last executing test programs: 3.220278976s ago: executing program 2 (id=2196): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x166, &(0x7f0000000a40)='/proc/t/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,]5\xf5u\x8eb\xce\xa7\xc4\x18\'\xe6\xe0\x94\x11#\xb2\xa6\xdc\xd3\x1bsD&\xa6D\xd4\x8f\xe9\xe2%\xa84\t\'\xa2y\x10S.U}\xce\x96\xa4vQ\xa3\r.\x83\xe6KdA5\xeb\xe0\x9d\xa2\xb2\xbd\xe3\x04\x9eR\xb1\xa4\x10\xe7+\x10\xd3\xb2\xd6.\xbf\x81\xe6\xdb,#<\xb2\xfa\x13\xd6\xa9T\x06\":\xaf\xab\xdc\xfe\xd0\x9ek\x98\xd9iw\x06\xe2\xcb\xbd\x10\xe3\x1a\xda\xb6`$=Z\xdamT\xbc\xd9\xf6\x98q\xa1\x18\xd1\x83pSc\xb1\xe9%-^\xcc|\xcf\xa2\xa4\xae\xd9\'\x8bF\xe4\x1f\xf9\\\xfd\xec\x12\x9a\xb2\xa2\xe34\xa6y\x96\xf6\x8d\x8dxK:v#DZ\x8f\x11v\xa8clb\xce\aFc\xca\xf7\x8c\xba\xb8\x7f\x83\xf9\xd8\x14\xf4\xceB\xb9\xb8*\x1e\xbf~\x06\xe4\x9ak\x8e\xf2\xce93\x97\xec\xa4\xa3\xcfG\x83\xa0\xa3\v\x8c\v\xdd\x17\xa9\xd1$.\xce\xffa\x13Lf\xf8\x9dT~\xec\x1etN\xd1\x9a4\xb2\xcf \xdd\xbe\x87\\\x00\xba*\xa6\xb7F%\xa8\x84\x13\xedD\x9e\xc8\xc4-\xa7\x80\xd9\xa9k\x9b\xd6&\xdf\xb3\"fj\xa1\xf9\xef\x85)\x93\xb68\xedL\"\x8an\xd9\xa1M\xecDK{$\x15\xb5{\xc8q\"?\xa5s\xb9e<1\xec\xe0.\xf3\xdbrhI\xc6\xdf\x1cS\t\xcd\xb8\xc6\'\xfb\xd4'}, 0x30) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f00000022c0)=ANY=[@ANYBLOB="61158c000000000061134c0000000000bfa00000000000001705000008004ef02d3501000000000095003200000000006916000000000000bf67000000000000350605000fff07206706000002000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b540dcfc7ad0500c4063b3b8754c0686cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d39d25991b085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e5671c888fb126a163f16f920ae2fb494059bba8e3b680324a188090eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb40000000000000000000000000040007abf9c20d89cbc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eb29000000000000003cc3aa39ee4b1386bab561cda886fa64ffffff7f473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59801fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e17417a249a2cd8ff62aa6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d00000000d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38c7f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf73400000000000000cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61d1f5b2a443faa9bda0577383dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea90000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8a10300004d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a122822bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c39e9d8547c666b6764a3c7dd62a94eee45881441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a365b5b11df7216652b5703f31e078ecdefe8e6bfc45a9980a7a8de863e3477dd47d0f11611ca92d89641a183c8f629f17cfc28fde209a793d9c0cdde3bb3f82670d33396982988b9f5207a732908fdf1506f307ccae47a69319ee2242272e4f7ceb7a40e49a21ce6405af3ecb3381bf0668749c81fc6c2d97e68a693e3e622af52e572f4fa7b20d5c72cf5ff8016461130a46803de45029489921a48bd7688dd593e4a3e9803263ecbd8ae8570293508ebe5fabc1842cbc01ae8fabbf41820c31b7bb83a3439d4540f839ed5c23828a33d7645baa1ec32bb7aa8a786bb0997ccf6bba0a2cf6ef2157a63974d5e525a3f3f7f993ea9e82732ccc2e12c6310121ecb9029e7f835420f8f27a7e563684a225dee6ca5f5ff18a89ac6c627ff0e0e4769b6fbcfc847b20960704a4b13e962333bddb966de8bcade6f6bd3915a580ddec2e1bd88fbfdb749789cdc946822212f1cbacb03ba8d3e51e48ccdae20a43bf79ca0131b830620a97877242989e78dfec1d6df5f97ca5cddece50d0cae5d6eabbc1913aa3660e0b00000000000000000000000000bc12b71cb118d93461aa2914d6e454ef05c41beab7382787ba46b68c8d8b35349fb58b259b4447b59c667ddcac0bb2d066eb0579be84bdca8ed5d693411b7e5b21efaceddacef03daa9772f2715b5613ae0d88f8d109e36f8b8871b646d9ebbcc25d527ad3f828c92cb6597f82ed4d496a511007781be0c7cac07fc508a585f415ef81a887475286df80fb6ff9c6524d0e22d50f88ca15545bc688063b04eb8e0248aca60b9983dd5966216499ccfc0551f6e0323859ae64f55e4d496a695f8e6382aa714b92f95dcfd0b456d9ce7a24f736e4009ef64230e8f83f8283a4cc5f178d4698b94ccd8d0e0e3e2e35e1a7ac0cb3ee52013e8c2802d2f89b3f708fb53c17c3e4fbe0326ee510c4317b5f5f1eb34ca8441c23755acfc469909b16fba134de01d484c1b380622d3743a0be77b64961753faba6131c136fb14b1963960f2f7f118bc451a18b216bf26c3cec2575a059da60baede629711a5f11c347fcbca73440d27b1147b44fb15106c00669da23964fd9de079d1a9077848100f6e75d29b2d60016abc6ef1542bd3062f599676bb04e64decb6c843a407f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000340)=0x4) 3.124931634s ago: executing program 4 (id=2201): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5f65}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) socket$kcm(0x2, 0x1000000000000002, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000880)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) readv(r2, &(0x7f000001a340)=[{&(0x7f0000000240)=""/51, 0x33}], 0x1) 3.044247181s ago: executing program 2 (id=2204): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) signalfd(r1, &(0x7f00000000c0)={[0x5]}, 0x8) mq_timedreceive(r1, &(0x7f0000000440)=""/218, 0xda, 0x38000000000000, &(0x7f0000000080)={0x0, 0x989680}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x2040400) r3 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) mount(0x0, 0x0, &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) umount2(&(0x7f0000000240)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r4}, 0x10) r5 = syz_io_uring_setup(0x694, &(0x7f0000000540)={0x0, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280)) r6 = syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040), &(0x7f0000000240)) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x11, 0x2000ac0a, r7) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r8 = io_uring_setup(0x48ae, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0xf, &(0x7f0000000540)={0x1000, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0x10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001d80)=""/4103, 0x1007}], 0x0, 0x1}, 0x20) 2.954727589s ago: executing program 2 (id=2207): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) alarm(0x0) 2.954414619s ago: executing program 2 (id=2208): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r2) getsockname$packet(r2, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x9ef, 0xffff}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) 2.913013433s ago: executing program 2 (id=2211): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x42}}]}, 0x3c}}, 0x0) write$selinux_access(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[@ANYBLOB='system_u:object_r:ptch0 unconfined'], 0x67) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) r4 = socket$rxrpc(0x21, 0x2, 0xa) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb080003"], 0x2c}}, 0x0) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r7, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r4], 0x4}}, 0x0) sendfile(r6, r5, 0x0, 0x100000002) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000340)='kfree\x00', r9}, 0x10) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r10, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r10, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r10, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r10, 0x11a, 0x2, &(0x7f0000000240)=@ccm_128={{0x303}, "6300220946e57c17", "749035cc61ac87c15ae1071ccf87f35e", "79e961ed", "17c15e1d6b6c0316"}, 0x28) r11 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) getpid() 2.546315765s ago: executing program 2 (id=2228): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x401d031, 0xffffffffffffffff, 0x0) r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x4, 0x0, 0x0, 0x3, {0xa, 0x0, 0x0, @private0}}}, 0x32) r2 = socket$pppl2tp(0x18, 0x1, 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$PPPIOCGL2TPSTATS(r2, 0x80047453, 0xfffffffffffffffe) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffff, @void, @value}, 0x94) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) ioctl$TUNSETSNDBUF(r3, 0x400454d4, &(0x7f0000000000)=0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) poll(&(0x7f00000001c0)=[{r3}], 0x1, 0x0) r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0) ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246) pwritev(r5, &(0x7f0000000600)=[{&(0x7f00000010c0)="aabf75aa76c3ada74bf44ac8955581057e1778604df77693559ffad6cc78741642e0f21c507a79c29daba641a268ce55abe36b0fa2268a6fffbb8016b62549418cd3f951d1850854ec210ea8034faf1626e616a36c6bc0c9b4372b0e28213019e3db182fd0858a17e87ff7a5dddc89594225d78441a533082ed3e8047f12269778c40721cacf71f32543874a345938224419dce2fd44b7a62c1d0d98a0cf23c2fc16894ba549a2edfb7e300f14c30f64429d25ea9b26b9fbf839fb039e46bc8dcf12d7ce62c8cbc9f0d5ffff56a577edd86949d10e6e37e31297ce4e5585bc3d3ac00acbeec51d8164359204a918b4d1de4514705d55e2105084aece8a83f28fb3e46eb4f24b966af622fcf31c4cb601f5a2b82d42a2172ad0b1939c585891940b81aa9c5c6cdb0676b998025ea4ac0fc18aa24fd5d562b1dd4f23e3ac63f0233fb4465c5e5a96599ecc0fd8dd7e7d48a8b96db03630613905fd610ceec2eb9b6962645bd959cb08493806bb6d0ccb067a048c7ec34cc3ab4aec1b8e4253de22949b0c9a9d1dec77d903d6018eafd0e81dc7090ea108057e631003da3104c2eb839bc8428be6a497a051b03b80c02d8f8efc20330853a81ba6e36c41fcbc63e2345075a99164f8108452c298a49da500c16ecd20fca9577814e657a767c5f310d0c8a71b134a995e40c7924ec6ffe956ab10ff39e3a07b28af2a668df944869bffd39494fa0150a7a46491659c0afb122c91a50d08bd50e014bc4c1f7c9ff3fd2d1d813cd0cdd381510380c967aed0133055370c29cbf1b3e5d10ed2ae103de7dfa77e76ff55f41f1e18", 0x24a}, {&(0x7f0000000280)}, {0x0}], 0x3, 0x0, 0x0) close(0xffffffffffffffff) socket$packet(0x11, 0x2, 0x300) r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 2.270576859s ago: executing program 4 (id=2229): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x166, &(0x7f0000000a40)='/proc/t/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,]5\xf5u\x8eb\xce\xa7\xc4\x18\'\xe6\xe0\x94\x11#\xb2\xa6\xdc\xd3\x1bsD&\xa6D\xd4\x8f\xe9\xe2%\xa84\t\'\xa2y\x10S.U}\xce\x96\xa4vQ\xa3\r.\x83\xe6KdA5\xeb\xe0\x9d\xa2\xb2\xbd\xe3\x04\x9eR\xb1\xa4\x10\xe7+\x10\xd3\xb2\xd6.\xbf\x81\xe6\xdb,#<\xb2\xfa\x13\xd6\xa9T\x06\":\xaf\xab\xdc\xfe\xd0\x9ek\x98\xd9iw\x06\xe2\xcb\xbd\x10\xe3\x1a\xda\xb6`$=Z\xdamT\xbc\xd9\xf6\x98q\xa1\x18\xd1\x83pSc\xb1\xe9%-^\xcc|\xcf\xa2\xa4\xae\xd9\'\x8bF\xe4\x1f\xf9\\\xfd\xec\x12\x9a\xb2\xa2\xe34\xa6y\x96\xf6\x8d\x8dxK:v#DZ\x8f\x11v\xa8clb\xce\aFc\xca\xf7\x8c\xba\xb8\x7f\x83\xf9\xd8\x14\xf4\xceB\xb9\xb8*\x1e\xbf~\x06\xe4\x9ak\x8e\xf2\xce93\x97\xec\xa4\xa3\xcfG\x83\xa0\xa3\v\x8c\v\xdd\x17\xa9\xd1$.\xce\xffa\x13Lf\xf8\x9dT~\xec\x1etN\xd1\x9a4\xb2\xcf \xdd\xbe\x87\\\x00\xba*\xa6\xb7F%\xa8\x84\x13\xedD\x9e\xc8\xc4-\xa7\x80\xd9\xa9k\x9b\xd6&\xdf\xb3\"fj\xa1\xf9\xef\x85)\x93\xb68\xedL\"\x8an\xd9\xa1M\xecDK{$\x15\xb5{\xc8q\"?\xa5s\xb9e<1\xec\xe0.\xf3\xdbrhI\xc6\xdf\x1cS\t\xcd\xb8\xc6\'\xfb\xd4'}, 0x30) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f00000022c0)=ANY=[@ANYBLOB="61158c000000000061134c0000000000bfa00000000000001705000008004ef02d3501000000000095003200000000006916000000000000bf67000000000000350605000fff07206706000002000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b540dcfc7ad0500c4063b3b8754c0686cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d39d25991b085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e5671c888fb126a163f16f920ae2fb494059bba8e3b680324a188090eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb40000000000000000000000000040007abf9c20d89cbc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eb29000000000000003cc3aa39ee4b1386bab561cda886fa64ffffff7f473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59801fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e17417a249a2cd8ff62aa6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d00000000d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38c7f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf73400000000000000cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61d1f5b2a443faa9bda0577383dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea90000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8a10300004d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a122822bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c39e9d8547c666b6764a3c7dd62a94eee45881441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a365b5b11df7216652b5703f31e078ecdefe8e6bfc45a9980a7a8de863e3477dd47d0f11611ca92d89641a183c8f629f17cfc28fde209a793d9c0cdde3bb3f82670d33396982988b9f5207a732908fdf1506f307ccae47a69319ee2242272e4f7ceb7a40e49a21ce6405af3ecb3381bf0668749c81fc6c2d97e68a693e3e622af52e572f4fa7b20d5c72cf5ff8016461130a46803de45029489921a48bd7688dd593e4a3e9803263ecbd8ae8570293508ebe5fabc1842cbc01ae8fabbf41820c31b7bb83a3439d4540f839ed5c23828a33d7645baa1ec32bb7aa8a786bb0997ccf6bba0a2cf6ef2157a63974d5e525a3f3f7f993ea9e82732ccc2e12c6310121ecb9029e7f835420f8f27a7e563684a225dee6ca5f5ff18a89ac6c627ff0e0e4769b6fbcfc847b20960704a4b13e962333bddb966de8bcade6f6bd3915a580ddec2e1bd88fbfdb749789cdc946822212f1cbacb03ba8d3e51e48ccdae20a43bf79ca0131b830620a97877242989e78dfec1d6df5f97ca5cddece50d0cae5d6eabbc1913aa3660e0b00000000000000000000000000bc12b71cb118d93461aa2914d6e454ef05c41beab7382787ba46b68c8d8b35349fb58b259b4447b59c667ddcac0bb2d066eb0579be84bdca8ed5d693411b7e5b21efaceddacef03daa9772f2715b5613ae0d88f8d109e36f8b8871b646d9ebbcc25d527ad3f828c92cb6597f82ed4d496a511007781be0c7cac07fc508a585f415ef81a887475286df80fb6ff9c6524d0e22d50f88ca15545bc688063b04eb8e0248aca60b9983dd5966216499ccfc0551f6e0323859ae64f55e4d496a695f8e6382aa714b92f95dcfd0b456d9ce7a24f736e4009ef64230e8f83f8283a4cc5f178d4698b94ccd8d0e0e3e2e35e1a7ac0cb3ee52013e8c2802d2f89b3f708fb53c17c3e4fbe0326ee510c4317b5f5f1eb34ca8441c23755acfc469909b16fba134de01d484c1b380622d3743a0be77b64961753faba6131c136fb14b1963960f2f7f118bc451a18b216bf26c3cec2575a059da60baede629711a5f11c347fcbca73440d27b1147b44fb15106c00669da23964fd9de079d1a9077848100f6e75d29b2d60016abc6ef1542bd3062f599676bb04e64decb6c843a407f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000340)=0x4) 2.088898386s ago: executing program 4 (id=2233): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) alarm(0x0) 2.075917107s ago: executing program 4 (id=2235): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) signalfd(r1, &(0x7f00000000c0)={[0x5]}, 0x8) mq_timedreceive(r1, &(0x7f0000000440)=""/218, 0xda, 0x38000000000000, &(0x7f0000000080)={0x0, 0x989680}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x2040400) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) umount2(&(0x7f0000000240)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r3}, 0x10) syz_io_uring_setup(0x694, &(0x7f0000000540)={0x0, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280)) r4 = io_uring_setup(0x48ae, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0xf, &(0x7f0000000540)={0x1000, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001d80)=""/4103, 0x1007}], 0x0, 0x1}, 0x20) 2.048599849s ago: executing program 4 (id=2238): rseq(0x0, 0x0, 0x1, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = io_uring_setup(0xb3c, &(0x7f00000002c0)) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e580e", '\x00', "fffffffffffffffd"}, 0x38) writev(r2, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 2.024399981s ago: executing program 4 (id=2239): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000b80)={0x3c, r1, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x42}}]}, 0x3c}}, 0x0) write$selinux_access(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[@ANYBLOB='system_u:object_r:ptch0 unconfined_'], 0x67) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000180), 0xfea7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) r4 = socket$rxrpc(0x21, 0x2, 0xa) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb080003"], 0x2c}}, 0x0) sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r7, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r4], 0x4}}, 0x0) sendfile(r6, r5, 0x0, 0x100000002) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000340)='kfree\x00', r9}, 0x10) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r10, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) connect$inet6(r10, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r10, 0x6, 0x1f, &(0x7f00000002c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r10, 0x11a, 0x2, &(0x7f0000000240)=@ccm_128={{0x303}, "6300220946e57c17", "749035cc61ac87c15ae1071ccf87f35e", "79e961ed", "17c15e1d6b6c0316"}, 0x28) r11 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) getpid() 1.157331358s ago: executing program 3 (id=2249): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) signalfd(r1, &(0x7f00000000c0)={[0x5]}, 0x8) mq_timedreceive(r1, &(0x7f0000000440)=""/218, 0xda, 0x38000000000000, &(0x7f0000000080)={0x0, 0x989680}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x2040400) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) umount2(&(0x7f0000000240)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r3}, 0x10) syz_io_uring_setup(0x694, &(0x7f0000000540)={0x0, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280)) r4 = io_uring_setup(0x48ae, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0xf, &(0x7f0000000540)={0x1000, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001d80)=""/4103, 0x1007}], 0x0, 0x1}, 0x20) 1.12885967s ago: executing program 3 (id=2251): socket$inet_smc(0x2b, 0x1, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x8) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = dup(r4) pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r4}}) bpf$PROG_LOAD(0x5, 0x0, 0x0) write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}}) 1.114442902s ago: executing program 1 (id=2253): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5f65}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) r1 = socket$kcm(0x2, 0x1000000000000002, 0x0) sendmsg$inet(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)='&', 0x1}], 0x1, &(0x7f00000003c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xd}, @broadcast}}}], 0x20}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000880)='sched_switch\x00', r3}, 0x10) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0) r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) readv(r4, &(0x7f000001a340)=[{&(0x7f0000000240)=""/51, 