last executing test programs: 2.102367199s ago: executing program 4 (id=708): socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0xb, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) r0 = socket$unix(0x1, 0x1, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000003000)=@file={0x1}, 0x6e) listen(r1, 0x0) connect$unix(r0, &(0x7f0000000640)=@file={0x1}, 0x6e) socket$netlink(0x10, 0x3, 0x4) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r3, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000240)=0x10) r4 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8) setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x79, 0x0, 0x0) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x2, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f0000002c80)={0x0, 0x0, &(0x7f0000002c40)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a01080000e0030000000e02000d00090001007300803000000000080002400000000214000000110001"], 0x50}}, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETOBJ_RESET(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={0x34, 0x15, 0xa, 0x801, 0x0, 0x0, {}, [@NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x500}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) getrlimit(0x3, &(0x7f0000000100)) r7 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', 0x0}) ioctl$sock_SIOCADDDLCI(r4, 0x8980, &(0x7f00000003c0)={'\x00', 0xfff9}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8}, @IFLA_HSR_SLAVE2={0x8, 0x2, r8}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x0) 2.102200849s ago: executing program 0 (id=709): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x357, &(0x7f0000000180)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlJlQiYitJ6/izX9AcNljbwX1H+jFW7148dZLQdAi4shMZtr8mCRNmpLWfj9Q8kze95mZNzOE5w3M28MPvvm0UXONmtmWZFYlISJyLFKUpEQS4WsyiNPSa0devfnHwYv3Hjx8t1yp3F5XvVO+/1pJVZdXfvzsi1zYbS8j+8WPDo9Kv+8/u//84b/3P6m7Wne12WqrqY9av7XNR7alG3W3YajetS3TtbTedC2n297qttfs1uZmR83mxq38pmO5rprNjjasjrZb2nY6an5s1ptqGIbeysv1kh3Y9hKTc6pP1tfN8owHfDxjHubtb8/zxjQ7TtlcEjFyQy3VJxd6XgAA4FIaqP+/i2qEoiRPCspE31xguP6P4qD+96vO0/r/6Us/t2++v7sc1v976bj6//Vfu/l99b9/9LnX/z8MbA9XRFfe9jSdz1X/43JYSQ+91T/18+v/fDh/D3z14dPVIKD+BwAAAAAAAAAAAAAAAAAAAADgKjj2vILneYXoNfo7fYQg3I62xj1ojCtn1PXPhCsKnNwP+F+69+ChZIMH91LLIvbXW9Wtavc1bI86rkpB/gnuh1B3wYmdoFF9RfnJ3g7zt7eqS0FLWUTFFkvWpCDFvvwgvvNO5faadvXnJ1J5P78m9SC/JAV5Jj6/FJufllde7sk3pCC/PJaW2LIRfo9F+V+uqb79XmUgPxf0i/PmxV8WAAAAAADmylDNhtPn2Pm7YajGtftzeemdnw//PnAyv16NnZ+nCi+kFjt2AAAAAACuCzf9ecO0bctxOyODnEzqkwn3Nn4/8UFqms5+cBAEN8b1WeoZ4Vn3nA7/g8YUJy/TjdS07T8zEvthRku49jVlz/GpmnY0/jN0zk57CRw3Of3YLcdd8c9HZxpOTxD9bDSqj9yddc+jgmjl3Emdn/v2+79mO0QiXLW3t+mN3eyEkQZBYuCdnQk37ZHnTTyfGxf5nQMAAABgMaKiP+dG77y12BMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAamusyaSOCRY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCz+CwAA//+9m/li") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r0, &(0x7f00000002c0)=ANY=[], 0xc1) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0xfd20, 0x2, {{0x0, 0x0, 0x3000000}}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @remote}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r0, 0x0) 2.052488484s ago: executing program 2 (id=710): r0 = socket$nl_route(0x10, 0x3, 0x0) (async) r1 = socket$inet6(0xa, 0x80003, 0x6b) r2 = socket(0x200000000000011, 0x3, 0x0) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ip6gretap0\x00', 0x0}) bind$packet(r2, &(0x7f0000000240)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14) (async) getsockname$packet(r2, &(0x7f00000022c0)={0x11, 0x0, 0x0}, &(0x7f00000000c0)=0x14) setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000040)=0x2, 0x4) (async) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x88a8, &(0x7f0000000140)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xfeff}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x44}}, 0x0) 2.047128304s ago: executing program 4 (id=712): perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$kcm(0x2, 0x200000000000001, 0x106) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$isdn(0x22, 0x2, 0x25) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000000)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_STATUS64(r1, 0x5420, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x40, 0x0) dup2(r2, r0) r3 = open$dir(&(0x7f0000000080)='.\x00', 0x0, 0x0) mknodat(r3, &(0x7f0000000000)='./file0\x00', 0x1000, 0x0) acct(&(0x7f00000000c0)='./file0\x00') acct(&(0x7f0000000300)='./file0\x00') 1.994699618s ago: executing program 0 (id=713): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xc4}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xc00}, 0x90) 1.952339992s ago: executing program 4 (id=715): statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000700)={0x18, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}}, 0x60000000) 1.951937902s ago: executing program 4 (id=716): socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4400000010000305fffffff00000000000000000", @ANYRES32=0x0, @ANYBLOB="7d03020000000000140012800c0001006d6163767461700004000280080005", @ANYRES32], 0x44}}, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="9b43a409aa81", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}, @echo_reply={0xe0, 0x0, 0x0, 0x0, 0xe000}}}}}, 0x0) 1.951745451s ago: executing program 4 (id=717): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000b80)}, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000c00)={[{@data_ordered}, {@jqfmt_vfsold}, {@data_journal}, {@min_batch_time={'min_batch_time', 0x3d, 0x3}}, {@delalloc}], [{@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@fowner_gt}, {@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@smackfsroot={'smackfsroot', 0x3d, 'delalloc'}}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@fsuuid={'fsuuid', 0x3d, {[0x61, 0x63, 0x61, 0x63, 0x33, 0x30, 0x34, 0x65], 0x2d, [0x31, 0x38, 0x34, 0x7f4a1055af4f3164], 0x2d, [0x36, 0x37, 0x62, 0x66], 0x2d, [0x32, 0x34, 0x36, 0x61], 0x2d, [0x35, 0x65, 0x33, 0x31, 0x61, 0x32, 0x30, 0x37]}}}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=") setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000200)={0x0, 0x0}) syz_clone3(&(0x7f00000002c0)={0x230a8000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000)=[r1, r1], 0x2}, 0x58) r2 = syz_clone(0x80400, &(0x7f0000000340)="d72dc5165d459b9bed422351f1f90a8bed48e74633db5bcf09692ed8a3f25ad2c721c89b88abe71119ea9dda7ece32dc8ecaf19aea2e1a401fa767a2ef8c495a6e6d019a9041f9e4ab8d81d8b9c422b970423d14960f28ee6543e13d34932062c13b471e4191d17fef83d4903f1ea298d4d5c86ce831e745eb06e6e3ed120ed372bb034e5f3fe59e91bdf1855f379b89e5e3cf270fe4f4bc636a151da7bd3e5ffe696198c8d40ea9ea5a3fc5c8cd7cec8c4febd44c6af7680960edfdf71cba63cf50bab9cf2bdccbb7e17bde37962a3833f7f178fd34f0494e4a58b07b6da2b61ca48662ba53728e099bee81fe631a70f7650efb113835c120a838918602", 0xfe, &(0x7f00000001c0), &(0x7f0000000440), &(0x7f0000000a40)="0bdb3f4c78f859f1bd32bc66b901e8c465350d71f0bc0b459d7d7dbf58cd6b6fe1e4cc224c82fe37acfaeddc0e8487618f70a67ea39aff77fec52b3854d1b22646ae10cc48198ffd6cf7e82048bdfe013947a9ac08b20c0d1f669b7a2009ac057e0787ad3a017315c683457b878a58864338770a1e5e244719e93f581dcc3c95e316b144c64d9db6c5eaf85c9a319f66ca01b63393cee1eb7282764c92c00ed204dee8716abc96bb39") r3 = syz_open_procfs(r2, 0x0) r4 = socket$inet6_sctp(0xa, 0x801, 0x84) sendto$inet6(r4, &(0x7f0000000340)='0', 0x1, 0x0, &(0x7f0000000240)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001680)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x6}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x4}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xc4}}, 0x0) shutdown(r4, 0x1) getsockopt$bt_hci(r4, 0x84, 0x7d, &(0x7f0000003140)=""/4095, &(0x7f0000000000)=0xfff) fchdir(r3) write$cgroup_type(r3, &(0x7f0000000480), 0x9) r6 = socket$inet(0x2, 0x2000080001, 0x84) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f0000000bc0)={0x6, 0xfc}) bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10) r7 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r7, &(0x7f00000001c0)={0xa, 0x4e20}, 0x1c) listen(r7, 0x9b5b) r8 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r8, &(0x7f0000000180)={0x2, 0x4e20, @loopback}, 0x10) sendto$inet(r6, &(0x7f00000000c0)="18", 0x1, 0x0, &(0x7f0000000000)={0x2, 0x0, @private=0xa010100}, 0x10) sendto$inet(r6, &(0x7f0000000180)="a02ac32e09b6aacfcdd3ef9f50ee5b72d65b3f5e15fd8386002bb2a0edc9cba8", 0x20, 0x0, &(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0xfffffff6) 1.944016692s ago: executing program 0 (id=718): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x2}}, 0x0}, 0x90) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="0003"], 0x20) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000600)={0x30, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x1c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x17, 0x1, @l2={'ib', 0x3a, 'veth0_virt_wifi\x00'}}]}]}, 0x30}, 0x1, 0x0, 0xf0}, 0x0) 1.943815222s ago: executing program 2 (id=719): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0xfcffffffffffffff}, 0x0) 1.887149346s ago: executing program 2 (id=720): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@ipv4_newroute={0x3c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x1}, @RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x14}}]}, 0x3c}, 0x1, 0x0, 0x800000000000000}, 0x0) 1.740334889s ago: executing program 0 (id=721): syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x1000002, &(0x7f0000000500)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c646973636172640061727365743d63703835322c757466383d202c6e6f6e756d7461696c3d302c6e6f6e75617461696c3d302c7574663c3d302c696f6368619615f9a9d8bc34fd234143727365743d69736f383835392d322c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c757466383d312c756e695f786c6174653d302c756e695f786c6174653d302c73686f72746e616d653d6d697865642c726f6469722c756e695f786c"], 0x1, 0x368, &(0x7f0000000180)="$eJzs3U9oI9UfAPBvOmnSXfj9tjdREKI3Qct2b3qxRbqw2ItK8M9BDG5XJa1Ci8X2sG09KB4Fj3rypqAHD+JRBEW8efDqCrIqHrS3BRefTCaTTJu02y5WKX4+0PTlvfed73cmQzINyetzc9G9PBlXdnevx9RULepzj8zFjVpMRxal7RjVGNMHAJwON1KK31PhiCG1Ey4JADhhvdf/FyKiFdNFz+tfHjY/efUHgFOv//f/mcPmTB008MqJlAQAnLCR9//v3TPc6P3Uy7v1yqcCAIDT6omnn3l0fjHi8VZrKmLlzfX2ejseGo7PX4mXYjmW4nyci5sRxYVCflPr3V68tLhwvtVqbcVP09GOiIl+YLu4UpjPevHNmB2MDK42UkrZxU8WF2ZbPRGxvdXLHyu19fZknO3n//5sLA0vPKbLIqJ3c2lx4UKrv4H2Shm/FbEzfN8ir38mzsW3zw82k1L5CcbFhauzE/07w/j1djMuD47Cge+AAAAAAAAAAAAAAAAAAAAAAADAbZlpDUwP1s9J+e9ipZyZmTHjvfVxivj++kA7xfpAqZkipd9ee6D9VhZ71gfavz7PuoUEAQAAAAAAAAAAAAAAAAAAYGBtoxGd5eWl1bWNzW61sbW6tjEREXnPy19/9MWZGJ1zi0a9SNGMGKRo9dNudjspKyenLGI0PMuTlz0ffDqouDqnOdiLsWU0xw/tRt743z0/vjscujsrt/zncHIW43cwq5Tx8L6kK/8vSjrOgRo0LlR7mqPZr6WUKj1vVMOvPju6wahF1I//wG12J+LgOSlvfHX9xTvLo9/5PBXuu//ck9feef+Xbmc5zxy9R7CxunYzdTu1cvLxDkt+qMueWhSNWvVMqB8WvrO3p5N99+tTd739zdGyp2rPq/n5vG9OVuzOx/vDG0UjLzNvNIZny5lh+GR/J5aXJsec/Ldq3MZjesd7n32Y0g8/HzlFIa9+YuRpo/b3PQMBAAAAAAAAAAAAAAAAAAClynfF+/pf9p08LOrBx06+MgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD45wz//3+lsbMd+3qO0vhja0xUc2l1LaLxb+8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/cX8FAAD//zbhVeI=") munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$MAP_UPDATE_CONST_STR(0x15, &(0x7f0000000440)={{r1}, &(0x7f0000000480), 0x0}, 0x20) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x98, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000080)='mem\x00\x10\x00\x00\x00\x00\x00\x00I\xa2l') r4 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) write$cgroup_subtree(r4, &(0x7f0000000100)=ANY=[], 0x4) setsockopt$sock_attach_bpf(r3, 0x1, 0x10, &(0x7f0000000000), 0x4) sendmsg$inet(r3, &(0x7f0000002d40)={0x0, 0x0, &(0x7f0000002980)=[{&(0x7f0000000040)='P', 0xfe1b}], 0x1}, 0x0) recvmsg$unix(r2, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'bridge0\x00', 0x10}) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x5d31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0) getdents(r0, &(0x7f0000000100)=""/155, 0x9b) 1.739990569s ago: executing program 2 (id=722): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000002f00010300000000000000001c0b0000"], 0x14}}, 0x0) socketpair$tipc(0x1e, 0x0, 0x0, 0x0) ptrace$ARCH_SHSTK_UNLOCK(0x1e, 0x0, 0x0, 0x5004) recvmsg(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) syz_init_net_socket$llc(0x1a, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000840)) capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200000}) perf_event_open(&(0x7f0000000640)={0x4, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f0000000600), 0x4}, 0x111, 0x1, 0x0, 0x4, 0x2647, 0xfffffffe, 0x2, 0x0, 0x0, 0x0, 0x11}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) sendto$inet(r1, &(0x7f0000000140)="ae4bffcfbe999033dba71838895940ce6d30af2ea2bed52807e33b5ed6bfb8c4888d5199049a76876b992649f6983f67bf2e8cae0ebc09e59108dcf878e616f3", 0x40, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0x64010102}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$kcm(0x10, 0x2, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f00000002c0)=@raw={'raw\x00', 0x4001, 0x3, 0x258, 0x108, 0x0, 0x148, 0x108, 0x148, 0x1c0, 0x240, 0x240, 0x1c0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@empty, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00'}, 0x0, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@devgroup={{0x38}, {0x10}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@NFQUEUE1={0x28}}, {{@uncond, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2b8) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000001c0)={0x1, 0xffffffffffffffff}, 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x7, 0xdb4, 0x800, 0x202a, r3, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x3}, 0x48) r4 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'geneve1\x00'}) socket$netlink(0x10, 0x3, 0x0) socket$unix(0x1, 0x1, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) bind$unix(r5, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r6, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40041, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x20}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62) 1.321178633s ago: executing program 3 (id=731): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x7}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000000)={'syztnl0\x00', &(0x7f0000000180)={'gre0\x00', 0x0, 0x8, 0x871e, 0x200, 0x40, {{0x1a, 0x4, 0x0, 0x7, 0x68, 0x64, 0x0, 0x0, 0x2f, 0x0, @broadcast, @multicast1, {[@timestamp_addr={0x44, 0x14, 0xc, 0x1, 0xe, [{@multicast1, 0xf}, {@empty, 0x7}]}, @rr={0x7, 0x17, 0x44, [@loopback, @rand_addr=0x64010101, @multicast1, @rand_addr=0x64010100, @multicast1]}, @rr={0x7, 0x7, 0xea, [@initdev={0xac, 0x1e, 0x0, 0x0}]}, @rr={0x7, 0xf, 0x2b, [@loopback, @local, @loopback]}, @timestamp_prespec={0x44, 0xc, 0x5a, 0x3, 0x7, [{@multicast1, 0xffffff2b}]}, @ra={0x94, 0x4, 0x1}, @noop]}}}}}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x40, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x4d, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={0x0}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0) fcntl$lock(r1, 