAP_OFFSETS(r4, 0x11b, 0x7, 0x0, &(0x7f0000000000)) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000004c0)={{{@in6, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={""/10, ""/2, @local}}, 0x0, @in=@multicast1}}, &(0x7f0000000080)=0xe8) syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a10716, &(0x7f0000000140)={[], [{@uid_gt={'uid>', r5}}, {@uid_lt={'uid<', r5}}]}, 0xff, 0x481, &(0x7f0000000c00)="$eJzs209sVEUYAPDvvW4BAWlFREGQCpo0/mlpQeVgYjSaeNDERA94rG0hSKGG1kRIo9UYPBoS78ajiRevnjwZ9WTiFY8mhoQoMQG9uObtvrd0l93STZdu6f5+ycKbfbMz8+2beZ2d2Q2gZw1l/yQR2yPickQMVJP1GYaq/924tjD5z7WFySTK5Tf/TCr5rl9bmCznitdty8scTiPST5O8kuhfWuzc+QunJ2Zmps/l6dH5M++Nzp2/8PSpMxMnp09Onx0/duzokbHnnh1/pkmrf7/UbpxZfNf3fji7b8+rb196ffL4pXd++iZr7+791fNZHCsoZks7dQ5lgf9VfW8azz3eTkF3gf/KN+NMSs3zfJuscaO4rb6IKOWD83IMRF/cvHgD8conXW0ccEdl9+zNrU8vloENLIlutwDojuIPffb5t3is0dRjXbj6YvUDUBb3jfxRPVOKtPrRqH7hosOGIuL44r9fZo9oWIcoN1k3AABYre+z+c9TzeZ/aexekm9Hvjc0GBH3RcTOiLg/InZFxAMRlbwPRsRDrSpqMYkaakjfOv9MrzR7XYsthrZl87/n872t+vlfWmQZ7MtT91bi709OnJqZPpy/J8PRvzlLjzUrvCji5V8/b1X/0vlf9sjqL+aCeSFXStUFutre09TE/ESnJqVXP47YW2oWf1J7j5OI2BMRe9srekdxcOqJr/e1ynT7+JfRgU5Q/qooZGExGuIvJMvvT45uiZnpw6NFr7jVz79cfKNV/auKvwOy67+1vv835Bj4O1m6XztXO/HCSuu4+NtnLT9Tllbe/2uy/r8peauyp7spf+6Difn5c2MRm5LXKum658dvvrZIF/mz+IcPNR//O/PXZPE/HBFZJ94fEY9ExIH82j0aEQcj4tAy8f/40mPvtjq3Hq7/VNP7X63/D9Zf//YP+k7/8F2r+ld2/ztaORrOn6nc/26jdXOK22hDbwYAAIANLK18Nz5JR2rHaToyUv0O/67Yms7Mzs0/eWL2/bNT1e/QD0Z/Wqx0DSxZDx1LFvMSq+nxfK24OH8kXzf+ou+eSnpkcnZmqsuxQ6/b1mL8Z/7o63brgDuuU5upwN2ncfynXWoHsPZq47+tn7cDG4H5P/Qu4x96V7Px/1FD2l4AbETlgW63AOge83/oXcY/9C7jH3rSan7Xf6cOSsv8et/Bag4Obu9cgZF2PZx1dXBgHY2mUgdGd5dvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3yfwAAAP//ni75Og==") link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000bc0)='./file0\x00') sendmsg$NL80211_CMD_DISCONNECT(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x408}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)={0x50, 0x0, 0x400, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x2, 0x7f}}}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x12}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xb}, @NL80211_ATTR_REASON_CODE={0x6}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xb}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x37}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x21}]}, 0x50}, 0x1, 0x0, 0x0, 0x20040845}, 0x4) 760.037839ms ago: executing program 0 (id=1088): iopl(0x3) socket$kcm(0x10, 0x2, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfffffffe, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc0000001a000100000000000000000081800000000000000e000000140001002001000000000000000000000000db3c14001100736974300000000000000000000000001400010020010000000000000000000000000000140002002001000000000000000000000000000014000200fe8800000000000000000000000001011400010000000000000000000000ffffe0000002140001000000000000000000000000000000000114000100ff020000000000000000000000000001"], 0xbc}, 0x1, 0x0, 0x0, 0x4}, 0x4000840) io_submit(0x0, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r1, &(0x7f00000002c0)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r1, 0x0) r2 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r2, 0x10d, 0x91, 0x0, &(0x7f00000000c0)=0xfe23) socket$inet6_dccp(0xa, 0x6, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x8001000000000000, 0x40, 0x0, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000000100), 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000000100), 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x24, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x400000000000f, 0xffffffffffffffff, 0x8) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='cpuset.sched_load_balance\x00', 0x2, 0x0) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.net/syz0\x00', 0x200002, 0x0) fchdir(r4) mkdir(&(0x7f0000000000)='./control\x00', 0x0) unlinkat(0xffffffffffffffff, 0x0, 0x0) rmdir(&(0x7f0000000040)='./control\x00') 758.226729ms ago: executing program 1 (id=1089): perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x6d}]}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/clients\x00', 0x0, 0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000200)='.\x00', 0x82000714) close_range(r0, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10) r2 = getpid() process_vm_readv(r2, &(0x7f0000000000)=[{&(0x7f0000000340)=""/129, 0x81}, {&(0x7f0000000400)=""/252, 0xfc}, {0x0}], 0x3, 0x0, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)=@o_path={&(0x7f0000000100)='./file0\x00', 0x0, 0x4010}, 0x18) r4 = socket$inet(0x2, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, 0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x1c) shutdown(r5, 0x1) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000000), 0x248800) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a", 0x23}], 0x1}, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000340)=@nat={'nat\x00', 0x19, 0x3, 0x482, [0x20000940, 0x0, 0x0, 0x20000a46, 0x20000dd2], 0x0, &(0x7f0000000300), &(0x7f0000000e00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000900000000000000001570696d72656730000000000000000000776732000000000000000000000000006e723000000000000000000000000000766c616e300000000000000000000000ffffffffffff00ffffffffffbbbbbbbbbbbb0000ff0000ff6e0000009e000000d600000072656469726563740000000000000000000000000000000000000000000000000800000000000000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa420000fdffefff0000000000000000000000000000000000000000000000000001000000feffffff020000000900000024000000900067656e657665310000000000000000006361696630000000000000000000000074756e6c30000000000000000000000076657468305f746f5f7465616d0000000d7913c4d814ffffffffffffaaaaaaaaaaaaff0000ff0000ae000000de0100000e02000071756f746100000000000000000000000000000000000000000000000000000018000000000000000100000000000000fe63000000000000ffff0000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000100000073797374656d5f753a6f626a6563745f723a636c6f636b5f6465766963651b5b085d459ceacf30c95f743a73300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000434c415353494659000000000000000000000000000000000000000000000000080000000000000033090000000000000900000014000000efdd3d827cf884616e30000000000000000067656e6576653100000000000000000076657468305f746f5f6873720000000067656e657665310000000000000000000180c200000e0000ffffffff000000000000ff000000ff009e000000d60000000e0100007374617465000000000000000000000000000000000000000000000000000000080000000000000003000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000dd8b1d88f3c70000fcffffff00000000736e61740000000000000000050000000000000000000000000000000000000010000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000fcffffff00000000a8d0a11ebdd9"]}, 0x4fb) r7 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000340)=@req3={0x0, 0x0, 0x0, 0x1}, 0x1c) sendmsg$kcm(r6, &(0x7f00000001c0)={0x0, 0x190d, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440013030e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0) 668.204556ms ago: executing program 1 (id=1090): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r1}, 0x10) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000340)=0xffff, 0x4) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') ppoll(&(0x7f00000000c0)=[{r2}], 0x1, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000640)={0x2f0, 0x0, 0x800, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x231, 0x60}}}}, [@NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x1}, @acl_policy=[@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x34, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @broadcast}, {0xa}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x10, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}]}, @NL80211_ATTR_MAC_ADDRS={0x58, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}, {0xa, 0x6, @broadcast}, {0xa}, {0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}], @NL80211_ATTR_TX_RATES={0x208, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xe4, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2a, 0x2, [{0x6, 0x4}, {0x7}, {0x3}, {0x2, 0x4}, {0x2, 0x4}, {0x5}, {0x7, 0x8}, {0x2, 0xa}, {0x2, 0x2}, {0x1, 0x6}, {0x6, 0x8}, {0x0, 0x4}, {0x2, 0x1}, {0x1, 0x1}, {0x0, 0x5}, {0x4, 0x6}, {0x3, 0x9}, {0x7, 0x3}, {0x3, 0x9}, {0x7}, {0x2, 0x1}, {0x1, 0x2}, {0x5, 0x1}, {0x3, 0x8}, {0x1, 0x4}, {0x1, 0x2}, {0x4}, {0x2, 0x1}, {0x0, 0x7}, {0x6, 0x2}, {0x0, 0x6}, {0x1, 0x7}, {0x7, 0x3}, {0x5, 0x9}, {0x7, 0x1}, {0x0, 0x9}, {0x1, 0x2}, {0x2}]}, @NL80211_TXRATE_HT={0x24, 0x2, [{0x7, 0x7}, {0x2, 0x2}, {0x6, 0x6}, {0x7, 0xa}, {0x3, 0x6}, {0x1, 0x2}, {0x0, 0x9}, {0x0, 0x9}, {0x1, 0x5}, {0x0, 0x5}, {0x3}, {0x1, 0x6}, {0x1, 0xa}, {0x6, 0x5}, {0x7, 0x1}, {0x2, 0x2}, {0x0, 0x9}, {0x6, 0x7}, {0x1, 0x7}, {0x0, 0x1}, {0x4, 0x8}, {0x0, 0x3}, {0x7, 0x5}, {0x4, 0x4}, {0x7, 0x9}, {0x3, 0x3}, {0x7, 0x1}, {0x0, 0xa}, {0x7, 0x1}, {0x7, 0x8}, {0x7, 0x9}, {0x2, 0x4}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x2000, 0x48, 0xd, 0x3, 0x5, 0x5, 0x7]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x796d, 0xc720, 0x67, 0x8, 0x40, 0x6, 0xa0, 0xffff]}}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x4, 0x1}, {0x1, 0x2}, {0x5, 0x3}, {0x7, 0x9}, {0x5, 0x1}, {0x1, 0x9}, {0x7, 0x8}, {0x7, 0x9}, {0x7}, {0x5, 0x7}, {0x2, 0x1}, {0x2, 0x9}, {0x0, 0x8}, {0x7, 0x7}, {0x5, 0x6}, {0x0, 0x1}, {}, {0x0, 0x2}, {0x6, 0x8}, {0x3, 0x5}, {0x4, 0x5}, {0x0, 0x1}, {0x3, 0x4}, {0x3, 0x5}, {0x7, 0x4}, {}, {0x0, 0xa}, {0x1, 0x2}, {0x5, 0x9}, {0x3, 0x5}, {0x1, 0x8}, {0x0, 0x6}, {0x2}, {0x1, 0x7}, {0x5, 0xa}, {0x7, 0xa}, {0x3, 0x3}, {0x7, 0x4}, {0x1, 0x9}, {0x1, 0x5}, {0x0, 0x6}, {0x3, 0x7}, {0x5, 0x5}, {0x2, 0x6}, {0x0, 0x3}, {0x1, 0x4}, {0x3, 0x8}, {0x3, 0x9}, {0x7, 0x6}, {0x1, 0x7}, {0x1, 0x6}, {0x2, 0x5}, {0x6, 0x1}, {0x3, 0x1}, {0x4, 0x4}, {0x4, 0x8}, {0x3, 0x6}, {0x6, 0x2}, {0x1, 0xa}, {0x3, 0x6}, {0x3, 0x4}, {0x1, 0x2}, {0x6, 0x7}, {0x0, 0x5}, {0x3, 0x5}, {0x5, 0x8}, {0x4, 0x3}]}]}, @NL80211_BAND_60GHZ={0x5c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x5, 0x6, 0xee, 0x5, 0x7eb, 0xfffc, 0x7, 0x5]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x9, 0x2, 0xf91d, 0xc, 0x7, 0x3, 0x7]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x7, 0x7fb8, 0x3, 0x5, 0x101, 0x1000, 0x101]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x4, 0x9, 0x6, 0x9, 0x8, 0x4, 0x8]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_5GHZ={0x24, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x20, 0x1, [0x60, 0x6, 0x5, 0x4, 0x1, 0x30, 0x60, 0x16, 0x18, 0x6, 0x6, 0x3, 0x1, 0x5, 0x24, 0x6, 0x60, 0x60, 0x2, 0x3, 0x18, 0x6c, 0x36, 0x36, 0x16, 0x0, 0x0, 0x9]}]}, @NL80211_BAND_2GHZ={0x7c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x11, 0x2, [{0x4, 0x5}, {0x7, 0x2}, {0x4, 0x5}, {0x2, 0x3}, {0x3, 0x5}, {0x5, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x1, 0x6}, {0x4, 0xa}, {0x1, 0x2}, {0x2, 0x2}, {0x0, 0x2}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x1, 0x3}, {0x2, 0x7}, {0x4, 0x9}, {0x7, 0x8}, {0x4, 0x3}, {0x0, 0x3}, {0x7, 0x5}, {0x1, 0x4}, {0x5, 0x5}, {0x4, 0x6}, {0x3, 0x8}, {0x7, 0xa}, {0x5, 0x5}, {0x0, 0x4}, {0x5, 0x3}, {0x1, 0x7}, {0x5, 0x5}, {0x0, 0x5}, {0x0, 0x8}, {0x6, 0x6}, {0x0, 0x5}, {0x1, 0x9}, {0x5, 0x6}, {0x4, 0x7}, {0x0, 0x4}, {0x2}, {0x1, 0x2}, {0x0, 0x3}, {0x3, 0x4}, {0x1, 0xa}, {0x6, 0x9}, {0x0, 0x4}, {0x4, 0x9}, {0x2, 0x1}, {0x2, 0x6}, {0x2}, {0x3, 0x5}, {0x1, 0x1}, {0x1, 0x7}, {0x2, 0x3}, {0x4, 0x4}, {0x6, 0x2}, {0x5, 0x7}, {0x5, 0x8}, {0x2, 0x5}, {0x1, 0x4}, {0x5, 0x3}, {0x3, 0x8}, {0x4, 0x8}, {0x1, 0x2}, {0x4, 0x1}, {0x7, 0x3}, {0x7, 0x3}, {0x1, 0x9}, {0x3, 0x2}, {0x1, 0x9}, {0x1, 0x2}, {0x0, 0x5}, {0x4, 0x9}, {0x2, 0x8}, {0x7, 0x6}]}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0xff, 0x2, 0x1, 0x0, 0x1, 0xa, 0x1, 0x7]}}]}]}, @NL80211_ATTR_PRIVACY={0x4}]}, 0x2f0}, 0x1, 0x0, 0x0, 0x4}, 0x4008080) mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000280)={0x0, 0x0, 0x20000}, 0x20) mprotect(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x200000d) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x0, 0x0}) execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x1f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r3, &(0x7f0000000100), 0xc) bind$qrtr(r3, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c) 618.17484ms ago: executing program 4 (id=1091): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) pwritev2(r1, &(0x7f0000000440)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x5405, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=@newlink={0x48, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, r4}}}}}}]}, 0x48}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000140)={'erspan0\x00', 0x0, 0x20, 0x8000, 0x7fff, 0x15c, {{0x19, 0x4, 0x3, 0x9, 0x64, 0x66, 0x0, 0xcc, 0x2f, 0x0, @local, @dev={0xac, 0x14, 0x14, 0x2f}, {[@timestamp_prespec={0x44, 0x4c, 0xfd, 0x3, 0x6, [{@local, 0xffff}, {@private=0xa010102, 0xffff}, {@remote, 0x20000}, {@empty, 0x9}, {@private=0xa010101, 0x69c}, {@private=0xa010100, 0x5}, {@broadcast, 0x10}, {@rand_addr=0x64010101, 0x80}, {@local, 0x3}]}, @ra={0x94, 0x4}]}}}}}) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB='T\x00)\r', @ANYRES16=0x0, @ANYBLOB="200028bd7000fbdbdf250b00000008003c007900000008000600", @ANYRES32=r4, @ANYBLOB="08003c0001000000050033000100000008003b00e300000008000b004000000005002f004400000008000300", @ANYRES32=r5, @ANYBLOB], 0x54}, 0x1, 0x0, 0x0, 0x4000}, 0x408c0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) r6 = socket$inet_sctp(0x2, 0x1, 0x84) bind$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000080)={0x0, 0xffffffff, 0x30}, 0xc) sendto$inet(r6, &(0x7f00000000c0)='}', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r6, &(0x7f0000000280)='p', 0x1, 0xc000, 0x0, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000040), 0xc) sendto$inet(r6, &(0x7f0000000180)='o', 0x1, 0x0, 0x0, 0x0) sendto$inet(r6, &(0x7f0000000300)="ab", 0x34000, 0xf20300000000dcff, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li") creat(&(0x7f0000000280)='./file0\x00', 0x0) recvfrom$inet(r6, &(0x7f00000005c0)=""/68, 0x44, 0x2001, &(0x7f0000000100)={0x2, 0x4e20, @private=0xa010102}, 0x10) r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x2, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000002000000000000000002000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70300000000000085000000ad000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r8, 0xffffffffffffffff, 0x30, 0x0, @val=@uprobe_multi={&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x1, 0x1}}, 0x3c) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv6_getaddrlabel={0x24, 0x1a, 0x1, 0x0, 0x0, {}, [@IFAL_LABEL={0x8}]}, 0x24}}, 0x0) 615.27705ms ago: executing program 0 (id=1092): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) (async) membarrier(0x40, 0x0) (async) r0 = socket$kcm(0x29, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (async) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000b00)={[{@resgid}, {@dioread_nolock}]}, 0x84, 0x490, &(0x7f0000001280)="$eJzs3EtvG0UcAPD/rvOgz4RSHn1ADQURUUiatEAPSAgEUi9ISHCAY0hDVZq2qAkSrSraIlSOiE8AHJH4BJzggoATiCvcEVKFemnhgIzW3k2d2DWOXceh/v0kOzPrfcx/Zyc7u+N1AAOrnL0lEVsj4teIGKtlV85Qrv25ce3C3F/XLswlUam89udodb7r1y7MFbMWy23JMxNpRPpREnuabHfx3PmTswsL82fz/NTSqXenFs+df+rEqdnj88fnT88cOXL40PSzz8w8fVvizOK6vvuDM3t3HX3z01fmKvHWD19l5d2af14fR81419ssRzkqlUolXTF1pPr+WNdr31i2RcTlPJ0M9bkwtK0UEVl1DVfb/1iU4mbljcXLH/a1cEBPZeen0YappfzvUFIB7mBJ9LsEQH8UZ/zs+rd4rWf/o9+uvpC9z1fjv5G/ap8MRXbdnozXrthLPdr+1oh449Lfn2WvaHofAgDg9vom6/882az/l8Z9dfNtz8dQxiPiQETsiIh7ImJnRNwbUZ33/oh4YI3bL6/KN/Z/ft7UUWBtyvp/z+VjWyv7f8ujNuOlPLetGv9w8vaJhfmD+T6ZiOHRLD/dYhvfvvTLJ7f6rFzX/8te2faLvmBejj+GVt2gOza7NNtNzPWuXo7YPdQs/mR5JCCJiF0RsbuD9Wf77MQTX+7N0tu3NH7+3/G3cqmDEq1U+SLi8Vr9X4pV8ReS2hDJrcYnp+6KhfmDU8VR0ejHn668Wp8frkt3F3/3svrf3PT4z+MvmkExXru49m1c+e3jfJ2NTbnT438keb2aHsmnvT+7tHR2OmIkn7Bi+szNZYt8MX8W/8T+iCv5QHB9+98R8c/n+XJ7IiI7iB+MiIciYl9e9ocj4pGI2N8i/u9ffPSd1nuov/V/rFX9R4wn9eP1HSRKJ7/7uljZclXm/1zaq//D1dREPqWd/3/tFvB27EMAAADY6NLqGHSSTi6n03RysvYd/p2xOV04s7h0oBzvnT5WG6sej+G0uNM1Vnc/dDq/N1zkZ1blD0XE3dVvGm2q5ifnzixs63fwMOC23KL9Z37v1ZdegI1jTc9rJb0rB7D+PK8Jg6vt9j/c23IA68/5HwaX9g+Dq1n7vxhxow9FAdbZms7/z/euHMD6a9X+3fKDO5vrfxhc2j8MpMZH4ovfaOjkSf+biR1Hu1p8gBKlHq056n+0oweJSPu+6zpPpBuhGPvyxGhEtLvUxZ7W6erjBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/v3wAAAP//mcDgQw==") (async) r3 = open(&(0x7f00000000c0)='.