0x33}], 0x1) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x2804049, &(0x7f0000001580)=ANY=[@ANYRES16=0x0, @ANYRES16, @ANYRESDEC, @ANYRES8, @ANYBLOB="017bd269f7dd3a93fa412d09c2790257816e859e38befc7634f092626c62b45f123b8f0f84059ba4351abe0bfd3933e564c513028b41a418555d5e4c744478e7ca03d24a2c1b0f248513f8f9cfc324431f5d5a6999ad47b61152edad98c141cf359dfcf021d4e8a18166aa7767e69420c5308149bcddd4a62a31d8f902a24645ef50e8395e891793f46aaa025a260c8d784a1ec9233755d12803582f06ed000000000000df6c634447f23d2cd9e65d3461d3a09b93f7318e486e862f288bb7ce21e0df72e59ed16f3796c260b5be486b21c5d7cf21996406b4b3240f009a12c844c2d35cefba99e2b26b01a1347225c1a8cb9f6630d930847f193662a5eea4daf62aeb29324a86f8ec6367bf3105d3529316d3e044bbeedf80c3b301686b44cd51c9ff53690e9269caf72a039b5e32b3e543b8fbba25a1eaf60c3e1da6becef1750a9e8d991ef03ce3d14d85d69f6ff54465fba8ad4aef625612f9fdc9cba6fea9a38fb5244e7729c047949660af09fa91fd17928f55f6bed589cdf6e6dde72206336961da8ce2c100ff90ac4a598e9846bc2b868a640021bec390b7f460d14330beadd5458a0352cde0d6c8bc1655da9121090c98cdf98438ab1baa3bbbb60db2436ae26fad78755d3df25b0f03c4c8f39f27a668aa45aa2953ebd6a34233a386f3d63a07f7e491a2db98af12cc6fc814e8a75efcf90c0e2a56a833d53b086be1ec10efe3c7d46abfedb36fc2fc75ebbdabcd356e489fe87dbf67bfe8de6d24d4db48c65da860ccf9f9b2f8b1fc8c8d757521a1b0677f50901ea19c53fd3a8ca59fbc328e69b0d064746a000000a1ed7631a64c8ecb86645f66b4efc49b74ec93f4897a56c7dbb42f094e6685051a0d42bed7598cc30ffc08bc2db500c5e5f9d51fc89d25f3a202b0abc67dd7926f915d61c24e031636d984759a36ba0b3a06151764621bdbe91b510a6064aa51e0a73317ccb02dbb89c701eac52445561f7355071ef71ae5427f612f8620f6b9a80c440af2f162"], 0x41, 0x304, &(0x7f0000001880)="$eJzs3M9rE1sUwPGTNG3SlDZZPB6v7/HoRTe6Gdq4V4K0IAaU2og/QJg2Ew0Zk5CJlRSxceXWf8PQZTdS0PoHdOPOlRtx043gpqA1ksykSdpJG1ObtOT7gXJP594zP3In4czAzPadV4/TSUtL6gXxBpR4RUqyKxKuRo6lcRHxiEdqzYi9MGA3Jbk49u3j/0pEorHY7LxSc9GFSxGl1MTU26fP1s5tFsZur09s+GUr/GD7a+Tz1t9bk9s/Fx6lLJWyVCZbULpazH4q6IumoRIpK60pddM0dMtQqYxl5O3+bMHZrORyRaVnEuPBXN6wLKVniiptFFUhqwr5otIf6qmM0jRNjQdlcOxM1Zrc7+bFy/PzerTLjS51mYc/bvPQ3ny+/uV5X2ntiZdPbp8AAMBpVa///c31/05r/e9xWm9z/e8oSala/9+6e+96B/X/xkib+j97oP53ri+kpT9pZqn/uxU4uCheHuq+/scZkR8VKa9J4xv94v7adC2g/gcAAAAAAAAAAAAAAAAAAAAA4CzYqVRClUolVG29YsfVP7/zwEj9/37vJ05G8/zbc+2rzjrzPyCaHtwLiJgvl+PLcbu1+6NJSYkphkxLSH7UzgeHHc9di816VE1Y3pmrTv7qcnyoNX9GQhJ2z5+x81Vr/rAEm/MjEpK/3PMjrvkjcuF8U74mIfmwJFkxJVE7rxv5z2eUunojti9/VBIuT8wBAAAAAHAWaWqP6/W7prXrt/M7uT8w7Xp97pN/ff09dgAAAAAABoVVXEnrpmnkjwxeOxlHDv7iDOx4zccNhjs9Cn/na35TCzzt1hzY++ie/NPDI20E9XcyHzp41BnU0uXcnlnt/T4fO5jqy9Z91ZO+aUmw7eCJIbcP/LDA77yVubpkt7JvzOX1/74XV65MHjHLJxT09GcIAAAAQA80iv5+7wkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOrF68T6/cxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfFrwAAAP//CgoTZA==") ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc1}}) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=0x7c, 0x4) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x4, &(0x7f0000000000)=@framed={{}, [@jmp]}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mremap(&(0x7f0000812000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) io_setup(0x1c, &(0x7f0000001140)) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="570600000000000000000000ff000000000000003a4c", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 647.156943ms ago: executing program 0 (id=2256): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x166, &(0x7f0000000a40)='/proc/t/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,]5\xf5u\x8eb\xce\xa7\xc4\x18\'\xe6\xe0\x94\x11#\xb2\xa6\xdc\xd3\x1bsD&\xa6D\xd4\x8f\xe9\xe2%\xa84\t\'\xa2y\x10S.U}\xce\x96\xa4vQ\xa3\r.\x83\xe6KdA5\xeb\xe0\x9d\xa2\xb2\xbd\xe3\x04\x9eR\xb1\xa4\x10\xe7+\x10\xd3\xb2\xd6.\xbf\x81\xe6\xdb,#<\xb2\xfa\x13\xd6\xa9T\x06\":\xaf\xab\xdc\xfe\xd0\x9ek\x98\xd9iw\x06\xe2\xcb\xbd\x10\xe3\x1a\xda\xb6`$=Z\xdamT\xbc\xd9\xf6\x98q\xa1\x18\xd1\x83pSc\xb1\xe9%-^\xcc|\xcf\xa2\xa4\xae\xd9\'\x8bF\xe4\x1f\xf9\\\xfd\xec\x12\x9a\xb2\xa2\xe34\xa6y\x96\xf6\x8d\x8dxK:v#DZ\x8f\x11v\xa8clb\xce\aFc\xca\xf7\x8c\xba\xb8\x7f\x83\xf9\xd8\x14\xf4\xceB\xb9\xb8*\x1e\xbf~\x06\xe4\x9ak\x8e\xf2\xce93\x97\xec\xa4\xa3\xcfG\x83\xa0\xa3\v\x8c\v\xdd\x17\xa9\xd1$.\xce\xffa\x13Lf\xf8\x9dT~\xec\x1etN\xd1\x9a4\xb2\xcf \xdd\xbe\x87\\\x00\xba*\xa6\xb7F%\xa8\x84\x13\xedD\x9e\xc8\xc4-\xa7\x80\xd9\xa9k\x9b\xd6&\xdf\xb3\"fj\xa1\xf9\xef\x85)\x93\xb68\xedL\"\x8an\xd9\xa1M\xecDK{$\x15\xb5{\xc8q\"?\xa5s\xb9e<1\xec\xe0.\xf3\xdbrhI\xc6\xdf\x1cS\t\xcd\xb8\xc6\'\xfb\xd4'}, 0x30) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, 0x0, &(0x7f0000000180)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f00000022c0)=ANY=[@ANYBLOB="61158c000000000061134c0000000000bfa00000000000001705000008004ef02d3501000000000095003200000000006916000000000000bf67000000000000350605000fff07206706000002000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b540dcfc7ad0500c4063b3b8754c0686cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d39d25991b085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e5671c888fb126a163f16f920ae2fb494059bba8e3b680324a188090eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb40000000000000000000000000040007abf9c20d89cbc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eb29000000000000003cc3aa39ee4b1386bab561cda886fa64ffffff7f473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59801fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e17417a249a2cd8ff62aa6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d00000000d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38c7f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf73400000000000000cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61d1f5b2a443faa9bda0577383dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea90000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8a10300004d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a122822bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c39e9d8547c666b6764a3c7dd62a94eee45881441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a365b5b11df7216652b5703f31e078ecdefe8e6bfc45a9980a7a8de863e3477dd47d0f11611ca92d89641a183c8f629f17cfc28fde209a793d9c0cdde3bb3f82670d33396982988b9f5207a732908fdf1506f307ccae47a69319ee2242272e4f7ceb7a40e49a21ce6405af3ecb3381bf0668749c81fc6c2d97e68a693e3e622af52e572f4fa7b20d5c72cf5ff8016461130a46803de45029489921a48bd7688dd593e4a3e9803263ecbd8ae8570293508ebe5fabc1842cbc01ae8fabbf41820c31b7bb83a3439d4540f839ed5c23828a33d7645baa1ec32bb7aa8a786bb0997ccf6bba0a2cf6ef2157a63974d5e525a3f3f7f993ea9e82732ccc2e12c6310121ecb9029e7f835420f8f27a7e563684a225dee6ca5f5ff18a89ac6c627ff0e0e4769b6fbcfc847b20960704a4b13e962333bddb966de8bcade6f6bd3915a580ddec2e1bd88fbfdb749789cdc946822212f1cbacb03ba8d3e51e48ccdae20a43bf79ca0131b830620a97877242989e78dfec1d6df5f97ca5cddece50d0cae5d6eabbc1913aa3660e0b00000000000000000000000000bc12b71cb118d93461aa2914d6e454ef05c41beab7382787ba46b68c8d8b35349fb58b259b4447b59c667ddcac0bb2d066eb0579be84bdca8ed5d693411b7e5b21efaceddacef03daa9772f2715b5613ae0d88f8d109e36f8b8871b646d9ebbcc25d527ad3f828c92cb6597f82ed4d496a511007781be0c7cac07fc508a585f415ef81a887475286df80fb6ff9c6524d0e22d50f88ca15545bc688063b04eb8e0248aca60b9983dd5966216499ccfc0551f6e0323859ae64f55e4d496a695f8e6382aa714b92f95dcfd0b456d9ce7a24f736e4009ef64230e8f83f8283a4cc5f178d4698b94ccd8d0e0e3e2e35e1a7ac0cb3ee52013e8c2802d2f89b3f708fb53c17c3e4fbe0326ee510c4317b5f5f1eb34ca8441c23755acfc469909b16fba134de01d484c1b380622d3743a0be77b64961753faba6131c136fb14b1963960f2f7f118bc451a18b216bf26c3cec2575a059da60baede629711a5f11c347fcbca73440d27b1147b44fb15106c00669da23964fd9de079d1a9077848100f6e75d29b2d60016abc6ef1542bd3062f599676bb04e64decb6c843a407f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000340)=0x4) 537.557412ms ago: executing program 0 (id=2257): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) alarm(0x0) 526.648023ms ago: executing program 0 (id=2258): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) signalfd(r1, &(0x7f00000000c0)={[0x5]}, 0x8) mq_timedreceive(r1, &(0x7f0000000440)=""/218, 0xda, 0x38000000000000, &(0x7f0000000080)={0x0, 0x989680}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x2040400) r3 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) umount2(0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r4}, 0x10) r5 = syz_io_uring_setup(0x694, &(0x7f0000000540)={0x0, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280)) r6 = syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040), &(0x7f0000000240)) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x11, 0x2000ac0a, r7) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r8 = io_uring_setup(0x48ae, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0xf, &(0x7f0000000540)={0x1000, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0x10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001d80)=""/4103, 0x1007}], 0x0, 0x1}, 0x20) 480.364607ms ago: executing program 0 (id=2259): rt_sigprocmask(0x0, &(0x7f0000000200)={[0xfffff7feffff7ffd]}, 0x0, 0x8) gettid() r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000020000000c00000000140000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="040056f5000059000000000000000000000000005004efece0b766e00a0000000000000000004ef6504a227c84165ae5b38158cd40185ce39821733c6b92ddeeb516dc6a0920ae4b34e5a9eb918c94a5b291b385e5b4b8ee3288c5e5c523a0b9a52c2bce517644df2f4bf3359900f2c5929c6815c2ec0191dac5f709a5c7635d5c16c89769f9df6ec151ce9bc6206cb3d0701b19afdca033006734dbebfa56b8510b33d8a8ca93defc489033b1ba3b56c0ce79250f630ac90e504b7b05470918b987255d4373a764259d82cccd367c3e34593c550cd828d588001318ba4a041cebbc953c2f96dd89472d99ba8ceaa444a74b55a22bd1466a1f0284370c99decea8b85c52ec2e557302b7b006608a4aedcfd2cd006e28c6bc2797f78d"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb70300850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST2(0xffffffffffffffff, 0x40383d0c, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="600000000206010300000000000000000000000005000400000000000900020073797a320000000005000100"], 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x0) syz_open_dev$sg(&(0x7f00000003c0), 0x8000000000000000, 0x2001) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = dup(r3) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000b00)={0x58, 0x2, 0x6, 0x3, 0x0, 0xf0ffff, {0x3}, [@IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x9000000}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x8000}, 0x0) 479.932377ms ago: executing program 0 (id=2260): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000004e8100000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) lremovexattr(0x0, 0x0) 468.390958ms ago: executing program 0 (id=2261): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5f65}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) socket$kcm(0x2, 0x1000000000000002, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000880)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) readv(r2, &(0x7f000001a340)=[{&(0x7f0000000240)=""/51, 0x33}], 0x1) 285.757054ms ago: executing program 3 (id=2262): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) signalfd(r1, &(0x7f00000000c0)={[0x5]}, 0x8) mq_timedreceive(r1, &(0x7f0000000440)=""/218, 0xda, 0x38000000000000, &(0x7f0000000080)={0x0, 0x989680}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x2040400) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) umount2(&(0x7f0000000240)='./file0\x00', 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r3}, 0x10) syz_io_uring_setup(0x694, &(0x7f0000000540)={0x0, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280)) r4 = io_uring_setup(0x48ae, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0xf, &(0x7f0000000540)={0x1000, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r4, 0x10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001d80)=""/4103, 0x1007}], 0x0, 0x1}, 0x20) 251.148787ms ago: executing program 3 (id=2263): rseq(0x0, 0x0, 0x1, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = io_uring_setup(0xb3c, &(0x7f00000002c0)) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e580e", '\x00', "fffffffffffffffd"}, 0x38) writev(r2, &(0x7f00000001c0), 0x0) close_range(r1, 0xffffffffffffffff, 0x0) 238.349119ms ago: executing program 3 (id=2264): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x0) umount2(&(0x7f0000000240)='./file0\x00', 0x0) 228.937709ms ago: executing program 3 (id=2265): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000002f0958825100"/33], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000008c0)='page_pool_state_hold\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002c00000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000008c0)='page_pool_state_hold\x00', r4}, 0x10) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000400)={'syztnl1\x00', &(0x7f0000000380)={'ip6gre0\x00', 0x0, 0x2f, 0x88, 0x7, 0x61, 0x6b, @private2={0xfc, 0x2, '\x00', 0x1}, @local, 0x1, 0x40, 0x5, 0x6}}) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={0x0, @rand_addr, @remote}, &(0x7f0000000500)=0xc) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000640)={'erspan0\x00', &(0x7f0000000580)={'tunl0\x00', 0x0, 0x10, 0x10, 0x3, 0xe8, {{0x1a, 0x4, 0x3, 0x3a, 0x68, 0x65, 0x0, 0x4, 0x2f, 0x0, @multicast1, @private=0xa010102, {[@timestamp={0x44, 0xc, 0x93, 0x0, 0x3, [0x80000001, 0x2]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x2c, 0x39, 0x1, 0x5, [{@dev={0xac, 0x14, 0x14, 0x41}, 0x3}, {@local, 0x8}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xfffffff9}, {@multicast2}, {@multicast2, 0x6}]}, @cipso={0x86, 0xc, 0x2, [{0x5, 0x6, "b39e191a"}]}, @timestamp={0x44, 0xc, 0xfc, 0x0, 0x3, [0x6, 0x0]}]}}}}}) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000680)={@local, 0x0}, &(0x7f0000000700)=0x14) r9 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r9) ioctl$EVIOCRMFF(r9, 0x40085507, &(0x7f0000000080)=0x1000000) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r9, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r10, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000800)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl2\x00', 0x0, 0x2f, 0x5, 0x40, 0x2, 0x1, @private0, @rand_addr=' \x01\x00', 0x20, 0x10, 0x0, 0x2}}) r12 = socket$packet(0x11, 0x3, 0x300) getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r12, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r13}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0) r14 = socket(0x11, 0x800000003, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r14, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) r16 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r16, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x94, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r15, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}}, 0x0) sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="20020000", @ANYRES16=0x0, @ANYBLOB="000227bd7000ffdbdf25020000005c00018008000300030000001400020076657468315f6d6163767461700000001400020073797a5f74756e00000000000000000008000300d6d6d395080003000200000008000100", @ANYRES32=0x0, @ANYBLOB="0800030000000000080003000100000060000180140002007465616d300000000000000000000000080003000100000008000300010000000800030000000000140002007465616d5f736c6176655f310000000008000100", @ANYRES32=0x0, @ANYBLOB="140002006e7230000000000000000000000000004c00018008000100", @ANYRES32=r5, @ANYBLOB="1400020076657468315f766972745f7769666900140002006970365f76746930000000000000000008000100", @ANYRES32=r6, @ANYBLOB="080003000300000008000100", @ANYRES32=r7, @ANYBLOB="5800018008000100", @ANYRES32=r8, @ANYBLOB="140002006970766c616e310000000000000000000800030000000000140002006261746164765f736c6176655f3000001400020070696d3672656731000000000000000008000100", @ANYRES32=r10, @ANYBLOB="6000018008000300030000001400020076657468305f746f5f626174616476001400020076657468315f6d6163767461", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="14000200766972745f77696669300000000000004c000180140002007665746831000000000000000000000008000100", @ANYRES32=r13, @ANYBLOB="08000300020000000800030000000000140002000000000000000000008200003f12b8ffaf8088dbb0c500000000000000080001002f566c3ec28cf0a7dd315310b4d59884b494207a618f9985c0d3995145e7ab45aa34d962e54c994953335ad8119409cd57a47ed70e893313ca08429c7abe10601b514d4093714027a2a98bc6b6dfefc843712049", @ANYRES32=r15, @ANYRES8=r2], 0x220}}, 0xc005) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000000)={r1, r0}, 0xc) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r3, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 205.768701ms ago: executing program 1 (id=2266): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10e, &(0x7f0000000280)={[{@discard}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2a}}, {@stripe={'stripe', 0x3d, 0x8}}, {@orlov}, {@dioread_nolock}]}, 0x4, 0x45b, &(0x7f00000010c0)="$eJzs281rHOUfAPDvTJL217dfYq0vfVGjVQy+JE1atQcvioIHBcFLPcYkLbXbRpoIthStIvUoBcGjeBT8CzzpRdST4FXvUijSi9XTyuzOdF+6u0nTTabNfj4w2eeZeWbn+c4zz+4z82QDGFjj2Z8kYmdE/B4Ro/Vsa4Hx+sv1axfm/rl2YS6JavWtv5Jaub+vXZgrihb77cgzE2lE+mkS+zscd+nc+VOzlcrC2Tw/tXz6vamlc+efPXl69sTCiYUzM0ePHjk8/cLzM8/1Jc57srru+3DxwN7X3r78xtyxy+/8/G1SxN8WR5+M99r4RLXa58OVa1dTOhlexQ5D61gZVi1rhqy5Rmr9fzSGotF4o/HqJ6VWDlhX1VyXzRerwCaWRNk1AMpRfNFn97/FsnGjj/Jdfal+A5TFfT1f6luGI83LjLTd3/bTeEQcu/jvV9kS6/McAgCgxffZ+OeZTuO/NO5vKvf/2FqbGxrL51J2R8S9EbEnIu6LqJV9ICIe7HSQHhMC7ZMkN49/0itrj25l2fjvxXxuq3X8V4z+Ymwoz+2qxT+SHD9ZWThUOycREzGyNctP9zjGD6/89nm3bc3jv2zJjl+MBfN6XBne2rrP/Ozy7O3E3OzqxxH7hjvFn9yYCUgiYm9E7FvjMU4+9c2BbttWjr+H1cwzraD6dcST9fa/GG3xF5Le85NT/4vKwqGp4qq42S+/Xnqz2/FvK/4+yNp/e8fr/0b8Y0nzfO3Srbx7vXdf+uOzrvc0k2u6/hsrtuSvH8wuL5+djtiSvF6vdPP6mca+Rb4on8U/cbBz/98djTOxPyKyi/ihiHg4Ih7Jo3s0Ih6LiIM9zsJPLz/+bq8zVHb7z7e1/1hrkbb2byS2RPuazomhUz9+1/qOjeTqPv+O1FIT+Zra59+XveNaTb1u9WoGAACAu1UaETsjSSdvpNN0crL+P/x7YntaWVxafvr44vtn5uu/ERiLkbR40jXa9Dx0Or+tL/IzbfnD+XPjL4a21fKTc4uV+bKDhwG3o0v/z/zpNxqw+fVhHg24S+n/MLj0fxhc+j8Mrg79f1sZ9QA2Xqfv/49KqAew8dr6v2k/GCDu/2Fw6f8wuJr7f1JiPYANtbQtVv6R/GZIVKvV6h1Qjc2TiPSOqEZ/Esk694KdZQd464myP5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6478AAAD//+Jk61o=") prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4e, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x18) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0xe000202b}) 140.400877ms ago: executing program 1 (id=2267): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) alarm(0x0) 119.075439ms ago: executing program 1 (id=2268): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x166, &(0x7f0000000a40)='/proc/t/\x00\x00v4\x00m\xa0\x8dN\xd4\xa2\x88\x00\xd1l,]5\xf5u\x8eb\xce\xa7\xc4\x18\'\xe6\xe0\x94\x11#\xb2\xa6\xdc\xd3\x1bsD&\xa6D\xd4\x8f\xe9\xe2%\xa84\t\'\xa2y\x10S.U}\xce\x96\xa4vQ\xa3\r.