0x25, &(0x7f0000000080)={0x0, 0x0, 0x37}) fcntl$lock(r1, 0x25, &(0x7f0000000040)) 1.321032143s ago: executing program 3 (id=732): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x14, 0x2f, 0x301, 0x0, 0x0, {0x6}}, 0x14}}, 0x0) socketpair$tipc(0x1e, 0x0, 0x0, 0x0) ptrace$ARCH_SHSTK_UNLOCK(0x1e, 0x0, 0x0, 0x5004) recvmsg(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000840)) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), r0) (fail_nth: 16) 1.316457033s ago: executing program 3 (id=733): write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) pipe2$9p(0x0, 0x0) bpf$PROG_BIND_MAP(0xa, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='cpuhp_exit\x00'}, 0x10) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x1004c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="b702000002000000bfa30000000000000703000000feffff7a0af0fff8bffffd79a4f0ff00000000b7060000ffffffff2d640500000000006504040001001f000404000081007d60b7030000000000006a0a00fefdff0000850000000d000000b7000000000000009500000000000000c74396c8e3ebbadc20e5a7ef8c9ac1465c3a1f59916ffc9bf0bd09279c362f80e5cf8df265e1b40e4c8ae7a89cf8bd819b5c0c000000008da68076774bb4db2c769937000090af27db5b56024dcbbbd2cb2000ce94284673b4e8d5467e357754508535766c801100000000b290a248a120c9c6e39f3052aae80677eeba68562eaeaea5fecf298ca20f274233106e2baf69b1c60f0ce4099f366b89ab63ecf772de7b265040b6b1acbef92b2704550a4d1dd5c50b7420b58a93fe94c756008afcd0b2eb785632e0a85f02a5a6474ae549070000000000001294fba0ed5020e6477cc921fee1f6d8ad6a80d0947cd6d4a561ced23b0b4a902be6af7ec2d1ba000057f301000000000000000000000000100000aaf253886c0b9f6d4731d714ad72e5ad8530a6380ed2d29f47f96a576cd20cef7ed95157ab050000f0077e9d13d8b93eb0f2c6f8941e35e1577c10e509c9b133c849eb709df5c6ba73cccdfa3c58bc5204339b0b487f0eeed581cb202900000d322717c338033213c18a34ee0ca2cf61efb4b3797a642735d6d482ba98d252f36c54333aab1aa736369392239820f5f1557b0bf7ccb0a5a13c714e0b1a5bc3f9caff3283076cda3d0b1a2905cf7bd04f2db530abcbe44bc40528ad807970727fb819afa14aad99f93093ced7dd51995edcf53b907228fa9e83433eedb4ac88d0285594ffb0d14e71d5c57f33702f22b22417bfb38d04c8441ceec8bcaffbe800aa41307bd8325a76f395bc9a8b0c9d905979f34adddb521914f92eed3d3e9de82942a952e86bd67aff5bc2e3c1fcc00f61124dd06df4b8fd356cb365adc037e443820c05c5db160087a9cf471e0eff227f25b2c5cacebfcd55f8c81f5eb1f8d615ca27efb2193bb61665b8ce37f30c2efc9c3b5a4a5d95479fac471ba60fbd0e50223517a07a3484124c5563cd3700000000001825b05a580ea8cb7f85b77b35a06a895b287b47efbe220bc215aca4a65d7018a7f91c4228b35f71a7c183360ab7a7b6b7870086d851ff861ee07bbec801b79afa477ebab255c7265820456fdc3f34f9d729315d856be7ec564613d5e28cf7c405d6e2b7aeb20000b8505a36a8067cb459fab87c8de118117733d30f4fe049658a2c3edd43546ead9c7882858868cff89a49a693731140db1b7b7116060c30690a39de8b3e0eb4f5401e8354870848c546f9defe1a9c534c9030830fec3eeb5faf1d64bb8e80000000f6ff0000000000000055d843352632b829ceb5200a2cdeb63c0bc7e835e061f9ac3c052b5b6f689bf203aeb8858be07691bc83e178181fab55e6ed9e8a17819de49564d0f0c00dd507441b80cd499c39c5d03d6c00cf5be5215bae09a4f52abf8f1c1add498470a0bb9d7ab757a8b28e4accc939b3621e4c2c9e02741c51eeeaad40cf2e1c3659d83ed71fc628807739d70edda93542445e3204828c49bef648efdc2208341357dd158f411d379df9b1feffbe8e7ee80558a040fa3d5a303f36d5c1a66d9644fc0559aa0e291355ee3de6c7a705b8f7b45bb825044b9a82a6fd2f6eeb14eee0c3f71eeea9984e14c57022ef72850b6dc5fda167d6f98f6c1c73feb424b7937e3c7ca0d252611488740eb94797cf3747b83b56cfea8c74dd3f957dc462e715b789934b422b7ddf3e11a6ad6ad9afd5389c728d14be94e558fbcba783de25dc6ec6336f8e61fa770fc40b958d7aa1f11c7edc6e915ea9aeb6c546768e1f082f9054bf0ab096a42724eaa987b11de91760161aa718ad20f5ff8533f54ffe49ffc4e4903ba715f0523297469c8e75ce9461929992d980a5a6e077f0fe35cad38f6e61b60dca50bb9693f3eba90012b2ed421c790b32052d86d9600b197ab0d46aa20c78672d10413e972ce2f6e17d862fa1fe181c66c6839fce7e11aa093307d25dc4314bbbf3f2d78088387dfeb51426e918d2af4218decea28233415e0eaaaae9c8ee669106c46b14052e85ff315d152482f4cfd08878636956e5eed43e3d26a00c246d0bec13c6c26c858d0dc04f907c090e2cd576a058215ff7baa1b4ba2f6b0839edb20ceea4e8b5f7d0c8b4dd6e6f2fdcd306f81d7ba8ecbb3cdb"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x104, 0x304, &(0x7f0000000040)="b90703600000f007049e0ff008001fffffe10ec53308633a77fbac141441e0022001be3e7d2a2007ff", 0x0, 0x104, 0xa000000, 0x0, 0xfeb9, &(0x7f0000000640)="9209558f0c5fb25cd57f98113135c3171b8b331fbc04f0e6955a796ff8e3aae3cac46cec3030dfc999058aea02f0e6dcf2f9d480d328655aca003927bd50ed49d4843c8a0a2a4b26ceb747947200bd644c85e7a8a7d7cfce840c02a7d69c9e0bca410f64d43290abbbf3131e1fa8bd8c3e5f19d5a491d3d4c1a0fe47de9eebaf073ac3da6256bdb681d18fbd607c9b0d710442bcf78bc36fd3c035812bde582a262bff0e4d6181c818fccf542868c6e602d97bea23a101955dc76bcc984142ab305387aa348566d688edd291a3e9d08952adbdf60462bb7f7faebcdfccf17115708b0d73d0f3a469ce7d8374219b3f92c92bcec4958d474bb281c26691949d054b784a5866f081e53eb9cfd7", &(0x7f0000000100)}, 0x28) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'macsec0\x00', 0x0}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000040), 0x208e24b) r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r5 = socket$inet_udp(0x2, 0x2, 0x0) syz_emit_ethernet(0x57, &(0x7f0000000000)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "75e700", 0x21, 0x3a, 0xff, @private2, @mcast2, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @local, [{0xe, 0x1, "0c874a1a0335ae"}]}}}}}}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20, 0x0) r6 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f00000003c0)=@filter={'filter\x00', 0x42, 0x4, 0x378, 0xffffffff, 0x0, 0x98, 0x98, 0xffffffff, 0xffffffff, 0x2e0, 0x98, 0x2e0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x3e020000, 0x70, 0x98, 0x0, {0x88000000}}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x4}}}, {{@uncond, 0x0, 0x100, 0x160, 0x0, {0x122}, [@common=@inet=@dscp={{0x28}}, @common=@unspec=@rateest={{0x68}, {'wlan1\x00', 'team_slave_1\x00'}}]}, @common=@SET={0x60}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d8) close_range(0xffffffffffffffff, r5, 0x0) prlimit64(0x0, 0x7, &(0x7f0000000080), 0x0) timerfd_create(0x0, 0x800) connect$llc(r4, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10) recvmmsg(r4, &(0x7f0000005280)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000038c0)=@sco, 0x80, 0x0, 0x0, &(0x7f0000005200)=""/79, 0x4f}, 0x6}], 0x2, 0x40012000, 0x0) sendfile(r4, r3, 0x0, 0xffefffff) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000010000110000100000475000000000000", @ANYRES32=r2, @ANYBLOB="dadb"], 0x20}}, 0x0) 1.120312949s ago: executing program 1 (id=736): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x73) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=@base={0x0, 0x0, 0x0, 0x1}, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000070000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700ff7f0000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) recvmsg$unix(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f00000006c0), 0x6e, &(0x7f00000009c0)=[{&(0x7f0000000540)=""/103, 0x67}, {0xfffffffffffffffc}, {&(0x7f00000000c0)=""/54, 0x36}, {0x0}], 0x4, &(0x7f0000000a40)=[@cred={{0x1c}}], 0x20}, 0x40002101) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='blkio.bfq.dequeue\x00', 0x26e1, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000014c0)) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0) bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000000000)=r1, 0x4) openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@assoc_value, &(0x7f0000000040)=0x8) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000040)=0x80) r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=0x0) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r5) sendmsg$NFC_CMD_DEV_UP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r6, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}]}, 0x1c}}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r7 = socket$inet6_mptcp(0xa, 0x1, 0x106) getsockopt$inet6_tcp_int(r7, 0x6, 0x24, &(0x7f0000000c00), &(0x7f0000002000)=0x2) write$nci(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="41050357caffe242dbcf772ae0884070ed830101"], 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{}, {0x7, 0x0, 0xb, 0x7}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xb, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x7}, {}, {0x18, 0x2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x1, 0x2}, {0x6, 0x0, 0x5, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1.10673371s ago: executing program 4 (id=737): perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000005000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}}, 0x0) 933.961434ms ago: executing program 2 (id=738): bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000), 0xe) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xffbf) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000340), 0xffffffffffffffff) socket$pppl2tp(0x18, 0x1, 0x1) r2 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYRES32=r3, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x28, r6, 0x1, 0x70bd28, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x28}}, 0x0) sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="270e000000000b00000003020200090001"], 0x20}, 0x1, 0x40030000000000}, 0x0) sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) listen(0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) 864.37657ms ago: executing program 0 (id=739): sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r0 = socket$inet_udp(0x2, 0x2, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed4040, &(0x7f00000001c0)={[{@noblock_validity}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@stripe={'stripe', 0x3d, 0x1}}, {@data_writeback}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@journal_dev={'journal_dev', 0x3d, 0x74b}}]}, 0xf6, 0x479, &(0x7f00000004c0)="$eJzs3MtvVNUfAPDv3E5Ly+NXfogPELQKRuKjpeUhCzcaTVxoNNEFxlWdFoIUamhNhBBFFxjjwpC4Ny5N/Atc6caoKxO3uDckxLABXY05c++l7TBTWjq0xfl8kgvn3HuHc7733DNz7jkzBNC1htIflYjNEXE5IgYjotp8wlD+141r52t/Xztfq0S9/uZflfSyuH7tfK34JxpbsinfUa8X+Q0tyr34TsT41NTkmSI/Mnvq/ZGZs+eePXFq/Pjk8cnTY0eOHDywu+/w2KGOxJniur7zo+ldO155+9JrtaOX3v3lu1TfzcXxMo5OGsqvbktPdLqwNbZlXrpSXcOKsCyp3XqL7XIMRk8M3Dw2GC9/uqaVA+62aqvP58KFOvAflgbqQDcqP+jT82+5rdK4Y124+kI+4ZHivlFs+ZFqZMU5vU3Pt53UHxFHL/zzddriLs1DAADM90Ma/zzTavyXxQPzzvtfsYayNSL+HxHbIuK+iNgeEfdHNM59MCIeWmb5zSskt45/sisLsvWeZZawuDT+e75Y21o4/itHf7G1p8htacTfWzl2Ympyf3FN9kXvhpQfXfCShX586fcvm/d9UUyzD80b/6Utlb8wwuxK8wTdxPjs+Mojz139JGJntVX8lZvrgJWI2BERO++wjBNPfbur3bFW8Zdj4dvqwDpT/ZuIJ/P2vxBN8ZcqbdcnR587PHZopD+mJvePlHfFrX797eIb7cpfUfwdkNp/Y8v7P48/PSNW+iNmzp472VivnVl+GRf/+KxWaXNs+23jv/X+r+2N6Ku81Uj3Ffs+HJ+dPTOa9r+asgML9o/NvbbMl+en+PftmYt/POb6/7b88axxJR6OiHQT746IRyLi0aLtHouIxyNizyLx//zi3vfaHWvf/ovMyndQin9ikfZPb3kpNdf+y0/0nPzp+3bl15fU/gcbqX3FnqW8/y21giu5dgAAAHCvyBrfga9kwzfTWTY8nH+Hf3tszKamZ2afPjb9wemJ/LvyW6M3K2e6BufNh44Wc8Nlfqwpf6CYN/6qZ6CRH65NT02sdfDQ5Ta16f/Jn51dagHWI7/Xgu6l/0P30v+he+n/0L30f+hSfa13f7za9QDWxPI///vvSj2A1Wf8D91L/4fupf9DV2r72/hsRT/5v1cT1fVRjZaJgfVRjTIR2bqoRucSr3+ed4n1Up8yUV3yf2Zxh4kNLQ+t9TsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//5h+3n0=") sendmsg$nl_route_sched_retired(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67) socketpair$unix(0x1, 0x0, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) sendto$inet(r1, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10) r2 = getpgid(0xffffffffffffffff) sched_setscheduler(r2, 0x6, &(0x7f00000000c0)=0xfffffffc) syz_emit_ethernet(0x3a, &(0x7f00000001c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@window={0x3, 0x3}]}}}}}}}, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x8001000000000000, 0x40, &(0x7f00000005c0)=@raw={'raw\x00', 0x8, 0x3, 0x298, 0x0, 0x11, 0x148, 0x200, 0x0, 0x200, 0x2a8, 0x2a8, 0x200, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, {0xffffffffffffffff}}}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x130, 0x0, {}, [@common=@ttl={{0x28}}, @common=@unspec=@statistic={{0x38}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2f8) 460.840563ms ago: executing program 3 (id=740): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000202300000000000000000000850000007b00000095"], 0x0}, 0x80) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000980)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="3c00000010000100001100"/20, @ANYRES32=0x0, @ANYBLOB="00000000000001001c0012800b00010067656e65766500000cf9"], 0x3c}, 0x1, 0x2}, 0x0) 301.826426ms ago: executing program 3 (id=741): r0 = socket$inet6(0xa, 0x80002, 0x0) sendmmsg$inet(r0, &(0x7f0000000e00)=[{{&(0x7f0000000100)={0x2, 0x4e20, @dev}, 0x10, 0x0}}, {{&(0x7f0000000180)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f0000000b40)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x3, [{0x0, 0x2}]}]}}}], 0x18}, 0x700}], 0x2, 0x0) 228.274452ms ago: executing program 3 (id=742): syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000200)='./file0\x00', 0x200000, &(0x7f0000002880)={[{@user_xattr}, {@nombcache}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@usrjquota}, {@data_err_abort}, {@lazytime}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@jqfmt_vfsold}, {@grpjquota}]}, 0xfe, 0x564, &(0x7f0000002240)="$eJzs3UtvVFUcAPD/nT54KiVBoi5MExZikCltfWDiApdGiSS6x0l7aUinDOlMCa0kwkI2bAwxMUYS4wdw75L4BfwUJEpCDGl04abmTu+Ugc70MQzMyPx+yYVz7qPnnDn3nPnfuTO5AQys8eyfQsRrEfFtEnGoadtw5BvH1/dbfXhtJluSWFv7/K8kknxdY/8k//9Annk1In77JuJEYXO51eWV+VK5nC7m+YnawuWJ6vLKyYsLpbl0Lr00NT19+t3pqQ/ef69rbX3r3D8/fHb349O3jq1+/8v9w7eTOBMH823N7XgK15sz4zGevyYjceaJHSe7UFg/SXpdAToylI/zkcjmgEMxlI964MX3dUSsAQMqMf5hQDXigMa1fZeug/83Hny0fgG0uf3D65+NxN76tdH+1eSxK6PsenesC+VnZfz6553b2RLd+xwCYFvXb0TEqeHhzfNfks9/nTu1g32eLMP8B8/P3Sz+ebtV/FPYiH+iRfxzoMXY7cT2479wv8VhSbc+pc7ivw9bxr8bN63GhiLilYh4qR7zjSQXLpbTbG57OSKOx8ieLL/V/ZzTq/fW2m1rjv+yJSu/EQvm9bg/vOfxY2ZLtdLTtLnZgxsRr7eMf5ON/k9a9H/26pzbYRlH0ztvtNu2ffufrbWfI95s2f+P7mglW9+fnKifDxONs2Kzv28e/b1d+b1uf9b/+7du/1jSfL+2uvsyftr7b9puW6fn/2jyRT09mq+7WqrVFicjRpNPN6+fenRsI9/YP2v/8WNbz3+tzv99EfHlDtt/88jNtrv2Q//P7qr/d5+498lXP7Yrf2f9/049dTxfs5P5b6cVfJrXDgAAAAAAAPpNISIORlIobqQLhWJx/fsdR2J/oVyp1k5cqCxdmo36b2XHYqTQuNN9qOn7EJP592Eb+akn8tMRcTgivhvaV88XZyrl2V43HgAAAAAAAAAAAAAAAAAAAPrEgTa//8/8MdTykNHnW0PgmfLIbxhc247/bjzpCehLu3//FzHAi6Kj0byv+/UAnj/v5jCgRnpdAaCXvP/D4DL+YXAZ/zC4jH8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqnNnz2bL2urDazNZfvbK8tJ85crJ2bQ6X1xYminOVBYvF+cqlblyWpypLGz398qVyuXJqVi6OlFLq7WJ6vLK+YXK0qXa+YsLpbn0fOppQwAAAAAAAAAAAAAAAAAAALBZdXllvlQup4sSEh0lhvujGhJNiVtdGN09npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMl/AQAA///VUDYA") r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3) connect$pppl2tp(r1, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x4e20, @rand_addr=0x64010100}, 0x4, 0x0, 0x2, 0x1}}, 0x2e) r2 = socket(0x9, 0x2, 0x1ff) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket(0x15, 0x5, 0x0) connect$l2tp6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x20) getsockname$l2tp6(r3, 0x0, &(0x7f0000000080)) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000007d00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00'}, 0x90) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='afs_make_vl_call\x00', r4}, 