\x00', 0x42100, 0x0) (async) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r0, {0xb3}}, './file0\x00'}) (async) r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_CREATE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x3c, r7, 0x917, 0x0, 0x0, {}, [@L2TP_ATTR_UDP_CSUM={0x5, 0xd, 0x1}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_PEER_CONN_ID={0x8}, @L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_UDP_SPORT={0x6}]}, 0x3c}}, 0x0) (async) sendmsg$L2TP_CMD_TUNNEL_DELETE(r4, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0x38, r7, 0x800, 0x70bd25, 0x25dfdbfb, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x1}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @mcast2}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000840}, 0x40000) ftruncate(0xffffffffffffffff, 0x0) (async) write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x2}}, 0x6b) write$RDMA_USER_CM_CMD_LISTEN(r5, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r8}}, 0x10) (async) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r5, &(0x7f0000000280)={0x14, 0x88, 0xfa00, {r9, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"5ed29e4d30b632166d44d4f0c7cb6213"}}}}, 0x90) (async) getdents(r3, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) recvmsg$unix(r10, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x4, &(0x7f0000000100)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x8b}]}, &(0x7f00000001c0)='syzkaller\x00'}, 0x90) (async) write$cgroup_subtree(r11, &(0x7f0000000640)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce8102036c0800000000000000000000ffff9ff57b00000000000000000000000000ac1414aa"], 0xfdef) (async) bind$inet(r11, &(0x7f0000000100)={0x2, 0x4e23, @loopback}, 0x10) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r2, 0x5, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc}, {0x3}}]}, 0x54}}, 0x0) 544.813426ms ago: executing program 0 (id=1093): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1f, 0xf, &(0x7f00000000c0)=@ringbuf={{0x18, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa7000000}, {{0x18, 0x1, 0x1, 0x0, r0}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90) 542.848396ms ago: executing program 0 (id=1094): iopl(0x3) keyctl$invalidate(0x15, 0x0) r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc3}, &(0x7f0000000080)={0x0, "cbdf60d01c2e54efff1684d7c25dcbc3a67c871e88fbfa12979f2cae6feb3e4db1d204ad2c32b072199f78d3455d648ba93efbb6df9210474fb9924f440cf966", 0x3a}, 0x48, 0xfffffffffffffffb) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=@newlink={0x40, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp=r2}, @IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x1000}]}}}]}, 0x40}}, 0x0) keyctl$get_security(0x11, r0, 0x0, 0x0) 511.813289ms ago: executing program 4 (id=1095): perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x21, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0xe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x0, 0x0, 0x0) gettid() r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x18, r2, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x4}]}, 0x18}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x74, 0x30, 0x1, 0x0, 0x0, {}, [{0x60, 0x1, [@m_vlan={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6}, @TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x3}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x46d8d000) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xbb, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r4 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000200)={@remote, @private, 0x0, "60f5bd6e0630e369c7b35d2fff1f4d7ed79c31b0f1da00"}, 0x3c) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0xb0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_FLUSH_PMKSA(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="20e2bbea", @ANYRES16=r6, @ANYBLOB="030000000000000020007e0000000c81000000f1000000000000"], 0x20}}, 0x0) r7 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f00000001c0)=0xc) sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x52, 0x1, 0x0, 0x0, {0xa}, [@typed={0x8, 0x1, 0x0, 0x0, @uid=r8}]}, 0x1c}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r7, &(0x7f0000000580)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000540)={&(0x7f0000000d40)={0x3c8, 0x0, 0x0, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_OFFCHANNEL_TX_OK, @NL80211_ATTR_FRAME={0x3a7, 0x33, @reassoc_resp={{}, 0x831, 0x3a, @default, @val={0x1, 0x4, [{0x60}, {0x36}, {0x18, 0x1}, {0x18}]}, @val={0x2d, 0x1a, {0x300, 0x2, 0x7, 0x0, {0x44, 0x2, 0x0, 0x2, 0x0, 0x0, 0x1, 0x3, 0x1}, 0x1, 0x101, 0x4}}, [{0xdd, 0xba, "b844613649a9a54200f3b1afb1adb1eb314eb006ecb91fd9cc78e85acc9baf6478b32011caa659b3009e657d6a9c47538d3e2d70487be25441bb9b49dfc809366c95e0048b2bb794ae99a9f85e5bb0fb1db9710ef01f7614bf93b29cccd3f24e278187829c3c33a507bbb90d8f920b4484946f1e6eab306b25c6d3d1062c88c1c6fc77863fee7e45282305c804de56cd0ffc90b1c62020a77bb3e676aa3c12f56dfbe72ee403e442877d877a761e1abe63e0f1569b2bdc02acbc"}, {0xdd, 0xcc, "66b44934c943b89d73723b8c720121452ce637d036a06cb1c4af5299479d17bd2742ebca3a55f9586a55d5fb78016e9254d2cbd10f378a0384cf254ac6a2e3838e8a21d04cacfc5e16c5794b7dc9a71a4a418a0d0e0e33bd670ad3a03ad74cc3e430b3d40ba6726c5b51938a2f4da20946f3d74b52fd40a036b77c2457eb1e33d07c6e3dc528aefbebd2cad0481150a6c8ae71837fc5917e0ce1d4b05fb3df99522794bfe5c58769cc60a0a19349db64b1408df504b698a1cd3b7b65c1b6613c8a497faa9296b2f8fe680b65"}, {0xdd, 0xd0, "de6aca87a832a1611a2ee2356242348e0d1f4961a323073f73c5469ffb2e854d21cdff263d580a9d1c3e6d8fb7496b53a4843e31153d686239c97679c15a023d7d76b6c4e05f104d5999548d69f0ff842ff8aceaa5662b6f937a76dc65d7c846e61430d5ef93e57b22a5e58288aeeeb841df46a4f676034d3bb84d6aa626bc634ddf6fe5f7b2841d6f582e9e3feb38a411e69f20c37d53e5f3d625d2d750cf60770b274fc7e8e46c25eaadb37b7fbf8cb386b43f17c4441ec170456e6a38c82544ed2039268020c088a2a8bd1f77a962"}, {0xdd, 0x59, "e4bb2c24079171be91865d109e11e8022e8078059f54e1b5ba6c3c43ad5417d151579b5d6a984032b9e6020909ef7ab7bac82675ebf3b499b1eb2db7d601734bcf13d3ea3510b3d8da93bdf32facc6915751c39a1bfe0778e3"}, {0xdd, 0x5a, "5220141c26a7c5daa7da4fe3744a7157fae6afc8c2c6845cd70d6a359b3f942b096a06377dc157e64f3bd7df7cb06fb8036285c6bce63617f18fb421f2904c4d7383f90a9ed1d6c1ca7e06e76cff102864d65b9daa85e7cc9f79"}, {0xdd, 0x4e, "2648e339ca0228a3ae3a6b2191e193ba4ed9646942f110400c7dd0f81e705764e904a9a228bf1a74678c88baddf18a1de23cd67bc0a82b7ded51e08552854e4e4f47a2909590350c1b4cb3ce0ff1"}]}}]}, 0x3c8}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000008c0)={&(0x7f00000007c0)={0xe8, r6, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x8, 0x1b}}}}, [@NL80211_ATTR_QOS_MAP={0x22, 0xc7, {[{0x8, 0x4}, {0x7}, {0x3, 0x1}, {0xcc, 0x3}, {0x0, 0x3}, {0x2, 0x7}, {0x1, 0x2}, {0x44, 0x6}, {0x5, 0x2}, {0xf8, 0x4}, {0x8, 0x1}], "70b3b60daff7c763"}}, @NL80211_ATTR_QOS_MAP={0x34, 0xc7, {[{0x0, 0x6}, {0x81, 0x3}, {0x1f, 0x6}, {0x7, 0x6}, {0x81, 0x4}, {0x9, 0x1}, {0x2}, {0x0, 0x5}, {0x83, 0x5}, {0x9, 0x1}, {0x6, 0x2}, {0xfb}, {0x0, 0x6}, {0x0, 0x4}, {0x9, 0x3}, {0x0, 0x6}, {0x8, 0x6}, {0x75, 0x7}, {0x81, 0x2}, {0x8a, 0x3}], "f3c46c11350198bd"}}, @NL80211_ATTR_QOS_MAP={0x2e, 0xc7, {[{0xdc, 0x6}, {0x81, 0x7}, {0x8, 0x4}, {0x1, 0x2}, {0x8, 0x3}, {0x3, 0x7}, {0x1, 0x3}, {0x3, 0x5}, {0x1, 0x7}, {0x9, 0x7}, {0x2, 0x4}, {0x8b, 0x1}, {0x5b, 0x3}, {0x20, 0x6}, {0x5, 0x3}, {0xfa, 0x1}, {0x6, 0x3}], "c986d3382992429e"}}, @NL80211_ATTR_QOS_MAP={0x36, 0xc7, {[{0x7}, {0x0, 0x6}, {0x2, 0x7}, {0x2, 0x6}, {0x9, 0x7}, {0x0, 0x6}, {0x5, 0x5}, {0x1}, {0x7f, 0x40}, {0x6, 0x6}, {0xb0, 0x2}, {0x0, 0x5}, {0x2}, {0x1}, {0x0, 0x2}, {0x3e, 0x4}, {0x25, 0x4}, {0x2, 0x7}, {0x6, 0x6}, {0x93, 0x3}, {0x81, 0x3}], "22c31347ea0fb5ee"}}]}, 0xe8}, 0x1, 0x0, 0x0, 0x44000}, 0x4010) sendmsg$NL80211_CMD_PROBE_CLIENT(r1, &(0x7f0000000500)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)={0x70, 0x0, 0x2, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x70}, 0x1, 0x0, 0x0, 0x50}, 0x80400c1) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x4, 0x4, 0x0, 0xbf25}, 0x1b) perf_event_open(&(0x7f0000000180)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) 501.618289ms ago: executing program 0 (id=1096): open$dir(0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x79, &(0x7f00000006c0)={@random="e10931d8640a", @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "014100", 0x43, 0x88, 0x0, @rand_addr=' \x01\x00', @local, {[], {0x0, 0x0, 0x43, 0x0, @gue={{0x2}, "ac82ec82f3f672932314fe7f6e032f157b16d76ad4f799f0ed65c788ecb903832bc6cd56513608fe2202e1c61f9a75d226a984"}}}}}}}, 0x0) 486.908581ms ago: executing program 0 (id=1097): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000100)=[{0x30}, {0x80000006}]}, 0x10) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r2, &(0x7f00000001c0)='k', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x9a, &(0x7f00000002c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0086dd601a843500640600fe8000000000000000000000000000aafe8000000000000000000000000000aa00004e32", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="90c2000090780000080a000000000000000002040000000e33efa97c2eec3c96de3587be080a00000000000000001e102000000000000000000000000000fe0df9893d73178e8b53bee8ab1e0c1000"/88], 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="c40100000a0a010100000000000000000100000a0c00118008000100636d70000c000b4000000000000000030c000b4000000000000000097c010980680102803c000180080001400000000308000140000100000800034000000009080001400000000208000140000000070800014000002e9d08000140000000090c00018008000140000000043c000180080001400000089308000140000000040800014000000009080001400000000708000140000000060800014000000009080001400000000554000180080001400000040008000140000000ee080001400000800008000140ffff7fff08000140000000020800014000000000080001400000000508000140000080000800014000000008080001400000000134000180080001400000000008000140000000090800014000000002080001400000800008000140000003ff080001400000000914000180080001400000000408000140000000070c00018008000140000000031c0001800800014000000bb1080001400000011408000140800000001c0001800800014000000003080001400000800008000140000000030800014000000006080001400000000608000840000000030800044000000091"], 0x1c4}, 0x1, 0x0, 0x0, 0x400c880}, 0x8040) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) getresgid(&(0x7f0000000240), &(0x7f0000000380), &(0x7f00000003c0)) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="022000000000000014aefd15992be686e2c7458e8cb857b688000300626f6e64", @ANYRES32=r4, @ANYBLOB], 0x3c}}, 0x0) 479.775941ms ago: executing program 1 (id=1098): socket(0x11, 0xa, 0x0) prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ff9000/0x4000)=nil) r0 = syz_open_procfs(0x0, 0x0) r1 = socket(0x200000100000011, 0x803, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0) write$cgroup_int(r2, &(0x7f0000000180)=0x3, 0x12) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000040)='%-5lx \x00'}, 0x20) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/13, 0xd}], 0x1, 0x7, 0x80) r3 = dup(0xffffffffffffffff) ioctl$PTP_EXTTS_REQUEST2(r3, 0x40603d07, &(0x7f0000000040)) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x26e1, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'lo\x00'}) io_uring_setup(0x0, &(0x7f0000000100)={0x0, 0x4}) socket$inet6_sctp(0xa, 0x801, 0x84) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='8\x00\x00\x00O\x00/'], 0x38}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1c, 0x4, 0xfff, 0x4, 0xd00, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xff7ffffc}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r4}, 0x0, 0x0}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000300)=ANY=[@ANYRES32=r1, @ANYRESOCT=0x0], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r5}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x2, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) socket$can_bcm(0x1d, 0x2, 0x2) close(0xffffffffffffffff) socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(0xffffffffffffffff, &(0x7f0000000040), 0x10) setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, 0x0, 0x0) 209.259363ms ago: executing program 1 (id=1099): r0 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r0, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000040), 0x4) openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000007c0)='memory.events\x00', 0x275a, 0x0) open$dir(0x0, 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000040)={0x80, 0x0, 0x0, 0x10000}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0) sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000980)={&(0x7f0000000900)={0x4c, 0x0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40040}, 0x4000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000a40)={0x30, 0x35, 0x1, 0x0, 0x0, {0x2}, [@nested={0x4}, @nested={0x15, 0x9, 0x0, 0x1, [@generic="a30ebf0d207e821ea63696b30a7f910a47"]}]}, 0x30}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c003d000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r4 = socket$can_j1939(0x1d, 0x2, 0x7) setsockopt$SO_J1939_ERRQUEUE(r4, 0x6b, 0x3, 0x0, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='rpcgss_need_reencode\x00'}, 0x10) syz_emit_ethernet(0xe8, &(0x7f00000006c0)={@random="e10931d8640a", @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "014100", 0xb2, 0x88, 0x0, @rand_addr=' \x01\x00', @local, {[], {0x0, 0x0, 0xb2, 0x0, @gue={{0x2}, "ac82ec82f3f672932314fe7f6e032f157b16d76ad4f799f0ed65c788ecb903832bc6cd56513608fe2202e1c61f9a75d226a9847e305b9ecda292c645f518e75b630be47831cb6db013fe8e48323aab94c4063913b1b418d4e8755538f641bba7448bd14ccd722899ef2e9e229dd835281b6ad877e913da954bf832ace982f8d42320beb747c4d33d9aebb583459ae5de90d4026c0b897d78e896409fd47ed30348ff"}}}}}}}, 0x0) 0s ago: executing program 1 (id=1100): perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x6d}]}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/clients\x00', 0x0, 0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000200)='.\x00', 0x82000714) close_range(r0, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000000), 0x10) r2 = getpid() process_vm_readv(r2, &(0x7f0000000000)=[{&(0x7f0000000340)=""/129, 0x81}, {&(0x7f0000000400)=""/252, 0xfc}, {0x0}], 0x3, 0x0, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)=@o_path={&(0x7f0000000100)='./file0\x00', 0x0, 0x4010}, 0x18) r4 = socket$inet(0x2, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, 0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x1c) shutdown(r5, 0x1) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000000), 0x248800) r6 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a", 0x23}], 0x1}, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000340)=@nat={'nat\x00', 0x19, 0x3, 0x482, [0x20000940, 0x0, 0x0, 0x20000a46, 0x20000dd2], 0x0, &(0x7f0000000300), &(0x7f0000000e00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000900000000000000001570696d72656730000000000000000000776732000000000000000000000000006e723000000000000000000000000000766c616e300000000000000000000000ffffffffffff00ffffffffffbbbbbbbbbbbb0000ff0000ff6e0000009e000000d600000072656469726563740000000000000000000000000000000000000000000000000800000000000000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa420000fdffefff0000000000000000000000000000000000000000000000000001000000feffffff020000000900000024000000900067656e657665310000000000000000006361696630000000000000000000000074756e6c30000000000000000000000076657468305f746f5f7465616d0000000d7913c4d814ffffffffffffaaaaaaaaaaaaff0000ff0000ae000000de0100000e02000071756f746100000000000000000000000000000000000000000000000000000018000000000000000100000000000000fe63000000000000ffff0000000000005345434d41524b000000000000000000000000000000000000000000000000000801000000000000010000000100000073797374656d5f753a6f626a6563745f723a636c6f636b5f6465766963651b5b085d459ceacf30c95f743a73300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000434c415353494659000000000000000000000000000000000000000000000000080000000000000033090000000000000900000014000000efdd3d827cf884616e30000000000000000067656e6576653100000000000000000076657468305f746f5f6873720000000067656e657665310000000000000000000180c200000e0000ffffffff000000000000ff000000ff009e000000d60000000e0100007374617465000000000000000000000000000000000000000000000000000000080000000000000003000000000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000dd8b1d88f3c70000fcffffff00000000736e61740000000000000000050000000000000000000000000000000000000010000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000fcffffff00000000a8d0a11ebdd9"]}, 0x4fb) r7 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000340)=@req3={0x0, 0x0, 0x0, 0x1}, 0x1c) sendmsg$kcm(r6, &(0x7f00000001c0)={0x0, 0x190d, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440013030e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0) kernel console output (not intermixed with test programs): 379.922:689): avc: denied { setopt } for pid=5706 comm="syz.2.617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 69.928108][ T5709] mmap: syz.2.617 (5709): VmData 29347840 exceed data ulimit 9. Update limits or use boot option ignore_rlimit_data. [ 69.936166][ T5708] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 69.961540][ T29] audit: type=1400 audit(1721681379.922:690): avc: denied { mounton } for pid=5706 comm="syz.2.617" path="/113/file0/file0" dev="ramfs" ino=15376 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1 [ 69.997012][ T4332] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.010683][ T5715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.620'. [ 70.020492][ T29] audit: type=1400 audit(1721681380.002:691): avc: denied { bind } for pid=5707 comm="syz.3.618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 70.040513][ T29] audit: type=1400 audit(1721681380.002:692): avc: denied { node_bind } for pid=5707 comm="syz.3.618" saddr=100.1.1.