\x83\xe6KdA5\xeb\xe0\x9d\xa2\xb2\xbd\xe3\x04\x9eR\xb1\xa4\x10\xe7+\x10\xd3\xb2\xd6.\xbf\x81\xe6\xdb,#<\xb2\xfa\x13\xd6\xa9T\x06\":\xaf\xab\xdc\xfe\xd0\x9ek\x98\xd9iw\x06\xe2\xcb\xbd\x10\xe3\x1a\xda\xb6`$=Z\xdamT\xbc\xd9\xf6\x98q\xa1\x18\xd1\x83pSc\xb1\xe9%-^\xcc|\xcf\xa2\xa4\xae\xd9\'\x8bF\xe4\x1f\xf9\\\xfd\xec\x12\x9a\xb2\xa2\xe34\xa6y\x96\xf6\x8d\x8dxK:v#DZ\x8f\x11v\xa8clb\xce\aFc\xca\xf7\x8c\xba\xb8\x7f\x83\xf9\xd8\x14\xf4\xceB\xb9\xb8*\x1e\xbf~\x06\xe4\x9ak\x8e\xf2\xce93\x97\xec\xa4\xa3\xcfG\x83\xa0\xa3\v\x8c\v\xdd\x17\xa9\xd1$.\xce\xffa\x13Lf\xf8\x9dT~\xec\x1etN\xd1\x9a4\xb2\xcf \xdd\xbe\x87\\\x00\xba*\xa6\xb7F%\xa8\x84\x13\xedD\x9e\xc8\xc4-\xa7\x80\xd9\xa9k\x9b\xd6&\xdf\xb3\"fj\xa1\xf9\xef\x85)\x93\xb68\xedL\"\x8an\xd9\xa1M\xecDK{$\x15\xb5{\xc8q\"?\xa5s\xb9e<1\xec\xe0.\xf3\xdbrhI\xc6\xdf\x1cS\t\xcd\xb8\xc6\'\xfb\xd4'}, 0x30) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, 0x0, &(0x7f0000000180)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f00000022c0)=ANY=[@ANYBLOB="61158c000000000061134c0000000000bfa00000000000001705000008004ef02d3501000000000095003200000000006916000000000000bf67000000000000350605000fff07206706000002000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b540dcfc7ad0500c4063b3b8754c0686cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d39d25991b085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e5671c888fb126a163f16f920ae2fb494059bba8e3b680324a188090eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb40000000000000000000000000040007abf9c20d89cbc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eb29000000000000003cc3aa39ee4b1386bab561cda886fa64ffffff7f473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59801fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e17417a249a2cd8ff62aa6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d00000000d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38c7f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf73400000000000000cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61d1f5b2a443faa9bda0577383dc18402cde8bf777b2eaa45c940aabc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db009acaba9eaea90000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8a10300004d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a122822bb031bbee6d23cef7074f6d718b06ca80b57aa183dd0c39e9d8547c666b6764a3c7dd62a94eee45881441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a365b5b11df7216652b5703f31e078ecdefe8e6bfc45a9980a7a8de863e3477dd47d0f11611ca92d89641a183c8f629f17cfc28fde209a793d9c0cdde3bb3f82670d33396982988b9f5207a732908fdf1506f307ccae47a69319ee2242272e4f7ceb7a40e49a21ce6405af3ecb3381bf0668749c81fc6c2d97e68a693e3e622af52e572f4fa7b20d5c72cf5ff8016461130a46803de45029489921a48bd7688dd593e4a3e9803263ecbd8ae8570293508ebe5fabc1842cbc01ae8fabbf41820c31b7bb83a3439d4540f839ed5c23828a33d7645baa1ec32bb7aa8a786bb0997ccf6bba0a2cf6ef2157a63974d5e525a3f3f7f993ea9e82732ccc2e12c6310121ecb9029e7f835420f8f27a7e563684a225dee6ca5f5ff18a89ac6c627ff0e0e4769b6fbcfc847b20960704a4b13e962333bddb966de8bcade6f6bd3915a580ddec2e1bd88fbfdb749789cdc946822212f1cbacb03ba8d3e51e48ccdae20a43bf79ca0131b830620a97877242989e78dfec1d6df5f97ca5cddece50d0cae5d6eabbc1913aa3660e0b00000000000000000000000000bc12b71cb118d93461aa2914d6e454ef05c41beab7382787ba46b68c8d8b35349fb58b259b4447b59c667ddcac0bb2d066eb0579be84bdca8ed5d693411b7e5b21efaceddacef03daa9772f2715b5613ae0d88f8d109e36f8b8871b646d9ebbcc25d527ad3f828c92cb6597f82ed4d496a511007781be0c7cac07fc508a585f415ef81a887475286df80fb6ff9c6524d0e22d50f88ca15545bc688063b04eb8e0248aca60b9983dd5966216499ccfc0551f6e0323859ae64f55e4d496a695f8e6382aa714b92f95dcfd0b456d9ce7a24f736e4009ef64230e8f83f8283a4cc5f178d4698b94ccd8d0e0e3e2e35e1a7ac0cb3ee52013e8c2802d2f89b3f708fb53c17c3e4fbe0326ee510c4317b5f5f1eb34ca8441c23755acfc469909b16fba134de01d484c1b380622d3743a0be77b64961753faba6131c136fb14b1963960f2f7f118bc451a18b216bf26c3cec2575a059da60baede629711a5f11c347fcbca73440d27b1147b44fb15106c00669da23964fd9de079d1a9077848100f6e75d29b2d60016abc6ef1542bd3062f599676bb04e64decb6c843a407f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000340)=0x4) 12.015498ms ago: executing program 1 (id=2269): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) alarm(0x0) 0s ago: executing program 1 (id=2270): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) signalfd(r1, &(0x7f00000000c0)={[0x5]}, 0x8) mq_timedreceive(r1, &(0x7f0000000440)=""/218, 0xda, 0x38000000000000, &(0x7f0000000080)={0x0, 0x989680}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x2040400) r3 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0) umount2(0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r4}, 0x10) r5 = syz_io_uring_setup(0x694, &(0x7f0000000540)={0x0, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000280)) r6 = syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040), &(0x7f0000000240)) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0x11, 0x2000ac0a, r7) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r8 = io_uring_setup(0x48ae, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0xf, &(0x7f0000000540)={0x1000, 0x0, 0x0, 0x0}, 0x20) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r8, 0x10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001d80)=""/4103, 0x1007}], 0x0, 0x1}, 0x20) kernel console output (not intermixed with test programs): T4419] RAX: ffffffffffffffda RBX: 00000000000005c3 RCX: 00007f6029bcdef9 [ 48.852193][ T4419] RDX: 00007f6028846dec RSI: 0000000000000000 RDI: 00007f6029c41369 [ 48.860147][ T4419] RBP: 00000000200005c0 R08: 00007f6028846b07 R09: 0000000000000000 [ 48.868103][ T4419] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001 [ 48.876058][ T4419] R13: 00007f6028846dec R14: 00007f6028846df0 R15: 00007ffe4e6c6398 [ 48.884178][ T4419] [ 49.020748][ T4431] FAULT_INJECTION: forcing a failure. [ 49.020748][ T4431] name failslab, interval 1, probability 0, space 0, times 0 [ 49.033451][ T4431] CPU: 0 UID: 0 PID: 4431 Comm: syz.3.384 Not tainted 6.11.0-rc7-syzkaller-00093-gfdf042df0463 #0 [ 49.044145][ T4431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 49.054180][ T4431] Call Trace: [ 49.057455][ T4431] [ 49.060365][ T4431] dump_stack_lvl+0xf2/0x150 [ 49.065001][ T4431] dump_stack+0x15/0x20 [ 49.069222][ T4431] should_fail_ex+0x229/0x230 [ 49.073883][ T4431] ? vm_area_dup+0x98/0x130 [ 49.078422][ T4431] should_failslab+0x8f/0xb0 [ 49.083134][ T4431] kmem_cache_alloc_noprof+0x4c/0x290 [ 49.088489][ T4431] vm_area_dup+0x98/0x130 [ 49.092808][ T4431] copy_mm+0x60b/0x10e0 [ 49.096946][ T4431] copy_process+0xee1/0x1f90 [ 49.101565][ T4431] kernel_clone+0x167/0x5e0 [ 49.106060][ T4431] __se_sys_clone3+0x1b5/0x1f0 [ 49.110939][ T4431] __x64_sys_clone3+0x31/0x40 [ 49.115747][ T4431] x64_sys_call+0x287d/0x2d60 [ 49.120423][ T4431] do_syscall_64+0xc9/0x1c0 [ 49.124909][ T4431] ? clear_bhb_loop+0x55/0xb0 [ 49.129576][ T4431] ? clear_bhb_loop+0x55/0xb0 [ 49.134230][ T4431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 49.140107][ T4431] RIP: 0033:0x7f33c240def9 [ 49.144583][ T4431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 49.164175][ T4431] RSP: 002b:00007f33c1086f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 49.172614][ T4431] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f33c240def9 [ 49.180566][ T4431] RDX: 00007f33c1086f20 RSI: 0000000000000058 RDI: 00007f33c1086f20 [ 49.188529][ T4431] RBP: 00007f33c1087090 R08: 0000000000000000 R09: 0000000000000058 [ 49.196496][ T4431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 49.204449][ T4431] R13: 0000000000000000 R14: 00007f33c25c5f80 R15: 00007ffdc8f57358 [ 49.212418][ T4431] [ 49.298224][ T4447] loop3: detected capacity change from 0 to 512 [ 49.305003][ T4447] EXT4-fs: Ignoring removed nobh option [ 49.310853][ T4447] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 49.322097][ T4447] EXT4-fs (loop3): 1 truncate cleaned up [ 49.328328][ T4447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.352540][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.368690][ T4453] pim6reg1: entered promiscuous mode [ 49.373042][ T4455] loop3: detected capacity change from 0 to 1024 [ 49.374085][ T4453] pim6reg1: entered allmulticast mode [ 49.380897][ T4455] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 49.399573][ T4455] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.435368][ T3264] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.489002][ T4470] __nla_validate_parse: 11 callbacks suppressed [ 49.489016][ T4470] netlink: 16255 bytes leftover after parsing attributes in process `syz.2.402'. [ 49.537001][ T4476] loop0: detected capacity change from 0 to 512 [ 49.543514][ T4476] EXT4-fs: Ignoring removed nobh option [ 49.550630][ T4476] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 49.563434][ T4476] EXT4-fs (loop0): 1 truncate cleaned up [ 49.575302][ T4476] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.624422][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.642508][ T4484] FAULT_INJECTION: forcing a failure. [ 49.642508][ T4484] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 49.655607][ T4484] CPU: 1 UID: 0 PID: 4484 Comm: syz.2.409 Not tainted 6.11.0-rc7-syzkaller-00093-gfdf042df0463 #0 [ 49.666265][ T4484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 49.676305][ T4484] Call Trace: [ 49.679578][ T4484] [ 49.682503][ T4484] dump_stack_lvl+0xf2/0x150 [ 49.687134][ T4484] dump_stack+0x15/0x20 [ 49.691279][ T4484] should_fail_ex+0x229/0x230 [ 49.695987][ T4484] should_fail+0xb/0x10 [ 49.700284][ T4484] should_fail_usercopy+0x1a/0x20 [ 49.705298][ T4484] _copy_from_user+0x1e/0xd0 [ 49.709881][ T4484] __sys_bpf+0x14e/0x7a0 [ 49.714116][ T4484] __x64_sys_bpf+0x43/0x50 [ 49.718540][ T4484] x64_sys_call+0x2625/0x2d60 [ 49.723234][ T4484] do_syscall_64+0xc9/0x1c0 [ 49.727834][ T4484] ? clear_bhb_loop+0x55/0xb0 [ 49.732497][ T4484] ? clear_bhb_loop+0x55/0xb0 [ 49.737228][ T4484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 49.743239][ T4484] RIP: 0033:0x7efd19a9def9 [ 49.747639][ T4484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 49.767290][ T4484] RSP: 002b:00007efd18711038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 49.775733][ T4484] RAX: ffffffffffffffda RBX: 00007efd19c55f80 RCX: 00007efd19a9def9 [ 49.783690][ T4484] RDX: 0000000000000028 RSI: 0000000020000380 RDI: 0000000000000012 [ 49.791660][ T4484] RBP: 00007efd18711090 R08: 0000000000000000 R09: 0000000000000000 [ 49.799627][ T4484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 49.807623][ T4484] R13: 0000000000000000 R14: 00007efd19c55f80 R15: 00007ffd78769f58 [ 49.815586][ T4484] [ 49.847692][ T4488] Zero length message leads to an empty skb [ 49.882525][ T4491] loop2: detected capacity change from 0 to 2048 [ 49.916392][ T4491] Alternate GPT is invalid, using primary GPT. [ 49.922778][ T4491] loop2: p1 p2 p3 [ 49.985810][ T4504] SELinux: Context system_u:object_r:systemd_unit_file_t:s0 is not valid (left unmapped). [ 50.005683][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.034094][ T4511] 9pnet: p9_errstr2errno: server reported unknown error œæçæŒÎsŧ‘̼§6z [ 50.049390][ T4511] 9pnet_fd: Insufficient options for proto=fd [ 50.132460][ T4533] FAULT_INJECTION: forcing a failure. [ 50.132460][ T4533] name failslab, interval 1, probability 0, space 0, times 0 [ 50.145149][ T4533] CPU: 1 UID: 0 PID: 4533 Comm: syz.0.430 Not tainted 6.11.0-rc7-syzkaller-00093-gfdf042df0463 #0 [ 50.155773][ T4533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 50.165816][ T4533] Call Trace: [ 50.169128][ T4533] [ 50.172038][ T4533] dump_stack_lvl+0xf2/0x150 [ 50.176656][ T4533] dump_stack+0x15/0x20 [ 50.180787][ T4533] should_fail_ex+0x229/0x230 [ 50.185473][ T4533] ? allocate_slab+0x16b/0x500 [ 50.189211][ T4535] netlink: 24 bytes leftover after parsing attributes in process `syz.3.427'. [ 50.190331][ T4533] should_failslab+0x8f/0xb0 [ 50.203771][ T4533] __kmalloc_node_noprof+0xa8/0x380 [ 50.208959][ T4533] allocate_slab+0x16b/0x500 [ 50.213625][ T4533] ___slab_alloc+0x424/0x980 [ 50.218328][ T4533] ? copy_net_ns+0x115/0x510 [ 50.222941][ T4533] ? should_fail_ex+0xd7/0x230 [ 50.227695][ T4533] ? copy_net_ns+0x115/0x510 [ 50.232267][ T4533] kmem_cache_alloc_noprof+0x177/0x290 [ 50.237749][ T4533] copy_net_ns+0x115/0x510 [ 50.242145][ T4533] ? copy_cgroup_ns+0x79/0x370 [ 50.246983][ T4533] create_new_namespaces+0x228/0x430 [ 50.252258][ T4533] unshare_nsproxy_namespaces+0xe6/0x120 [ 50.257929][ T4533] ksys_unshare+0x3da/0x720 [ 50.262491][ T4533] __x64_sys_unshare+0x1f/0x30 [ 50.267249][ T4533] x64_sys_call+0x2c8d/0x2d60 [ 50.271918][ T4533] do_syscall_64+0xc9/0x1c0 [ 50.276400][ T4533] ? clear_bhb_loop+0x55/0xb0 [ 50.281054][ T4533] ? clear_bhb_loop+0x55/0xb0 [ 50.285705][ T4533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.291615][ T4533] RIP: 0033:0x7f5f4d56def9 [ 50.296005][ T4533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.315661][ T4533] RSP: 002b:00007f5f4c1e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 50.324050][ T4533] RAX: ffffffffffffffda RBX: 00007f5f4d725f80 RCX: 00007f5f4d56def9 [ 50.332012][ T4533] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000064000600 [ 50.339968][ T4533] RBP: 00007f5f4c1e1090 R08: 0000000000000000 R09: 0000000000000000 [ 50.347914][ T4533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 50.355913][ T4533] R13: 0000000000000001 R14: 00007f5f4d725f80 R15: 00007ffcfb84c248 [ 50.363867][ T4533] [ 50.464756][ T4543] loop1: detected capacity change from 0 to 256 [ 50.479078][ T4543] FAT-fs (loop1): Directory bread(block 64) failed [ 50.485746][ T4543] FAT-fs (loop1): Directory bread(block 65) failed [ 50.492272][ T4543] FAT-fs (loop1): Directory bread(block 66) failed [ 50.499695][ T4543] FAT-fs (loop1): Directory bread(block 67) failed [ 50.506344][ T4543] FAT-fs (loop1): Directory bread(block 68) failed [ 50.512922][ T4543] FAT-fs (loop1): Directory bread(block 69) failed [ 50.519684][ T4543] FAT-fs (loop1): Directory bread(block 70) failed [ 50.526247][ T4543] FAT-fs (loop1): Directory bread(block 71) failed [ 50.533153][ T4543] FAT-fs (loop1): Directory bread(block 72) failed [ 50.540041][ T4543] FAT-fs (loop1): Directory bread(block 73) failed [ 50.607738][ T4549] atomic_op ffff888114c1dd28 conn xmit_atomic 0000000000000000 [ 50.993346][ T4568] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 51.005602][ T4568] loop3: detected capacity change from 0 to 512 [ 51.021940][ T4567] loop2: detected capacity change from 0 to 128 [ 51.139764][ T4571] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.147038][ T4571] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.154399][ T4571] bridge0: entered allmulticast mode [ 51.350901][ T4579] pim6reg1: entered promiscuous mode [ 51.356442][ T4579] pim6reg1: entered allmulticast mode [ 51.434216][ T4591] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 51.440016][ T4594] loop0: detected capacity change from 0 to 128 [ 51.449768][ T4591] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 51.589227][ T4608] loop0: detected capacity change from 0 to 1024 [ 51.596237][ T4608] EXT4-fs: Ignoring removed orlov option [ 51.602055][ T4608] EXT4-fs: Ignoring removed nomblk_io_submit option [ 51.616260][ T4608] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.639265][ T4608] FAULT_INJECTION: forcing a failure. [ 51.639265][ T4608] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 51.652384][ T4608] CPU: 1 UID: 0 PID: 4608 Comm: syz.0.460 Not tainted 6.11.0-rc7-syzkaller-00093-gfdf042df0463 #0 [ 51.662996][ T4608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 51.673070][ T4608] Call Trace: [ 51.676345][ T4608] [ 51.679298][ T4608] dump_stack_lvl+0xf2/0x150 [ 51.683892][ T4608] dump_stack+0x15/0x20 [ 51.688046][ T4608] should_fail_ex+0x229/0x230 [ 51.692729][ T4608] should_fail+0xb/0x10 [ 51.696879][ T4608] should_fail_usercopy+0x1a/0x20 [ 51.701969][ T4608] strncpy_from_user+0x25/0x270 [ 51.706826][ T4608] ? kmem_cache_alloc_noprof+0x10c/0x290 [ 51.712578][ T4608] getname_flags+0xb0/0x3b0 [ 51.717162][ T4608] __x64_sys_symlink+0x33/0x60 [ 51.721970][ T4608] x64_sys_call+0x2819/0x2d60 [ 51.726712][ T4608] do_syscall_64+0xc9/0x1c0 [ 51.731282][ T4608] ? clear_bhb_loop+0x55/0xb0 [ 51.735965][ T4608] ? clear_bhb_loop+0x55/0xb0 [ 51.740635][ T4608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.746565][ T4608] RIP: 0033:0x7f5f4d56def9 [ 51.750971][ T4608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.770581][ T4608] RSP: 002b:00007f5f4c1e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 51.779027][ T4608] RAX: ffffffffffffffda RBX: 00007f5f4d725f80 RCX: 00007f5f4d56def9 [ 51.786988][ T4608] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000020000140 [ 51.794946][ T4608] RBP: 00007f5f4c1e1090 R08: 0000000000000000 R09: 0000000000000000 [ 51.802902][ T4608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.810933][ T4608] R13: 0000000000000000 R14: 00007f5f4d725f80 R15: 00007ffcfb84c248 [ 51.818895][ T4608] [ 51.939532][ T4622] loop2: detected capacity change from 0 to 512 [ 51.978073][ T4622] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 51.993623][ T4622] ext4 filesystem being mounted at /57/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 52.023518][ T3264] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.172140][ T4642] loop3: detected capacity change from 0 to 128 [ 52.185392][ T4642] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 52.431168][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.470708][ T4656] loop1: detected capacity change from 0 to 1024 [ 52.486319][ T4656] EXT4-fs: Ignoring removed orlov option [ 52.492068][ T4656] EXT4-fs: Ignoring removed nomblk_io_submit option [ 52.526851][ T4656] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.832730][ T4674] loop0: detected capacity change from 0 to 512 [ 52.839268][ T4674] EXT4-fs: Ignoring removed nobh option [ 52.845120][ T4674] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 52.856259][ T4674] EXT4-fs (loop0): 1 truncate cleaned up [ 52.862145][ T4674] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.883694][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.046419][ T4683] 9pnet_fd: Insufficient options for proto=fd [ 53.053009][ T4683] 9pnet_fd: Insufficient options for proto=fd [ 53.105880][ T29] kauditd_printk_skb: 361 callbacks suppressed [ 53.105893][ T29] audit: type=1326 audit(1726219146.430:3385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 53.136719][ T29] audit: type=1326 audit(1726219146.460:3386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 53.160121][ T29] audit: type=1326 audit(1726219146.460:3387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 53.183368][ T29] audit: type=1326 audit(1726219146.460:3388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 53.207824][ T29] audit: type=1326 audit(1726219146.460:3389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 53.231302][ T29] audit: type=1326 audit(1726219146.460:3390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 53.254660][ T29] audit: type=1326 audit(1726219146.460:3391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 53.278146][ T29] audit: type=1326 audit(1726219146.460:3392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 53.301487][ T29] audit: type=1326 audit(1726219146.460:3393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 53.324984][ T29] audit: type=1326 audit(1726219146.460:3394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4693 comm="syz.2.