0x10) r5 = syz_io_uring_setup(0x1c49, &(0x7f0000000400)={0x0, 0x0, 0x10780}, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0) r8 = creat(&(0x7f0000000040)='./bus\x00', 0x0) io_setup(0x200, &(0x7f0000000140)=0x0) io_submit(r9, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r8, &(0x7f0000000000), 0x4000}]) r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x2, 0xf4, 0x0, 0x7fc00100}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r10, 0xc0502100, &(0x7f0000000580)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r10, 0xc0502100, &(0x7f0000000600)) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r10, 0xc0182101, &(0x7f00000003c0)={r11}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r8, 0x40182103, &(0x7f0000000240)={r11, 0x0, r5, 0x200}) syz_io_uring_submit(r6, r7, &(0x7f0000000740)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r5, 0x42d3e, 0x0, 0x0, 0x0, 0x0) r12 = io_uring_setup(0x40, &(0x7f0000002000)={0x0, 0x0, 0x2, 0x1}) io_uring_enter(r12, 0x6df6, 0x0, 0xb, &(0x7f0000000000), 0x18) write(r2, &(0x7f0000000140)="f60000001a000708ab092504090007000aab0700a90100001d60369304000300ff800000000000000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc00030026000000140000270400117c22ebc205214000000000008934d07302ade01720d7d5bbc91a3e3280772c05defd5a32e280fc83ab82f605f70c9ddef2fe082038f4f8b29d3ef3d92c83170e5bba4a46d284a710af333ae4f5566f91cf190201ded815b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48a99c03f080548deac270e33429fd3000175", 0xf6) timer_create(0x0, 0x0, 0x0) 186.313176ms ago: executing program 1 (id=743): r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000003c0)={0x0, 0x0, 0x39e}) 163.692347ms ago: executing program 1 (id=744): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket(0x10, 0x2, 0x0) r1 = dup2(r0, r0) sendto$inet6(r1, &(0x7f0000000000)="7800000016001f05b9409b0dffff000d0203be04020506050601400743000ec00f000000fac8388827a685a168d9a4c6040045653600648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902003a03004a32000400160012000a00000000000000000000080756ede4ccbe5880", 0x78, 0x0, 0x0, 0x0) 109.957732ms ago: executing program 1 (id=745): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000040)={0x44, r1, 0x1, 0x0, 0xf00, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}]}]}]}, 0x44}}, 0x0) 109.201942ms ago: executing program 1 (id=746): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=ANY=[@ANYBLOB="2000000000000000180a02000000000000007a00000000009500000000bb0000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0x3, &(0x7f000000cf3d)=""/195}, 0x23) 109.017352ms ago: executing program 1 (id=747): socket$nl_netfilter(0x10, 0x3, 0xc) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000200), 0x1, 0x48d, &(0x7f0000000e40)="$eJzs3M1vFOUfAPDvzLbwKy+/VsQXXtQqGhtfWlpQOXjRaMLFxEQPeKylEKRQQ2sihNhqDFfDX6AeTfQP0JNejHrSeMW7MSGGi+jBjJndmVLa6Xbb0l1gP59k4Xl2np3n+c7MwzzzPLsE0LUG8z+SiB0RcSUi+hvZmwsMNv66fu3ixN/XLk4kkWVv/JnUy/117eJEWbT83PYiM5RGpB8nsa+i3pnzF06PT01NnivyI7Nn3h2ZOX/h2VNnxk9Onpw8O3bkyOFDoy88P/ZcK2H0rlZgZ97WvR9M799z9K3Lr00cu/z2j1/m7d1RbF8cR8NAK/U2NRiDNx/LBX3xxIb3fnvZuSid9HSwIaxJLSJ6ig50JfqjFjdOXn+8+lFHGwdsqizLsq3L3q2ViflswVwG3G2S6HQLgM4ob/T582/5ir42DkA67OpLjQegPO7rxauxpSfSokzvkufbW2kwIo7N//Np/orKeQgAgFvr23z888yS8V9dGvcvmgn6f7E2NBAR90TEroi4NyJ2R8R9EfWyD0TEg2usf3BJfvn455dNHY3m478Xi7Wtm8d/5egvBmrFYdhZj783OXFqavJgcUyGondrnh9tUsd3r/z6ST1RsUq1ePyXv/L6y7Fg0Y4/epZM0B0fnx3fYNgLrn4YsbenKv5kYSUgiYg9EbF3HfvPj9mpp77YX701qS+PNY+/iVuwzpR9HvFk4/zPx5L4F1rZfH1y5H8xNXlwpLwqlvvp50uvr1T/6ud/c+Xnf1vl9b8Q/0CyeL12Zu11XPotW/GZZr3X/5bkzXp6S/He++Ozs+dGI7Yk88vfH7vx2TJfls/jHzpQ3f93Rfz7WfG5fRGRX8QPRcTDEfFI0fZHI+KxiDjQJP4fXn78nfXHv7ny+I/n5788xque/yaJNCo31U5//81K9bd2/g/XU0PFO638+7dKSzdwNQMAAMCdp/Ed+CQdLmY8d0SaDg83vsO/O7alU9Mzs0+fmH7v7PHGd+UHojctZ7r6F82HjhZzw2V+bEn+UH3eOMuyrK+eH56YntqsNXWgNdtX6P+532udbh2w6da0jlb9izbgDuX3mtC99H/oXhX9/2on2gG0V5/7P3S1qv4/F3G9A00B2sz9H7rXiv0/bW87gPZz/4fupf9DV2rpR/IrJL76uvxfFpaX2XV0I3u+QxLZXCP8De2n1uko1pmI9LZoxvoSaXsrLZ+jq8tsjYhWdzi3sYutlYSHfgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4K7yXwAAAP//U8zYCw==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events\x00', 0x26e1, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000300)='memory.stat\x00', 0x7a05, 0x1700) r2 = dup2(r0, r1) socket$inet6(0xa, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000f2ffffff00000000ff000000850000002a000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) alarm(0x0) alarm(0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r4 = socket$igmp6(0xa, 0x3, 0x2) r5 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'}) write$tun(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c0000001200230b00"/20, @ANYRES32=0x0, @ANYBLOB="000000a350df4a9f0a5b95854e4b0001000000791f1280180001800000006fedf4cbd8f8a7406a678179df1dc0c0cf2d99dd2af436aa549c6e390033de49a639f36e059e0d"], 0x3c}}, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0x1}, 0x4) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './file0\x00'}) socket$inet6_udplite(0xa, 0x2, 0x88) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000580)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xa}) perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x7ff, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$P9_RGETLOCK(r2, 0x0, 0x2c) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r1, &(0x7f00000003c0)="dd412bb318fa3bda89e10dd7cc8e26d4bbe524ca9b1ad9bd825629f6daac7d9066fbff1ed8782045d647d01f658cddbda9ef6c167e873753711e3163575a309d4c865da4e0e63d4e1691756bd31d546b934f5adeaa8c225c9a40495241c417a038d72e0133c74210ac7a353aeac426082679a04fd4bd17e100f91d3fedd505c6466ad55a4f97beb97d93e6d93e638f9671cf736d82a2313274d006fd8829", &(0x7f0000000480)=""/102}, 0x20) 3.5139ms ago: executing program 2 (id=748): r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r0, 0x0) fallocate(r0, 0x0, 0x0, 0x1000f4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_buf(r1, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d413600000000000002900000004000000", 0x6033) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r2 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000200)={'vxcan1\x00', 0x0}) bind$can_j1939(r2, &(0x7f0000000000)={0x1d, r3}, 0x18) sendmsg$can_j1939(r2, &(0x7f00000002c0)={&(0x7f00000000c0)={0x1d, 0x0, 0x12, {0x0, 0x1ee}}, 0x18, &(0x7f00000004c0)={&(0x7f0000000140)='\x00', 0x8}}, 0x0) syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0x0) r4 = getpid() syz_pidfd_open(r4, 0x0) r5 = syz_io_uring_setup(0xec5, &(0x7f00000008c0), &(0x7f0000000540)=0x0, &(0x7f0000000340)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd_index=0x4}) io_uring_enter(r5, 0x47fa, 0x0, 0x0, 0x0, 0x0) openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0) io_setup(0x2, &(0x7f0000000040)) perf_event_open(&(0x7f0000000600)={0x1, 0x80, 0xf1, 0x0, 0x0, 0x0, 0x0, 0xeb, 0x1af1ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x200000000000000) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x18, 0x33, 0x9, 0x0, 0x0, {0x2}, [@generic="b0"]}, 0x18}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=@framed={{}, [@printk={@p, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r9, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 0s ago: executing program 0 (id=749): socket$l2tp(0x2, 0x2, 0x73) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_RESIZEX(r0, 0x560a, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x7fff, 0xfffc, 0x2}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) write$binfmt_aout(r1, &(0x7f0000000140)=ANY=[], 0xff2e) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000100)) r2 = syz_open_pts(r1, 0x0) r3 = dup3(r2, r1, 0x0) ioctl$TCXONC(r3, 0x540a, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a010400d1d074d91b34cfce435c659b2d5a00700000000000000002000000300004802c0001800c00010062697477697365001c0002800800034000000004080001400000000008000240000000000900010073797a30000000000900020073797a32000000000500074074000000140000001100010000000000000000000000000a"], 0x8c}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000959800001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b7030000000000008500000073000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket$inet6_udplite(0xa, 0x2, 0x88) r5 = memfd_create(&(0x7f0000000300), 0x0) fallocate(r5, 0x0, 0x0, 0xffff) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r5, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000180), 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ftruncate(r5, 0x4) setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000280)=ANY=[@ANYBLOB="000a06000000b1bad858db018ffe0a000000000000000000100000000000000000000000000000000500000000000000000000000000000000010720000000000602000200000000080000000000000000000000f6"], 0x60) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x0, 0x0, 0x9, 0x1}, 0x48) r6 = socket(0x1e, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000a40)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) connect$tipc(r6, &(0x7f0000000040)=@id, 0x10) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) kernel console output (not intermixed with test programs): : entered allmulticast mode [ 35.513303][ T4129] macvlan2: entered allmulticast mode [ 35.518697][ T4129] team0: entered allmulticast mode [ 35.523797][ T4129] team_slave_0: entered allmulticast mode [ 35.529516][ T4129] team_slave_1: entered allmulticast mode [ 35.535230][ T4129] bond1: entered allmulticast mode [ 35.620553][ T28] hsr_slave_0: left promiscuous mode [ 35.635689][ T28] hsr_slave_1: left promiscuous mode [ 35.639258][ T4143] loop2: detected capacity change from 0 to 512 [ 35.649866][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 35.657402][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 35.673503][ T4143] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 35.686490][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 35.693901][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 35.705778][ T4143] ext4 filesystem being mounted at /58/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 35.718715][ T28] veth1_macvtap: left promiscuous mode [ 35.724245][ T28] veth0_macvtap: left promiscuous mode [ 35.729923][ T28] veth1_vlan: left promiscuous mode [ 35.735174][ T28] veth0_vlan: left promiscuous mode [ 35.754054][ T4142] Process accounting resumed [ 35.779659][ T3081] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 35.886372][ T28] team0 (unregistering): Port device team_slave_1 removed [ 35.898634][ T28] team0 (unregistering): Port device team_slave_0 removed [ 35.951967][ T3834] veth0_vlan: entered promiscuous mode [ 35.989401][ T3966] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 35.999940][ T3834] veth1_vlan: entered promiscuous mode [ 36.011761][ T3966] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 36.021821][ T3966] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 36.039292][ T4170] block device autoloading is deprecated and will be removed. [ 36.045148][ T3966] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 36.064563][ T3834] veth0_macvtap: entered promiscuous mode [ 36.075712][ T3834] veth1_macvtap: entered promiscuous mode [ 36.102541][ T3834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 36.113051][ T3834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.122881][ T3834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 36.133331][ T3834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.143372][ T3834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 36.153823][ T3834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.167135][ T3834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.179733][ T3834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 36.190182][ T3834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.200112][ T3834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 36.210593][ T3834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.220427][ T3834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 36.230943][ T3834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.246378][ T3834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.256878][ T3834] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.265574][ T3834] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.274298][ T3834] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.283093][ T3834] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.296926][ T4183] __nla_validate_parse: 5 callbacks suppressed [ 36.296937][ T4183] netlink: 76 bytes leftover after parsing attributes in process `syz.4.244'. [ 36.346708][ T3966] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.370036][ T3966] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.383112][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.390258][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.400204][ T4191] netlink: 'syz.0.170': attribute type 64 has an invalid length. [ 36.408117][ T4191] netlink: 184 bytes leftover after parsing attributes in process `syz.0.170'. [ 36.417126][ T4191] netlink: 8 bytes leftover after parsing attributes in process `syz.0.170'. [ 36.425885][ T4191] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check. [ 36.454858][ T3153] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.461987][ T3153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.565265][ T3966] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.592407][ T4221] loop0: detected capacity change from 0 to 1024 [ 36.606397][ T4221] EXT4-fs: Ignoring removed orlov option [ 36.622331][ T4221] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 36.634583][ T4221] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 36.655214][ T4221] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 36.678703][ T4221] EXT4-fs error (device loop0): ext4_protect_reserved_inode:182: inode #4: comm syz.0.249: blocks 32-33 from inode overlap system zone [ 36.680972][ T3966] veth0_vlan: entered promiscuous mode [ 36.699420][ T4221] EXT4-fs (loop0): failed to initialize system zone (-117) [ 36.700790][ T3966] veth1_vlan: entered promiscuous mode [ 36.712130][ T4221] EXT4-fs (loop0): mount failed [ 36.736825][ T3966] veth0_macvtap: entered promiscuous mode [ 36.744248][ T3966] veth1_macvtap: entered promiscuous mode [ 36.786470][ T3966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 36.797002][ T3966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.806913][ T3966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 36.817387][ T3966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.827268][ T3966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 36.837748][ T3966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.847569][ T3966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 36.858103][ T3966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.871391][ T4259] loop0: detected capacity change from 0 to 256 [ 36.874780][ T3966] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.895984][ T3966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 36.906526][ T3966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.916676][ T3966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 36.927243][ T3966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.937285][ T3966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 36.947941][ T3966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.957923][ T3966] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 36.968488][ T3966] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 36.997640][ T4273] loop2: detected capacity change from 0 to 128 [ 37.018793][ T3966] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.076441][ T3966] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.085518][ T3966] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.094287][ T3966] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.103250][ T3966] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.127663][ T4277] netlink: 'syz.4.256': attribute type 30 has an invalid length. [ 37.325643][ T4304] netlink: 60 bytes leftover after parsing attributes in process `syz.0.259'. [ 37.337018][ T4305] netlink: 16 bytes leftover after parsing attributes in process `syz.4.256'. [ 37.379019][ T4307] netlink: 12 bytes leftover after parsing attributes in process `syz.3.202'. [ 37.558494][ T4314] xt_CT: No such helper "snmp_trap" [ 37.686745][ T4326] loop3: detected capacity change from 0 to 512 [ 37.698218][ T4326] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.266: bg 0: block 35: padding at end of block bitmap is not set [ 37.712661][ T4326] EXT4-fs (loop3): Remounting filesystem read-only [ 37.720128][ T4326] EXT4-fs (loop3): 1 truncate cleaned up [ 37.726155][ T4326] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 37.743157][ T4326] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 37.750214][ T4326] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.811770][ T4326] netlink: 'syz.3.266': attribute type 16 has an invalid length. [ 37.819652][ T4326] netlink: 'syz.3.266': attribute type 4 has an invalid length. [ 37.827397][ T4326] netlink: 132 bytes leftover after parsing attributes in process `syz.3.266'. [ 37.873513][ T4326] netlink: 4 bytes leftover after parsing attributes in process `syz.3.266'. [ 37.883998][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 37.884008][ T29] audit: type=1400 audit(1720988386.658:340): avc: denied { unmount } for pid=3531 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1 [ 37.932605][ T29] audit: type=1400 audit(1720988386.698:341): avc: denied { unmount } for pid=3531 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 37.956228][ T29] audit: type=1400 audit(1720988386.728:342): avc: denied { create } for pid=4331 comm="syz.4.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 37.985889][ T4332] loop4: detected capacity change from 0 to 1024 [ 37.995929][ T29] audit: type=1400 audit(1720988386.758:343): avc: denied { read } for pid=4331 comm="syz.4.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 38.020221][ T4332] ext4: Unknown parameter 'dont_measure' [ 38.047832][ T3250] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 38.079375][ T29] audit: type=1400 audit(1720988386.858:344): avc: denied { bind } for pid=4331 comm="syz.4.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 38.098633][ T4311] syz.0.260 invoked oom-killer: gfp_mask=0x402d02(GFP_NOIO|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 38.113046][ T4311] CPU: 0 PID: 4311 Comm: syz.0.260 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 38.123031][ T4311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 38.133077][ T4311] Call Trace: [ 38.136336][ T4311] [ 38.139273][ T4311] dump_stack_lvl+0xf2/0x150 [ 38.143871][ T4311] dump_stack+0x15/0x20 [ 38.148110][ T4311] dump_header+0x83/0x2d0 [ 38.152421][ T4311] oom_kill_process+0x33e/0x4c0 [ 38.157252][ T4311] out_of_memory+0x9af/0xbe0 [ 38.161931][ T4311] ? try_to_free_mem_cgroup_pages+0x22a/0x4e0 [ 38.168051][ T4311] mem_cgroup_out_of_memory+0x13e/0x190 [ 38.173657][ T4311] try_charge_memcg+0x745/0xcd0 [ 38.178508][ T4311] ? get_page_from_freelist+0x1a30/0x1a70 [ 38.184237][ T4311] obj_cgroup_charge_pages+0xbd/0x1d0 [ 38.189667][ T4311] __memcg_kmem_charge_page+0x9d/0x170 [ 38.195114][ T4311] __alloc_pages_noprof+0x1bc/0x360 [ 38.200300][ T4311] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 38.205708][ T4311] alloc_pages_noprof+0xe1/0x100 [ 38.210671][ T4311] __vmalloc_node_range_noprof+0x719/0xef0 [ 38.216529][ T4311] kvmalloc_node_noprof+0x121/0x170 [ 38.221733][ T4311] ? ip_set_alloc+0x1f/0x30 [ 38.226232][ T4311] ip_set_alloc+0x1f/0x30 [ 38.230607][ T4311] hash_netiface_create+0x273/0x730 [ 38.235810][ T4311] ? __nla_parse+0x40/0x60 [ 38.240229][ T4311] ? __pfx_hash_netiface_create+0x10/0x10 [ 38.246023][ T4311] ip_set_create+0x359/0x8a0 [ 38.250643][ T4311] ? __perf_event_task_sched_out+0x111/0xfe0 [ 38.256662][ T4311] nfnetlink_rcv_msg+0x4a9/0x570 [ 38.261611][ T4311] netlink_rcv_skb+0x12c/0x230 [ 38.266407][ T4311] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 38.271862][ T4311] nfnetlink_rcv+0x16c/0x15b0 [ 38.276543][ T4311] ? kmem_cache_free+0xd8/0x280 [ 38.281522][ T4311] ? nlmon_xmit+0x51/0x60 [ 38.285900][ T4311] ? __kfree_skb+0x102/0x150 [ 38.290474][ T4311] ? consume_skb+0x57/0x180 [ 38.295004][ T4311] ? nlmon_xmit+0x51/0x60 [ 38.299314][ T4311] ? dev_hard_start_xmit+0x3c1/0x3f0 [ 38.304585][ T4311] ? __dev_queue_xmit+0xb21/0x1e50 [ 38.309726][ T4311] ? ref_tracker_free+0x3a5/0x410 [ 38.314780][ T4311] ? __netlink_deliver_tap+0x495/0x4c0 [ 38.320239][ T4311] netlink_unicast+0x58d/0x660 [ 38.325089][ T4311] netlink_sendmsg+0x5ca/0x6e0 [ 38.329833][ T4311] ? __pfx_netlink_sendmsg+0x10/0x10 [ 38.335128][ T4311] __sock_sendmsg+0x140/0x180 [ 38.339821][ T4311] ____sys_sendmsg+0x312/0x410 [ 38.344566][ T4311] __sys_sendmsg+0x1e9/0x280 [ 38.349170][ T4311] ? futex_wait+0x18e/0x1c0 [ 38.353738][ T4311] __x64_sys_sendmsg+0x46/0x50 [ 38.358481][ T4311] x64_sys_call+0xb25/0x2d70 [ 38.363050][ T4311] do_syscall_64+0xc9/0x1c0 [ 38.367562][ T4311] ? clear_bhb_loop+0x55/0xb0 [ 38.372278][ T4311] ? clear_bhb_loop+0x55/0xb0 [ 38.377010][ T4311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 38.382886][ T4311] RIP: 0033:0x7fd494f14bd9 [ 38.387282][ T4311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 38.406951][ T4311] RSP: 002b:00007fd494196048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 38.415351][ T4311] RAX: ffffffffffffffda RBX: 00007fd4950a2f60 RCX: 00007fd494f14bd9 [ 38.423296][ T4311] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 38.431248][ T4311] RBP: 00007fd494f83e60 R08: 0000000000000000 R09: 0000000000000000 [ 38.439242][ T4311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 38.447191][ T4311] R13: 000000000000000b R14: 00007fd4950a2f60 R15: 00007ffdb6a3e3b8 [ 38.455152][ T4311] [ 38.458610][ T4311] memory: usage 307200kB, limit 307200kB, failcnt 41 [ 38.465439][ T4311] memory+swap: usage 307164kB, limit 9007199254740988kB, failcnt 0 [ 38.473380][ T4311] kmem: usage 306460kB, limit 9007199254740988kB, failcnt 0 [ 38.480671][ T4311] Memory cgroup stats for /syz0: [ 38.480834][ T4311] cache 528384 [ 38.489111][ T4311] rss 192512 [ 38.492295][ T4311] shmem 4096 [ 38.495468][ T4311] mapped_file 180224 [ 38.499375][ T4311] dirty 81920 [ 38.502645][ T4311] writeback 0 [ 38.506019][ T4311] workingset_refault_anon 0 [ 38.510522][ T4311] workingset_refault_file 0 [ 38.515166][ T4311] swap 0 [ 38.518021][ T4311] swapcached 0 [ 38.521371][ T4311] pgpgin 3363 [ 38.524635][ T4311] pgpgout 3187 [ 38.528002][ T4311] pgfault 6411 [ 38.531499][ T4311] pgmajfault 4 [ 38.534839][ T4311] inactive_anon 196608 [ 38.538938][ T4311] active_anon 0 [ 38.542431][ T4311] inactive_file 520192 [ 38.546473][ T4311] active_file 4096 [ 38.550293][ T4311] unevictable 0 [ 38.553738][ T4311] hierarchical_memory_limit 314572800 [ 38.559124][ T4311] hierarchical_memsw_limit 9223372036854771712 [ 38.565303][ T4311] total_cache 528384 [ 38.569223][ T4311] total_rss 192512 [ 38.572944][ T4311] total_shmem 4096 [ 38.576668][ T4311] total_mapped_file 180224 [ 38.581082][ T4311] total_dirty 81920 [ 38.585037][ T4311] total_writeback 0 [ 38.588835][ T4311] total_workingset_refault_anon 0 [ 38.593902][ T4311] total_workingset_refault_file 0 [ 38.598939][ T4311] total_swap 0 [ 38.602303][ T4311] total_swapcached 0 [ 38.606170][ T4311] total_pgpgin 3363 [ 38.609972][ T4311] total_pgpgout 3187 [ 38.613849][ T4311] total_pgfault 6411 [ 38.617774][ T4311] total_pgmajfault 4 [ 38.621646][ T4311] total_inactive_anon 196608 [ 38.626286][ T4311] total_active_anon 0 [ 38.630278][ T4311] total_inactive_file 520192 [ 38.634848][ T4311] total_active_file 4096 [ 38.639150][ T4311] total_unevictable 0 [ 38.643200][ T4311] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.260,pid=4310,uid=0 [ 38.657999][ T4311] Memory cgroup out of memory: Killed process 4311 (syz.0.260) total-vm:80752kB, anon-rss:504kB, file-rss:10048kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000 [ 38.728705][ T4345] netlink: 12 bytes leftover after parsing attributes in process `syz.3.273'. [ 38.737736][ T4345] netlink: 12 bytes leftover after parsing attributes in process `syz.3.273'. [ 38.779968][ T4348] loop4: detected capacity change from 0 to 128 [ 38.847686][ T3250] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 38.889490][ T4311] syz.0.260 (4311) used greatest stack depth: 8824 bytes left [ 38.980377][ T29] audit: type=1400 audit(1720988387.758:345): avc: denied { setattr } for pid=4361 comm="syz.0.278" name="[io_uring]" dev="anon_inodefs" ino=8088 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1 [ 39.034035][ T4363] geneve1: entered promiscuous mode [ 39.039417][ T4363] geneve1: entered allmulticast mode [ 39.045055][ T29] audit: type=1400 audit(1720988387.818:346): avc: denied { ioctl } for pid=4364 comm="syz.3.279" path="socket:[8098]" dev="sockfs" ino=8098 ioctlcmd=0x8980 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 39.075846][ T4363] team0: Port device geneve1 added [ 39.100584][ T4376] loop3: detected capacity change from 0 to 512 [ 39.103277][ T29] audit: type=1400 audit(1720988387.878:347): avc: denied { mount } for pid=4373 comm="syz.0.282" name="/" dev="ramfs" ino=7023 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 39.137351][ T3250] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 39.143723][ T4375] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4375 comm=syz.0.282 [ 39.161395][ T29] audit: type=1400 audit(1720988387.938:348): avc: denied { connect } for pid=4373 comm="syz.0.282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 39.226434][ T4393] loop3: detected capacity change from 0 to 512 [ 39.233443][ T4393] ext4: Bad value for 'max_dir_size_kb' [ 39.263531][ T4393] loop3: detected capacity change from 0 to 1024 [ 39.271950][ T4393] Quota error (device loop3): v2_read_file_info: Can't read info structure [ 39.280612][ T4393] EXT4-fs warning (device loop3): ext4_enable_quotas:7078: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 39.295467][ T4393] EXT4-fs (loop3): mount failed [ 39.331284][ T4401] loop4: detected capacity change from 0 to 1024 [ 39.338382][ T4401] EXT4-fs: Ignoring removed orlov option [ 39.344129][ T4401] EXT4-fs: Ignoring removed nomblk_io_submit option [ 39.369187][ T4401] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 39.400127][ T4407] loop3: detected capacity change from 0 to 256 [ 39.407857][ T4407] FAT-fs (loop3): Unrecognized mount option "nodots' èõ˜" or missing value [ 39.484163][ T4416] FAULT_INJECTION: forcing a failure. [ 39.484163][ T4416] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 39.497273][ T4416] CPU: 1 PID: 4416 Comm: syz.3.297 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 39.507257][ T4416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 39.517431][ T4416] Call Trace: [ 39.520696][ T4416] [ 39.523655][ T4416] dump_stack_lvl+0xf2/0x150 [ 39.528252][ T4416] dump_stack+0x15/0x20 [ 39.532399][ T4416] should_fail_ex+0x229/0x230 [ 39.537063][ T4416] should_fail+0xb/0x10 [ 39.541206][ T4416] should_fail_usercopy+0x1a/0x20 [ 39.546278][ T4416] _copy_to_iter+0xd3/0xaf0 [ 39.550790][ T4416] ? skb_pull+0x94/0x100 [ 39.555092][ T4416] ? __skb_try_recv_from_queue+0x3b5/0x420 [ 39.561005][ T4416] ? __virt_addr_valid+0x1ed/0x250 [ 39.566100][ T4416] ? __check_object_size+0x35b/0x510 [ 39.571393][ T4416] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 39.577016][ T4416] __skb_datagram_iter+0xce/0x5c0 [ 39.582111][ T4416] skb_copy_datagram_iter+0x41/0x130 [ 39.587385][ T4416] netlink_recvmsg+0x1a4/0x780 [ 39.592157][ T4416] ? __pfx_netlink_recvmsg+0x10/0x10 [ 39.597483][ T4416] sock_recvmsg+0x13f/0x170 [ 39.602039][ T4416] __sys_recvfrom+0x16b/0x230 [ 39.606766][ T4416] __x64_sys_recvfrom+0x78/0x90 [ 39.611605][ T4416] x64_sys_call+0x26af/0x2d70 [ 39.616303][ T4416] do_syscall_64+0xc9/0x1c0 [ 39.620868][ T4416] ? clear_bhb_loop+0x55/0xb0 [ 39.625535][ T4416] ? clear_bhb_loop+0x55/0xb0 [ 39.630288][ T4416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 39.636241][ T4416] RIP: 0033:0x7f3a7a13e8a4 [ 39.640640][ T4416] Code: 89 4c 24 1c e8 ed 5a 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 5b 02 00 48 8b 04 [ 39.660233][ T4416] RSP: 002b:00007f3a793bcee0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 39.668641][ T4416] RAX: ffffffffffffffda RBX: 00007f3a793bcfd0 RCX: 00007f3a7a13e8a4 [ 39.676610][ T4416] RDX: 0000000000001000 RSI: 00007f3a793bd020 RDI: 0000000000000003 [ 39.684601][ T4416] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 39.692555][ T4416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 39.700508][ T4416] R13: 00007f3a793bcf78 R14: 00007f3a793bd020 R15: 0000000000000000 [ 39.708512][ T4416] [ 39.733175][ T3531] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.796899][ T4427] loop3: detected capacity change from 0 to 1024 [ 39.803785][ T4427] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 39.819227][ T4427] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 39.832958][ T4427] netlink: 'syz.3.301': attribute type 1 has an invalid length. [ 39.849284][ T3966] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.908297][ T4440] loop3: detected capacity change from 0 to 512 [ 39.918719][ T4440] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 39.931914][ T4440] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 39.954657][ T3966] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 39.999904][ T4448] loop3: detected capacity change from 0 to 512 [ 40.008436][ T4448] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz.3.305: attempt to clear invalid blocks 1 len 1 [ 40.025319][ T4448] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.305: bg 0: block 343: padding at end of block bitmap is not set [ 40.040278][ T4448] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 40.053134][ T4448] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.305: invalid indirect mapped block 1819239214 (level 0) [ 40.066200][ T4459] loop2: detected