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 70.062266][ T29] audit: type=1400 audit(1721681380.002:693): avc: denied { module_request } for pid=5707 comm="syz.3.618" kmod="net-pf-10-proto-132-type-0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1 [ 70.088415][ T29] audit: type=1400 audit(1721681380.072:694): avc: denied { write } for pid=5706 comm="syz.2.617" path="socket:[15115]" dev="sockfs" ino=15115 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 70.125535][ T5724] loop1: detected capacity change from 0 to 128 [ 70.137241][ T5724] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 70.159710][ T5724] FAT-fs (loop1): error, invalid access to FAT (entry 0x0affffff) [ 70.167604][ T5724] FAT-fs (loop1): Filesystem has been set read-only [ 70.180899][ T5720] loop0: detected capacity change from 0 to 512 [ 70.193027][ T5732] loop4: detected capacity change from 0 to 1024 [ 70.229455][ T5732] EXT4-fs warning (device loop4): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop4. [ 70.241938][ T5720] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.256041][ T5720] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 70.260593][ T5744] loop2: detected capacity change from 0 to 2048 [ 70.294630][ T5744] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.316890][ T3089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.327865][ T5754] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 70.348400][ T5757] loop2: detected capacity change from 0 to 512 [ 70.355349][ T5757] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 70.374315][ T4990] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 70.374979][ T5758] loop4: detected capacity change from 0 to 512 [ 70.395291][ T5758] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.628: casefold flag without casefold feature [ 70.408758][ T5758] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.628: couldn't read orphan inode 15 (err -117) [ 70.412808][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 70.430807][ T5758] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.446307][ T5758] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 70.476098][ T5767] loop2: detected capacity change from 0 to 128 [ 70.483443][ T5767] vfat: Unknown parameter '' [ 70.577182][ T5770] netlink: 'syz.2.632': attribute type 4 has an invalid length. [ 70.608771][ T5770] netlink: 'syz.2.632': attribute type 4 has an invalid length. [ 70.872502][ T29] audit: type=1326 audit(1721681380.882:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5793 comm="syz.2.640" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8567ee5e99 code=0x0 [ 70.982611][ T5795] netlink: 'syz.2.640': attribute type 10 has an invalid length. [ 70.994769][ T5795] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.002824][ T5795] bond0: (slave team0): Enslaving as an active interface with an up link [ 71.102902][ T5797] loop3: detected capacity change from 0 to 512 [ 71.117589][ T5797] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 71.125650][ T5797] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 71.135045][ T5797] System zones: 0-1, 15-15, 18-18, 34-34 [ 71.142220][ T5797] EXT4-fs (loop3): orphan cleanup on readonly fs [ 71.148905][ T5797] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 71.149646][ T5612] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.163895][ T5797] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 71.165685][ T5797] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.641: bad orphan inode 16 [ 71.194588][ T5797] ext4_test_bit(bit=15, block=18) = 1 [ 71.200147][ T5797] is_bad_inode(inode)=0 [ 71.204307][ T5797] NEXT_ORPHAN(inode)=0 [ 71.208422][ T5797] max_ino=32 [ 71.211653][ T5797] i_nlink=2 [ 71.215435][ T5797] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 71.276059][ T5797] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5797 comm=syz.3.641 [ 71.302137][ T5379] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic f300, entries 1, max 4(0), depth 0(0) [ 71.325522][ T5379] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic f300, entries 1, max 4(0), depth 0(0) [ 71.347818][ T5807] netlink: 1036 bytes leftover after parsing attributes in process `syz.1.643'. [ 71.373641][ T5809] loop1: detected capacity change from 0 to 512 [ 71.388012][ T5809] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 71.541446][ T4990] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.724497][ T5825] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5825 comm=syz.2.650 [ 71.748097][ T5825] loop2: detected capacity change from 0 to 1024 [ 71.755862][ T5825] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities [ 71.954862][ T5831] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 72.088811][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 72.174189][ T5850] netlink: 4 bytes leftover after parsing attributes in process `syz.4.658'. [ 72.193827][ T5855] loop4: detected capacity change from 0 to 128 [ 72.511365][ T5859] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma? [ 72.587271][ T5379] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.600280][ T28] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.640143][ T28] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.663408][ T5869] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5869 comm=syz.1.664 [ 72.676905][ T5869] netlink: 24 bytes leftover after parsing attributes in process `syz.1.664'. [ 72.695510][ T28] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.728354][ T5877] loop1: detected capacity change from 0 to 512 [ 72.745862][ T28] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.749218][ T5879] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=52496 sclass=netlink_route_socket pid=5879 comm=syz.2.666 [ 72.763658][ T5877] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.782674][ T5877] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 72.835612][ T28] bridge_slave_1: left allmulticast mode [ 72.841463][ T28] bridge_slave_1: left promiscuous mode [ 72.847246][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.855695][ T28] bridge_slave_0: left allmulticast mode [ 72.861763][ T28] bridge_slave_0: left promiscuous mode [ 72.867536][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.930098][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 72.940753][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 72.950905][ T28] bond0 (unregistering): Released all slaves [ 72.962087][ T5863] chnl_net:caif_netlink_parms(): no params data found [ 73.016019][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.023185][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.030639][ T5863] bridge_slave_0: entered allmulticast mode [ 73.037326][ T5863] bridge_slave_0: entered promiscuous mode [ 73.045495][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.052654][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.059984][ T5863] bridge_slave_1: entered allmulticast mode [ 73.066476][ T5863] bridge_slave_1: entered promiscuous mode [ 73.080910][ T5913] loop4: detected capacity change from 0 to 512 [ 73.090735][ T5913] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.672: casefold flag without casefold feature [ 73.109410][ T5913] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.672: couldn't read orphan inode 15 (err -117) [ 73.122520][ T5913] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.146106][ T5913] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 73.159476][ T4332] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.176753][ T28] hsr_slave_0: left promiscuous mode [ 73.183325][ T28] hsr_slave_1: left promiscuous mode [ 73.190809][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 73.198743][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 73.206836][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 73.214363][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 73.225174][ T28] veth1_macvtap: left promiscuous mode [ 73.230843][ T28] veth0_macvtap: left promiscuous mode [ 73.234883][ T5921] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 73.236969][ T28] veth1_vlan: left promiscuous mode [ 73.251542][ T28] veth0_vlan: left promiscuous mode [ 73.332353][ T28] team0 (unregistering): Port device team_slave_1 removed [ 73.342292][ T5923] loop2: detected capacity change from 0 to 512 [ 73.349609][ T28] team0 (unregistering): Port device team_slave_0 removed [ 73.369633][ T5923] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.383111][ T5923] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 73.396158][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.407811][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.427479][ T5863] team0: Port device team_slave_0 added [ 73.434292][ T5863] team0: Port device team_slave_1 added [ 73.449737][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.457285][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.484938][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.496432][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.503538][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 73.529612][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.558417][ T5863] hsr_slave_0: entered promiscuous mode [ 73.564564][ T5863] hsr_slave_1: entered promiscuous mode [ 73.570643][ T5863] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 73.571581][ T4990] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.588599][ T5863] Cannot create hsr debugfs directory [ 73.603700][ T5928] loop1: detected capacity change from 0 to 164 [ 73.830045][ T5941] loop1: detected capacity change from 0 to 512 [ 73.842959][ T5612] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.874026][ T5945] loop4: detected capacity change from 0 to 256 [ 73.874019][ T5863] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 73.888953][ T5945] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 73.890086][ T5863] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 73.911775][ T5863] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 73.920792][ T5946] netlink: 'syz.1.681': attribute type 21 has an invalid length. [ 73.928893][ T5946] netlink: 156 bytes leftover after parsing attributes in process `syz.1.681'. [ 73.938939][ T5863] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 73.953274][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.960557][ T5863] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.968064][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.976266][ T5863] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.008773][ T3089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.013841][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.040907][ T5075] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.056199][ T5957] atomic_op ffff888112709928 conn xmit_atomic 0000000000000000 [ 74.056680][ T5075] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.073971][ T5949] loop1: detected capacity change from 0 to 512 [ 74.084235][ T5863] 8021q: adding VLAN 0 to HW filter on device team0 [ 74.088600][ T5949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.103232][ T5863] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 74.113775][ T5863] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 74.124945][ T29] kauditd_printk_skb: 14 callbacks suppressed [ 74.124957][ T29] audit: type=1400 audit(1721681384.132:709): avc: denied { setopt } for pid=5951 comm="syz.2.685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 74.128780][ T5949] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.138519][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.169532][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 74.179989][ T29] audit: type=1400 audit(1721681384.142:710): avc: denied { shutdown } for pid=5951 comm="syz.2.685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 74.220593][ T5969] loop0: detected capacity change from 0 to 512 [ 74.228503][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.235764][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 74.247737][ T5969] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 74.269807][ T5969] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 74.284101][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.295850][ T5969] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 74.373973][ T5863] veth0_vlan: entered promiscuous mode [ 74.382296][ T5863] veth1_vlan: entered promiscuous mode [ 74.396741][ T5863] veth0_macvtap: entered promiscuous mode [ 74.403966][ T5863] veth1_macvtap: entered promiscuous mode [ 74.415749][ T5863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.426310][ T5863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.436474][ T5863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.447102][ T5863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.456999][ T5863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.468198][ T5863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.478311][ T5863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.488785][ T5863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.499713][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.510831][ T5863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.511068][ T29] audit: type=1400 audit(1721681384.522:711): avc: denied { connect } for pid=5988 comm="syz.2.693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 74.522331][ T5863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.551775][ T5863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.552207][ T29] audit: type=1400 audit(1721681384.562:712): avc: denied { read } for pid=5988 comm="syz.2.693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 74.562448][ T5863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.591929][ T5863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.602644][ T5863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.613121][ T5863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.623743][ T5863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.635462][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.645910][ T5863] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.654847][ T5863] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.664227][ T5863] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.673326][ T5863] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.789097][ T6004] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 74.789097][ T6004] The task syz.3.696 (6004) triggered the difference, watch for misbehavior. [ 74.808542][ T29] audit: type=1400 audit(1721681384.822:713): avc: denied { append } for pid=6000 comm="syz.3.696" name="event3" dev="devtmpfs" ino=234 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 75.054401][ T4332] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.071393][ T6007] netlink: 72 bytes leftover after parsing attributes in process `syz.0.698'. [ 75.103617][ T6010] loop0: detected capacity change from 0 to 128 [ 75.110446][ T6010] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 75.144740][ T6010] bio_check_eod: 86 callbacks suppressed [ 75.144752][ T6010] syz.0.699: attempt to access beyond end of device [ 75.144752][ T6010] loop0: rw=2049, sector=625, nr_sectors = 65 limit=128 [ 75.165186][ T6010] syz.0.699: attempt to access beyond end of device [ 75.165186][ T6010] loop0: rw=34817, sector=625, nr_sectors = 32 limit=128 [ 75.270838][ T1820] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 75.322132][ T6017] loop0: detected capacity change from 0 to 1024 [ 75.329652][ T6017] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 75.342241][ T6017] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.702: Invalid block bitmap block 0 in block_group 0 [ 75.355803][ T6017] Quota error (device loop0): write_blk: dquota write failed [ 75.363370][ T6017] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 75.373477][ T6017] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.702: Failed to acquire dquot type 0 [ 75.386026][ T6017] EXT4-fs error (device loop0): ext4_free_blocks:6590: comm syz.0.702: Freeing blocks not in datazone - block = 0, count = 4096 [ 75.400197][ T6017] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.702: Invalid inode bitmap blk 0 in block_group 0 [ 75.413307][ T6017] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem [ 75.422019][ T1820] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-8 [ 75.422083][ T6017] EXT4-fs (loop0): 1 orphan inode deleted [ 75.431188][ T1820] EXT4-fs error (device loop0): ext4_release_dquot:6871: comm kworker/u8:5: Failed to release dquot type 0 [ 75.448780][ T6017] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.463777][ T6017] netlink: 16 bytes leftover after parsing attributes in process `syz.0.702'. [ 75.477420][ T6017] syz.0.702 (6017) used greatest stack depth: 9640 bytes left [ 75.485940][ T4332] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.495807][ T47] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-8 [ 75.505395][ T47] EXT4-fs error (device loop0): ext4_release_dquot:6871: comm kworker/u8:3: Failed to release dquot type 0 [ 75.535207][ T6028] loop0: detected capacity change from 0 to 512 [ 75.543091][ T6028] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.704: casefold flag without casefold feature [ 75.556869][ T6028] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.704: couldn't read orphan inode 15 (err -117) [ 75.571117][ T6031] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6031 comm=syz.2.705 [ 75.574784][ T6028] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.602205][ T6034] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0 [ 75.602443][ T6033] bond0: Error: Cannot enslave bond to itself. [ 75.616717][ T6036] loop2: detected capacity change from 0 to 512 [ 75.625809][ T6028] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 75.638594][ T6036] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.651310][ T6036] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 75.651839][ T4332] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.690568][ T47] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.714046][ T29] audit: type=1400 audit(1721681385.722:714): avc: denied { write } for pid=6039 comm="syz.3.709" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 75.745666][ T6050] netlink: 12 bytes leftover after parsing attributes in process `syz.2.707'. [ 75.762671][ T6049] loop0: detected capacity change from 0 to 128 [ 75.772587][ T6049] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum. Run e2fsck? [ 75.792283][ T47] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.795808][ C1] eth0: bad gso: type: 1, size: 1408 [ 75.809358][ T3089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.823464][ T6049] netlink: 5 bytes leftover after parsing attributes in process `syz.0.708'. [ 75.851232][ T47] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.852262][ T6049] loop0: detected capacity change from 0 to 2048 [ 75.899821][ T6070] loop2: detected capacity change from 0 to 1024 [ 75.905900][ T6071] netlink: 116 bytes leftover after parsing attributes in process `syz.2.717'. [ 75.929174][ T47] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.942401][ T6070] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.009188][ T47] bridge_slave_1: left allmulticast mode [ 76.015055][ T47] bridge_slave_1: left promiscuous mode [ 76.021110][ T47] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.031251][ T47] bridge_slave_0: left allmulticast mode [ 76.037977][ T47] bridge_slave_0: left promiscuous mode [ 76.039634][ T6080] loop0: detected capacity change from 0 to 512 [ 76.044252][ T47] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.052188][ T6080] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.718: casefold flag without casefold feature [ 76.071084][ T6080] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.718: couldn't read orphan inode 15 (err -117) [ 76.084777][ T6080] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.106298][ T6080] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 76.106347][ T3089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.199135][ T47] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 76.211971][ T47] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 76.224668][ T47] bond0 (unregistering): Released all slaves [ 76.266720][ T6084] dvmrp0: entered allmulticast mode [ 76.300678][ T47] hsr_slave_0: left promiscuous mode [ 76.311519][ T47] hsr_slave_1: left promiscuous mode [ 76.322614][ T47] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 76.328813][ T6102] loop3: detected capacity change from 0 to 512 [ 76.332413][ T47] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 76.341938][ T6102] ext2: Unknown parameter 'uid<00000000000000000000' [ 76.372635][ T6102] loop3: detected capacity change from 0 to 2048 [ 76.381695][ T47] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 76.383209][ T6102] EXT4-fs: Ignoring removed mblk_io_submit option [ 76.390243][ T47] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 76.397188][ T6102] EXT4-fs: Ignoring removed nomblk_io_submit option [ 76.413295][ T47] veth1_macvtap: left promiscuous mode [ 76.420492][ T47] veth0_macvtap: left promiscuous mode [ 76.427588][ T47] veth1_vlan: left promiscuous mode [ 76.427635][ T6102] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.434746][ T47] veth0_vlan: left promiscuous mode [ 76.453150][ T6102] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.723: bg 0: block 234: padding at end of block bitmap is not set [ 76.485478][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.551583][ T47] team0 (unregistering): Port device team_slave_1 removed [ 76.558389][ T6108] loop3: detected capacity change from 0 to 512 [ 76.565647][ T47] team0 (unregistering): Port device team_slave_0 removed [ 76.568825][ T6108] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.587290][ T6108] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 76.627475][ T6048] chnl_net:caif_netlink_parms(): no params data found [ 76.661918][ T6048] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.669472][ T6048] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.678396][ T6048] bridge_slave_0: entered allmulticast mode [ 76.685804][ T6048] bridge_slave_0: entered promiscuous mode [ 76.693538][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.705195][ T6048] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.712328][ T6048] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.722940][ T6048] bridge_slave_1: entered allmulticast mode [ 76.735012][ T6048] bridge_slave_1: entered promiscuous mode [ 76.756678][ T6048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.768892][ T6048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.825807][ T4332] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.846679][ T5322] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 76.888571][ T6048] team0: Port device team_slave_0 added [ 76.926703][ T6048] team0: Port device team_slave_1 added [ 76.961228][ T6048] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.968280][ T6048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 76.994483][ T6048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.016714][ T4990] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.044057][ T6048] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.051162][ T6048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.077868][ T6048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 77.106124][ T6139] loop1: detected capacity change from 0 to 128 [ 77.141419][ T6144] loop2: detected capacity change from 0 to 256 [ 77.148423][ T6144] msdos: Unknown parameter 'no¤…hÖšÿ-ots' [ 77.159399][ T6145] loop2: detected capacity change from 0 to 512 [ 77.172097][ T6145] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 77.180747][ T6145] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 77.191800][ T6048] hsr_slave_0: entered promiscuous mode [ 77.200175][ T6048] hsr_slave_1: entered promiscuous mode [ 77.206119][ T6145] EXT4-fs (loop2): orphan cleanup on readonly fs [ 77.213875][ T6145] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279949761 > max in inode 13 [ 77.225472][ T6048] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 77.225855][ T6145] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279949762 > max in inode 13 [ 77.234623][ T6048] Cannot create hsr debugfs directory [ 77.251185][ T6145] EXT4-fs (loop2): 1 truncate cleaned up [ 77.257352][ T6145] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 77.269969][ T6145] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.270849][ T6157] netlink: 28 bytes leftover after parsing attributes in process `syz.0.735'. [ 77.291711][ T6144] loop2: detected capacity change from 0 to 128 [ 77.302821][ T6144] vfat: Unknown parameter 'commit' [ 77.326082][ T6152] netlink: 76 bytes leftover after parsing attributes in process `syz.0.735'. [ 77.365952][ T6175] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 77.401747][ T6176] loop2: detected capacity change from 0 to 512 [ 77.402027][ T6180] loop3: detected capacity change from 0 to 512 [ 77.421355][ T6177] loop1: detected capacity change from 0 to 512 [ 77.434454][ T6176] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e028, mo2=0002] [ 77.439533][ T6180] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.738: casefold flag without casefold feature [ 77.445897][ T6177] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.459032][ T6180] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.738: couldn't read orphan inode 15 (err -117) [ 77.471107][ T6176] System zones: 1-12 [ 77.487161][ T6190] netlink: 12 bytes leftover after parsing attributes in process `syz.0.743'. [ 77.487398][ T6180] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.497912][ T6177] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.520552][ T6176] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.739: invalid indirect mapped block 8 (level 2) [ 77.534237][ T6176] EXT4-fs (loop2): Remounting filesystem read-only [ 77.541542][ T6176] EXT4-fs (loop2): 1 truncate cleaned up [ 77.547664][ T6180] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 77.548412][ T6176] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.561824][ T6197] loop0: detected capacity change from 0 to 512 [ 77.570481][ T6176] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 77.581876][ T6176] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.598949][ T6197] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.611570][ T6197] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 77.626333][ T6197] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.744: Directory hole found for htree leaf block 0 [ 77.643353][ T6197] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.744: Directory hole found for htree leaf block 0 [ 77.664176][ T4332] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.688175][ T6205] loop0: detected capacity change from 0 to 512 [ 77.695546][ T6205] ext4: Unknown parameter '0x0000000000000000' [ 77.762502][ T6048] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 77.772866][ T6048] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 77.778140][ T6210] loop0: detected capacity change from 0 to 2048 [ 77.786371][ T6210] EXT4-fs: Ignoring removed mblk_io_submit option [ 77.788170][ T6048] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 77.797955][ T6210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.814130][ T6048] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 77.833384][ T4332] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.855599][ T6048] 8021q: adding VLAN 0 to HW filter on device bond0 [ 77.870985][ T6216] loop0: detected capacity change from 0 to 512 [ 77.871318][ T6048] 8021q: adding VLAN 0 to HW filter on device team0 [ 77.887660][ T3162] bridge0: port 1(bridge_slave_0) entered blocking state [ 77.890254][ T6216] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 77.895177][ T3162] bridge0: port 1(bridge_slave_0) entered forwarding state [ 77.916117][ T6216] ext4 filesystem being mounted at /120/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 77.919034][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 77.934246][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 77.956149][ T6048] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 77.966952][ T6048] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 77.982711][ T4332] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.031285][ T6048] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 78.101847][ T6235] loop0: detected capacity change from 0 to 128 [ 78.168068][ T6048] veth0_vlan: entered promiscuous mode [ 78.178403][ T6048] veth1_vlan: entered promiscuous mode [ 78.197005][ T5863] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.202038][ T6048] veth0_macvtap: entered promiscuous mode [ 78.216815][ T6048] veth1_macvtap: entered promiscuous mode [ 78.242618][ T6247] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 78.242866][ T6048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.262762][ T6048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.274079][ T6048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.285395][ T6048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.296376][ T6048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.308205][ T6048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.318434][ T6048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 78.329316][ T6048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.344690][ T6048] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 78.354817][ T6048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.366324][ T6048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.376345][ T6048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.386974][ T6048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.397123][ T6048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.407788][ T6048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.417640][ T6048] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 78.428397][ T6048] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 78.429333][ T6257] 9pnet_fd: Insufficient options for proto=fd [ 78.440958][ T6048] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 78.460384][ T6256] netlink: 104 bytes leftover after parsing attributes in process `syz.3.755'. [ 78.480368][ T6048] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.489389][ T6048] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.498303][ T6048] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.507184][ T6048] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.610020][ T6288] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 78.654249][ T6295] FAULT_INJECTION: forcing a failure. [ 78.654249][ T6295] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 78.667563][ T6295] CPU: 0 UID: 0 PID: 6295 Comm: syz.4.767 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 78.678039][ T6295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 78.688487][ T6295] Call Trace: [ 78.692147][ T6295] [ 78.695080][ T6295] dump_stack_lvl+0xf2/0x150 [ 78.699757][ T6295] dump_stack+0x15/0x20 [ 78.703919][ T6295] should_fail_ex+0x229/0x230 [ 78.709108][ T6295] should_fail+0xb/0x10 [ 78.713615][ T6295] should_fail_usercopy+0x1a/0x20 [ 78.718942][ T6295] _copy_from_user+0x1e/0xd0 [ 78.724031][ T6295] copy_msghdr_from_user+0x54/0x2a0 [ 78.730443][ T6295] __sys_sendmsg+0x17d/0x280 [ 78.736209][ T6295] __x64_sys_sendmsg+0x46/0x50 [ 78.742221][ T6295] x64_sys_call+0x26f8/0x2e00 [ 78.747779][ T6295] do_syscall_64+0xc9/0x1c0 [ 78.754066][ T6295] ? clear_bhb_loop+0x55/0xb0 [ 78.759715][ T6295] ? clear_bhb_loop+0x55/0xb0 [ 78.765653][ T6295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.772957][ T6295] RIP: 0033:0x7fefb4e05e99 [ 78.779125][ T6295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.799587][ T6295] RSP: 002b:00007fefb4087048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 78.808201][ T6295] RAX: ffffffffffffffda RBX: 00007fefb4f95f60 RCX: 00007fefb4e05e99 [ 78.817738][ T6295] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 78.826974][ T6295] RBP: 00007fefb40870a0 R08: 0000000000000000 R09: 0000000000000000 [ 78.835181][ T6295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 78.843279][ T6295] R13: 000000000000000b R14: 00007fefb4f95f60 R15: 00007ffc5eebf128 [ 78.852204][ T6295] [ 78.905229][ T6305] bridge_slave_0: left allmulticast mode [ 78.910959][ T6305] bridge_slave_0: left promiscuous mode [ 78.916825][ T6305] bridge0: port 1(bridge_slave_0) entered disabled state [ 78.928870][ T6305] bridge_slave_1: left allmulticast mode [ 78.934769][ T6305] bridge_slave_1: left promiscuous mode [ 78.940762][ T6305] bridge0: port 2(bridge_slave_1) entered disabled state [ 78.950371][ T6305] bond0: (slave bond_slave_0): Releasing backup interface [ 78.961947][ T6305] bond0: (slave bond_slave_1): Releasing backup interface [ 78.977682][ T6305] team0: Port device team_slave_0 removed [ 78.990294][ T6305] team0: Port device team_slave_1 removed [ 79.002942][ T6305] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 79.010532][ T6305] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 79.019405][ T6305] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 79.027074][ T6305] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 79.058860][ T6312] 8021q: adding VLAN 0 to HW filter on device bond0 [ 79.067521][ T6312] team0: Port device bond0 added [ 79.174062][ T6325] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 79.234659][ T6366] FAULT_INJECTION: forcing a failure. [ 79.234659][ T6366] name failslab, interval 1, probability 0, space 0, times 0 [ 79.250977][ T6366] CPU: 0 UID: 0 PID: 6366 Comm: syz.0.781 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 79.261978][ T6366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 79.272089][ T6366] Call Trace: [ 79.275385][ T6366] [ 79.278394][ T6366] dump_stack_lvl+0xf2/0x150 [ 79.284038][ T6366] dump_stack+0x15/0x20 [ 79.288635][ T6366] should_fail_ex+0x229/0x230 [ 79.293525][ T6366] ? __alloc_skb+0x10b/0x310 [ 79.298139][ T6366] should_failslab+0x8f/0xb0 [ 79.302759][ T6366] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 79.308614][ T6366] __alloc_skb+0x10b/0x310 [ 79.313116][ T6373] netlink: 'syz.2.784': attribute type 11 has an invalid length. [ 79.321359][ T6366] netlink_alloc_large_skb+0xad/0xe0 [ 79.321548][ T6366] netlink_sendmsg+0x3b4/0x6e0 [ 79.321584][ T6366] ? __pfx_netlink_sendmsg+0x10/0x10 [ 79.338942][ T6366] __sock_sendmsg+0x140/0x180 [ 79.344660][ T6366] ____sys_sendmsg+0x312/0x410 [ 79.350127][ T6366] __sys_sendmsg+0x1e9/0x280 [ 79.354778][ T6366] __x64_sys_sendmsg+0x46/0x50 [ 79.359668][ T6366] x64_sys_call+0x26f8/0x2e00 [ 79.364639][ T6366] do_syscall_64+0xc9/0x1c0 [ 79.369166][ T6366] ? clear_bhb_loop+0x55/0xb0 [ 79.373906][ T6366] ? clear_bhb_loop+0x55/0xb0 [ 79.378596][ T6366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.384553][ T6366] RIP: 0033:0x7f030a8d5e99 [ 79.389018][ T6366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.408900][ T6366] RSP: 002b:00007f0309b57048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 79.417480][ T6366] RAX: ffffffffffffffda RBX: 00007f030aa65f60 RCX: 00007f030a8d5e99 [ 79.425492][ T6366] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 79.433807][ T6366] RBP: 00007f0309b570a0 R08: 0000000000000000 R09: 0000000000000000 [ 79.441907][ T6366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 79.450654][ T6366] R13: 000000000000000b R14: 00007f030aa65f60 R15: 00007fffa8db5e28 [ 79.459233][ T6366] [ 79.502738][ T6386] loop0: detected capacity change from 0 to 512 [ 79.510149][ T6386] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 79.523833][ T6386] EXT4-fs (loop0): 1 truncate cleaned up [ 79.531428][ T6386] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 79.548900][ T6386] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6386 comm=syz.0.789 [ 79.557413][ T6396] __nla_validate_parse: 1 callbacks suppressed [ 79.557431][ T6396] netlink: 12 bytes leftover after parsing attributes in process `syz.2.792'. [ 79.563025][ T6386] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pid=6386 comm=syz.0.789 [ 79.591845][ T6401] FAULT_INJECTION: forcing a failure. [ 79.591845][ T6401] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 79.605379][ T6401] CPU: 1 UID: 0 PID: 6401 Comm: syz.2.794 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 79.616322][ T6401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 79.627869][ T6401] Call Trace: [ 79.632496][ T6401] [ 79.635594][ T6401] dump_stack_lvl+0xf2/0x150 [ 79.640353][ T6401] dump_stack+0x15/0x20 [ 79.644505][ T6401] should_fail_ex+0x229/0x230 [ 79.649379][ T6401] should_fail+0xb/0x10 [ 79.653641][ T6401] should_fail_usercopy+0x1a/0x20 [ 79.658666][ T6401] _copy_to_user+0x1e/0xa0 [ 79.663071][ T6401] simple_read_from_buffer+0xa0/0x110 [ 79.668444][ T6401] proc_fail_nth_read+0xfc/0x140 [ 79.673654][ T6401] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 79.680010][ T6401] vfs_read+0x1a2/0x6e0 [ 79.684992][ T6401] ? __rcu_read_unlock+0x4e/0x70 [ 79.690012][ T6401] ? __fget_files+0x1da/0x210 [ 79.694796][ T6401] ksys_read+0xeb/0x1b0 [ 79.698971][ T6401] __x64_sys_read+0x42/0x50 [ 79.703515][ T6401] x64_sys_call+0x2a36/0x2e00 [ 79.708186][ T6401] do_syscall_64+0xc9/0x1c0 [ 79.712748][ T6401] ? clear_bhb_loop+0x55/0xb0 [ 79.718734][ T6401] ? clear_bhb_loop+0x55/0xb0 [ 79.724676][ T6401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.732807][ T6401] RIP: 0033:0x7f8567ee497c [ 79.737740][ T6401] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 79.760178][ T6401] RSP: 002b:00007f8567167040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 79.769319][ T6401] RAX: ffffffffffffffda RBX: 00007f8568075f60 RCX: 00007f8567ee497c [ 79.777645][ T6401] RDX: 000000000000000f RSI: 00007f85671670b0 RDI: 0000000000000003 [ 79.785913][ T6401] RBP: 00007f85671670a0 R08: 0000000000000000 R09: 0000000000000000 [ 79.794409][ T6401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 79.802547][ T6401] R13: 000000000000000b R14: 00007f8568075f60 R15: 00007ffe3ffeb528 [ 79.810718][ T6401] [ 79.820030][ T6188] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 79.892483][ T6419] loop2: detected capacity change from 0 to 256 [ 79.942334][ T6426] netlink: 'syz.2.803': attribute type 10 has an invalid length. [ 79.960126][ T29] kauditd_printk_skb: 160 callbacks suppressed [ 79.960346][ T29] audit: type=1326 audit(1721681389.962:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6407 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030a8d5e99 code=0x7ffc0000 [ 79.991368][ T29] audit: type=1326 audit(1721681389.962:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6407 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030a8d5e99 code=0x7ffc0000 [ 80.015401][ T29] audit: type=1326 audit(1721681389.962:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6407 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f030a8d5e99 code=0x7ffc0000 [ 80.039050][ T29] audit: type=1326 audit(1721681389.962:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6407 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030a8d5e99 code=0x7ffc0000 [ 80.062498][ T29] audit: type=1326 audit(1721681389.962:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6407 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f030a8d5e99 