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 53.349591][ T4703] loop2: detected capacity change from 0 to 764 [ 53.366904][ T3261] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.401135][ T4708] loop1: detected capacity change from 0 to 512 [ 53.408924][ T4708] EXT4-fs: Ignoring removed mblk_io_submit option [ 53.415498][ T4708] EXT4-fs: Ignoring removed i_version option [ 53.423272][ T4708] EXT4-fs error (device loop1): __ext4_iget:4985: inode #11: block 1: comm syz.1.504: invalid block [ 53.434341][ T4708] EXT4-fs (loop1): Remounting filesystem read-only [ 53.441404][ T4708] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.453719][ T4708] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 53.460680][ T4708] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.493385][ T4716] 9pnet_fd: Insufficient options for proto=fd [ 53.500833][ T4716] 9pnet_fd: Insufficient options for proto=fd [ 53.561789][ T4725] loop3: detected capacity change from 0 to 512 [ 53.568683][ T4725] EXT4-fs: Ignoring removed nobh option [ 53.574505][ T4725] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 53.586421][ T4725] EXT4-fs (loop3): 1 truncate cleaned up [ 53.592301][ T4725] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.614199][ T3262] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.666442][ T4732] netlink: 8 bytes leftover after parsing attributes in process `syz.3.505'. [ 53.678424][ T4732] netlink: 14 bytes leftover after parsing attributes in process `syz.3.505'. [ 53.824271][ T4745] 9pnet_fd: Insufficient options for proto=fd [ 53.830991][ T4745] 9pnet_fd: Insufficient options for proto=fd [ 53.913650][ T4754] loop3: detected capacity change from 0 to 128 [ 53.934312][ T4761] loop0: detected capacity change from 0 to 512 [ 53.937066][ T4754] syz.3.515: attempt to access beyond end of device [ 53.937066][ T4754] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128 [ 53.941137][ T4761] EXT4-fs: Ignoring removed nobh option [ 53.953866][ T4754] Buffer I/O error on dev loop3, logical block 128, lost async page write [ 53.960427][ T4761] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 53.988048][ T4754] syz.3.515: attempt to access beyond end of device [ 53.988048][ T4754] loop3: rw=0, sector=128, nr_sectors = 1 limit=128 [ 53.998192][ T4761] EXT4-fs (loop0): 1 truncate cleaned up [ 54.001132][ T4754] Buffer I/O error on dev loop3, logical block 128, async page read [ 54.010849][ T4761] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.060128][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.097004][ T4775] loop0: detected capacity change from 0 to 512 [ 54.103575][ T4775] EXT4-fs: Ignoring removed orlov option [ 54.109517][ T4775] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 54.127952][ T4775] EXT4-fs (loop0): 1 orphan inode deleted [ 54.133791][ T4775] EXT4-fs (loop0): 1 truncate cleaned up [ 54.140014][ T4775] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.162749][ T4778] pim6reg1: entered promiscuous mode [ 54.168170][ T4778] pim6reg1: entered allmulticast mode [ 54.176146][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.248633][ T4786] batman_adv: batadv0: Adding interface: gretap1 [ 54.256412][ T4786] batman_adv: batadv0: Interface activated: gretap1 [ 54.285101][ T4790] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 54.307600][ T4796] loop0: detected capacity change from 0 to 512 [ 54.314303][ T4796] EXT4-fs: Ignoring removed orlov option [ 54.321341][ T4796] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 54.339600][ T4799] loop1: detected capacity change from 0 to 512 [ 54.350192][ T4796] EXT4-fs (loop0): 1 orphan inode deleted [ 54.350599][ T4799] EXT4-fs: Ignoring removed nobh option [ 54.355961][ T4796] EXT4-fs (loop0): 1 truncate cleaned up [ 54.366753][ T4799] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 54.381986][ T4803] syz.2.534[4803] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 54.382055][ T4803] syz.2.534[4803] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 54.383301][ T4796] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.417003][ T4808] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 2, id = 0 [ 54.427612][ T4799] EXT4-fs (loop1): 1 truncate cleaned up [ 54.433643][ T4799] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 54.490526][ T4813] loop4: detected capacity change from 0 to 512 [ 54.497613][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.513403][ T3261] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.517844][ T4813] EXT4-fs: Ignoring removed orlov option [ 54.528634][ T4813] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 54.539909][ T4813] EXT4-fs (loop4): 1 orphan inode deleted [ 54.545713][ T4813] EXT4-fs (loop4): 1 truncate cleaned up [ 54.597434][ T4824] 9pnet_fd: Insufficient options for proto=fd [ 54.679592][ T4835] FAULT_INJECTION: forcing a failure. [ 54.679592][ T4835] name failslab, interval 1, probability 0, space 0, times 0 [ 54.692273][ T4835] CPU: 0 UID: 0 PID: 4835 Comm: syz.1.546 Not tainted 6.11.0-rc7-syzkaller-00093-gfdf042df0463 #0 [ 54.702918][ T4835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 54.712970][ T4835] Call Trace: [ 54.716274][ T4835] [ 54.719191][ T4835] dump_stack_lvl+0xf2/0x150 [ 54.723779][ T4835] dump_stack+0x15/0x20 [ 54.727927][ T4835] should_fail_ex+0x229/0x230 [ 54.732678][ T4835] ? security_inode_alloc+0x32/0xd0 [ 54.737943][ T4835] should_failslab+0x8f/0xb0 [ 54.742532][ T4835] kmem_cache_alloc_noprof+0x4c/0x290 [ 54.747904][ T4835] security_inode_alloc+0x32/0xd0 [ 54.752946][ T4835] inode_init_always+0x439/0x480 [ 54.757881][ T4835] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 54.763376][ T4835] alloc_inode+0x7d/0x160 [ 54.767737][ T4835] new_inode+0x1e/0x100 [ 54.772152][ T4835] shmem_get_inode+0x258/0x740 [ 54.776995][ T4835] __shmem_file_setup+0x127/0x1f0 [ 54.782015][ T4835] shmem_file_setup+0x3b/0x50 [ 54.786683][ T4835] __se_sys_memfd_create+0x31d/0x600 [ 54.791958][ T4835] __x64_sys_memfd_create+0x31/0x40 [ 54.797216][ T4835] x64_sys_call+0x2891/0x2d60 [ 54.801953][ T4835] do_syscall_64+0xc9/0x1c0 [ 54.806445][ T4835] ? clear_bhb_loop+0x55/0xb0 [ 54.811117][ T4835] ? clear_bhb_loop+0x55/0xb0 [ 54.815794][ T4835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 54.821715][ T4835] RIP: 0033:0x7f6029bcdef9 [ 54.826120][ T4835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 54.845756][ T4835] RSP: 002b:00007f6028846d68 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 54.854268][ T4835] RAX: ffffffffffffffda RBX: 00000000000005c3 RCX: 00007f6029bcdef9 [ 54.862224][ T4835] RDX: 00007f6028846dec RSI: 0000000000000000 RDI: 00007f6029c41369 [ 54.870225][ T4835] RBP: 00000000200005c0 R08: 00007f6028846b07 R09: 0000000000000000 [ 54.878247][ T4835] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000001 [ 54.886227][ T4835] R13: 00007f6028846dec R14: 00007f6028846df0 R15: 00007ffe4e6c6398 [ 54.894232][ T4835] [ 54.922730][ T4844] loop2: detected capacity change from 0 to 512 [ 54.929291][ T4844] EXT4-fs: Ignoring removed nobh option [ 54.940015][ T4844] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 54.950887][ T4844] EXT4-fs (loop2): 1 truncate cleaned up [ 54.997024][ T4851] loop3: detected capacity change from 0 to 256 [ 54.998763][ T4850] loop2: detected capacity change from 0 to 512 [ 55.073172][ T4858] usb usb9: usbfs: process 4858 (syz.4.547) did not claim interface 0 before use [ 55.084392][ T4851] loop3: detected capacity change from 256 to 255 [ 55.228731][ T4864] netlink: 8 bytes leftover after parsing attributes in process `syz.2.559'. [ 55.366644][ T4866] netlink: 8 bytes leftover after parsing attributes in process `syz.2.561'. [ 55.374310][ T4869] loop1: detected capacity change from 0 to 512 [ 55.381961][ T4869] EXT4-fs: Ignoring removed orlov option [ 55.390118][ T4866] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.410778][ T4869] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 55.427227][ T4869] EXT4-fs (loop1): 1 orphan inode deleted [ 55.428629][ T3289] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.432958][ T4869] EXT4-fs (loop1): 1 truncate cleaned up [ 55.476720][ T4866] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.526111][ T3289] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.546181][ T4883] loop1: detected capacity change from 0 to 512 [ 55.552704][ T4883] EXT4-fs: Ignoring removed nobh option [ 55.560393][ T4883] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 55.571725][ T4866] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.586767][ T4883] EXT4-fs (loop1): 1 truncate cleaned up [ 55.611397][ T3289] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.637096][ T4866] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.670845][ T3289] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.724080][ T4902] syz.1.571[4902] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 55.724899][ T4902] syz.1.571[4902] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 55.727202][ T4866] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.797029][ T4866] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.808353][ T4866] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.832564][ T4866] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.843651][ T3289] bridge_slave_1: left allmulticast mode [ 55.849348][ T3289] bridge_slave_1: left promiscuous mode [ 55.855079][ T3289] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.863811][ T3289] bridge_slave_0: left allmulticast mode [ 55.869583][ T3289] bridge_slave_0: left promiscuous mode [ 55.875212][ T3289] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.898111][ T4914] loop0: detected capacity change from 0 to 512 [ 55.905228][ T4914] EXT4-fs: Ignoring removed nobh option [ 55.911049][ T4914] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 55.929233][ T4914] EXT4-fs (loop0): 1 truncate cleaned up [ 56.037525][ T3289] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 56.049545][ T3289] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 56.060235][ T3289] bond0 (unregistering): Released all slaves [ 56.070534][ T4876] chnl_net:caif_netlink_parms(): no params data found [ 56.080050][ T4918] netlink: 8 bytes leftover after parsing attributes in process `+}[@'. [ 56.088486][ T4918] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 56.097091][ T4922] netlink: 24 bytes leftover after parsing attributes in process `syz.0.576'. [ 56.146614][ T4876] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.153722][ T4876] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.161247][ T4876] bridge_slave_0: entered allmulticast mode [ 56.161943][ T4936] FAULT_INJECTION: forcing a failure. [ 56.161943][ T4936] name failslab, interval 1, probability 0, space 0, times 0 [ 56.167978][ T4876] bridge_slave_0: entered promiscuous mode [ 56.179744][ T4936] CPU: 0 UID: 0 PID: 4936 Comm: syz.2.584 Not tainted 6.11.0-rc7-syzkaller-00093-gfdf042df0463 #0 [ 56.196237][ T4936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 56.206280][ T4936] Call Trace: [ 56.209545][ T4936] [ 56.212463][ T4936] dump_stack_lvl+0xf2/0x150 [ 56.217048][ T4936] dump_stack+0x15/0x20 [ 56.221193][ T4936] should_fail_ex+0x229/0x230 [ 56.225933][ T4936] ? nf_ct_ext_add+0xe6/0x1a0 [ 56.230597][ T4936] should_failslab+0x8f/0xb0 [ 56.235220][ T4936] __kmalloc_node_track_caller_noprof+0xa6/0x380 [ 56.241652][ T4936] krealloc_noprof+0x48/0xa0 [ 56.246234][ T4936] nf_ct_ext_add+0xe6/0x1a0 [ 56.250728][ T4936] init_conntrack+0x539/0x970 [ 56.255396][ T4936] nf_conntrack_in+0x89c/0xf20 [ 56.260152][ T4936] ? __pfx_ipv6_conntrack_in+0x10/0x10 [ 56.265684][ T4936] ipv6_conntrack_in+0x1d/0x30 [ 56.270447][ T4936] nf_hook_slow+0x86/0x1b0 [ 56.274860][ T4936] ipv6_rcv+0x113/0x150 [ 56.279164][ T4936] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 56.284358][ T4936] __netif_receive_skb+0xa2/0x280 [ 56.289467][ T4936] netif_receive_skb+0x4a/0x320 [ 56.294309][ T4936] ? virtio_net_hdr_to_skb+0x6d4/0xb90 [ 56.299792][ T4936] ? tun_rx_batched+0xba/0x410 [ 56.304614][ T4936] tun_rx_batched+0xf0/0x410 [ 56.309265][ T4936] tun_get_user+0x1e77/0x24b0 [ 56.313947][ T4936] ? ref_tracker_alloc+0x1f5/0x2f0 [ 56.319168][ T4936] tun_chr_write_iter+0x18e/0x240 [ 56.324189][ T4936] vfs_write+0x78f/0x900 [ 56.328547][ T4936] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 56.334091][ T4936] ksys_write+0xeb/0x1b0 [ 56.338324][ T4936] __x64_sys_write+0x42/0x50 [ 56.342907][ T4936] x64_sys_call+0x27dd/0x2d60 [ 56.347602][ T4936] do_syscall_64+0xc9/0x1c0 [ 56.352186][ T4936] ? clear_bhb_loop+0x55/0xb0 [ 56.356865][ T4936] ? clear_bhb_loop+0x55/0xb0 [ 56.361550][ T4936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.367476][ T4936] RIP: 0033:0x7efd19a9c9df [ 56.371878][ T4936] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 56.391621][ T4936] RSP: 002b:00007efd18711000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 56.400020][ T4936] RAX: ffffffffffffffda RBX: 00007efd19c55f80 RCX: 00007efd19a9c9df [ 56.408076][ T4936] RDX: 000000000000004a RSI: 0000000020000040 RDI: 00000000000000c8 [ 56.416034][ T4936] RBP: 00007efd18711090 R08: 0000000000000000 R09: 0000000000000000 [ 56.423993][ T4936] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001 [ 56.431965][ T4936] R13: 0000000000000000 R14: 00007efd19c55f80 R15: 00007ffd78769f58 [ 56.439932][ T4936] [ 56.448892][ T4876] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.456105][ T4876] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.463526][ T4876] bridge_slave_1: entered allmulticast mode [ 56.470399][ T4876] bridge_slave_1: entered promiscuous mode [ 56.498096][ T3289] hsr_slave_0: left promiscuous mode [ 56.500249][ T4946] netlink: 8 bytes leftover after parsing attributes in process `syz.1.587'. [ 56.512579][ T3289] hsr_slave_1: left promiscuous mode [ 56.518458][ T3289] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 56.525924][ T3289] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 56.533553][ T3289] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 56.541051][ T3289] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 56.550715][ T3289] veth1_macvtap: left promiscuous mode [ 56.556400][ T3289] veth0_macvtap: left promiscuous mode [ 56.562078][ T3289] veth1_vlan: left promiscuous mode [ 56.567411][ T3289] veth0_vlan: left promiscuous mode [ 56.629589][ T4960] loop4: detected capacity change from 0 to 512 [ 56.637296][ T4960] EXT4-fs: Ignoring removed nobh option [ 56.643203][ T4960] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 56.656214][ T4960] EXT4-fs (loop4): 1 truncate cleaned up [ 56.705038][ T3289] team0 (unregistering): Port device team_slave_1 removed [ 56.717074][ T3289] team0 (unregistering): Port device team_slave_0 removed [ 56.762928][ T4876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.768568][ T4967] syz.2.593[4967] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.772836][ T4967] syz.2.593[4967] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.790513][ T4946] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.813559][ T4965] netlink: 24 bytes leftover after parsing attributes in process `syz.4.592'. [ 56.825171][ T4967] loop2: detected capacity change from 0 to 8192 [ 56.835287][ T4876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.855631][ T4876] team0: Port device team_slave_0 added [ 56.862244][ T4876] team0: Port device team_slave_1 added [ 56.875373][ T4967] loop2: p1 p4 [ 56.879800][ T4967] loop2: p4 start 50689 is beyond EOD, truncated [ 56.892493][ T4946] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 56.903861][ T4876] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.910831][ T4876] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.936800][ T4876] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.948034][ T4876] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.955062][ T4876] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.980975][ T4876] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.017868][ T4946] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.031921][ T4876] hsr_slave_0: entered promiscuous mode [ 57.038450][ T4876] hsr_slave_1: entered promiscuous mode [ 57.048700][ T4876] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.056436][ T4876] Cannot create hsr debugfs directory [ 57.081040][ T4946] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.141731][ T4946] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.152888][ T4946] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.164891][ T4946] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.176532][ T4946] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.214823][ T4995] loop1: detected capacity change from 0 to 512 [ 57.221415][ T4995] EXT4-fs: Ignoring removed nobh option [ 57.227342][ T4995] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 57.240831][ T4995] EXT4-fs (loop1): 1 truncate cleaned up [ 57.251021][ T4995] netlink: 24 bytes leftover after parsing attributes in process `syz.1.603'. [ 57.364470][ T4876] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 57.376561][ T4876] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 57.391062][ T4876] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 57.399960][ T4876] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 57.458875][ T5018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.621'. [ 57.470223][ T5021] netlink: 8 bytes leftover after parsing attributes in process `syz.4.613'. [ 57.475373][ T4876] 8021q: adding VLAN 0 to HW filter on device bond0 [ 57.490671][ T5021] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.512388][ T4876] 8021q: adding VLAN 0 to HW filter on device team0 [ 57.531414][ T4876] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 57.541871][ T4876] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 57.555755][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.562816][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.571560][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.578702][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.609459][ T5021] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.619150][ T5029] loop0: detected capacity change from 0 to 512 [ 57.626998][ T5029] EXT4-fs: Ignoring removed orlov option [ 57.633678][ T5029] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 57.648989][ T5029] EXT4-fs (loop0): 1 orphan inode deleted [ 57.654997][ T5029] EXT4-fs (loop0): 1 truncate cleaned up [ 57.676721][ T5021] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.712548][ T4876] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 57.716893][ T5036] loop0: detected capacity change from 0 to 512 [ 57.726364][ T5036] EXT4-fs: Ignoring removed nobh option [ 57.733802][ T5021] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.743900][ T5036] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 57.755215][ T5036] EXT4-fs (loop0): 1 truncate cleaned up [ 57.813768][ T5021] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.843398][ T5021] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.873719][ T5021] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.890058][ T5021] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.915921][ T4876] veth0_vlan: entered promiscuous mode [ 57.932257][ T4876] veth1_vlan: entered promiscuous mode [ 57.966002][ T4876] veth0_macvtap: entered promiscuous mode [ 57.982359][ T4876] veth1_macvtap: entered promiscuous mode [ 58.008462][ T4876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.018957][ T4876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.028883][ T4876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.039334][ T4876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.049185][ T4876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.059676][ T4876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.069656][ T4876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.080272][ T4876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.091941][ T4876] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.102716][ T4876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.113378][ T4876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.123211][ T4876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.133641][ T4876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.143481][ T4876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.153912][ T4876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.163725][ T4876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.174244][ T4876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.203028][ T4876] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.217800][ T4876] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.226557][ T4876] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.235288][ T4876] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.244050][ T4876] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.283575][ T29] kauditd_printk_skb: 466 callbacks suppressed [ 58.283589][ T29] audit: type=1400 audit(1726219151.600:3861): avc: denied { relabelfrom } for pid=5077 comm="syz.1.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 58.309718][ T29] audit: type=1400 audit(1726219151.600:3862): avc: denied { relabelto } for pid=5077 comm="syz.1.631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 58.374616][ T29] audit: type=1400 audit(1726219151.690:3863): avc: denied { mounton } for pid=4876 comm="syz-executor" path="/root/syzkaller.ayTFsk/syz-tmp" dev="sda1" ino=1950 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 58.399217][ T29] audit: type=1400 audit(1726219151.690:3864): avc: denied { mount } for pid=4876 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 58.421366][ T29] audit: type=1400 audit(1726219151.690:3865): avc: denied { mount } for pid=4876 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 58.436711][ T5086] loop0: detected capacity change from 0 to 512 [ 58.451722][ T5086] EXT4-fs: Ignoring removed nobh option [ 58.464721][ T5086] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 58.487158][ T5084] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.497716][ T5086] EXT4-fs (loop0): 1 truncate cleaned up [ 58.501657][ T29] audit: type=1400 audit(1726219151.750:3866): avc: denied { mounton } for pid=4876 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=454 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 58.534412][ T29] audit: type=1326 audit(1726219151.850:3867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.3.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 58.558241][ T29] audit: type=1326 audit(1726219151.850:3868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5090 comm="syz.3.564" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 58.582588][ T29] audit: type=1326 audit(1726219151.850:3869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5088 comm="syz.1.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 58.605907][ T29] audit: type=1326 audit(1726219151.850:3870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5088 comm="syz.1.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 58.638689][ T5084] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.674151][ T5099] loop3: detected capacity change from 0 to 512 [ 58.685338][ T5099] EXT4-fs: Ignoring removed orlov option [ 58.698529][ T5084] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.708622][ T5099] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 58.736523][ T5099] EXT4-fs (loop3): 1 orphan inode deleted [ 58.742410][ T5099] EXT4-fs (loop3): 1 truncate cleaned up [ 58.750317][ T5084] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.808673][ T5107] loop1: detected capacity change from 0 to 512 [ 58.866163][ T5107] ext4 filesystem being mounted at /135/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 59.057628][ T5140] loop1: detected capacity change from 0 to 512 [ 59.076488][ T5140] EXT4-fs: Ignoring removed nobh option [ 59.084775][ T5140] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 59.091097][ T5146] loop3: detected capacity change from 0 to 512 [ 59.104340][ T5146] EXT4-fs: Ignoring removed orlov option [ 59.111213][ T5146] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 59.122700][ T5140] EXT4-fs (loop1): 1 truncate cleaned up [ 59.122934][ T5146] EXT4-fs (loop3): 1 orphan inode deleted [ 59.134111][ T5146] EXT4-fs (loop3): 1 truncate cleaned up [ 59.445695][ T5178] loop1: detected capacity change from 0 to 512 [ 59.452211][ T5178] EXT4-fs: Ignoring removed orlov option [ 59.475242][ T5178] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 59.498069][ T5178] EXT4-fs (loop1): 1 orphan inode deleted [ 59.503787][ T5178] EXT4-fs (loop1): 1 truncate cleaned up [ 59.747102][ T5217] loop3: detected capacity change from 0 to 512 [ 59.756311][ T5217] EXT4-fs: Ignoring removed orlov option [ 59.763542][ T5217] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 59.776182][ T5217] EXT4-fs (loop3): 1 orphan inode deleted [ 59.781957][ T5217] EXT4-fs (loop3): 1 truncate cleaned up [ 60.251510][ T5282] __nla_validate_parse: 9 callbacks suppressed [ 60.251523][ T5282] netlink: 24 bytes leftover after parsing attributes in process `syz.1.711'. [ 60.631465][ T5327] netlink: 8 bytes leftover after parsing attributes in process `syz.1.729'. [ 60.644386][ T5327] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.667800][ T5327] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.716464][ T5327] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.779195][ T5327] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.029765][ T5353] netlink: 8 bytes leftover after parsing attributes in process `syz.3.741'. [ 61.045210][ T5353] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.331384][ T29] kauditd_printk_skb: 627 callbacks suppressed [ 63.331398][ T29] audit: type=1326 audit(1726219156.650:4498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5446 comm="syz.2.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 63.361675][ T29] audit: type=1326 audit(1726219156.650:4499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5446 comm="syz.2.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 63.385092][ T29] audit: type=1326 audit(1726219156.650:4500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5446 comm="syz.2.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 63.408433][ T29] audit: type=1326 audit(1726219156.650:4501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5446 comm="syz.2.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 63.431893][ T29] audit: type=1326 audit(1726219156.650:4502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5446 comm="syz.2.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 63.455337][ T29] audit: type=1326 audit(1726219156.650:4503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5446 comm="syz.2.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 63.478702][ T29] audit: type=1326 audit(1726219156.650:4504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5446 comm="syz.2.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 63.502214][ T29] audit: type=1326 audit(1726219156.650:4505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5446 comm="syz.2.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 63.525747][ T29] audit: type=1326 audit(1726219156.650:4506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5446 comm="syz.2.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 63.549048][ T29] audit: type=1326 audit(1726219156.650:4507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5446 comm="syz.2.779" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd19a9def9 code=0x7ffc0000 [ 63.582572][ T5327] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.593671][ T5327] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.604744][ T5327] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.616964][ T5327] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.734140][ T5458] loop1: detected capacity change from 0 to 128 [ 63.990131][ T5084] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.000802][ T5084] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.011636][ T5084] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.021919][ T5084] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.042823][ T5477] netlink: 8 bytes leftover after parsing attributes in process `syz.0.801'. [ 64.064545][ T5477] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.112221][ T5477] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.170327][ T5353] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.190108][ T5477] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.218559][ T5353] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.263072][ T5477] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.311339][ T5353] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.349977][ T5477] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.360596][ T5477] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.371597][ T5477] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.382511][ T5477] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.394131][ T5353] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.405832][ T5353] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.418048][ T5483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.792'. [ 64.418379][ T5353] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.438770][ T5353] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.448546][ T5483] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.506505][ T5483] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.558935][ T5483] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.617141][ T5483] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.638877][ T5504] netlink: 24 bytes leftover after parsing attributes in process `syz.3.802'. [ 64.852646][ T5514] netlink: 8 bytes leftover after parsing attributes in process `syz.3.806'. [ 64.863285][ T5514] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.916356][ T5514] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.966649][ T5514] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.008576][ T5514] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.565638][ T5540] netlink: 24 bytes leftover after parsing attributes in process `syz.1.817'. [ 65.750861][ T5555] loop2: detected capacity change from 0 to 128 [ 65.758636][ T5555] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 65.967761][ T5567] netlink: 24 bytes leftover after parsing attributes in process `syz.1.828'. [ 66.695212][ T5583] program syz.2.835 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 66.706747][ T5583] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 66.781031][ T5595] netlink: 24 bytes leftover after parsing attributes in process `syz.2.840'. [ 67.750338][ T5625] netlink: 24 bytes leftover after parsing attributes in process `syz.1.852'. [ 67.869509][ T5644] netlink: 8 bytes leftover after parsing attributes in process `syz.1.860'. [ 67.881895][ T5644] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.949594][ T5644] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.973007][ T5657] netlink: 24 bytes leftover after parsing attributes in process `syz.4.865'. [ 67.996907][ T5644] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.096634][ T5644] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 69.014403][ T29] kauditd_printk_skb: 200 callbacks suppressed [ 69.014415][ T29] audit: type=1326 audit(1726219162.330:4708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 69.044262][ T29] audit: type=1326 audit(1726219162.330:4709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 69.067682][ T29] audit: type=1326 audit(1726219162.330:4710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 69.091224][ T29] audit: type=1326 audit(1726219162.330:4711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 69.114835][ T29] audit: type=1326 audit(1726219162.330:4712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 69.138164][ T29] audit: type=1326 audit(1726219162.330:4713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 69.161464][ T29] audit: type=1326 audit(1726219162.330:4714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 69.184829][ T29] audit: type=1326 audit(1726219162.330:4715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 69.208110][ T29] audit: type=1326 audit(1726219162.330:4716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 69.231504][ T29] audit: type=1326 audit(1726219162.330:4717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5679 comm="syz.4.874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 69.579731][ T5644] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.590240][ T5644] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.600947][ T5644] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.611558][ T5644] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.029471][ T5514] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.040491][ T5514] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.051156][ T5514] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.071976][ T5514] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.103871][ T5733] netlink: 8 bytes leftover after parsing attributes in process `syz.1.905'. [ 70.114564][ T5733] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.176361][ T5733] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.257096][ T5733] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.295880][ T5740] loop4: detected capacity change from 0 to 2048 [ 70.307301][ T5733] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.313258][ T5740] EXT4-fs mount: 32 callbacks suppressed [ 70.313271][ T5740] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.349110][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.393365][ T5483] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.406660][ T5483] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.428478][ T5483] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.441153][ T5483] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.587957][ T5776] loop4: detected capacity change from 0 to 2048 [ 70.606096][ T5776] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.630987][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.911967][ T5801] loop4: detected capacity change from 0 to 1024 [ 70.921158][ T5801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.945832][ T5801] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.923: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 71.168199][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.195470][ T5806] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 71.252117][ T5811] loop2: detected capacity change from 0 to 256 [ 71.259073][ T5811] msdos: Bad value for 'gid' [ 71.263654][ T5811] msdos: Bad value for 'gid' [ 71.458641][ T5836] loop3: detected capacity change from 0 to 2048 [ 71.478165][ T5836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.505560][ T4876] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.539915][ T5846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.939'. [ 71.552922][ T5846] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.599227][ T5846] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.646134][ T5846] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.686370][ T5846] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.459666][ T5878] netlink: 24 bytes leftover after parsing attributes in process `syz.2.955'. [ 72.460886][ T5876] Cannot find set identified by id 0 to match [ 72.504343][ T5876] loop0: detected capacity change from 0 to 1024 [ 72.516792][ T5876] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 72.538715][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.617900][ T5892] loop0: detected capacity change from 0 to 2048 [ 72.636616][ T5892] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.688990][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.732061][ T5908] netlink: 24 bytes leftover after parsing attributes in process `syz.0.967'. [ 72.919672][ T5929] loop4: detected capacity change from 0 to 2048 [ 72.936134][ T5929] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.943775][ T5935] netlink: 24 bytes leftover after parsing attributes in process `syz.0.979'. [ 72.973517][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.214409][ T5958] loop4: detected capacity change from 0 to 2048 [ 73.227010][ T5962] netlink: 24 bytes leftover after parsing attributes in process `syz.0.992'. [ 73.238067][ T5958] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.266540][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.381161][ T5983] loop0: detected capacity change from 0 to 1024 [ 73.388136][ T5983] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 73.399611][ T5983] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 73.408242][ T5983] EXT4-fs (loop0): too many log groups per flexible block group [ 73.416022][ T5983] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 73.423338][ T5983] EXT4-fs (loop0): mount failed [ 73.436631][ T5983] netlink: 20 bytes leftover after parsing attributes in process `syz.0.997'. [ 73.894445][ T5992] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1003'. [ 73.972199][ T5998] loop4: detected capacity change from 0 to 2048 [ 73.996090][ T5998] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.018921][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.130875][ T29] kauditd_printk_skb: 837 callbacks suppressed [ 74.130889][ T29] audit: type=1326 audit(1726219167.450:5555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 74.176332][ T29] audit: type=1326 audit(1726219167.450:5556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 74.199826][ T29] audit: type=1326 audit(1726219167.450:5557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 74.223311][ T29] audit: type=1326 audit(1726219167.450:5558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 74.246698][ T29] audit: type=1326 audit(1726219167.450:5559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 74.270072][ T29] audit: type=1326 audit(1726219167.450:5560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 74.293504][ T29] audit: type=1326 audit(1726219167.480:5561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 74.316910][ T29] audit: type=1326 audit(1726219167.480:5562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 74.340288][ T29] audit: type=1326 audit(1726219167.490:5563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 74.363779][ T29] audit: type=1326 audit(1726219167.490:5564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.4.1012" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c61efdef9 code=0x7ffc0000 [ 74.403923][ T6019] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1015'. [ 74.440252][ T6021] loop0: detected capacity change from 0 to 512 [ 74.447136][ T6021] EXT4-fs: Ignoring removed nobh option [ 74.453256][ T6021] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 74.466351][ T6021] EXT4-fs (loop0): 1 truncate cleaned up [ 74.472363][ T6021] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.490850][ T6021] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1016'. [ 74.518703][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.649058][ T6041] loop2: detected capacity change from 0 to 2048 [ 74.673075][ T6041] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.686642][ T6052] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1027'. [ 74.736854][ T3264] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.784386][ T6069] loop0: detected capacity change from 0 to 128 [ 74.791772][ T6069] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 74.809616][ T6069] tap0: tun_chr_ioctl cmd 1074025681 [ 74.815647][ T6069] IPVS: set_ctl: invalid protocol: 12 100.1.1.2:20000 [ 75.078218][ T6098] loop0: detected capacity change from 0 to 2048 [ 75.096173][ T6098] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.118880][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.510054][ T5846] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.520603][ T5846] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.530658][ T5846] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.541348][ T5846] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.592339][ T6127] loop4: detected capacity change from 0 to 2048 [ 75.606570][ T6127] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.629998][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.714648][ T5733] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.739471][ T5733] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.754929][ T5733] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.766876][ T6153] loop3: detected capacity change from 0 to 128 [ 75.779535][ T5733] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.819766][ T6153] syz.3.1070: attempt to access beyond end of device [ 75.819766][ T6153] loop3: rw=2049, sector=377, nr_sectors = 1 limit=128 [ 75.831298][ T6158] loop1: detected capacity change from 0 to 2048 [ 75.833202][ T6153] Buffer I/O error on dev loop3, logical block 377, lost async page write [ 75.848782][ T6153] syz.3.1070: attempt to access beyond end of device [ 75.848782][ T6153] loop3: rw=2049, sector=378, nr_sectors = 1 limit=128 [ 75.862223][ T6153] Buffer I/O error on dev loop3, logical block 378, lost async page write [ 75.870936][ T6153] syz.3.1070: attempt to access beyond end of device [ 75.870936][ T6153] loop3: rw=2049, sector=379, nr_sectors = 1 limit=128 [ 75.884337][ T6153] Buffer I/O error on dev loop3, logical block 379, lost async page write [ 75.893231][ T6153] syz.3.1070: attempt to access beyond end of device [ 75.893231][ T6153] loop3: rw=2049, sector=380, nr_sectors = 1 limit=128 [ 75.906654][ T6153] Buffer I/O error on dev loop3, logical block 380, lost async page write [ 75.921222][ T6158] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 75.982818][ T3261] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.007651][ T6177] pim6reg1: entered promiscuous mode [ 76.013010][ T6177] pim6reg1: entered allmulticast mode [ 76.026950][ T6179] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.068393][ T6179] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.148556][ T6179] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.194428][ T6206] loop0: detected capacity change from 0 to 2048 [ 76.217493][ T6206] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.246998][ T6179] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.272005][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.326892][ T6179] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.347761][ T6179] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.359017][ T6179] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.373017][ T6179] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.468674][ T6252] loop4: detected capacity change from 0 to 2048 [ 76.489599][ T6252] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.533796][ T6265] loop2: detected capacity change from 0 to 128 [ 76.550165][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.577530][ T6270] __nla_validate_parse: 7 callbacks suppressed [ 76.577624][ T6270] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1119'. [ 76.591246][ T6272] loop4: detected capacity change from 0 to 1024 [ 76.600163][ T6272] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 76.603200][ T6270] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.611766][ T6272] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 76.655076][ T6278] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1121'. [ 76.707439][ T6270] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.767684][ T6270] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.788862][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.829039][ T6297] loop4: detected capacity change from 0 to 2048 [ 76.847245][ T6297] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.866848][ T6270] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.895600][ T6308] loop3: detected capacity change from 0 to 128 [ 76.902748][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.921385][ T6270] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.932913][ T6270] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.941664][ T6310] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1135'. [ 76.957534][ T6270] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.968997][ T6270] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.016512][ T6318] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1139'. [ 77.026124][ T6318] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1139'. [ 77.133423][ T6338] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1147'. [ 77.152921][ T6340] loop0: detected capacity change from 0 to 2048 [ 77.173413][ T6344] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1149'. [ 77.183640][ T6340] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.199538][ T6344] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.220163][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.266486][ T6344] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.317079][ T6344] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.410076][ T6344] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 77.434163][ T6373] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1160'. [ 77.530549][ T6379] loop0: detected capacity change from 0 to 2048 [ 77.548275][ T6317] syz.3.1139 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 77.559339][ T6317] CPU: 1 UID: 0 PID: 6317 Comm: syz.3.1139 Not tainted 6.11.0-rc7-syzkaller-00093-gfdf042df0463 #0 [ 77.570007][ T6317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 77.580052][ T6317] Call Trace: [ 77.583324][ T6317] [ 77.586243][ T6317] dump_stack_lvl+0xf2/0x150 [ 77.590832][ T6317] dump_stack+0x15/0x20 [ 77.595035][ T6317] dump_header+0x83/0x2d0 [ 77.599370][ T6317] oom_kill_process+0x341/0x4c0 [ 77.604295][ T6317] out_of_memory+0x9af/0xbe0 [ 77.608917][ T6317] mem_cgroup_out_of_memory+0x13e/0x190 [ 77.614487][ T6317] try_charge_memcg+0x51b/0x810 [ 77.619407][ T6317] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 77.625467][ T6317] __read_swap_cache_async+0x2b7/0x520 [ 77.630923][ T6317] swap_cluster_readahead+0x276/0x3f0 [ 77.636338][ T6317] swapin_readahead+0xe4/0x760 [ 77.641093][ T6317] ? __filemap_get_folio+0x420/0x5b0 [ 77.646427][ T6317] ? swap_cache_get_folio+0x77/0x210 [ 77.651705][ T6317] do_swap_page+0x3da/0x1ef0 [ 77.656285][ T6317] ? hrtimer_start_range_ns+0x53d/0x580 [ 77.661825][ T6317] ? hrtimer_try_to_cancel+0x106/0x1d0 [ 77.667373][ T6317] ? __rcu_read_lock+0x36/0x50 [ 77.672256][ T6317] ? pte_offset_map_nolock+0x124/0x1d0 [ 77.677770][ T6317] handle_mm_fault+0x8cb/0x2a30 [ 77.682618][ T6317] exc_page_fault+0x3b9/0x650 [ 77.687383][ T6317] asm_exc_page_fault+0x26/0x30 [ 77.692228][ T6317] RIP: 0033:0x7fa9421e19dc [ 77.696627][ T6317] Code: 72 64 0f 1f 40 00 69 3d d6 3c e1 00 e8 03 00 00 48 8d 1d b7 45 2e 00 e8 82 c4 12 00 eb 0c 48 81 c3 d8 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 d8 00 00 [ 77.716283][ T6317] RSP: 002b:00007ffc07542f30 EFLAGS: 00010206 [ 77.722332][ T6317] RAX: 0000000000000000 RBX: 00007fa9424c5f80 RCX: 0000000000000000 [ 77.730288][ T6317] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055558284e808 [ 77.738243][ T6317] RBP: 00007fa9424c7a80 R08: 0000000000000000 R09: 7fffffffffffffff [ 77.746278][ T6317] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000013001 [ 77.754236][ T6317] R13: 00007ffc07543030 R14: 0000000000000032 R15: ffffffffffffffff [ 77.762199][ T6317] [ 77.765493][ T6317] memory: usage 307200kB, limit 307200kB, failcnt 318 [ 77.772585][ T6317] memory+swap: usage 307388kB, limit 9007199254740988kB, failcnt 0 [ 77.780518][ T6317] kmem: usage 307048kB, limit 9007199254740988kB, failcnt 0 [ 77.787836][ T6317] Memory cgroup stats for /syz3: [ 77.788739][ T6317] cache 135168 [ 77.795554][ T6379] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.797103][ T6317] rss 0 [ 77.811840][ T6317] shmem 0 [ 77.814846][ T6317] mapped_file 135168 [ 77.818730][ T6317] dirty 135168 [ 77.822094][ T6317] writeback 8192 [ 77.825653][ T6317] workingset_refault_anon 3 [ 77.830217][ T6317] workingset_refault_file 0 [ 77.834724][ T6317] swap 192512 [ 77.838000][ T6317] swapcached 20480 [ 77.841729][ T6317] pgpgin 128768 [ 77.845250][ T6317] pgpgout 128730 [ 77.848789][ T6317] pgfault 134291 [ 77.852323][ T6317] pgmajfault 8 [ 77.855691][ T6317] inactive_anon 20480 [ 77.859656][ T6317] active_anon 0 [ 77.863110][ T6317] inactive_file 135168 [ 77.867212][ T6317] active_file 0 [ 77.870655][ T6317] unevictable 0 [ 77.874100][ T6317] hierarchical_memory_limit 314572800 [ 77.879551][ T6317] hierarchical_memsw_limit 9223372036854771712 [ 77.885783][ T6317] total_cache 135168 [ 77.889666][ T6317] total_rss 0 [ 77.892971][ T6317] total_shmem 0 [ 77.896486][ T6317] total_mapped_file 135168 [ 77.900923][ T6317] total_dirty 135168 [ 77.904821][ T6317] total_writeback 8192 [ 77.908880][ T6317] total_workingset_refault_anon 3 [ 77.913888][ T6317] total_workingset_refault_file 0 [ 77.918904][ T6317] total_swap 192512 [ 77.922739][ T6317] total_swapcached 20480 [ 77.927034][ T6317] total_pgpgin 128768 [ 77.931004][ T6317] total_pgpgout 128730 [ 77.935069][ T6317] total_pgfault 134291 [ 77.939168][ T6317] total_pgmajfault 8 [ 77.943047][ T6317] total_inactive_anon 20480 [ 77.947543][ T6317] total_active_anon 0 [ 77.951654][ T6317] total_inactive_file 135168 [ 77.956237][ T6317] total_active_file 0 [ 77.960212][ T6317] total_unevictable 0 [ 77.964190][ T6317] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.1139,pid=6317,uid=0 [ 77.979070][ T6317] Memory cgroup out of memory: Killed process 6317 (syz.3.1139) total-vm:89164kB, anon-rss:612kB, file-rss:16032kB, shmem-rss:0kB, UID:0 pgtables:112kB oom_score_adj:1000 [ 78.017814][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.097092][ T6403] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1172'. [ 78.168365][ T6416] loop3: detected capacity change from 0 to 2048 [ 78.186995][ T6416] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.212453][ T6424] pim6reg1: entered promiscuous mode [ 78.217783][ T6424] pim6reg1: entered allmulticast mode [ 78.229185][ T6427] loop0: detected capacity change from 0 to 128 [ 78.236131][ T6427] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 78.251594][ T4876] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.343942][ T6438] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1187'. [ 78.543619][ T6462] loop3: detected capacity change from 0 to 2048 [ 78.556584][ T6462] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.578467][ T4876] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 78.820765][ T6491] loop3: detected capacity change from 0 to 2048 [ 78.846330][ T6491] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 78.866855][ T4876] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.135702][ T29] kauditd_printk_skb: 1081 callbacks suppressed [ 79.135717][ T29] audit: type=1326 audit(1726219172.460:6646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz.0.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 79.166519][ T29] audit: type=1326 audit(1726219172.460:6647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz.0.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 79.190052][ T29] audit: type=1326 audit(1726219172.460:6648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz.0.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 79.213443][ T29] audit: type=1326 audit(1726219172.460:6649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz.0.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 79.236876][ T29] audit: type=1326 audit(1726219172.460:6650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz.0.