capacity change from 0 to 512 [ 40.071279][ T4448] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.305: invalid indirect mapped block 1819239214 (level 1) [ 40.088891][ T4448] EXT4-fs (loop3): 1 truncate cleaned up [ 40.089235][ T4448] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 40.111013][ T4459] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.111072][ T4459] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 40.120569][ T3081] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /70/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0 [ 40.155721][ T3081] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 12: comm syz-executor: path /70/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 40.156069][ T3081] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /70/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 40.156280][ T3081] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 14: comm syz-executor: path /70/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 40.156425][ T3081] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 15: comm syz-executor: path /70/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 40.156676][ T3081] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /70/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 40.260669][ T3081] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 17: comm syz-executor: path /70/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 40.260794][ T3081] EXT4-fs error (device loop2): ext4_map_blocks:580: inode #2: block 18: comm syz-executor: lblock 23 mapped to illegal pblock 18 (length 1) [ 40.282554][ T3081] EXT4-fs error (device loop2): ext4_readdir:260: inode #12: block 32: comm syz-executor: path /70/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=12, rec_len=106, size=2048 fake=1 [ 40.317960][ T3081] EXT4-fs error (device loop2): ext4_empty_dir:3095: inode #12: block 32: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=12, rec_len=106, size=2048 fake=1 [ 40.338977][ T3081] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '.' [ 40.340118][ T3081] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '.' [ 40.363396][ T3081] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '.' [ 40.363778][ T3081] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '.' [ 40.388995][ T3081] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '.' [ 40.389435][ T3081] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '.' [ 40.389804][ T3081] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '.' [ 40.390117][ T3081] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '.' [ 40.435821][ T3081] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '.' [ 40.447598][ T3081] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz-executor: directory missing '.' [ 40.547766][ T4450] loop4: detected capacity change from 0 to 256 [ 40.587463][ T3250] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 40.678230][ T3081] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.737899][ T4472] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 40.745401][ T4472] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 40.752904][ T4472] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 40.760371][ T4472] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 40.844488][ T4489] loop0: detected capacity change from 0 to 256 [ 40.861596][ T3966] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.870245][ T4489] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 40.890188][ T4477] chnl_net:caif_netlink_parms(): no params data found [ 40.926657][ T4477] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.933800][ T4477] bridge0: port 1(bridge_slave_0) entered disabled state [ 40.935665][ T4498] 9pnet_fd: Insufficient options for proto=fd [ 40.949898][ T4477] bridge_slave_0: entered allmulticast mode [ 40.958189][ T4477] bridge_slave_0: entered promiscuous mode [ 40.965523][ T4477] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.972609][ T4477] bridge0: port 2(bridge_slave_1) entered disabled state [ 40.979810][ T4477] bridge_slave_1: entered allmulticast mode [ 40.980697][ T4507] loop3: detected capacity change from 0 to 128 [ 40.986391][ T4477] bridge_slave_1: entered promiscuous mode [ 41.005239][ T4507] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 41.021113][ T4507] ext4 filesystem being mounted at /33/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 41.028541][ T4511] delete_channel: no stack [ 41.059476][ T4477] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.086201][ T4477] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.100659][ T4517] loop4: detected capacity change from 0 to 256 [ 41.111160][ T3966] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 41.122487][ T4517] FAT-fs (loop4): Directory bread(block 64) failed [ 41.129092][ T4517] FAT-fs (loop4): Directory bread(block 65) failed [ 41.135809][ T4517] FAT-fs (loop4): Directory bread(block 66) failed [ 41.142451][ T4517] FAT-fs (loop4): Directory bread(block 67) failed [ 41.143744][ T4477] team0: Port device team_slave_0 added [ 41.154697][ T4517] FAT-fs (loop4): Directory bread(block 68) failed [ 41.161311][ T4517] FAT-fs (loop4): Directory bread(block 69) failed [ 41.171717][ T4517] FAT-fs (loop4): Directory bread(block 70) failed [ 41.178782][ T4517] FAT-fs (loop4): Directory bread(block 71) failed [ 41.185354][ T4517] FAT-fs (loop4): Directory bread(block 72) failed [ 41.186536][ T4477] team0: Port device team_slave_1 added [ 41.192901][ T4517] FAT-fs (loop4): Directory bread(block 73) failed [ 41.222962][ T4517] syz.4.325: attempt to access beyond end of device [ 41.222962][ T4517] loop4: rw=2049, sector=1224, nr_sectors = 32 limit=256 [ 41.223104][ T4477] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.236704][ T4517] syz.4.325: attempt to access beyond end of device [ 41.236704][ T4517] loop4: rw=2049, sector=1352, nr_sectors = 88 limit=256 [ 41.243477][ T4477] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.283324][ T4477] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.299536][ T4477] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.306473][ T4477] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.332528][ T4477] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.364629][ T4477] hsr_slave_0: entered promiscuous mode [ 41.370839][ T4477] hsr_slave_1: entered promiscuous mode [ 41.377062][ T4477] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.384605][ T4477] Cannot create hsr debugfs directory [ 41.423722][ T4532] loop3: detected capacity change from 0 to 2048 [ 41.462415][ T4532] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 41.494850][ T4477] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.526799][ T3966] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.557713][ T4545] loop3: detected capacity change from 0 to 512 [ 41.565607][ T4477] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.580252][ T4545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 41.596215][ T4545] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 41.642069][ T4477] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.723010][ T4477] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.734775][ T4559] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.333: bg 0: block 417: padding at end of block bitmap is not set [ 41.750242][ T4559] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28 [ 41.762449][ T4559] EXT4-fs (loop3): This should not happen!! Data will be lost [ 41.762449][ T4559] [ 41.772097][ T4559] EXT4-fs (loop3): Total free blocks count 0 [ 41.778089][ T4559] EXT4-fs (loop3): Free/Dirty block details [ 41.783973][ T4559] EXT4-fs (loop3): free_blocks=0 [ 41.788998][ T4559] EXT4-fs (loop3): dirty_blocks=2 [ 41.794009][ T4559] EXT4-fs (loop3): Block reservation details [ 41.800109][ T4559] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 41.814584][ T3966] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.848283][ T4477] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 41.857408][ T4477] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 41.868668][ T4477] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 41.877784][ T4477] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 41.888546][ T4562] 8021q: VLANs not supported on hsr0 [ 41.933070][ T4477] 8021q: adding VLAN 0 to HW filter on device bond0 [ 41.946968][ T4477] 8021q: adding VLAN 0 to HW filter on device team0 [ 41.958788][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.965854][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 41.984729][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.991901][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.012950][ T4567] devtmpfs: Unknown parameter 'rt' [ 42.025655][ T4477] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 42.036156][ T4477] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 42.094424][ T4477] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 42.188211][ T4477] veth0_vlan: entered promiscuous mode [ 42.200637][ T4477] veth1_vlan: entered promiscuous mode [ 42.224459][ T4599] loop0: detected capacity change from 0 to 8192 [ 42.231173][ T4477] veth0_macvtap: entered promiscuous mode [ 42.239013][ T4477] veth1_macvtap: entered promiscuous mode [ 42.251940][ T4609] FAULT_INJECTION: forcing a failure. [ 42.251940][ T4609] name failslab, interval 1, probability 0, space 0, times 0 [ 42.252475][ T4477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.264654][ T4609] CPU: 1 PID: 4609 Comm: syz.3.348 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 42.275052][ T4477] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.275061][ T4477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.275072][ T4477] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.275088][ T4477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.285029][ T4609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 42.294819][ T4477] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.305179][ T4609] Call Trace: [ 42.305187][ T4609] [ 42.305194][ T4609] dump_stack_lvl+0xf2/0x150 [ 42.315117][ T4477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.325331][ T4609] dump_stack+0x15/0x20 [ 42.325358][ T4609] should_fail_ex+0x229/0x230 [ 42.325407][ T4609] ? genl_family_rcv_msg_attrs_parse+0x75/0x1a0 [ 42.325432][ T4609] __should_failslab+0x92/0xa0 [ 42.325452][ T4609] should_failslab+0x9/0x20 [ 42.335492][ T4477] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.345247][ T4609] __kmalloc_noprof+0xa5/0x370 [ 42.350339][ T4477] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.351426][ T4609] genl_family_rcv_msg_attrs_parse+0x75/0x1a0 [ 42.351455][ T4609] ? __rcu_read_unlock+0x34/0x70 [ 42.361713][ T4477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.366396][ T4609] genl_start+0xe7/0x390 [ 42.370551][ T4477] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.375178][ T4609] __netlink_dump_start+0x32a/0x510 [ 42.381392][ T4477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.386111][ T4609] genl_rcv_msg+0x4e5/0x6c0 [ 42.390585][ T4477] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.400341][ T4609] ? __pfx_ethnl_default_start+0x10/0x10 [ 42.405085][ T4477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.412235][ T4609] ? __pfx_ethnl_default_dumpit+0x10/0x10 [ 42.412264][ T4609] ? __pfx_ethnl_default_done+0x10/0x10 [ 42.412331][ T4609] ? __pfx_genl_start+0x10/0x10 [ 42.412351][ T4609] ? __pfx_genl_dumpit+0x10/0x10 [ 42.412372][ T4609] ? __pfx_genl_done+0x10/0x10 [ 42.412396][ T4609] netlink_rcv_skb+0x12c/0x230 [ 42.418461][ T4477] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.423352][ T4609] ? __pfx_genl_rcv_msg+0x10/0x10 [ 42.434695][ T4477] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.438898][ T4609] genl_rcv+0x28/0x40 [ 42.448676][ T4477] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.453831][ T4609] netlink_unicast+0x58d/0x660 [ 42.469214][ T4477] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.478449][ T4609] netlink_sendmsg+0x5ca/0x6e0 [ 42.478474][ T4609] ? __pfx_netlink_sendmsg+0x10/0x10 [ 42.487288][ T4477] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.494455][ T4609] __sock_sendmsg+0x140/0x180 [ 42.494480][ T4609] ____sys_sendmsg+0x312/0x410 [ 42.500184][ T4477] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.505674][ T4609] __sys_sendmsg+0x1e9/0x280 [ 42.510543][ T4477] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.515435][ T4609] __x64_sys_sendmsg+0x46/0x50 [ 42.520159][ T4477] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.524846][ T4609] x64_sys_call+0xb25/0x2d70 [ 42.644013][ T4609] do_syscall_64+0xc9/0x1c0 [ 42.648515][ T4609] ? clear_bhb_loop+0x55/0xb0 [ 42.653178][ T4609] ? clear_bhb_loop+0x55/0xb0 [ 42.657846][ T4609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 42.663753][ T4609] RIP: 0033:0x7f3a7a13cbd9 [ 42.668188][ T4609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 42.687787][ T4609] RSP: 002b:00007f3a793be048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 42.696273][ T4609] RAX: ffffffffffffffda RBX: 00007f3a7a2caf60 RCX: 00007f3a7a13cbd9 [ 42.704287][ T4609] RDX: 0000000000000000 RSI: 0000000020000700 RDI: 0000000000000004 [ 42.712330][ T4609] RBP: 00007f3a793be0a0 R08: 0000000000000000 R09: 0000000000000000 [ 42.720290][ T4609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 42.728251][ T4609] R13: 000000000000000b R14: 00007f3a7a2caf60 R15: 00007ffc3964c418 [ 42.736322][ T4609] [ 42.777244][ T4599] loop0: detected capacity change from 0 to 512 [ 42.791278][ T4613] __nla_validate_parse: 73 callbacks suppressed [ 42.791292][ T4613] netlink: 4 bytes leftover after parsing attributes in process `syz.4.350'. [ 42.796953][ T4599] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 42.828441][ T4618] loop4: detected capacity change from 0 to 512 [ 42.835257][ T4599] EXT4-fs (loop0): 1 orphan inode deleted [ 42.841064][ T4599] EXT4-fs (loop0): 1 truncate cleaned up [ 42.848350][ T4599] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 42.863130][ T4599] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 42.876936][ T4618] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.351: corrupted in-inode xattr: invalid ea_ino [ 42.895927][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 42.895938][ T29] audit: type=1400 audit(1720988391.668:376): avc: denied { block_suspend } for pid=4625 comm="syz.2.317" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 42.897003][ T4618] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.351: couldn't read orphan inode 15 (err -117) [ 42.925109][ T4599] EXT4-fs (loop0): Remounting filesystem read-only [ 42.944583][ T28] bridge_slave_1: left allmulticast mode [ 42.950259][ T28] bridge_slave_1: left promiscuous mode [ 42.951685][ T4618] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 42.955929][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.984115][ T28] bridge_slave_0: left allmulticast mode [ 42.989854][ T28] bridge_slave_0: left promiscuous mode [ 42.995597][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.003363][ T3834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.003551][ T3531] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.061371][ T4636] loop0: detected capacity change from 0 to 256 [ 43.074176][ T4636] FAT-fs (loop0): Directory bread(block 64) failed [ 43.084442][ T4636] FAT-fs (loop0): Directory bread(block 65) failed [ 43.091187][ T4636] FAT-fs (loop0): Directory bread(block 66) failed [ 43.091578][ T28] team0: Port device geneve1 removed [ 43.098023][ T4636] FAT-fs (loop0): Directory bread(block 67) failed [ 43.109684][ T4636] FAT-fs (loop0): Directory bread(block 68) failed [ 43.116265][ T4636] FAT-fs (loop0): Directory bread(block 69) failed [ 43.122897][ T4636] FAT-fs (loop0): Directory bread(block 70) failed [ 43.129552][ T4636] FAT-fs (loop0): Directory bread(block 71) failed [ 43.136195][ T4636] FAT-fs (loop0): Directory bread(block 72) failed [ 43.142919][ T4636] FAT-fs (loop0): Directory bread(block 73) failed [ 43.152230][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 43.161226][ T28] bond_slave_0: left promiscuous mode [ 43.166825][ T28] bond_slave_0: left allmulticast mode [ 43.174192][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 43.183789][ T28] bond_slave_1: left promiscuous mode [ 43.189311][ T28] bond_slave_1: left allmulticast mode [ 43.197772][ T28] bond0 (unregistering): (slave macvlan2): Releasing backup interface [ 43.206980][ T28] macvlan2: left promiscuous mode [ 43.212039][ T28] team0: left promiscuous mode [ 43.217040][ T28] bond1 (unregistering): left promiscuous mode [ 43.223386][ T28] macvlan2: left allmulticast mode [ 43.228701][ T28] team0: left allmulticast mode [ 43.233616][ T28] team_slave_0: left allmulticast mode [ 43.239112][ T28] team_slave_1: left allmulticast mode [ 43.244577][ T28] bond1 (unregistering): left allmulticast mode [ 43.252127][ T28] team_slave_0: left promiscuous mode [ 43.257626][ T28] team_slave_1: left promiscuous mode [ 43.264890][ T28] bond0 (unregistering): Released all slaves [ 43.274117][ T28] team0: Port device bond1 removed [ 43.281279][ T28] bond1 (unregistering): Released all slaves [ 43.289567][ T4635] tipc: Started in network mode [ 43.294432][ T4635] tipc: Node identity id-name-, cluster identity 4711 [ 43.301222][ T4635] tipc: Enabling of bearer rejected, failed to enable media [ 43.335309][ T4639] netlink: 8 bytes leftover after parsing attributes in process `syz.3.357'. [ 43.351956][ T4643] loop4: detected capacity change from 0 to 2048 [ 43.362990][ T28] hsr_slave_0: left promiscuous mode [ 43.370249][ T4645] Cannot find add_set index 0 as target [ 43.381540][ T28] hsr_slave_1: left promiscuous mode [ 43.391734][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 43.399182][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 43.408109][ T4643] loop4: p2 < > [ 43.417789][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 43.425274][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 43.432446][ T29] audit: type=1400 audit(1720988392.198:377): avc: denied { unmount } for pid=3531 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 43.452437][ T29] audit: type=1400 audit(1720988392.198:378): avc: denied { setopt } for pid=4638 comm="syz.3.357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 43.471661][ T29] audit: type=1400 audit(1720988392.198:379): avc: denied { listen } for pid=4638 comm="syz.3.357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 43.492176][ T2782] loop4: p2 < > [ 43.495963][ T28] veth1_macvtap: left promiscuous mode [ 43.501567][ T28] veth0_macvtap: left promiscuous mode [ 43.507075][ T28] veth1_vlan: left promiscuous mode [ 43.512295][ T28] veth0_vlan: left promiscuous mode [ 43.518790][ T3250] udevd[3250]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory [ 43.536991][ T29] audit: type=1326 audit(1720988392.298:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4638 comm="syz.3.357" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3a7a13cbd9 code=0x0 [ 43.621723][ T28] team0 (unregistering): Port device team_slave_1 removed [ 43.631909][ T28] team0 (unregistering): Port device team_slave_0 removed [ 43.684591][ T4656] loop0: detected capacity change from 0 to 512 [ 43.692952][ T4656] EXT4-fs (loop0): Unsupported encryption level 9 [ 43.733469][ T4658] loop2: detected capacity change from 0 to 512 [ 43.743941][ T4656] raw_sendmsg: syz.0.362 forgot to set AF_INET. Fix it! [ 43.763130][ T4658] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 43.763186][ T4658] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 43.802843][ T4658] Process accounting resumed [ 43.809130][ T4664] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 43.809453][ T4477] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 43.845905][ T4664] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 43.888393][ T4669] loop2: detected capacity change from 0 to 512 [ 43.896405][ T4669] EXT4-fs (loop2): can't mount with both data=journal and delalloc [ 43.949844][ T29] audit: type=1400 audit(1720988392.728:381): avc: denied { write } for pid=4672 comm="syz.2.369" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 43.971254][ T4675] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4675 comm=syz.0.366 [ 44.028802][ T29] audit: type=1400 audit(1720988392.808:382): avc: denied { create } for pid=4679 comm="syz.2.371" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 44.029423][ T4680] 9pnet_fd: Insufficient options for proto=fd [ 44.050237][ T29] audit: type=1400 audit(1720988392.808:383): avc: denied { mounton } for pid=4679 comm="syz.2.371" path="/5/file1" dev="tmpfs" ino=44 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 44.078769][ T29] audit: type=1400 audit(1720988392.828:384): avc: denied { write } for pid=4679 comm="syz.2.371" path="socket:[9776]" dev="sockfs" ino=9776 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1 [ 44.122261][ T29] audit: type=1400 audit(1720988392.898:385): avc: denied { mount } for pid=4684 comm="syz.0.373" name="/" dev="configfs" ino=1242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 44.201198][ T4703] loop3: detected capacity change from 0 to 256 [ 44.218855][ T4703] FAULT_INJECTION: forcing a failure. [ 44.218855][ T4703] name failslab, interval 1, probability 0, space 0, times 0 [ 44.231562][ T4703] CPU: 0 PID: 4703 Comm: syz.3.379 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 44.231654][ T4703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 44.231666][ T4703] Call Trace: [ 44.231672][ T4703] [ 44.231679][ T4703] dump_stack_lvl+0xf2/0x150 [ 44.231713][ T4703] dump_stack+0x15/0x20 [ 44.231815][ T4703] should_fail_ex+0x229/0x230 [ 44.231837][ T4703] ? getname_kernel+0xb7/0x1e0 [ 44.231856][ T4703] __should_failslab+0x92/0xa0 [ 44.231876][ T4703] should_failslab+0x9/0x20 [ 44.231951][ T4703] kmalloc_trace_noprof+0x4b/0x2a0 [ 44.231981][ T4703] getname_kernel+0xb7/0x1e0 [ 44.232001][ T4703] kern_path+0x21/0x110 [ 44.232078][ T4703] lookup_bdev+0x62/0x140 [ 44.232098][ T4703] __se_sys_quotactl+0x1b6/0x670 [ 44.232204][ T4703] __x64_sys_quotactl+0x55/0x70 [ 44.232321][ T4703] x64_sys_call+0x1da4/0x2d70 [ 44.232346][ T4703] do_syscall_64+0xc9/0x1c0 [ 44.232374][ T4703] ? clear_bhb_loop+0x55/0xb0 [ 44.232430][ T4703] ? clear_bhb_loop+0x55/0xb0 [ 44.232451][ T4703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 44.232528][ T4703] RIP: 0033:0x7f3a7a13cbd9 [ 44.232542][ T4703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 44.232619][ T4703] RSP: 002b:00007f3a793be048 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 44.232635][ T4703] RAX: ffffffffffffffda RBX: 00007f3a7a2caf60 RCX: 00007f3a7a13cbd9 [ 44.232646][ T4703] RDX: 0000000000000000 RSI: 0000000020002040 RDI: 0000000000000000 [ 44.232658][ T4703] RBP: 00007f3a793be0a0 R08: 0000000000000000 R09: 0000000000000000 [ 44.232670][ T4703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 44.232731][ T4703] R13: 000000000000000b R14: 00007f3a7a2caf60 R15: 00007ffc3964c418 [ 44.232745][ T4703] [ 44.385598][ T4713] netlink: 4 bytes leftover after parsing attributes in process `syz.3.383'. [ 44.444807][ T4717] netlink: 'syz.0.385': attribute type 21 has an invalid length. [ 44.453330][ T4717] netlink: 'syz.0.385': attribute type 6 has an invalid length. [ 44.559460][ T3269] IPVS: starting estimator thread 0... [ 44.566966][ T4721] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 44.579463][ T4721] netlink: 100 bytes leftover after parsing attributes in process `syz.0.386'. [ 44.666703][ T4722] IPVS: using max 2832 ests per chain, 141600 per kthread [ 44.757739][ T4728] loop0: detected capacity change from 0 to 128 [ 44.765599][ T4728] FAT-fs (loop0): Unrecognized mount option "ÿ0x00000000000000000x0000000000000008€Ñ7Öàí?ü©I×lNs^s€f¸ÿdâZØñ=Vx.ÁÈ“·UÍñ‚|÷Ì-£×æ" or missing value [ 44.808309][ T4740] loop4: detected capacity change from 0 to 512 [ 44.815145][ T4740] EXT4-fs (loop4): blocks per group (8192) and clusters per group (32) inconsistent [ 44.860186][ T4745] loop3: detected capacity change from 0 to 8192 [ 44.863377][ T4746] loop0: detected capacity change from 0 to 128 [ 44.867819][ T4745] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 44.904079][ T4750] loop4: detected capacity change from 0 to 512 [ 44.928800][ T4755] netlink: 12 bytes leftover after parsing attributes in process `syz.3.398'. [ 44.943727][ T4755] loop3: detected capacity change from 0 to 512 [ 44.951455][ T4755] EXT4-fs: Ignoring removed orlov option [ 44.967681][ T4755] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6040e09c, mo2=0102] [ 44.978379][ T4755] System zones: 1-12 [ 44.982744][ T4755] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz.3.398: casefold flag without casefold feature [ 44.992080][ T4767] netlink: 'syz.4.404': attribute type 8 has an invalid length. [ 44.996961][ T4755] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.398: couldn't read orphan inode 15 (err -117) [ 45.002887][ T4767] netlink: 8 bytes leftover after parsing attributes in process `syz.4.404'. [ 45.015798][ T4755] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.037926][ T4769] netlink: 28 bytes leftover after parsing attributes in process `syz.4.405'. [ 45.046913][ T4769] netlink: 8 bytes leftover after parsing attributes in process `syz.4.405'. [ 45.105424][ T3966] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.177823][ T4787] loop3: detected capacity change from 0 to 1024 [ 45.190539][ T4787] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 45.201467][ T4787] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869) [ 45.217386][ T4787] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 45.227544][ T4787] EXT4-fs (loop3): filesystem has both journal inode and journal device! [ 45.258134][ T4798] loop0: detected capacity change from 0 to 2364 [ 45.292450][ T4787] netlink: 8 bytes leftover after parsing attributes in process `syz.3.410'. [ 45.300108][ T4809] loop2: detected capacity change from 0 to 1764 [ 45.360993][ T4817] 9pnet_fd: Insufficient options for proto=fd [ 45.383238][ T4815] loop0: detected capacity change from 0 to 128 [ 45.391406][ T4815] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 45.403741][ T4815] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 45.410452][ T4823] netlink: 40 bytes leftover after parsing attributes in process `syz.3.425'. [ 45.439800][ T4825] loop4: detected capacity change from 0 to 512 [ 45.450900][ T4815] SELinux: Context system_u:object_r:dhcp_sta is not valid (left unmapped). [ 45.451375][ T4825] EXT4-fs: Ignoring removed nobh option [ 45.575220][ T4825] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13 [ 45.595360][ T3834] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 45.618662][ T4825] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.427: attempt to clear invalid blocks 2 len 1 [ 45.674102][ T4825] EXT4-fs (loop4): Remounting filesystem read-only [ 45.745322][ T4825] EXT4-fs (loop4): 1 truncate cleaned up [ 45.761477][ T4825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 45.775369][ T4825] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 45.785197][ T4825] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.856954][ T4849] loop0: detected capacity change from 0 to 512 [ 45.864354][ T4849] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors [ 45.875247][ T4849] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 not in group (block 2)! [ 45.885503][ T4849] EXT4-fs (loop0): group descriptors corrupted! [ 45.901976][ T4831] chnl_net:caif_netlink_parms(): no params data found [ 45.932415][ T4831] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.939803][ T4831] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.948313][ T4831] bridge_slave_0: entered allmulticast mode [ 45.954941][ T4831] bridge_slave_0: entered promiscuous mode [ 45.964100][ T4831] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.971204][ T4831] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.980170][ T4831] bridge_slave_1: entered allmulticast mode [ 45.987009][ T4831] bridge_slave_1: entered promiscuous mode [ 46.006747][ T4831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.019092][ T4831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.042525][ T4831] team0: Port device team_slave_0 added [ 46.049061][ T4831] team0: Port device team_slave_1 added [ 46.067037][ T4831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.074022][ T4831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.079853][ T4859] loop0: detected capacity change from 0 to 512 [ 46.100020][ T4831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.101054][ T4831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.117332][ T4859] EXT4-fs (loop0): Invalid log block size: 4294967295 [ 46.123703][ T4831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.156406][ T4831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.177633][ T3177] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.210547][ T4831] hsr_slave_0: entered promiscuous mode [ 46.220884][ T4831] hsr_slave_1: entered promiscuous mode [ 46.227732][ T4831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.235352][ T4831] Cannot create hsr debugfs directory [ 46.250281][ T4863] loop4: detected capacity change from 0 to 512 [ 46.258306][ T3177] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.271289][ T4863] EXT4-fs (loop4): orphan cleanup on readonly fs [ 46.273015][ T4870] Process accounting resumed [ 46.279080][ T4863] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz.4.437: Failed to acquire dquot type 0 [ 46.294315][ T4876] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 46.302404][ T4863] EXT4-fs (loop4): 1 truncate cleaned up [ 46.308307][ T4876] batadv_slave_0: entered promiscuous mode [ 46.309275][ T4863] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 46.326888][ T4863] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.358766][ T4887] program syz.2.442 