code=0x7ffc0000 [ 80.086165][ T29] audit: type=1400 audit(1721681389.962:880): avc: denied { setopt } for pid=6407 comm="syz.0.795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 80.106700][ T29] audit: type=1326 audit(1721681389.962:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6407 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030a8d5e99 code=0x7ffc0000 [ 80.130681][ T29] audit: type=1326 audit(1721681389.962:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6407 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030a8d5e99 code=0x7ffc0000 [ 80.154086][ T29] audit: type=1326 audit(1721681389.972:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6407 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f030a8d5e99 code=0x7ffc0000 [ 80.177441][ T29] audit: type=1326 audit(1721681389.972:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6407 comm="syz.0.795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030a8d5e99 code=0x7ffc0000 [ 80.203259][ T6426] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.213219][ T6426] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 80.246234][ T6445] loop4: detected capacity change from 0 to 512 [ 80.252908][ T6445] ext4: Unknown parameter 'dont_measure' [ 80.269818][ T6445] loop4: detected capacity change from 0 to 512 [ 80.277331][ T6445] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 80.286396][ T6445] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 80.313571][ T6449] loop0: detected capacity change from 0 to 512 [ 80.332494][ T6449] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.354771][ T6449] EXT4-fs error (device loop0): ext4_add_entry:2435: inode #2: comm syz.0.809: Directory hole found for htree leaf block 0 [ 80.360322][ T6473] FAULT_INJECTION: forcing a failure. [ 80.360322][ T6473] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 80.382678][ T6473] CPU: 0 UID: 0 PID: 6473 Comm: syz.4.814 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 80.393271][ T6473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 80.403405][ T6473] Call Trace: [ 80.406722][ T6473] [ 80.409650][ T6473] dump_stack_lvl+0xf2/0x150 [ 80.414494][ T6473] dump_stack+0x15/0x20 [ 80.419104][ T6473] should_fail_ex+0x229/0x230 [ 80.423994][ T6473] should_fail+0xb/0x10 [ 80.428264][ T6473] should_fail_usercopy+0x1a/0x20 [ 80.433410][ T6473] _copy_from_iter+0xd3/0xb00 [ 80.438283][ T6473] ? kmalloc_reserve+0x16e/0x190 [ 80.443323][ T6473] ? __build_skb_around+0x196/0x1f0 [ 80.448535][ T6473] ? __alloc_skb+0x21f/0x310 [ 80.453232][ T6473] ? __virt_addr_valid+0x1ed/0x250 [ 80.458372][ T6473] ? __check_object_size+0x35b/0x510 [ 80.463853][ T6473] netlink_sendmsg+0x460/0x6e0 [ 80.468947][ T6473] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.474328][ T6473] __sock_sendmsg+0x140/0x180 [ 80.479185][ T6473] ____sys_sendmsg+0x312/0x410 [ 80.484548][ T6473] __sys_sendmsg+0x1e9/0x280 [ 80.489792][ T6473] __x64_sys_sendmsg+0x46/0x50 [ 80.494599][ T6473] x64_sys_call+0x26f8/0x2e00 [ 80.499796][ T6473] do_syscall_64+0xc9/0x1c0 [ 80.504299][ T6473] ? clear_bhb_loop+0x55/0xb0 [ 80.508965][ T6473] ? clear_bhb_loop+0x55/0xb0 [ 80.513785][ T6473] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.519971][ T6473] RIP: 0033:0x7fefb4e05e99 [ 80.524457][ T6473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.545011][ T6473] RSP: 002b:00007fefb4087048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.553441][ T6473] RAX: ffffffffffffffda RBX: 00007fefb4f95f60 RCX: 00007fefb4e05e99 [ 80.561751][ T6473] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 80.570603][ T6473] RBP: 00007fefb40870a0 R08: 0000000000000000 R09: 0000000000000000 [ 80.578570][ T6473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.587089][ T6473] R13: 000000000000000b R14: 00007fefb4f95f60 R15: 00007ffc5eebf128 [ 80.595130][ T6473] [ 80.638809][ T6483] loop3: detected capacity change from 0 to 512 [ 80.650228][ T6484] loop4: detected capacity change from 0 to 1024 [ 80.683536][ T6483] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.763859][ T6514] loop0: detected capacity change from 0 to 512 [ 80.772103][ T6514] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 80.787233][ T6514] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #15: comm syz.0.826: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 80.803312][ T6521] FAULT_INJECTION: forcing a failure. [ 80.803312][ T6521] name failslab, interval 1, probability 0, space 0, times 0 [ 80.807757][ T6514] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.826: couldn't read orphan inode 15 (err -117) [ 80.821047][ T6521] CPU: 1 UID: 0 PID: 6521 Comm: syz.2.829 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 80.836138][ T6514] ext2 filesystem being mounted at /137/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 80.845307][ T6521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 80.845374][ T6521] Call Trace: [ 80.845382][ T6521] [ 80.845389][ T6521] dump_stack_lvl+0xf2/0x150 [ 80.876938][ T6521] dump_stack+0x15/0x20 [ 80.877027][ T6521] should_fail_ex+0x229/0x230 [ 80.877109][ T6521] ? skb_clone+0x154/0x1f0 [ 80.877131][ T6521] should_failslab+0x8f/0xb0 [ 80.877156][ T6521] kmem_cache_alloc_noprof+0x4c/0x290 [ 80.877208][ T6521] skb_clone+0x154/0x1f0 [ 80.877230][ T6521] __netlink_deliver_tap+0x2bd/0x4c0 [ 80.877255][ T6521] netlink_unicast+0x641/0x670 [ 80.877355][ T6521] netlink_sendmsg+0x5cc/0x6e0 [ 80.877378][ T6521] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.877401][ T6521] __sock_sendmsg+0x140/0x180 [ 80.877419][ T6521] ____sys_sendmsg+0x312/0x410 [ 80.877445][ T6521] __sys_sendmsg+0x1e9/0x280 [ 80.877474][ T6521] __x64_sys_sendmsg+0x46/0x50 [ 80.877536][ T6521] x64_sys_call+0x26f8/0x2e00 [ 80.877558][ T6521] do_syscall_64+0xc9/0x1c0 [ 80.877573][ T6521] ? clear_bhb_loop+0x55/0xb0 [ 80.877589][ T6521] ? clear_bhb_loop+0x55/0xb0 [ 80.877667][ T6521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.877694][ T6521] RIP: 0033:0x7f8567ee5e99 [ 80.877707][ T6521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.877721][ T6521] RSP: 002b:00007f8567167048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.877804][ T6521] RAX: ffffffffffffffda RBX: 00007f8568075f60 RCX: 00007f8567ee5e99 [ 80.877815][ T6521] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 80.877826][ T6521] RBP: 00007f85671670a0 R08: 0000000000000000 R09: 0000000000000000 [ 80.877836][ T6521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 80.877887][ T6521] R13: 000000000000000b R14: 00007f8568075f60 R15: 00007ffe3ffeb528 [ 80.877900][ T6521] [ 80.907598][ C1] eth0: bad gso: type: 1, size: 1408 [ 80.951834][ T6532] loop0: detected capacity change from 0 to 256 [ 81.024950][ T6532] FAT-fs (loop0): Directory bread(block 64) failed [ 81.024976][ T6532] FAT-fs (loop0): Directory bread(block 65) failed [ 81.025071][ T6532] FAT-fs (loop0): Directory bread(block 66) failed [ 81.025087][ T6532] FAT-fs (loop0): Directory bread(block 67) failed [ 81.025150][ T6532] FAT-fs (loop0): Directory bread(block 68) failed [ 81.025167][ T6532] FAT-fs (loop0): Directory bread(block 69) failed [ 81.025243][ T6532] FAT-fs (loop0): Directory bread(block 70) failed [ 81.025261][ T6532] FAT-fs (loop0): Directory bread(block 71) failed [ 81.025280][ T6532] FAT-fs (loop0): Directory bread(block 72) failed [ 81.025295][ T6532] FAT-fs (loop0): Directory bread(block 73) failed [ 81.069928][ T6536] loop4: detected capacity change from 0 to 1024 [ 81.070129][ T6536] EXT4-fs: Ignoring removed nomblk_io_submit option [ 81.070144][ T6536] EXT4-fs: Ignoring removed bh option [ 81.073235][ T6539] loop2: detected capacity change from 0 to 512 [ 81.084265][ T6536] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (28593!=20869) [ 81.093974][ T6541] loop0: detected capacity change from 0 to 164 [ 81.099194][ T6536] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 81.141021][ T6536] JBD2: no valid journal superblock found [ 81.171968][ T6541] 9pnet_fd: Insufficient options for proto=fd [ 81.176025][ T6536] EXT4-fs (loop4): Could not load journal inode [ 81.272409][ T6525] netlink: 12 bytes leftover after parsing attributes in process `syz.4.830'. [ 81.895739][ T6563] FAULT_INJECTION: forcing a failure. [ 81.895739][ T6563] name failslab, interval 1, probability 0, space 0, times 0 [ 81.908476][ T6563] CPU: 0 UID: 0 PID: 6563 Comm: syz.2.842 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 81.919346][ T6563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 81.929492][ T6563] Call Trace: [ 81.932774][ T6563] [ 81.935790][ T6563] dump_stack_lvl+0xf2/0x150 [ 81.940470][ T6563] dump_stack+0x15/0x20 [ 81.945445][ T6563] should_fail_ex+0x229/0x230 [ 81.950453][ T6563] ? __alloc_skb+0x10b/0x310 [ 81.955276][ T6563] should_failslab+0x8f/0xb0 [ 81.960072][ T6563] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 81.966516][ T6563] __alloc_skb+0x10b/0x310 [ 81.972064][ T6563] netlink_ack+0xef/0x4f0 [ 81.977330][ T6563] ? __dev_queue_xmit+0x161/0x1fe0 [ 81.982957][ T6563] netlink_rcv_skb+0x19c/0x230 [ 81.987727][ T6563] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 81.993281][ T6563] rtnetlink_rcv+0x1c/0x30 [ 81.997725][ T6563] netlink_unicast+0x593/0x670 [ 82.002483][ T6563] netlink_sendmsg+0x5cc/0x6e0 [ 82.007323][ T6563] ? __pfx_netlink_sendmsg+0x10/0x10 [ 82.012612][ T6563] __sock_sendmsg+0x140/0x180 [ 82.017895][ T6563] ____sys_sendmsg+0x312/0x410 [ 82.022674][ T6563] __sys_sendmsg+0x1e9/0x280 [ 82.027379][ T6563] __x64_sys_sendmsg+0x46/0x50 [ 82.032249][ T6563] x64_sys_call+0x26f8/0x2e00 [ 82.037873][ T6563] do_syscall_64+0xc9/0x1c0 [ 82.043210][ T6563] ? clear_bhb_loop+0x55/0xb0 [ 82.048113][ T6563] ? clear_bhb_loop+0x55/0xb0 [ 82.053093][ T6563] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 82.059480][ T6563] RIP: 0033:0x7f8567ee5e99 [ 82.064752][ T6563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 82.084891][ T6563] RSP: 002b:00007f8567167048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 82.093367][ T6563] RAX: ffffffffffffffda RBX: 00007f8568075f60 RCX: 00007f8567ee5e99 [ 82.101360][ T6563] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 82.109360][ T6563] RBP: 00007f85671670a0 R08: 0000000000000000 R09: 0000000000000000 [ 82.119531][ T6563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 82.128055][ T6563] R13: 000000000000000b R14: 00007f8568075f60 R15: 00007ffe3ffeb528 [ 82.136659][ T6563] [ 82.211473][ T6569] ebt_limit: overflow, try lower: 0/0 [ 82.222745][ T6571] 9pnet: p9_errstr2errno: server reported unknown error @í΂Í(ááí«QhQI¸¥ [ 82.462442][ T6576] loop1: detected capacity change from 0 to 2048 [ 82.482399][ T6576] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.641300][ T6582] netlink: 60 bytes leftover after parsing attributes in process `syz.3.848'. [ 82.651336][ T6582] unsupported nlmsg_type 40 [ 82.660829][ T6582] loop3: detected capacity change from 0 to 512 [ 82.669156][ T6582] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 82.689548][ T6582] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.753294][ T6586] netlink: 16 bytes leftover after parsing attributes in process `syz.3.848'. [ 83.012860][ T6592] netlink: 'syz.2.850': attribute type 21 has an invalid length. [ 83.020739][ T6592] netlink: 128 bytes leftover after parsing attributes in process `syz.2.850'. [ 83.031389][ T6592] netlink: 'syz.2.850': attribute type 5 has an invalid length. [ 83.039414][ T6592] netlink: 3 bytes leftover after parsing attributes in process `syz.2.850'. [ 83.167778][ T6601] loop0: detected capacity change from 0 to 512 [ 83.175828][ T6601] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.854: bg 0: block 35: padding at end of block bitmap is not set [ 83.195420][ T6601] EXT4-fs (loop0): Remounting filesystem read-only [ 83.202154][ T6601] EXT4-fs (loop0): 1 truncate cleaned up [ 83.208569][ T6601] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 83.289900][ T6610] loop0: detected capacity change from 0 to 4096 [ 83.337508][ T6613] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 83.406244][ T6610] netlink: 12 bytes leftover after parsing attributes in process `syz.0.855'. [ 83.450284][ T6620] loop1: detected capacity change from 0 to 512 [ 83.460432][ T6620] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.859: casefold flag without casefold feature [ 83.483239][ T6620] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.859: couldn't read orphan inode 15 (err -117) [ 83.496061][ T6625] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 83.509191][ T6620] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 83.559770][ T6629] loop1: detected capacity change from 0 to 256 [ 83.570178][ T6625] program syz.0.860 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 83.594168][ T6629] FAT-fs (loop1): Directory bread(block 64) failed [ 83.603270][ T6629] FAT-fs (loop1): Directory bread(block 65) failed [ 83.611621][ T6629] FAT-fs (loop1): Directory bread(block 66) failed [ 83.626193][ T6629] FAT-fs (loop1): Directory bread(block 67) failed [ 83.636415][ T6629] FAT-fs (loop1): Directory bread(block 68) failed [ 83.645873][ T6629] FAT-fs (loop1): Directory bread(block 69) failed [ 83.653869][ T6629] FAT-fs (loop1): Directory bread(block 70) failed [ 83.660924][ T6629] FAT-fs (loop1): Directory bread(block 71) failed [ 83.668698][ T6629] FAT-fs (loop1): Directory bread(block 72) failed [ 83.675680][ T6629] FAT-fs (loop1): Directory bread(block 73) failed [ 83.688434][ T6629] netlink: 36 bytes leftover after parsing attributes in process `syz.1.862'. [ 83.697374][ T6629] netlink: 24 bytes leftover after parsing attributes in process `syz.1.862'. [ 83.707769][ T6641] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 83.791317][ T6652] loop3: detected capacity change from 0 to 512 [ 83.801317][ T6652] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.872: casefold flag without casefold feature [ 83.814818][ T6652] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.872: couldn't read orphan inode 15 (err -117) [ 83.829385][ T6652] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 83.892749][ T6660] loop3: detected capacity change from 0 to 512 [ 83.981746][ T6670] FAULT_INJECTION: forcing a failure. [ 83.981746][ T6670] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.995191][ T6670] CPU: 1 UID: 0 PID: 6670 Comm: syz.3.878 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 84.005560][ T6670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 84.015965][ T6670] Call Trace: [ 84.019253][ T6670] [ 84.022270][ T6670] dump_stack_lvl+0xf2/0x150 [ 84.026973][ T6670] dump_stack+0x15/0x20 [ 84.031703][ T6670] should_fail_ex+0x229/0x230 [ 84.036525][ T6670] should_fail+0xb/0x10 [ 84.040691][ T6670] should_fail_usercopy+0x1a/0x20 [ 84.045851][ T6670] _copy_to_user+0x1e/0xa0 [ 84.050342][ T6670] simple_read_from_buffer+0xa0/0x110 [ 84.055853][ T6670] proc_fail_nth_read+0xfc/0x140 [ 84.061599][ T6670] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 84.067245][ T6670] vfs_read+0x1a2/0x6e0 [ 84.071545][ T6670] ? __rcu_read_unlock+0x4e/0x70 [ 84.076488][ T6670] ? __fget_files+0x1da/0x210 [ 84.081237][ T6670] ksys_read+0xeb/0x1b0 [ 84.085483][ T6670] __x64_sys_read+0x42/0x50 [ 84.090021][ T6670] x64_sys_call+0x2a36/0x2e00 [ 84.094781][ T6670] do_syscall_64+0xc9/0x1c0 [ 84.099391][ T6670] ? clear_bhb_loop+0x55/0xb0 [ 84.104074][ T6670] ? clear_bhb_loop+0x55/0xb0 [ 84.108779][ T6670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.114799][ T6670] RIP: 0033:0x7f268565497c [ 84.119318][ T6670] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 84.139066][ T6670] RSP: 002b:00007f26848d7040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 84.147746][ T6670] RAX: ffffffffffffffda RBX: 00007f26857e5f60 RCX: 00007f268565497c [ 84.155841][ T6670] RDX: 000000000000000f RSI: 00007f26848d70b0 RDI: 0000000000000004 [ 84.164190][ T6670] RBP: 00007f26848d70a0 R08: 0000000000000000 R09: 0000000000000000 [ 84.172369][ T6670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.181249][ T6670] R13: 000000000000000b R14: 00007f26857e5f60 R15: 00007ffe9f5dd5e8 [ 84.189771][ T6670] [ 84.248402][ T6673] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 84.414385][ T6684] loop3: detected capacity change from 0 to 512 [ 84.422299][ T6684] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.884: casefold flag without casefold feature [ 84.436905][ T6684] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.884: couldn't read orphan inode 15 (err -117) [ 84.451692][ T6684] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 84.484242][ T6703] x_tables: duplicate underflow at hook 1 [ 84.496024][ T6707] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 84.587583][ T6724] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 84.682343][ T6745] loop1: detected capacity change from 0 to 1024 [ 84.694432][ T6745] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22 [ 84.803018][ T6763] loop1: detected capacity change from 0 to 128 [ 84.829259][ T6765] loop3: detected capacity change from 0 to 2048 [ 84.859159][ T6767] loop1: detected capacity change from 0 to 512 [ 84.867183][ T6767] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.909: casefold flag without casefold feature [ 84.880228][ T6767] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.909: couldn't read orphan inode 15 (err -117) [ 84.894262][ T6767] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 84.903601][ T6773] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 84.918706][ T6773] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 15 with max blocks 1 with error 28 [ 84.931052][ T6773] EXT4-fs (loop3): This should not happen!! Data will be lost [ 84.931052][ T6773] [ 84.940833][ T6773] EXT4-fs (loop3): Total free blocks count 0 [ 84.946944][ T6773] EXT4-fs (loop3): Free/Dirty block details [ 84.952940][ T6773] EXT4-fs (loop3): free_blocks=2415919104 [ 84.958838][ T6773] EXT4-fs (loop3): dirty_blocks=16 [ 84.963943][ T6773] EXT4-fs (loop3): Block reservation details [ 84.970328][ T6773] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 85.058220][ T6773] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 85.071040][ T6773] EXT4-fs (loop3): This should not happen!! Data will be lost [ 85.071040][ T6773] [ 85.082012][ T29] kauditd_printk_skb: 5204 callbacks suppressed [ 85.082037][ T29] audit: type=1326 audit(1721681395.092:6089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6764 