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 79.260283][ T29] audit: type=1326 audit(1726219172.460:6651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz.0.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 79.283657][ T29] audit: type=1326 audit(1726219172.470:6652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz.0.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 79.307060][ T29] audit: type=1326 audit(1726219172.470:6653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz.0.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 79.330459][ T29] audit: type=1326 audit(1726219172.470:6654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz.0.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 79.353995][ T29] audit: type=1326 audit(1726219172.470:6655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6507 comm="syz.0.1216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 79.443875][ T6521] loop4: detected capacity change from 0 to 2048 [ 79.456277][ T6521] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.500530][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.707411][ T6561] loop0: detected capacity change from 0 to 2048 [ 79.715864][ T6561] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 79.737416][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 79.958666][ T6593] loop0: detected capacity change from 0 to 2048 [ 79.977025][ T6593] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.002628][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.190156][ T6635] loop0: detected capacity change from 0 to 2048 [ 80.206099][ T6635] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.230539][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.256089][ T6643] program syz.0.1270 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 80.265966][ T6643] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 80.346317][ T6657] pim6reg1: entered promiscuous mode [ 80.351646][ T6657] pim6reg1: entered allmulticast mode [ 80.454483][ T6668] loop4: detected capacity change from 0 to 2048 [ 80.466313][ T6668] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.503219][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.647546][ T6710] loop0: detected capacity change from 0 to 2048 [ 80.667219][ T6710] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.703607][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 80.803479][ T6737] program syz.4.1312 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 80.813573][ T6737] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 80.878607][ T6750] loop4: detected capacity change from 0 to 2048 [ 80.896929][ T6750] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 80.919909][ T3268] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.136790][ T6797] loop3: detected capacity change from 0 to 2048 [ 81.145681][ T6797] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.166703][ T4876] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.274858][ T6814] atomic_op ffff888113ce1528 conn xmit_atomic 0000000000000000 [ 81.501637][ T6830] loop3: detected capacity change from 0 to 2048 [ 81.516560][ T6830] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 81.539660][ T4876] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 81.881015][ T6867] loop2: detected capacity change from 0 to 2048 [ 82.023243][ T6894] loop4: detected capacity change from 0 to 128 [ 82.032145][ T6894] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 82.064503][ T6898] loop0: detected capacity change from 0 to 2048 [ 82.260862][ T6920] loop0: detected capacity change from 0 to 512 [ 82.267586][ T6920] EXT4-fs: Ignoring removed mblk_io_submit option [ 82.274014][ T6920] EXT4-fs: Ignoring removed i_version option [ 82.281096][ T6920] EXT4-fs error (device loop0): __ext4_iget:4985: inode #11: block 1: comm syz.0.1390: invalid block [ 82.292105][ T6920] EXT4-fs (loop0): Remounting filesystem read-only [ 82.304848][ T6344] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.305699][ T6920] SELinux: (dev loop0, type ext4) getxattr errno 5 [ 82.315823][ T6344] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.330968][ T6344] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.342225][ T6344] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.423805][ T6928] loop1: detected capacity change from 0 to 2048 [ 82.537642][ T6952] __nla_validate_parse: 7 callbacks suppressed [ 82.537652][ T6952] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1402'. [ 82.567705][ T6952] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.591099][ T6960] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1405'. [ 82.601509][ T6960] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.617242][ T6952] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.666296][ T6960] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.678250][ T6952] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.726694][ T6960] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.756414][ T6952] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.768443][ T6960] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 82.831634][ T6960] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.843272][ T6960] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.854428][ T6960] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.866154][ T6960] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.669829][ T6952] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.711626][ T6952] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.774784][ T6952] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.843746][ T6952] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.895743][ T7035] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1438'. [ 84.020970][ T7048] loop3: detected capacity change from 0 to 2048 [ 84.130285][ T7065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1449'. [ 84.152352][ T7065] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.199256][ T7065] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.233748][ T29] kauditd_printk_skb: 1244 callbacks suppressed [ 84.233762][ T29] audit: type=1326 audit(1726219177.550:7900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7075 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 84.264514][ T29] audit: type=1326 audit(1726219177.550:7901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7075 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 84.287968][ T29] audit: type=1326 audit(1726219177.550:7902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7075 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 84.311567][ T29] audit: type=1326 audit(1726219177.550:7903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7075 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 84.335233][ T29] audit: type=1326 audit(1726219177.550:7904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7075 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 84.358681][ T29] audit: type=1326 audit(1726219177.590:7905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7075 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 84.382167][ T29] audit: type=1326 audit(1726219177.590:7906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7075 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 84.405564][ T29] audit: type=1326 audit(1726219177.590:7907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7075 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 84.429046][ T29] audit: type=1326 audit(1726219177.590:7908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7075 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 84.452471][ T29] audit: type=1326 audit(1726219177.590:7909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7075 comm="syz.1.1452" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6029bcdef9 code=0x7ffc0000 [ 84.496780][ T7065] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 84.518247][ T7086] loop1: detected capacity change from 0 to 2048 [ 84.556728][ T7065] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 85.001954][ T7110] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1467'. [ 85.112447][ T7125] loop2: detected capacity change from 0 to 2048 [ 85.247602][ T7145] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1480'. [ 85.344338][ T7162] loop4: detected capacity change from 0 to 2048 [ 85.426385][ T7180] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1495'. [ 85.435104][ T7184] loop3: detected capacity change from 0 to 1024 [ 85.461942][ T7184] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1497: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 85.808111][ T7218] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1510'. [ 85.808967][ T7213] loop4: detected capacity change from 0 to 2048 [ 85.887293][ T7202] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 86.030506][ T7250] loop3: detected capacity change from 0 to 2048 [ 86.076626][ T7262] loop4: detected capacity change from 0 to 1024 [ 86.179718][ T7285] loop1: detected capacity change from 0 to 2048 [ 86.224304][ T7294] loop4: detected capacity change from 0 to 1024 [ 86.310704][ T7315] syz.4.1553[7315] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.310755][ T7315] syz.4.1553[7315] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 86.325546][ T7318] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 2, id = 0 [ 86.410173][ T7329] loop1: detected capacity change from 0 to 2048 [ 86.461026][ T7339] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1562'. [ 86.524107][ T7352] loop4: detected capacity change from 0 to 1024 [ 86.574491][ T7360] loop1: detected capacity change from 0 to 2048 [ 86.606987][ T7370] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1575'. [ 86.718525][ T7394] loop1: detected capacity change from 0 to 2048 [ 86.900250][ T7434] loop2: detected capacity change from 0 to 2048 [ 87.074033][ T7470] loop4: detected capacity change from 0 to 2048 [ 87.242385][ T7508] loop4: detected capacity change from 0 to 2048 [ 87.447654][ T7539] loop4: detected capacity change from 0 to 2048 [ 87.458160][ T7523] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 87.627852][ T7564] __nla_validate_parse: 5 callbacks suppressed [ 87.627861][ T7564] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1656'. [ 87.686014][ T7569] loop1: detected capacity change from 0 to 2048 [ 87.805056][ T7596] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1669'. [ 87.841112][ T7601] loop4: detected capacity change from 0 to 2048 [ 87.973711][ T7631] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1683'. [ 88.012778][ T7635] loop2: detected capacity change from 0 to 2048 [ 88.118384][ T7663] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1697'. [ 88.204160][ T7673] loop4: detected capacity change from 0 to 2048 [ 88.277440][ T7693] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1709'. [ 88.405774][ T7717] loop4: detected capacity change from 0 to 2048 [ 88.581562][ T7753] loop4: detected capacity change from 0 to 2048 [ 88.757555][ T7784] loop4: detected capacity change from 0 to 2048 [ 89.044388][ T7826] loop4: detected capacity change from 0 to 2048 [ 89.222869][ T7855] loop4: detected capacity change from 0 to 2048 [ 89.288242][ T29] kauditd_printk_skb: 1443 callbacks suppressed [ 89.288255][ T29] audit: type=1326 audit(1726219182.610:9353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.3.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 89.331853][ T29] audit: type=1326 audit(1726219182.640:9354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.3.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 89.355395][ T29] audit: type=1326 audit(1726219182.640:9355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.3.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 89.378860][ T29] audit: type=1326 audit(1726219182.640:9356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.3.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 89.402329][ T29] audit: type=1326 audit(1726219182.640:9357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.3.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 89.425807][ T29] audit: type=1326 audit(1726219182.640:9358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.3.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 89.449258][ T29] audit: type=1326 audit(1726219182.640:9359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.3.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 89.472636][ T29] audit: type=1326 audit(1726219182.640:9360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.3.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 89.496062][ T29] audit: type=1326 audit(1726219182.640:9361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.3.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 89.519403][ T29] audit: type=1326 audit(1726219182.640:9362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7867 comm="syz.3.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 89.575023][ T7879] loop1: detected capacity change from 0 to 256 [ 89.581883][ T7879] msdos: Bad value for 'gid' [ 89.586561][ T7879] msdos: Bad value for 'gid' [ 89.630800][ T7065] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.663905][ T7065] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.685073][ T7065] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.717741][ T7065] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.912004][ T7917] loop3: detected capacity change from 0 to 256 [ 89.919400][ T7917] msdos: Bad value for 'gid' [ 89.924056][ T7917] msdos: Bad value for 'gid' [ 89.932437][ T7919] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1802'. [ 89.988522][ T7926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1805'. [ 90.009706][ T7926] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.087040][ T7926] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.131627][ T7946] Cannot find set identified by id 0 to match [ 90.153973][ T7926] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.155435][ T7946] loop4: detected capacity change from 0 to 1024 [ 90.178986][ T7949] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1816'. [ 90.223066][ T7959] loop0: detected capacity change from 0 to 256 [ 90.240261][ T7959] msdos: Bad value for 'gid' [ 90.244931][ T7959] msdos: Bad value for 'gid' [ 90.251723][ T7926] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.301506][ T7926] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.319573][ T7926] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.355809][ T7926] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.382379][ T7926] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.391733][ T7982] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1831'. [ 90.538724][ T7986] Cannot find set identified by id 0 to match [ 90.549718][ T7995] loop3: detected capacity change from 0 to 1024 [ 90.568538][ T7995] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 90.583711][ T7986] loop2: detected capacity change from 0 to 1024 [ 90.592738][ T7995] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 90.620027][ T7995] EXT4-fs (loop3): too many log groups per flexible block group [ 90.627833][ T7995] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 90.645093][ T7995] EXT4-fs (loop3): mount failed [ 90.667871][ T7995] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1835'. [ 90.706560][ T8015] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.788152][ T8015] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.849207][ T8015] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.929427][ T8015] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.994188][ T8015] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.008142][ T8015] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.019533][ T8015] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.032119][ T8015] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.237627][ T8074] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.307169][ T8074] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.357894][ T8074] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.416840][ T8074] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.491113][ T8095] loop3: detected capacity change from 0 to 256 [ 91.499227][ T8095] msdos: Bad value for 'gid' [ 91.503835][ T8095] msdos: Bad value for 'gid' [ 91.549168][ T8105] loop1: detected capacity change from 0 to 128 [ 91.555694][ T8105] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 91.568263][ T8105] tap0: tun_chr_ioctl cmd 1074025681 [ 91.573787][ T8105] IPVS: set_ctl: invalid protocol: 12 100.1.1.2:20000 [ 91.720624][ T8120] loop1: detected capacity change from 0 to 1024 [ 91.727789][ T8120] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 91.741587][ T8120] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 91.749704][ T8120] EXT4-fs (loop1): too many log groups per flexible block group [ 91.757449][ T8120] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 91.766414][ T8120] EXT4-fs (loop1): mount failed [ 91.818144][ T8133] loop0: detected capacity change from 0 to 256 [ 91.827076][ T8133] msdos: Bad value for 'gid' [ 91.831791][ T8133] msdos: Bad value for 'gid' [ 92.115393][ T8170] loop3: detected capacity change from 0 to 256 [ 92.122073][ T8170] msdos: Bad value for 'gid' [ 92.126750][ T8170] msdos: Bad value for 'gid' [ 92.169277][ T8179] loop0: detected capacity change from 0 to 128 [ 92.179608][ T8179] SELinux: security_context_str_to_sid (system_u) failed with errno=-22 [ 92.196022][ T8179] tap0: tun_chr_ioctl cmd 1074025681 [ 92.201752][ T8179] IPVS: set_ctl: invalid protocol: 12 100.1.1.2:20000 [ 92.311216][ T8196] loop0: detected capacity change from 0 to 256 [ 92.318876][ T8196] msdos: Bad value for 'gid' [ 92.323483][ T8196] msdos: Bad value for 'gid' [ 92.523439][ T8229] loop0: detected capacity change from 0 to 256 [ 92.539981][ T8229] msdos: Bad value for 'gid' [ 92.544603][ T8229] msdos: Bad value for 'gid' [ 92.645251][ T8251] __nla_validate_parse: 