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 46.376095][ T3177] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.421456][ T3177] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.430572][ T4894] loop3: detected capacity change from 0 to 128 [ 46.454373][ T4894] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 46.468189][ T4894] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 46.518171][ T4894] process 'syz.3.446' launched './file1' with NULL argv: empty string added [ 46.532635][ T3177] bridge_slave_0: left allmulticast mode [ 46.538334][ T3177] bridge_slave_0: left promiscuous mode [ 46.544050][ T3177] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.553927][ T3966] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024 [ 46.571768][ T4911] FAULT_INJECTION: forcing a failure. [ 46.571768][ T4911] name failslab, interval 1, probability 0, space 0, times 0 [ 46.584416][ T4911] CPU: 1 PID: 4911 Comm: syz.0.449 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 46.585148][ T3966] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192 [ 46.594373][ T4911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 46.594384][ T4911] Call Trace: [ 46.594391][ T4911] [ 46.594399][ T4911] dump_stack_lvl+0xf2/0x150 [ 46.629129][ T4911] dump_stack+0x15/0x20 [ 46.633328][ T4911] should_fail_ex+0x229/0x230 [ 46.638053][ T4911] ? sk_prot_alloc+0x41/0x190 [ 46.642745][ T4911] __should_failslab+0x92/0xa0 [ 46.647499][ T4911] should_failslab+0x9/0x20 [ 46.652056][ T4911] kmem_cache_alloc_noprof+0x4c/0x290 [ 46.657503][ T4911] sk_prot_alloc+0x41/0x190 [ 46.662001][ T4911] sk_alloc+0x33/0x360 [ 46.666057][ T4911] ? inet_create+0x39e/0x740 [ 46.670633][ T4911] inet_create+0x3bd/0x740 [ 46.675033][ T4911] __sock_create+0x2db/0x4f0 [ 46.679678][ T4911] sock_create_kern+0x38/0x50 [ 46.684404][ T4911] udp_sock_create4+0x67/0x2a0 [ 46.689226][ T4911] rxrpc_lookup_local+0x835/0xca0 [ 46.694279][ T4911] rxrpc_sendmsg+0x344/0x520 [ 46.698853][ T4911] ? __pfx_rxrpc_sendmsg+0x10/0x10 [ 46.703963][ T4911] __sock_sendmsg+0x140/0x180 [ 46.708684][ T4911] ____sys_sendmsg+0x312/0x410 [ 46.713510][ T4911] __sys_sendmsg+0x1e9/0x280 [ 46.718123][ T4911] __x64_sys_sendmsg+0x46/0x50 [ 46.722876][ T4911] x64_sys_call+0xb25/0x2d70 [ 46.727455][ T4911] do_syscall_64+0xc9/0x1c0 [ 46.732005][ T4911] ? clear_bhb_loop+0x55/0xb0 [ 46.736839][ T4911] ? clear_bhb_loop+0x55/0xb0 [ 46.741506][ T4911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 46.747402][ T4911] RIP: 0033:0x7fd494f14bd9 [ 46.751832][ T4911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 46.771424][ T4911] RSP: 002b:00007fd494196048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 46.779957][ T4911] RAX: ffffffffffffffda RBX: 00007fd4950a2f60 RCX: 00007fd494f14bd9 [ 46.788085][ T4911] RDX: 000000000000ff00 RSI: 0000000020000000 RDI: 0000000000000003 [ 46.796042][ T4911] RBP: 00007fd4941960a0 R08: 0000000000000000 R09: 0000000000000000 [ 46.804022][ T4911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 46.812028][ T4911] R13: 000000000000000b R14: 00007fd4950a2f60 R15: 00007ffdb6a3e3b8 [ 46.820119][ T4911] [ 46.827379][ T3966] EXT4-fs error (device loop3): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor: Directory block failed checksum [ 46.841302][ T3966] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024 [ 46.855742][ T3966] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192 [ 46.871535][ T3966] EXT4-fs error (device loop3): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor: Directory block failed checksum [ 46.885140][ T3966] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024 [ 46.901535][ T3966] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 8192 [ 46.911293][ T4917] loop0: detected capacity change from 0 to 256 [ 46.924750][ T4918] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 46.932967][ T3966] EXT4-fs error (device loop3): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor: Directory block failed checksum [ 46.949154][ T3966] EXT4-fs error (device loop3): ext4_readdir:220: inode #11: comm syz-executor: path (unknown): directory fails checksum at offset 1024 [ 47.088884][ T3177] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 47.100701][ T3177] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 47.111704][ T3177] bond0 (unregistering): Released all slaves [ 47.239154][ T3177] hsr_slave_0: left promiscuous mode [ 47.246201][ T3177] hsr_slave_1: left promiscuous mode [ 47.253040][ T3177] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 47.260708][ T3177] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 47.271311][ T3177] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 47.278757][ T3177] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 47.290389][ T3177] veth1_macvtap: left promiscuous mode [ 47.295951][ T3177] veth0_macvtap: left promiscuous mode [ 47.301468][ T3177] veth1_vlan: left promiscuous mode [ 47.306771][ T3177] veth0_vlan: left promiscuous mode [ 47.324863][ T4924] loop2: detected capacity change from 0 to 512 [ 47.340706][ T4924] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 47.369507][ T3966] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 47.384409][ T4924] EXT4-fs (loop2): 1 truncate cleaned up [ 47.391299][ T4924] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.435736][ T4929] loop4: detected capacity change from 0 to 512 [ 47.442381][ T4929] FAT-fs (loop4): bogus number of FAT sectors [ 47.442434][ T4929] FAT-fs (loop4): Can't find a valid FAT filesystem [ 47.474579][ T3177] team0 (unregistering): Port device team_slave_1 removed [ 47.484836][ T3177] team0 (unregistering): Port device team_slave_0 removed [ 47.495811][ T4933] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 47.524436][ T4477] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.654924][ T4928] chnl_net:caif_netlink_parms(): no params data found [ 47.711268][ T4928] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.718437][ T4928] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.738674][ T4928] bridge_slave_0: entered allmulticast mode [ 47.753795][ T4928] bridge_slave_0: entered promiscuous mode [ 47.782392][ T4928] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.789533][ T4928] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.820659][ T4928] bridge_slave_1: entered allmulticast mode [ 47.842220][ T4928] bridge_slave_1: entered promiscuous mode [ 47.861916][ T4831] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 47.900581][ T4831] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 47.932084][ T4928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.934004][ T29] kauditd_printk_skb: 31 callbacks suppressed [ 47.934073][ T29] audit: type=1400 audit(1720988396.708:415): avc: denied { read } for pid=4957 comm="syz.0.464" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 47.946993][ T4831] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 48.010981][ T4928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 48.022416][ T4831] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.065963][ T4928] team0: Port device team_slave_0 added [ 48.086550][ T4928] team0: Port device team_slave_1 added [ 48.119905][ T4928] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 48.126890][ T4928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.153011][ T4928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 48.169856][ T4928] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 48.176816][ T4928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.202955][ T4928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 48.269861][ T4928] hsr_slave_0: entered promiscuous mode [ 48.287315][ T4928] hsr_slave_1: entered promiscuous mode [ 48.293234][ T4928] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 48.306524][ T4928] Cannot create hsr debugfs directory [ 48.407150][ T4965] loop4: detected capacity change from 0 to 512 [ 48.414547][ T4831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.426955][ T4965] EXT4-fs: Ignoring removed oldalloc option [ 48.432866][ T4965] EXT4-fs: dax option not supported [ 48.439831][ T4831] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.477956][ T4928] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 48.498359][ T29] audit: type=1400 audit(1720988397.278:416): avc: denied { unlink } for pid=2764 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1 [ 48.529196][ T4965] loop4: detected capacity change from 0 to 1024 [ 48.547055][ T3158] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.554140][ T3158] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.570823][ T4965] EXT4-fs: Mount option(s) incompatible with ext2 [ 48.587445][ T3158] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.594523][ T3158] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.642203][ T4965] loop4: detected capacity change from 0 to 512 [ 48.643059][ T4928] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 48.669300][ T4965] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 48.697396][ T4965] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 48.717977][ T4928] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 48.769542][ T29] audit: type=1400 audit(1720988397.548:417): avc: denied { append } for pid=4964 comm="syz.4.466" name="event2" dev="devtmpfs" ino=224 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 48.806192][ T4831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.817631][ T3531] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 48.837637][ T4928] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 48.904551][ T29] audit: type=1400 audit(1720988397.678:418): avc: denied { append } for pid=4979 comm="syz.0.469" name="001" dev="devtmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 48.930649][ T4928] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 48.942459][ T4928] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 48.952171][ T4928] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 48.965735][ T4985] __nla_validate_parse: 4 callbacks suppressed [ 48.965788][ T4985] netlink: 296 bytes leftover after parsing attributes in process `syz.4.468'. [ 48.982743][ T4928] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 49.014543][ T4831] veth0_vlan: entered promiscuous mode [ 49.037669][ T4831] veth1_vlan: entered promiscuous mode [ 49.043707][ T4994] netlink: 8 bytes leftover after parsing attributes in process `syz.4.472'. [ 49.060101][ T4831] veth0_macvtap: entered promiscuous mode [ 49.089881][ T4831] veth1_macvtap: entered promiscuous mode [ 49.094653][ T5001] netlink: 12 bytes leftover after parsing attributes in process `syz.4.475'. [ 49.111706][ T4928] 8021q: adding VLAN 0 to HW filter on device bond0 [ 49.127205][ T4831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.137653][ T4831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.147533][ T4831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.158037][ T4831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.169771][ T4831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.181368][ T4928] 8021q: adding VLAN 0 to HW filter on device team0 [ 49.194512][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.199535][ T5007] nftables ruleset with unbound chain [ 49.201652][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.216078][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.223179][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.234282][ T4831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.244770][ T4831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.254655][ T4831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.265229][ T4831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.275111][ T4831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.285449][ T5011] loop4: detected capacity change from 0 to 512 [ 49.285677][ T4831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.300619][ T5011] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31 [ 49.303670][ T4831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.330895][ T4831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.339708][ T4831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.348619][ T4831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.357485][ T4831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.455505][ T4928] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 49.465935][ T4928] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 49.472620][ T5011] loop4: detected capacity change from 0 to 4096 [ 49.485533][ T50] bridge_slave_1: left allmulticast mode [ 49.491388][ T50] bridge_slave_1: left promiscuous mode [ 49.497136][ T50] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.507426][ T50] bridge_slave_0: left allmulticast mode [ 49.513070][ T50] bridge_slave_0: left promiscuous mode [ 49.518874][ T50] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.631284][ T29] audit: type=1400 audit(1720988398.408:419): avc: denied { getopt } for pid=5015 comm="syz.4.482" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 49.659504][ T5016] hub 9-0:1.0: USB hub found [ 49.664165][ T5016] hub 9-0:1.0: 8 ports detected [ 49.709692][ T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 49.719810][ T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 49.729720][ T50] bond0 (unregistering): Released all slaves [ 49.742497][ T5016] dummy0: entered promiscuous mode [ 49.753991][ T5018] netlink: 'syz.2.483': attribute type 4 has an invalid length. [ 49.822852][ T4928] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.836377][ T29] audit: type=1400 audit(1720988398.618:420): avc: denied { read write } for pid=3834 comm="syz-executor" name="loop0" dev="devtmpfs" ino=537 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 49.860003][ T29] audit: type=1400 audit(1720988398.618:421): avc: denied { open } for pid=3834 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=537 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 49.883156][ T29] audit: type=1400 audit(1720988398.618:422): avc: denied { ioctl } for pid=3834 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=537 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1 [ 49.918844][ T5036] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.923100][ T5045] loop2: detected capacity change from 0 to 128 [ 49.934271][ T5045] EXT4-fs: Ignoring removed nobh option [ 49.948528][ T29] audit: type=1326 audit(1720988398.658:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5039 comm="syz.1.429" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5deb910bd9 code=0x0 [ 49.951446][ T5043] loop0: detected capacity change from 0 to 2048 [ 49.979548][ T5045] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 49.991721][ T50] hsr_slave_0: left promiscuous mode [ 49.993031][ T5045] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 50.006837][ T5043] loop0: p1 < > p2 < > p3 p4 < > [ 50.008762][ T29] audit: type=1400 audit(1720988398.788:424): avc: denied { ioctl } for