comm="syz.3.908" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2685655e99 code=0x0 [ 85.389202][ T6786] netlink: 8 bytes leftover after parsing attributes in process `syz.2.914'. [ 85.398045][ T6786] netlink: 116 bytes leftover after parsing attributes in process `syz.2.914'. [ 85.408188][ T29] audit: type=1400 audit(1721681395.422:6090): avc: denied { ioctl } for pid=6785 comm="syz.2.914" path="time:[4026531834]" dev="nsfs" ino=4026531834 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 85.647795][ T6810] netlink: 40 bytes leftover after parsing attributes in process `syz.0.921'. [ 85.676746][ T6810] usb usb1: usbfs: process 6810 (syz.0.921) did not claim interface 0 before use [ 85.766159][ T6823] netlink: 28 bytes leftover after parsing attributes in process `syz.3.923'. [ 85.797186][ T6829] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 85.837289][ T29] audit: type=1400 audit(1721681395.852:6091): avc: denied { read } for pid=6834 comm="syz.4.930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 85.848028][ T6837] loop1: detected capacity change from 0 to 128 [ 85.907047][ T29] audit: type=1326 audit(1721681395.922:6092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6846 comm="syz.4.935" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fefb4e05e99 code=0x0 [ 85.971017][ T6859] loop1: detected capacity change from 0 to 512 [ 85.979517][ T6855] loop4: detected capacity change from 0 to 512 [ 85.988390][ T6855] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.937: casefold flag without casefold feature [ 86.003907][ T6863] EXT4-fs warning (device loop1): dx_probe:869: inode #2: comm syz.1.938: Unimplemented hash flags: 0x0001 [ 86.015540][ T6863] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.938: Corrupt directory, running e2fsck is recommended [ 86.028858][ T6855] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.937: couldn't read orphan inode 15 (err -117) [ 86.030242][ T29] audit: type=1400 audit(1721681396.042:6093): avc: denied { getopt } for pid=6857 comm="syz.1.938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 86.401591][ T6884] loop2: detected capacity change from 0 to 128 [ 86.491479][ T29] audit: type=1400 audit(1721681396.502:6094): avc: denied { bind } for pid=6889 comm="syz.2.946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 86.516404][ T6890] loop2: detected capacity change from 0 to 512 [ 86.547706][ T6890] ext4 filesystem being mounted at /203/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 86.575946][ T29] audit: type=1326 audit(1721681396.582:6095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6889 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8567ee5e99 code=0x7ffc0000 [ 86.578587][ T6894] netlink: 'syz.0.947': attribute type 4 has an invalid length. [ 86.618065][ T29] audit: type=1326 audit(1721681396.582:6096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6889 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f8567ee5e99 code=0x7ffc0000 [ 86.645927][ T29] audit: type=1326 audit(1721681396.582:6097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6889 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8567ee5e99 code=0x7ffc0000 [ 86.671985][ T29] audit: type=1326 audit(1721681396.622:6098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6889 comm="syz.2.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8567ee5e99 code=0x7ffc0000 [ 86.757519][ T6900] loop1: detected capacity change from 0 to 512 [ 86.768314][ T6900] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.949: casefold flag without casefold feature [ 86.781559][ T6900] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.949: couldn't read orphan inode 15 (err -117) [ 86.857548][ T6921] loop1: detected capacity change from 0 to 128 [ 86.976342][ T6942] xt_bpf: check failed: parse error [ 87.591703][ T6962] netlink: 8 bytes leftover after parsing attributes in process `syz.1.968'. [ 87.605121][ T6962] loop1: detected capacity change from 0 to 1024 [ 87.611975][ T6962] EXT4-fs: Ignoring removed orlov option [ 87.617747][ T6962] EXT4-fs: Ignoring removed nomblk_io_submit option [ 87.624806][ T6962] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 87.646133][ T6962] netlink: 4 bytes leftover after parsing attributes in process `syz.1.968'. [ 87.658623][ T6962] bond_slave_0: entered promiscuous mode [ 87.664470][ T6962] bond_slave_1: entered promiscuous mode [ 87.670786][ T6962] macvtap1: entered promiscuous mode [ 87.677108][ T6962] bond0: entered promiscuous mode [ 87.682659][ T6962] macvtap1: entered allmulticast mode [ 87.688232][ T6962] bond0: entered allmulticast mode [ 87.693335][ T6962] bond_slave_0: entered allmulticast mode [ 87.699121][ T6962] bond_slave_1: entered allmulticast mode [ 87.705928][ T6962] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 87.715196][ T6965] netlink: 4 bytes leftover after parsing attributes in process `syz.1.968'. [ 87.724804][ T6965] bond0: left allmulticast mode [ 87.729998][ T6965] bond_slave_0: left allmulticast mode [ 87.736425][ T6965] bond_slave_1: left allmulticast mode [ 87.742892][ T6965] bond0: left promiscuous mode [ 87.748717][ T6965] bond_slave_0: left promiscuous mode [ 87.754477][ T6965] bond_slave_1: left promiscuous mode [ 87.757531][ T6964] loop2: detected capacity change from 0 to 256 [ 87.766865][ T6965] macvtap1: left promiscuous mode [ 87.767007][ T6964] vfat: Unknown parameter '1' [ 87.772015][ T6965] macvtap1: left allmulticast mode [ 87.888201][ T6988] netlink: 24 bytes leftover after parsing attributes in process `syz.0.972'. [ 87.888511][ T6987] loop4: detected capacity change from 0 to 128 [ 87.905628][ T6987] ext4 filesystem being mounted at /28/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 87.949761][ T6983] loop2: detected capacity change from 0 to 2048 [ 87.966506][ T6987] netlink: 8 bytes leftover after parsing attributes in process `syz.4.977'. [ 87.969277][ T6983] EXT4-fs error (device loop2): ext4_find_extent:936: inode #2: comm syz.2.975: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 87.975347][ T6987] netlink: 12 bytes leftover after parsing attributes in process `syz.4.977'. [ 88.000823][ T6983] EXT4-fs (loop2): Remounting filesystem read-only [ 88.043889][ T6999] loop4: detected capacity change from 0 to 128 [ 88.088567][ T7007] loop2: detected capacity change from 0 to 2048 [ 88.112818][ T7016] loop4: detected capacity change from 0 to 512 [ 88.120579][ T7016] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.985: casefold flag without casefold feature [ 88.133579][ T7016] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.985: couldn't read orphan inode 15 (err -117) [ 88.939215][ T7024] loop1: detected capacity change from 0 to 1024 [ 88.980314][ T7035] bridge_slave_1: left allmulticast mode [ 88.986654][ T7035] bridge_slave_1: left promiscuous mode [ 88.992539][ T7035] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.000882][ T7035] bridge_slave_0: left allmulticast mode [ 89.006644][ T7035] bridge_slave_0: left promiscuous mode [ 89.012336][ T7035] bridge0: port 1(bridge_slave_0) entered disabled state [ 89.039542][ T7041] 9pnet_fd: Insufficient options for proto=fd [ 89.051768][ T7043] loop1: detected capacity change from 0 to 128 [ 89.107490][ T7056] net_ratelimit: 3 callbacks suppressed [ 89.107501][ T7056] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 89.128584][ T7053] loop1: detected capacity change from 0 to 512 [ 89.137170][ T7053] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.995: casefold flag without casefold feature [ 89.150944][ T7053] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.995: couldn't read orphan inode 15 (err -117) [ 89.165281][ T7053] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 89.211373][ T7068] SELinux: Context system_u:object_r:dmesg_exec_t:s0 is not valid (left unmapped). [ 89.231585][ T7065] loop1: detected capacity change from 0 to 764 [ 89.242741][ T7065] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 89.466731][ T7093] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 90.091103][ T29] kauditd_printk_skb: 18028 callbacks suppressed [ 90.091117][ T29] audit: type=1326 audit(1721681400.102:24127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7064 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8476005e99 code=0x7ffc0000 [ 90.122903][ T29] audit: type=1326 audit(1721681400.102:24128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7064 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8475ffcee7 code=0x7ffc0000 [ 90.148018][ T29] audit: type=1326 audit(1721681400.102:24129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7064 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8475fa18b9 code=0x7ffc0000 [ 90.173030][ T29] audit: type=1326 audit(1721681400.102:24130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7064 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8476005e99 code=0x7ffc0000 [ 90.198339][ T29] audit: type=1326 audit(1721681400.102:24131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7064 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8476005e99 code=0x7ffc0000 [ 90.223492][ T29] audit: type=1326 audit(1721681400.102:24132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7064 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8475ffcee7 code=0x7ffc0000 [ 90.249301][ T29] audit: type=1326 audit(1721681400.102:24133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7064 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8475fa18b9 code=0x7ffc0000 [ 90.277481][ T29] audit: type=1326 audit(1721681400.102:24134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7064 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8475ffcee7 code=0x7ffc0000 [ 90.302478][ T29] audit: type=1326 audit(1721681400.102:24135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7064 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8475fa18b9 code=0x7ffc0000 [ 90.327566][ T29] audit: type=1326 audit(1721681400.102:24136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7064 comm=6C2586CE36DB0CCF197CC94F7FCE8F exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8476005e99 code=0x7ffc0000 [ 90.403450][ T7100] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 90.440349][ T7098] loop2: detected capacity change from 0 to 512 [ 90.459345][ T7098] loop2: detected capacity change from 0 to 512 [ 90.491835][ T7121] FAULT_INJECTION: forcing a failure. [ 90.491835][ T7121] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 90.505195][ T7121] CPU: 1 UID: 0 PID: 7121 Comm: syz.1.1016 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 90.516141][ T7121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 90.526224][ T7121] Call Trace: [ 90.529501][ T7121] [ 90.532431][ T7121] dump_stack_lvl+0xf2/0x150 [ 90.537261][ T7121] dump_stack+0x15/0x20 [ 90.541433][ T7121] should_fail_ex+0x229/0x230 [ 90.546240][ T7121] should_fail_alloc_page+0xfd/0x110 [ 90.551734][ T7121] __alloc_pages_noprof+0x109/0x360 [ 90.556954][ T7121] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 90.562496][ T7121] vma_alloc_folio_noprof+0x182/0x2d0 [ 90.567901][ T7121] handle_mm_fault+0xf13/0x28c0 [ 90.572825][ T7121] exc_page_fault+0x296/0x650 [ 90.577523][ T7121] asm_exc_page_fault+0x26/0x30 [ 90.582416][ T7121] RIP: 0010:__put_user_4+0x11/0x20 [ 90.587523][ T7121] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 [ 90.607139][ T7121] RSP: 0018:ffffc90000eabe20 EFLAGS: 00050202 [ 90.613382][ T7121] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020001180 [ 90.621528][ T7121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88810300bbc8 [ 90.629503][ T7121] RBP: ffff8881138225c0 R08: 000188810300bbcf R09: 0000000000000000 [ 90.637559][ T7121] R10: 0001ffffffffffff R11: 0001c90000eabdf8 R12: ffff888113822400 [ 90.645556][ T7121] R13: ffff8881138225d0 R14: 0000000020001180 R15: 0000000000000000 [ 90.653625][ T7121] tty_jobctrl_ioctl+0x441/0x810 [ 90.658801][ T7121] ? __fget_files+0x1da/0x210 [ 90.664012][ T7121] tty_ioctl+0x64e/0xbe0 [ 90.668308][ T7121] ? __pfx_tty_ioctl+0x10/0x10 [ 90.673245][ T7121] __se_sys_ioctl+0xd3/0x150 [ 90.678058][ T7121] __x64_sys_ioctl+0x43/0x50 [ 90.682725][ T7121] x64_sys_call+0x1688/0x2e00 [ 90.687510][ T7121] do_syscall_64+0xc9/0x1c0 [ 90.692058][ T7121] ? clear_bhb_loop+0x55/0xb0 [ 90.696761][ T7121] ? clear_bhb_loop+0x55/0xb0 [ 90.701455][ T7121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.707366][ T7121] RIP: 0033:0x7f8476005e99 [ 90.711792][ T7121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.733685][ T7121] RSP: 002b:00007f8475287048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 90.742392][ T7121] RAX: ffffffffffffffda RBX: 00007f8476195f60 RCX: 00007f8476005e99 [ 90.750547][ T7121] RDX: 0000000020001180 RSI: 000000000000540f RDI: 0000000000000003 [ 90.759122][ T7121] RBP: 00007f84752870a0 R08: 0000000000000000 R09: 0000000000000000 [ 90.767631][ T7121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 90.775819][ T7121] R13: 000000000000000b R14: 00007f8476195f60 R15: 00007ffc31dd0068 [ 90.783888][ T7121] [ 90.790258][ T7123] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 90.804540][ T7120] loop4: detected capacity change from 0 to 512 [ 90.839615][ T7120] ext4 filesystem being mounted at /43/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 90.855348][ T7120] __nla_validate_parse: 3 callbacks suppressed [ 90.855365][ T7120] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1017'. [ 90.857156][ T7140] loop1: detected capacity change from 0 to 512 [ 90.879493][ T7140] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.1022: casefold flag without casefold feature [ 90.892734][ T7140] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1022: couldn't read orphan inode 15 (err -117) [ 90.893334][ T7145] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=26188 sclass=netlink_route_socket pid=7145 comm=syz.2.1019 [ 90.918717][ T7140] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 91.018294][ T7173] loop4: detected capacity change from 0 to 512 [ 91.028911][ T7173] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.040557][ T7172] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 91.058139][ T7176] xt_hashlimit: max too large, truncated to 1048576 [ 91.098983][ T7182] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 91.116017][ T7184] FAULT_INJECTION: forcing a failure. [ 91.116017][ T7184] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 91.129244][ T7184] CPU: 0 UID: 0 PID: 7184 Comm: syz.0.1032 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 91.139883][ T7184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 91.150605][ T7184] Call Trace: [ 91.153999][ T7184] [ 91.157257][ T7184] dump_stack_lvl+0xf2/0x150 [ 91.161928][ T7184] dump_stack+0x15/0x20 [ 91.166071][ T7184] should_fail_ex+0x229/0x230 [ 91.170933][ T7184] should_fail+0xb/0x10 [ 91.175179][ T7184] should_fail_usercopy+0x1a/0x20 [ 91.180337][ T7184] _copy_to_user+0x1e/0xa0 [ 91.184825][ T7184] simple_read_from_buffer+0xa0/0x110 [ 91.190204][ T7184] proc_fail_nth_read+0xfc/0x140 [ 91.195439][ T7184] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 91.201131][ T7184] vfs_read+0x1a2/0x6e0 [ 91.205372][ T7184] ? __rcu_read_unlock+0x4e/0x70 [ 91.210314][ T7184] ? __fget_files+0x1da/0x210 [ 91.215440][ T7184] ksys_read+0xeb/0x1b0 [ 91.219706][ T7184] __x64_sys_read+0x42/0x50 [ 91.224255][ T7184] x64_sys_call+0x2a36/0x2e00 [ 91.228957][ T7184] do_syscall_64+0xc9/0x1c0 [ 91.233450][ T7184] ? clear_bhb_loop+0x55/0xb0 [ 91.238281][ T7184] ? clear_bhb_loop+0x55/0xb0 [ 91.243043][ T7184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.249108][ T7184] RIP: 0033:0x7f030a8d497c [ 91.253594][ T7184] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 91.273389][ T7184] RSP: 002b:00007f0309b57040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 91.282360][ T7184] RAX: ffffffffffffffda RBX: 00007f030aa65f60 RCX: 00007f030a8d497c [ 91.292241][ T7184] RDX: 000000000000000f RSI: 00007f0309b570b0 RDI: 0000000000000004 [ 91.300835][ T7184] RBP: 00007f0309b570a0 R08: 0000000000000000 R09: 0000000000000000 [ 91.308836][ T7184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.317169][ T7184] R13: 000000000000000b R14: 00007f030aa65f60 R15: 00007fffa8db5e28 [ 91.326043][ T7184] [ 91.359459][ T7199] sctp: [Deprecated]: syz.0.1036 (pid 7199) Use of int in max_burst socket option. [ 91.359459][ T7199] Use struct sctp_assoc_value instead [ 91.374322][ T7202] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1038'. [ 91.391943][ T7202] loop4: detected capacity change from 0 to 1024 [ 91.399267][ T7202] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 91.410346][ T7202] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 91.417485][ T7199] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1036'. [ 91.421761][ T7202] EXT4-fs (loop4): orphan cleanup on readonly fs [ 91.429905][ T7199] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1036'. [ 91.438274][ T7202] EXT4-fs error (device loop4): ext4_free_blocks:6590: comm syz.4.1038: Freeing blocks not in datazone - block = 0, count = 4096 [ 91.463683][ T7202] EXT4-fs (loop4): 1 orphan inode deleted [ 91.497676][ T7214] loop4: detected capacity change from 0 to 512 [ 91.515575][ T7210] netlink: 'syz.0.1040': attribute type 10 has an invalid length. [ 91.525641][ T7210] batman_adv: batadv0: Removing interface: team0 [ 91.527138][ T7214] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.544065][ T7210] bridge0: port 3(team0) entered blocking state [ 91.550441][ T7210] bridge0: port 3(team0) entered disabled state [ 91.557747][ T7210] team0: entered allmulticast mode [ 91.562968][ T7210] team_slave_0: entered allmulticast mode [ 91.568862][ T7210] team_slave_1: entered allmulticast mode [ 91.575604][ T7210] team0: entered promiscuous mode [ 91.581199][ T7210] team_slave_0: entered promiscuous mode [ 91.587245][ T7210] team_slave_1: entered promiscuous mode [ 91.631056][ C1] eth0: bad gso: type: 1, size: 1408 [ 91.645303][ T7230] syzkaller0: entered promiscuous mode [ 91.650946][ T7230] syzkaller0: entered allmulticast mode [ 91.807404][ T7238] FAULT_INJECTION: forcing a failure. [ 91.807404][ T7238] name failslab, interval 1, probability 0, space 0, times 0 [ 91.820302][ T7238] CPU: 0 UID: 0 PID: 7238 Comm: syz.1.1045 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 