19 callbacks suppressed [ 92.645268][ T8251] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1940'. [ 92.762539][ T8269] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1947'. [ 92.866743][ T8282] loop3: detected capacity change from 0 to 1024 [ 92.873704][ T8282] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 92.885437][ T8282] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 92.894187][ T8282] EXT4-fs (loop3): too many log groups per flexible block group [ 92.901915][ T8282] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 92.908911][ T8282] EXT4-fs (loop3): mount failed [ 92.950508][ T8287] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1952'. [ 93.026762][ T8299] loop1: detected capacity change from 0 to 1024 [ 93.042039][ T8299] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 93.064358][ T8299] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 93.072797][ T8299] EXT4-fs (loop1): too many log groups per flexible block group [ 93.080500][ T8299] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 93.087417][ T8299] EXT4-fs (loop1): mount failed [ 93.115929][ T8307] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1959'. [ 93.355953][ T8321] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1965'. [ 93.387048][ T8325] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1967'. [ 93.436760][ T8332] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1970'. [ 93.601432][ T8350] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1978'. [ 93.655081][ T8361] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1983'. [ 93.705960][ T8371] loop3: detected capacity change from 0 to 256 [ 93.712784][ T8371] msdos: Bad value for 'gid' [ 93.717411][ T8371] msdos: Bad value for 'gid' [ 93.782872][ T8382] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1992'. [ 93.963737][ T8404] loop1: detected capacity change from 0 to 1024 [ 93.973523][ T8407] loop0: detected capacity change from 0 to 256 [ 93.980436][ T8404] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 93.991385][ T8407] msdos: Bad value for 'gid' [ 93.995982][ T8407] msdos: Bad value for 'gid' [ 94.003143][ T8404] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 94.019387][ T8404] EXT4-fs (loop1): too many log groups per flexible block group [ 94.027104][ T8404] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 94.044836][ T8404] EXT4-fs (loop1): mount failed [ 94.174571][ T8441] loop3: detected capacity change from 0 to 256 [ 94.181464][ T8441] msdos: Bad value for 'gid' [ 94.186095][ T8441] msdos: Bad value for 'gid' [ 94.302006][ T29] kauditd_printk_skb: 2769 callbacks suppressed [ 94.302091][ T29] audit: type=1326 audit(1726219187.620:12132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.0.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 94.336613][ T29] audit: type=1326 audit(1726219187.620:12133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.0.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 94.360150][ T29] audit: type=1326 audit(1726219187.620:12134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.0.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 94.383635][ T29] audit: type=1326 audit(1726219187.620:12135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.0.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 94.407500][ T29] audit: type=1326 audit(1726219187.620:12136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.0.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 94.431166][ T29] audit: type=1326 audit(1726219187.620:12137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.0.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 94.454731][ T29] audit: type=1326 audit(1726219187.620:12138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.0.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 94.478348][ T29] audit: type=1326 audit(1726219187.620:12139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.0.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 94.501857][ T29] audit: type=1326 audit(1726219187.620:12140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.0.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 94.525302][ T29] audit: type=1326 audit(1726219187.620:12141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8454 comm="syz.0.2021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5f4d56def9 code=0x7ffc0000 [ 94.601710][ T8468] loop3: detected capacity change from 0 to 256 [ 94.609165][ T8468] msdos: Bad value for 'gid' [ 94.613987][ T8468] msdos: Bad value for 'gid' [ 94.811110][ T8500] loop0: detected capacity change from 0 to 256 [ 94.825626][ T8500] msdos: Bad value for 'gid' [ 94.830234][ T8500] msdos: Bad value for 'gid' [ 94.992566][ T8532] loop0: detected capacity change from 0 to 1024 [ 95.005084][ T8532] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 95.016417][ T8532] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 95.024433][ T8532] EXT4-fs (loop0): too many log groups per flexible block group [ 95.032111][ T8532] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 95.057141][ T8532] EXT4-fs (loop0): mount failed [ 95.060081][ T8539] loop3: detected capacity change from 0 to 256 [ 95.068758][ T8539] msdos: Bad value for 'gid' [ 95.073354][ T8539] msdos: Bad value for 'gid' [ 95.236698][ T8566] loop1: detected capacity change from 0 to 256 [ 95.243648][ T8566] msdos: Bad value for 'gid' [ 95.248321][ T8566] msdos: Bad value for 'gid' [ 95.413768][ T8596] loop1: detected capacity change from 0 to 256 [ 95.414922][ T8596] msdos: Bad value for 'gid' [ 95.424626][ T8596] msdos: Bad value for 'gid' [ 95.628426][ T8629] loop3: detected capacity change from 0 to 256 [ 95.639251][ T8629] msdos: Bad value for 'gid' [ 95.643850][ T8629] msdos: Bad value for 'gid' [ 95.812772][ T8660] loop1: detected capacity change from 0 to 256 [ 95.827989][ T8660] msdos: Bad value for 'gid' [ 95.832608][ T8660] msdos: Bad value for 'gid' [ 95.939771][ T8683] loop2: detected capacity change from 0 to 1024 [ 95.946818][ T8683] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 95.957607][ T8683] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 95.965782][ T8683] EXT4-fs (loop2): too many log groups per flexible block group [ 95.973602][ T8683] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 95.980447][ T8683] EXT4-fs (loop2): mount failed [ 96.006429][ T8692] loop2: detected capacity change from 0 to 256 [ 96.013024][ T8692] msdos: Bad value for 'gid' [ 96.017730][ T8692] msdos: Bad value for 'gid' [ 96.135664][ T8717] loop2: detected capacity change from 0 to 1024 [ 96.156919][ T8720] loop0: detected capacity change from 0 to 256 [ 96.161510][ T8717] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 96.168082][ T8720] msdos: Bad value for 'gid' [ 96.176827][ T8717] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 96.178019][ T8720] msdos: Bad value for 'gid' [ 96.187054][ T8717] EXT4-fs (loop2): too many log groups per flexible block group [ 96.198214][ T8717] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 96.205712][ T8717] EXT4-fs (loop2): mount failed [ 96.327541][ T8745] loop3: detected capacity change from 0 to 256 [ 96.334122][ T8745] msdos: Bad value for 'gid' [ 96.338764][ T8745] msdos: Bad value for 'gid' [ 96.362609][ T8752] loop3: detected capacity change from 0 to 1024 [ 96.369546][ T8752] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 96.384248][ T8752] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 96.392646][ T8752] EXT4-fs (loop3): too many log groups per flexible block group [ 96.400505][ T8752] EXT4-fs (loop3): failed to initialize mballoc (-12) [ 96.407403][ T8752] EXT4-fs (loop3): mount failed [ 96.528780][ T8780] loop3: detected capacity change from 0 to 256 [ 96.537703][ T8780] msdos: Bad value for 'gid' [ 96.542317][ T8780] msdos: Bad value for 'gid' [ 96.635148][ T8793] loop0: detected capacity change from 0 to 1024 [ 96.651357][ T8793] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 96.670985][ T8793] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 96.686269][ T8793] EXT4-fs (loop0): too many log groups per flexible block group [ 96.693924][ T8793] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 96.701301][ T8793] EXT4-fs (loop0): mount failed [ 96.852978][ T8812] loop1: detected capacity change from 0 to 256 [ 96.859510][ T8812] msdos: Bad value for 'gid' [ 96.864092][ T8812] msdos: Bad value for 'gid' [ 97.070601][ T8074] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.080985][ T8074] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.091572][ T8074] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.102029][ T8074] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.123756][ T8823] loop4: detected capacity change from 0 to 512 [ 97.130224][ T8823] EXT4-fs: Ignoring removed orlov option [ 97.136227][ T8823] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 97.147565][ T8823] EXT4-fs (loop4): 1 orphan inode deleted [ 97.153290][ T8823] EXT4-fs (loop4): 1 truncate cleaned up [ 97.474346][ T8847] loop3: detected capacity change from 0 to 128 [ 97.487714][ T8847] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 97.559516][ T8851] pim6reg1: entered promiscuous mode [ 97.564888][ T8851] pim6reg1: entered allmulticast mode [ 97.703636][ T8857] __nla_validate_parse: 19 callbacks suppressed [ 97.703722][ T8857] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2189'. [ 97.720501][ T8857] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.761293][ T8857] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.800767][ T8863] loop1: detected capacity change from 0 to 512 [ 97.807411][ T8863] EXT4-fs: Ignoring removed orlov option [ 97.813293][ T8863] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 97.824454][ T8863] EXT4-fs (loop1): 1 orphan inode deleted [ 97.830223][ T8863] EXT4-fs (loop1): 1 truncate cleaned up [ 97.837528][ T8857] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.878435][ T8857] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 97.930648][ T8857] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.949927][ T8857] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.960667][ T8873] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2194'. [ 97.981377][ T8857] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.003776][ T8857] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.055775][ T8882] pim6reg1: entered promiscuous mode [ 98.061086][ T8882] pim6reg1: entered allmulticast mode [ 98.120281][ T8893] loop0: detected capacity change from 0 to 512 [ 98.138303][ T8893] EXT4-fs: Ignoring removed orlov option [ 98.147860][ T8893] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 98.180548][ T8893] EXT4-fs (loop0): 1 orphan inode deleted [ 98.186370][ T8893] EXT4-fs (loop0): 1 truncate cleaned up [ 98.248043][ T8906] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2208'. [ 98.281641][ T8912] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2211'. [ 98.296935][ T8912] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.352141][ T8923] pim6reg1: entered promiscuous mode [ 98.357530][ T8923] pim6reg1: entered allmulticast mode [ 98.366070][ T8912] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.428242][ T8912] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.474160][ T8927] loop0: detected capacity change from 0 to 512 [ 98.480803][ T8927] EXT4-fs: Ignoring removed orlov option [ 98.486705][ T8927] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 98.498871][ T8927] EXT4-fs (loop0): 1 orphan inode deleted [ 98.504775][ T8927] EXT4-fs (loop0): 1 truncate cleaned up [ 98.515322][ T8912] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.566998][ T8940] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2222'. [ 98.586530][ T8912] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.598489][ T8912] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.613781][ T8912] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.631018][ T8912] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.657990][ T8952] pim6reg1: entered promiscuous mode [ 98.663347][ T8952] pim6reg1: entered allmulticast mode [ 98.691253][ T8954] loop3: detected capacity change from 0 to 128 [ 98.698460][ T8954] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 98.974768][ T8959] loop1: detected capacity change from 0 to 512 [ 98.988340][ T8959] EXT4-fs: Ignoring removed orlov option [ 98.998605][ T8959] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 99.030171][ T8959] EXT4-fs (loop1): 1 orphan inode deleted [ 99.035982][ T8959] EXT4-fs (loop1): 1 truncate cleaned up [ 99.152512][ T8981] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2237'. [ 99.181653][ T8984] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2239'. [ 99.191763][ T8984] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.236343][ T8984] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.286400][ T8984] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.326187][ T8984] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 99.567319][ T8991] loop3: detected capacity change from 0 to 512 [ 99.573858][ T8991] EXT4-fs: Ignoring removed orlov option [ 99.579876][ T8991] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 99.591037][ T8991] EXT4-fs (loop3): 1 orphan inode deleted [ 99.596865][ T8991] EXT4-fs (loop3): 1 truncate cleaned up [ 99.604635][ T29] kauditd_printk_skb: 1935 callbacks suppressed [ 99.610958][ T29] audit: type=1326 audit(1726219192.920:14077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.3.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 99.635590][ T29] audit: type=1326 audit(1726219192.920:14078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.3.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 99.659180][ T29] audit: type=1326 audit(1726219192.930:14079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.3.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 99.683013][ T29] audit: type=1326 audit(1726219192.930:14080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.3.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 99.706568][ T29] audit: type=1326 audit(1726219192.930:14081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.3.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 99.730071][ T29] audit: type=1326 audit(1726219192.930:14082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.3.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 99.753582][ T29] audit: type=1326 audit(1726219192.930:14083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.3.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 99.777053][ T29] audit: type=1326 audit(1726219192.930:14084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.3.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 99.800549][ T29] audit: type=1326 audit(1726219192.930:14085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.3.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 99.824069][ T29] audit: type=1326 audit(1726219192.930:14086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8990 comm="syz.3.2242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa94230def9 code=0x7ffc0000 [ 100.140866][ T9021] loop1: detected capacity change from 0 to 128 [ 100.147688][ T9021] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 100.378220][ T9024] loop0: detected capacity change from 0 to 512 [ 100.395641][ T9024] EXT4-fs: Ignoring removed orlov option [ 100.406769][ T9024] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 100.427493][ T9024] EXT4-fs (loop0): 1 orphan inode deleted [ 100.433213][ T9024] EXT4-fs (loop0): 1 truncate cleaned up [ 100.455063][ T9024] EXT4-fs mount: 78 callbacks suppressed [ 100.455091][ T9024] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.511892][ T3265] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.998804][ T9054] loop1: detected capacity change from 0 to 512 [ 101.005493][ T9054] EXT4-fs: Ignoring removed orlov option [ 101.011330][ T9054] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 101.022513][ T9054] EXT4-fs (loop1): 1 orphan inode deleted [ 101.028265][ T9054] EXT4-fs (loop1): 1 truncate cleaned up [ 101.034250][ T9054] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.056384][ T3261] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.205464][ T9066] ================================================================== [ 101.213548][ T9066] BUG: KCSAN: data-race in getrusage / unmap_region [ 101.220129][ T9066] [ 101.222464][ T9066] write to 0xffff888114c2d0a8 of 8 bytes by task 9065 on cpu 0: [ 101.230068][ T9066] unmap_region+0x105/0x230 [ 101.234549][ T9066] do_vmi_align_munmap+0x6df/0xa60 [ 101.240075][ T9066] do_vmi_munmap+0x1fb/0x250 [ 101.244642][ T9066] __vm_munmap+0xec/0x210 [ 101.248968][ T9066] __x64_sys_munmap+0x36/0x40 [ 101.253638][ T9066] x64_sys_call+0xd32/0x2d60 [ 101.258206][ T9066] do_syscall_64+0xc9/0x1c0 [ 101.262685][ T9066] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.268559][ T9066] [ 101.270865][ T9066] read to 0xffff888114c2d0a8 of 8 bytes by task 9066 on cpu 1: [ 101.278388][ T9066] getrusage+0xa35/0xb90 [ 101.282634][ T9066] io_sq_thread+0x544/0xff0 [ 101.287132][ T9066] ret_from_fork+0x4b/0x60 [ 101.291525][ T9066] ret_from_fork_asm+0x1a/0x30 [ 101.296265][ T9066] [ 101.298581][ T9066] value changed: 0x0000000000000e99 -> 0x0000000000001165 [ 101.305661][ T9066] [ 101.307959][ T9066] Reported by Kernel Concurrency Sanitizer on: [ 101.314081][ T9066] CPU: 1 UID: 0 PID: 9066 Comm: iou-sqp-9065 Not tainted 6.11.0-rc7-syzkaller-00093-gfdf042df0463 #0 [ 101.324901][ T9066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 101.334930][ T9066] ================================================================== [ 103.170250][ T8984] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.181143][ T8984] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.191870][ T8984] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 103.202420][ T8984] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0