91.831265][ T7238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 91.841439][ T7238] Call Trace: [ 91.844792][ T7238] [ 91.847798][ T7238] dump_stack_lvl+0xf2/0x150 [ 91.852754][ T7238] dump_stack+0x15/0x20 [ 91.856957][ T7238] should_fail_ex+0x229/0x230 [ 91.861787][ T7238] ? autofs_init_fs_context+0xcd/0x250 [ 91.867335][ T7238] should_failslab+0x8f/0xb0 [ 91.871999][ T7238] __kmalloc_cache_noprof+0x4b/0x2a0 [ 91.877361][ T7238] autofs_init_fs_context+0xcd/0x250 [ 91.883690][ T7238] alloc_fs_context+0x3fb/0x4e0 [ 91.889407][ T7238] fs_context_for_mount+0x21/0x30 [ 91.894687][ T7238] __se_sys_fsopen+0x96/0x1c0 [ 91.899377][ T7238] __x64_sys_fsopen+0x31/0x40 [ 91.904137][ T7238] x64_sys_call+0x2950/0x2e00 [ 91.908813][ T7238] do_syscall_64+0xc9/0x1c0 [ 91.913372][ T7238] ? clear_bhb_loop+0x55/0xb0 [ 91.918126][ T7238] ? clear_bhb_loop+0x55/0xb0 [ 91.923136][ T7238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.929037][ T7238] RIP: 0033:0x7f8476005e99 [ 91.933509][ T7238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.953114][ T7238] RSP: 002b:00007f8475287048 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 91.961544][ T7238] RAX: ffffffffffffffda RBX: 00007f8476195f60 RCX: 00007f8476005e99 [ 91.969562][ T7238] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000340 [ 91.977515][ T7238] RBP: 00007f84752870a0 R08: 0000000000000000 R09: 0000000000000000 [ 91.985492][ T7238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.993633][ T7238] R13: 000000000000000b R14: 00007f8476195f60 R15: 00007ffc31dd0068 [ 92.001597][ T7238] [ 92.183206][ T7244] loop1: detected capacity change from 0 to 512 [ 92.190502][ T7244] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 92.227508][ T7244] xt_CT: You must specify a L4 protocol and not use inversions on it [ 92.249503][ T7252] loop1: detected capacity change from 0 to 512 [ 92.257925][ T7252] EXT4-fs: Ignoring removed nomblk_io_submit option [ 92.265316][ T7252] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 92.275637][ T7252] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities [ 92.295576][ T7252] loop1: detected capacity change from 0 to 512 [ 92.307917][ T7264] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1051'. [ 92.362050][ T7268] netlink: 'syz.2.1053': attribute type 10 has an invalid length. [ 92.374887][ T7268] bond0: (slave team0): Releasing backup interface [ 92.397350][ T7268] bridge0: port 3(team0) entered blocking state [ 92.403711][ T7268] bridge0: port 3(team0) entered disabled state [ 92.410522][ T7268] team0: entered allmulticast mode [ 92.415691][ T7268] team_slave_0: entered allmulticast mode [ 92.422244][ T7268] team_slave_1: entered allmulticast mode [ 92.430137][ T7268] team0: entered promiscuous mode [ 92.435957][ T7268] team_slave_0: entered promiscuous mode [ 92.442607][ T7268] team_slave_1: entered promiscuous mode [ 92.481298][ T7280] loop2: detected capacity change from 0 to 2048 [ 92.507415][ T7280] loop2: p2 < > [ 92.600402][ T7288] loop2: detected capacity change from 0 to 128 [ 92.609091][ T7288] ext4 filesystem being mounted at /225/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.609893][ T7289] macvlan1: Device is already in use. [ 92.706078][ T7293] syzkaller0: entered promiscuous mode [ 92.711716][ T7293] syzkaller0: entered allmulticast mode [ 92.835616][ T7297] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1062'. [ 92.884233][ T7299] loop2: detected capacity change from 0 to 8192 [ 92.891747][ T7299] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 92.905241][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 92.916086][ T7299] FAT-fs (loop2): Filesystem has been set read-only [ 92.925303][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 92.934054][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 92.942716][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 92.951732][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 92.961469][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 92.972264][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 92.981768][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 92.990929][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 92.999618][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.008280][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.016991][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.026213][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.035097][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.043793][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.052428][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.061765][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.071345][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.080228][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.089680][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.098626][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.108120][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.117332][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.125979][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.134582][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.143421][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.152146][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.161275][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.170486][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.179370][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.189729][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.198354][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.207342][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.216392][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.225963][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.236885][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.245682][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.254406][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.263440][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.270284][ T7302] loop1: detected capacity change from 0 to 512 [ 93.272141][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.287251][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.295968][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.298266][ T7302] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6 [ 93.304762][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.313082][ C1] eth0: bad gso: type: 1, size: 1408 [ 93.328202][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.337120][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.346071][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.347241][ T7308] loop1: detected capacity change from 0 to 1024 [ 93.354863][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.362788][ T7308] EXT4-fs: Ignoring removed orlov option [ 93.369864][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.385389][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.394262][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.407881][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.417602][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.422270][ T7308] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1065'. [ 93.444708][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.456582][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.461121][ T7312] netlink: 'syz.0.1066': attribute type 10 has an invalid length. [ 93.465270][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.481672][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.490924][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.499746][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.508556][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.517195][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.522457][ T7316] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 93.526117][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.533652][ T7316] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub [ 93.542771][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.559891][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.568771][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.577699][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.586777][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.595417][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.605455][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.613584][ T7321] loop1: detected capacity change from 0 to 2048 [ 93.614240][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.629356][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.638092][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.647771][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.658095][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.668794][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.678563][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.689240][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.689965][ T7337] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1071'. [ 93.698010][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.715971][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.731440][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.741424][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.751955][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.761457][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.772417][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.783209][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.793168][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.793623][ T7344] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.801936][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.817786][ T7347] loop1: detected capacity change from 0 to 128 [ 93.828368][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.828397][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.828415][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.828434][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.828466][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.873950][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.883526][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.893906][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.902803][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.911560][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.912947][ T7344] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.920296][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.939460][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.943266][ T7348] team0: Device ipvlan2 failed to register rx_handler [ 93.949204][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.963950][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.974122][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.982962][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 93.992028][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.001136][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.011203][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.011194][ T7344] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.020051][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.039267][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.048317][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.058397][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.067784][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.076493][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.085139][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.094687][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.096011][ T7344] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 94.103309][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.122347][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.132008][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.132167][ T7218] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 94.141707][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.166981][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.176265][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.185129][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.190064][ T7344] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.193895][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.206045][ T7344] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.210850][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.223676][ T7344] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.228137][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.238990][ T7344] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.244924][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.262456][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.271200][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.279930][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.285192][ T7352] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1077'. [ 94.288693][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.307586][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.316765][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.325890][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.335483][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.344504][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.353464][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.361384][ T7354] netlink: 'syz.0.1078': attribute type 10 has an invalid length. [ 94.362901][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.379060][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.388425][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.399502][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.408484][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.417290][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.426224][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.435229][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.444419][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.453931][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.455496][ T7364] FAULT_INJECTION: forcing a failure. [ 94.455496][ T7364] name failslab, interval 1, probability 0, space 0, times 0 [ 94.463399][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.476362][ T7364] CPU: 0 UID: 0 PID: 7364 Comm: syz.0.1082 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 94.476409][ T7364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 94.476421][ T7364] Call Trace: [ 94.476428][ T7364] [ 94.476438][ T7364] dump_stack_lvl+0xf2/0x150 [ 94.476464][ T7364] dump_stack+0x15/0x20 [ 94.476482][ T7364] should_fail_ex+0x229/0x230 [ 94.476579][ T7364] ? alloc_empty_file+0xd0/0x310 [ 94.476605][ T7364] should_failslab+0x8f/0xb0 [ 94.485668][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.495699][ T7364] kmem_cache_alloc_noprof+0x4c/0x290 [ 94.495728][ T7364] alloc_empty_file+0xd0/0x310 [ 94.495844][ T7364] alloc_file_pseudo+0xc3/0x140 [ 94.495868][ T7364] anon_inode_getfd+0xc2/0x180 [ 94.495887][ T7364] __se_sys_fsopen+0x174/0x1c0 [ 94.505979][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.509195][ T7364] __x64_sys_fsopen+0x31/0x40 [ 94.512128][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.517057][ T7364] x64_sys_call+0x2950/0x2e00 [ 94.521551][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.526384][ T7364] do_syscall_64+0xc9/0x1c0 [ 94.532743][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.536117][ T7364] ? clear_bhb_loop+0x55/0xb0 [ 94.544877][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.550047][ T7364] ? clear_bhb_loop+0x55/0xb0 [ 94.550072][ T7364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.554939][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.559705][ T7364] RIP: 0033:0x7f030a8d5e99 [ 94.559721][ T7364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.564506][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.569408][ T7364] RSP: 002b:00007f0309b57048 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 94.569429][ T7364] RAX: ffffffffffffffda RBX: 00007f030aa65f60 RCX: 00007f030a8d5e99 [ 94.580048][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.582667][ T7364] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000340 [ 94.582683][ T7364] RBP: 00007f0309b570a0 R08: 0000000000000000 R09: 0000000000000000 [ 94.591529][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.596051][ T7364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.596065][ T7364] R13: 000000000000000b R14: 00007f030aa65f60 R15: 00007fffa8db5e28 [ 94.596081][ T7364] [ 94.757435][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757457][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757473][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757490][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757539][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757556][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757574][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757688][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757708][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757728][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757754][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757770][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757785][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757804][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757846][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757863][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757885][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757940][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757956][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757974][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.757995][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.758011][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.758082][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.758099][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.758171][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.758201][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.788582][ T7366] loop4: detected capacity change from 0 to 1024 [ 94.794490][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.808456][ T7366] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 94.828850][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.844887][ T7373] tmpfs: Bad value for 'mpol' [ 94.851000][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.909519][ T7376] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 94.910461][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 94.919375][ T7373] vhci_hcd: default hub control req: 010b v0000 i0000 l0 [ 94.928706][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.065610][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.076943][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.085754][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.095455][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.113706][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.116767][ T7383] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1087'. [ 95.122985][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.144125][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.153183][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.153974][ T29] kauditd_printk_skb: 277 callbacks suppressed [ 95.153986][ T29] audit: type=1400 audit(1721681405.152:24414): avc: denied { getopt } for pid=7379 comm="syz.4.1087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 95.162165][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.168374][ T29] audit: type=1400 audit(1721681405.152:24415): avc: denied { write } for pid=7379 comm="syz.4.1087" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 95.224745][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.235834][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.245439][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.255631][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.265032][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.273834][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.282648][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.291416][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.300392][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.309371][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.317654][ T7391] loop4: detected capacity change from 0 to 128 [ 95.320654][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.332018][ T7391] vfat: Unknown parameter '' [ 95.338117][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.350689][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.360183][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.369127][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.378480][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.400099][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.404434][ T29] audit: type=1400 audit(1721681405.412:24416): avc: denied { tracepoint } for pid=7405 comm="syz.4.1095" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 95.418784][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.440148][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.452599][ T7406] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7406 comm=syz.4.1095 [ 95.458318][ T7414] team0: left allmulticast mode [ 95.473038][ T7414] team_slave_0: left allmulticast mode [ 95.479001][ T7414] team_slave_1: left allmulticast mode [ 95.479176][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.484976][ T7414] team0: left promiscuous mode [ 95.494148][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.494194][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.494212][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.494229][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.494245][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.494262][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.494279][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.499145][ T7414] team_slave_0: left promiscuous mode [ 95.507948][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.516600][ T7414] team_slave_1: left promiscuous mode [ 95.526204][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.534989][ T7414] bridge0: port 3(team0) entered disabled state [ 95.545596][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.607579][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.616893][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.621554][ T7414] bridge_slave_0: left allmulticast mode [ 95.625755][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.625780][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.631569][ T7414] bridge_slave_0: left promiscuous mode [ 95.640990][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.648869][ T7414] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.654352][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.680689][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.689530][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.690496][ T7414] bridge_slave_1: left allmulticast mode [ 95.698264][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.703832][ T7414] bridge_slave_1: left promiscuous mode [ 95.712896][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.718788][ T7414] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.730498][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.745782][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.755186][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.764290][ T7417] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 95.764311][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.773339][ T7414] bond0: (slave bond_slave_0): Releasing backup interface [ 95.781612][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.797348][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.805964][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.815054][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.827594][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.837258][ T7414] bond0: (slave bond_slave_1): Releasing backup interface [ 95.837641][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.853355][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.863340][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.879857][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.890441][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.902777][ T7414] team0: Port device team_slave_0 removed [ 95.913455][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.922572][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.931533][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.940809][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.949709][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.951861][ T7414] team0: Port device team_slave_1 removed [ 95.958592][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.973414][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.982970][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 95.982990][ T7414] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 95.983046][ T7414] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 95.983121][ T7299] ================================================================== [ 95.983150][ T7299] BUG: KCSAN: data-race in data_push_tail / string [ 95.983186][ T7299] [ 95.983191][ T7299] write to 0xffffffff8861f328 of 1 bytes by task 7414 on cpu 0: [ 95.983207][ T7299] string+0x16c/0x210 [ 95.983231][ T7299] vsnprintf+0xa09/0xe30 [ 95.983257][ T7299] vscnprintf+0x42/0x90 [ 95.983283][ T7299] printk_sprint+0x30/0x2d0 [ 95.983302][ T7299] vprintk_store+0x570/0x810 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 95.983320][ T7299] vprintk_emit+0x10c/0x5e0 [ 95.983334][ T7299] vprintk_default+0x26/0x30 [ 95.983346][ T7299] vprintk+0x75/0x80 [ 95.983360][ T7299] _printk+0x7a/0xa0 [ 95.983373][ T7299] batadv_hardif_disable_interface+0xbf/0xa90 [ 95.983390][ T7299] batadv_softif_slave_del+0x5e/0xd0 [ 95.983411][ T7299] do_setlink+0x9c3/0x2490 [ 95.983436][ T7299] rtnl_newlink+0xbc6/0x1690 [ 95.983459][ T7299] rtnetlink_rcv_msg+0x6aa/0x710 [ 95.983485][ T7299] netlink_rcv_skb+0x12c/0x230 [ 95.983510][ T7299] rtnetlink_rcv+0x1c/0x30 [ 95.983537][ T7299] netlink_unicast+0x593/0x670 [ 95.983550][ T7299] netlink_sendmsg+0x5cc/0x6e0 [ 95.983564][ T7299] __sock_sendmsg+0x140/0x180 [ 95.983577][ T7299] ____sys_sendmsg+0x312/0x410 [ 95.983593][ T7299] __sys_sendmsg+0x1e9/0x280 [ 95.983608][ T7299] __x64_sys_sendmsg+0x46/0x50 [ 95.983625][ T7299] x64_sys_call+0x26f8/0x2e00 [ 95.983639][ T7299] do_syscall_64+0xc9/0x1c0 [ 95.983651][ T7299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.983670][ T7299] [ 95.983674][ T7299] read to 0xffffffff8861f328 of 8 bytes by task 7299 on cpu 1: [ 95.983684][ T7299] data_push_tail+0x102/0x430 [ 95.983700][ T7299] data_alloc+0xbe/0x2c0 [ 95.983715][ T7299] prb_reserve+0x85e/0xb60 [ 95.983730][ T7299] vprintk_store+0x53f/0x810 [ 95.983741][ T7299] vprintk_emit+0x10c/0x5e0 [ 95.983753][ T7299] vprintk_default+0x26/0x30 [ 95.983764][ T7299] vprintk+0x75/0x80 [ 95.983778][ T7299] _printk+0x7a/0xa0 [ 95.983789][ T7299] _fat_msg+0xa2/0xd0 [ 95.983801][ T7299] __fat_fs_error+0x176/0x1d0 [ 95.983817][ T7299] fat_get_mapped_cluster+0x22e/0x240 [ 95.983836][ T7299] fat_bmap+0x25f/0x290 [ 95.983852][ T7299] fat_get_block+0xd1/0x5e0 [ 95.983865][ T7299] block_read_full_folio+0x26b/0x6f0 [ 95.983881][ T7299] do_mpage_readpage+0xb83/0xcb0 [ 95.983897][ T7299] mpage_readahead+0x1ad/0x2d0 [ 95.983914][ T7299] fat_readahead+0x1c/0x30 [ 95.983928][ T7299] read_pages+0xa0/0x540 [ 95.983941][ T7299] page_cache_ra_unbounded+0x285/0x2e0 [ 95.983956][ T7299] page_cache_sync_ra+0x652/0x670 [ 95.983970][ T7299] filemap_get_pages+0x252/0xfb0 [ 95.983987][ T7299] filemap_splice_read+0x360/0x920 [ 95.984004][ T7299] splice_direct_to_actor+0x26c/0x670 [ 95.984019][ T7299] do_splice_direct+0xd7/0x150 [ 95.984033][ T7299] do_sendfile+0x3ab/0x950 [ 95.984046][ T7299] __x64_sys_sendfile64+0x110/0x150 [ 95.984066][ T7299] x64_sys_call+0xfc3/0x2e00 [ 95.984080][ T7299] do_syscall_64+0xc9/0x1c0 [ 95.984090][ T7299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.984109][ T7299] [ 95.984112][ T7299] value changed: 0x00000000ffffe878 -> 0x6576616c735f7664 [ 95.984119][ T7299] [ 95.984121][ T7299] Reported by Kernel Concurrency Sanitizer on: [ 95.984127][ T7299] CPU: 1 UID: 0 PID: 7299 Comm: syz.2.1063 Not tainted 6.10.0-syzkaller-11840-g933069701c1b #0 [ 95.984142][ T7299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 95.984149][ T7299] ================================================================== [ 95.985469][ T7414] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 95.992917][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.000233][ T7414] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 96.007374][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.089268][ T29] audit: type=1400 audit(1721681406.082:24417): avc: denied { write } for pid=3073 comm="syz-executor" path="pipe:[578]" dev="pipefs" ino=578 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 96.103378][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.104225][ T29] audit: type=1400 audit(1721681406.082:24418): avc: denied { recv } for pid=3073 comm="syz-executor" saddr=10.128.0.163 src=38490 daddr=10.128.0.108 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 96.108658][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.108766][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.150246][ T29] audit: type=1400 audit(1721681406.102:24419): avc: denied { search } for pid=2769 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 96.150868][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.158282][ T7414] bond0: (slave macvlan1): Releasing backup interface [ 96.158799][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.527599][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.536942][ T7414] veth1_vlan: left allmulticast mode [ 96.537036][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.552030][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.560898][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.569845][ T7415] __nla_validate_parse: 2 callbacks suppressed [ 96.569857][ T7415] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1097'. [ 96.570465][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.597426][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.606071][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.615026][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.623766][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.632940][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.641803][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.652094][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.662023][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.672265][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.681312][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.690309][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.690561][ T7420] netlink: 'syz.1.1100': attribute type 10 has an invalid length. [ 96.698935][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.698964][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.699014][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.699034][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.699052][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.699102][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.699121][ T7299] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 1042) [ 96.699572][ T7299] syz.2.1063 (7299) used greatest stack depth: 8584 bytes left [ 96.708324][ T7420] bridge0: port 3(team0) entered blocking state [ 96.794592][ T7420] bridge0: port 3(team0) entered disabled state [ 96.802599][ T7420] team0: entered allmulticast mode [ 96.807970][ T7420] team_slave_0: entered allmulticast mode [ 96.813869][ T7420] team_slave_1: entered allmulticast mode [ 96.820985][ T7420] team0: entered promiscuous mode [ 96.826064][ T7420] team_slave_0: entered promiscuous mode [ 96.831788][ T7420] team_slave_1: entered promiscuous mode [ 96.838010][ T7420] bridge0: port 3(team0) entered blocking state [ 96.844299][ T7420] bridge0: port 3(team0) entered forwarding state [ 97.011559][ T1820] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.109550][ T1820] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.199737][ T1820] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.298983][ T1820] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.478232][ T1820] team0: Port device bond0 removed [ 97.485090][ T1820] bond0 (unregistering): Released all slaves [ 97.576938][ T1820] IPVS: stopping master sync thread 6034 ... [ 97.584889][ T1820] hsr_slave_0: left promiscuous mode [ 97.590707][ T1820] hsr_slave_1: left promiscuous mode [ 97.598300][ T1820] veth1_macvtap: left promiscuous mode [ 97.603782][ T1820] veth0_macvtap: left promiscuous mode [ 97.609332][ T1820] veth1_vlan: left promiscuous mode [ 97.614607][ T1820] veth0_vlan: left promiscuous mode [ 98.040282][ T1820] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.089519][ T1820] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.129810][ T1820] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.169609][ T1820] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.228899][ T1820] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.289571][ T1820] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.339651][ T1820] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.409886][ T1820] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.469553][ T1820] team0: left allmulticast mode [ 98.474936][ T1820] team_slave_0: left allmulticast mode [ 98.480734][ T1820] team_slave_1: left allmulticast mode [ 98.486594][ T1820] team0: left promiscuous mode [ 98.491502][ T1820] team_slave_0: left promiscuous mode [ 98.496962][ T1820] team_slave_1: left promiscuous mode [ 98.502419][ T1820] bridge0: port 3(team0) entered disabled state [ 98.509168][ T1820] bridge_slave_1: left allmulticast mode [ 98.514965][ T1820] bridge_slave_1: left promiscuous mode [ 98.520943][ T1820] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.528813][ T1820] bridge_slave_0: left allmulticast mode [ 98.534716][ T1820] bridge_slave_0: left promiscuous mode [ 98.540525][ T1820] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.670644][ T1820] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 98.680535][ T1820] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 98.690406][ T1820] bond0 (unregistering): Released all slaves [ 98.699201][ T1820] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 98.709222][ T1820] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 98.719201][ T1820] bond0 (unregistering): Released all slaves [ 98.859086][ T1820] hsr_slave_0: left promiscuous mode [ 98.864921][ T1820] hsr_slave_1: left promiscuous mode [ 98.870871][ T1820] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 98.878420][ T1820] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 98.886160][ T1820] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.893614][ T1820] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 98.902703][ T1820] hsr_slave_0: left promiscuous mode [ 98.908392][ T1820] hsr_slave_1: left promiscuous mode [ 98.914201][ T1820] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 98.921991][ T1820] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 98.929583][ T1820] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.937106][ T1820] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 98.947029][ T1820] veth1_macvtap: left promiscuous mode [ 98.952607][ T1820] veth0_macvtap: left promiscuous mode [ 98.958115][ T1820] veth1_vlan: left promiscuous mode [ 98.963345][ T1820] veth0_vlan: left promiscuous mode [ 98.969051][ T1820] veth1_macvtap: left promiscuous mode [ 98.974620][ T1820] veth0_macvtap: left promiscuous mode [ 98.980247][ T1820] veth1_vlan: left promiscuous mode [ 98.985456][ T1820] veth0_vlan: left promiscuous mode [ 99.099845][ T1820] team0 (unregistering): Port device team_slave_1 removed [ 99.110599][ T1820] team0 (unregistering): Port device team_slave_0 removed [ 99.166382][ T1820] team0 (unregistering): Port device team_slave_1 removed [ 99.178319][ T1820] team0 (unregistering): Port device team_slave_0 removed [ 99.717211][ T1820] IPVS: stop unused estimator thread 0...