pid=5050 comm="syz.4.489" path="socket:[11019]" dev="sockfs" ino=11019 ioctlcmd=0x541e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 50.012266][ T5043] loop0: partition table partially beyond EOD, truncated [ 50.044880][ T50] hsr_slave_1: left promiscuous mode [ 50.045330][ T5043] loop0: p1 start 2305 is beyond EOD, truncated [ 50.056465][ T5043] loop0: p2 start 4294902784 is beyond EOD, truncated [ 50.063545][ T5043] loop0: p3 start 4278191616 is beyond EOD, truncated [ 50.071364][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 50.078729][ T4477] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 50.088039][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 50.095579][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 50.105611][ T50] veth1_macvtap: left promiscuous mode [ 50.111246][ T50] veth0_macvtap: left promiscuous mode [ 50.117078][ T50] veth1_vlan: left promiscuous mode [ 50.122351][ T50] veth0_vlan: left promiscuous mode [ 50.178560][ T5061] hub 9-0:1.0: USB hub found [ 50.183267][ T5061] hub 9-0:1.0: 8 ports detected [ 50.209929][ T50] team0 (unregistering): Port device team_slave_1 removed [ 50.220618][ T50] team0 (unregistering): Port device team_slave_0 removed [ 50.255203][ T5053] netlink: 'syz.4.491': attribute type 10 has an invalid length. [ 50.275303][ T5053] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.283591][ T5053] bond0: (slave team0): Enslaving as an active interface with an up link [ 50.293164][ T5056] FAULT_INJECTION: forcing a failure. [ 50.293164][ T5056] name failslab, interval 1, probability 0, space 0, times 0 [ 50.305801][ T5056] CPU: 0 PID: 5056 Comm: syz.2.490 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 50.315834][ T5056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 50.325870][ T5056] Call Trace: [ 50.329146][ T5056] [ 50.332057][ T5056] dump_stack_lvl+0xf2/0x150 [ 50.336673][ T5056] dump_stack+0x15/0x20 [ 50.340832][ T5056] should_fail_ex+0x229/0x230 [ 50.345489][ T5056] ? __alloc_skb+0x10b/0x300 [ 50.350134][ T5056] __should_failslab+0x92/0xa0 [ 50.354879][ T5056] should_failslab+0x9/0x20 [ 50.359392][ T5056] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 50.365186][ T5056] __alloc_skb+0x10b/0x300 [ 50.369620][ T5056] br_vlan_notify+0xda/0x390 [ 50.374257][ T5056] br_process_vlan_info+0x2bb/0x710 [ 50.379439][ T5056] br_afspec+0x2d0/0x450 [ 50.383695][ T5056] br_setlink+0x1aa/0x450 [ 50.388061][ T5056] rtnl_bridge_setlink+0x332/0x460 [ 50.393189][ T5056] ? __pfx_rtnl_bridge_setlink+0x10/0x10 [ 50.398801][ T5056] rtnetlink_rcv_msg+0x85e/0x910 [ 50.403727][ T5056] ? should_fail_ex+0xd7/0x230 [ 50.408470][ T5056] ? __copy_skb_header+0x290/0x320 [ 50.413626][ T5056] ? __memcg_slab_free_hook+0xc9/0x1e0 [ 50.419066][ T5056] ? kmem_cache_free+0xd8/0x280 [ 50.423987][ T5056] ? nlmon_xmit+0x51/0x60 [ 50.428294][ T5056] ? __kfree_skb+0x102/0x150 [ 50.432860][ T5056] ? consume_skb+0x57/0x180 [ 50.437400][ T5056] ? nlmon_xmit+0x51/0x60 [ 50.441874][ T5056] ? dev_hard_start_xmit+0x3c1/0x3f0 [ 50.447146][ T5056] ? __dev_queue_xmit+0xb21/0x1e50 [ 50.452339][ T5056] ? ref_tracker_free+0x3a5/0x410 [ 50.457359][ T5056] netlink_rcv_skb+0x12c/0x230 [ 50.462169][ T5056] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 50.467615][ T5056] rtnetlink_rcv+0x1c/0x30 [ 50.472069][ T5056] netlink_unicast+0x58d/0x660 [ 50.476979][ T5056] netlink_sendmsg+0x5ca/0x6e0 [ 50.481769][ T5056] ? __pfx_netlink_sendmsg+0x10/0x10 [ 50.487091][ T5056] __sock_sendmsg+0x140/0x180 [ 50.491750][ T5056] ____sys_sendmsg+0x312/0x410 [ 50.496553][ T5056] __sys_sendmsg+0x1e9/0x280 [ 50.501192][ T5056] __x64_sys_sendmsg+0x46/0x50 [ 50.506001][ T5056] x64_sys_call+0xb25/0x2d70 [ 50.510572][ T5056] do_syscall_64+0xc9/0x1c0 [ 50.515112][ T5056] ? clear_bhb_loop+0x55/0xb0 [ 50.519771][ T5056] ? clear_bhb_loop+0x55/0xb0 [ 50.524462][ T5056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.530441][ T5056] RIP: 0033:0x7fb9c3dc4bd9 [ 50.534836][ T5056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.554617][ T5056] RSP: 002b:00007fb9c3046048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 50.563063][ T5056] RAX: ffffffffffffffda RBX: 00007fb9c3f52f60 RCX: 00007fb9c3dc4bd9 [ 50.571012][ T5056] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003 [ 50.579048][ T5056] RBP: 00007fb9c30460a0 R08: 0000000000000000 R09: 0000000000000000 [ 50.586999][ T5056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 50.595039][ T5056] R13: 000000000000000b R14: 00007fb9c3f52f60 R15: 00007ffc96bd5bc8 [ 50.602998][ T5056] [ 50.610550][ T5063] dummy0: entered promiscuous mode [ 50.618767][ T5063] batman_adv: batadv0: Adding interface: macsec1 [ 50.625125][ T5063] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 50.652913][ T5063] batman_adv: batadv0: Interface activated: macsec1 [ 50.701065][ T4928] veth0_vlan: entered promiscuous mode [ 50.714762][ T5075] netlink: 132 bytes leftover after parsing attributes in process `syz.2.495'. [ 50.725266][ T4928] veth1_vlan: entered promiscuous mode [ 50.745936][ T4928] veth0_macvtap: entered promiscuous mode [ 50.754932][ T5078] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 50.755448][ T4928] veth1_macvtap: entered promiscuous mode [ 50.771585][ T5082] loop2: detected capacity change from 0 to 512 [ 50.773520][ T4928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 50.779073][ T5082] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31 [ 50.788444][ T4928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.807758][ T4928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 50.818243][ T4928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.828049][ T4928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 50.838456][ T4928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.849040][ T4928] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 50.861776][ T4928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.872284][ T4928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.882198][ T4928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.892638][ T4928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.902545][ T4928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 50.913250][ T4928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 50.924796][ T4928] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 50.938164][ T4928] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.946888][ T4928] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.955624][ T4928] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.964559][ T4928] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.017858][ T5087] netlink: 32 bytes leftover after parsing attributes in process `syz.4.501'. [ 51.120241][ T5111] loop4: detected capacity change from 0 to 512 [ 51.144052][ T5111] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #17: comm syz.4.509: iget: bad i_size value: -2594073385365405596 [ 51.165662][ T5111] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.509: couldn't read orphan inode 17 (err -117) [ 51.178305][ T5111] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.195194][ T5111] netlink: 12 bytes leftover after parsing attributes in process `syz.4.509'. [ 51.201739][ T5120] IPv6: NLM_F_CREATE should be specified when creating new route [ 51.232148][ T5128] netlink: 6 bytes leftover after parsing attributes in process `syz.0.513'. [ 51.247998][ T3531] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.253506][ T5128] team0: Port device netdevsim1 added [ 51.263768][ T5130] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.270862][ T5130] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.298257][ T5134] veth0_vlan: entered allmulticast mode [ 51.336157][ T5134] netlink: 4 bytes leftover after parsing attributes in process `syz.1.517'. [ 51.340026][ T5139] loop4: detected capacity change from 0 to 2048 [ 51.367215][ T5139] EXT4-fs (loop4): unsupported inode size: 32768 [ 51.373578][ T5139] EXT4-fs (loop4): blocksize: 2048 [ 51.402415][ T5149] loop1: detected capacity change from 0 to 512 [ 51.410627][ T5149] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 51.425422][ T5149] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #15: comm syz.1.522: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 51.449523][ T4831] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 51.463269][ T5158] netlink: 56 bytes leftover after parsing attributes in process `syz.0.527'. [ 51.545910][ T5181] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.553216][ T5181] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.609105][ T5183] loop0: detected capacity change from 0 to 2048 [ 51.622397][ T5186] netlink: 'syz.2.535': attribute type 10 has an invalid length. [ 51.634847][ T5183] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.637960][ T5186] batman_adv: batadv0: Adding interface: team0 [ 51.653112][ T5186] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.678274][ T5186] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 51.702638][ T3834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 51.882238][ T5210] netlink: 76 bytes leftover after parsing attributes in process `syz.1.540'. [ 52.916765][ T5260] 8021q: adding VLAN 0 to HW filter on device bond1 [ 52.924411][ T5260] team0: Port device bond1 added [ 52.985389][ T5275] loop1: detected capacity change from 0 to 2048 [ 53.014220][ T5276] loop3: detected capacity change from 0 to 1024 [ 53.021185][ T5276] EXT4-fs: Ignoring removed oldalloc option [ 53.028452][ T5276] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 53.044947][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888101e15200: rx timeout, send abort [ 53.053387][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888113ab2800: rx timeout, send abort [ 53.055917][ T5276] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 53.089063][ T29] kauditd_printk_skb: 123 callbacks suppressed [ 53.089075][ T29] audit: type=1400 audit(1720988401.868:548): avc: denied { read } for pid=5282 comm="syz.1.565" name="usbmon1" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 53.094102][ T5283] loop1: detected capacity change from 0 to 512 [ 53.095387][ T29] audit: type=1400 audit(1720988401.868:549): avc: denied { open } for pid=5282 comm="syz.1.565" path="/dev/usbmon1" dev="devtmpfs" ino=118 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1 [ 53.158289][ T5283] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.170898][ T5283] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 53.182404][ T29] audit: type=1400 audit(1720988401.958:550): avc: denied { create } for pid=5282 comm="syz.1.565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 53.202525][ T29] audit: type=1400 audit(1720988401.958:551): avc: denied { write } for pid=5282 comm="syz.1.565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 53.220087][ T5287] 9pnet_fd: Insufficient options for proto=fd [ 53.222415][ T29] audit: type=1400 audit(1720988401.958:552): avc: denied { nlmsg_write } for pid=5282 comm="syz.1.565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 53.249519][ T4831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.251733][ T5291] loop4: detected capacity change from 0 to 128 [ 53.340828][ T5291] loop4: detected capacity change from 0 to 512 [ 53.351696][ T5303] netlink: 'syz.1.574': attribute type 4 has an invalid length. [ 53.362610][ T5291] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 53.367001][ T5305] loop2: detected capacity change from 0 to 1024 [ 53.381207][ T5291] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 53.393395][ T29] audit: type=1326 audit(1720988402.178:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5308 comm="syz.1.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5deb910bd9 code=0x7ffc0000 [ 53.416881][ T29] audit: type=1326 audit(1720988402.178:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5308 comm="syz.1.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5deb910bd9 code=0x7ffc0000 [ 53.440155][ T29] audit: type=1400 audit(1720988402.178:555): avc: denied { rename } for pid=5290 comm="syz.4.569" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1 [ 53.474540][ T29] audit: type=1400 audit(1720988402.178:556): avc: denied { rename } for pid=5290 comm="syz.4.569" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 53.499525][ T29] audit: type=1326 audit(1720988402.218:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5308 comm="syz.1.576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f5deb910bd9 code=0x7ffc0000 [ 53.553305][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888101e15200: abort rx timeout. Force session deactivation [ 53.563561][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888113ab2800: abort rx timeout. Force session deactivation [ 53.575506][ T5291] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.588686][ T5313] FAULT_INJECTION: forcing a failure. [ 53.588686][ T5313] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 53.601736][ T5313] CPU: 1 PID: 5313 Comm: syz.2.577 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 53.604363][ T5317] loop0: detected capacity change from 0 to 256 [ 53.611698][ T5313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 53.627986][ T5313] Call Trace: [ 53.631264][ T5313] [ 53.634211][ T5313] dump_stack_lvl+0xf2/0x150 [ 53.638800][ T5313] dump_stack+0x15/0x20 [ 53.642956][ T5313] should_fail_ex+0x229/0x230 [ 53.647631][ T5313] should_fail+0xb/0x10 [ 53.651769][ T5313] should_fail_usercopy+0x1a/0x20 [ 53.656909][ T5313] _copy_to_user+0x1e/0xa0 [ 53.661314][ T5313] simple_read_from_buffer+0xa0/0x110 [ 53.666712][ T5313] proc_fail_nth_read+0xfc/0x140 [ 53.671637][ T5313] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 53.677238][ T5313] vfs_read+0x1a2/0x6e0 [ 53.681382][ T5313] ? __rcu_read_unlock+0x4e/0x70 [ 53.686336][ T5313] ? __fget_files+0x1da/0x210 [ 53.691025][ T5313] ksys_read+0xeb/0x1b0 [ 53.695169][ T5313] __x64_sys_read+0x42/0x50 [ 53.699714][ T5313] x64_sys_call+0x27e5/0x2d70 [ 53.704486][ T5313] do_syscall_64+0xc9/0x1c0 [ 53.709024][ T5313] ? clear_bhb_loop+0x55/0xb0 [ 53.713691][ T5313] ? clear_bhb_loop+0x55/0xb0 [ 53.718355][ T5313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.724231][ T5313] RIP: 0033:0x7fb9c3dc36bc [ 53.728670][ T5313] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 53.748284][ T5313] RSP: 002b:00007fb9c3046040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 53.756737][ T5313] RAX: ffffffffffffffda RBX: 00007fb9c3f52f60 RCX: 00007fb9c3dc36bc [ 53.764720][ T5313] RDX: 000000000000000f RSI: 00007fb9c30460b0 RDI: 0000000000000005 [ 53.772675][ T5313] RBP: 00007fb9c30460a0 R08: 0000000000000000 R09: 0000000000000000 [ 53.780627][ T5313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.788580][ T5313] R13: 000000000000000b R14: 00007fb9c3f52f60 R15: 00007ffc96bd5bc8 [ 53.796610][ T5313] [ 53.809207][ T4928] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.860124][ T5327] netlink: 'syz.4.583': attribute type 6 has an invalid length. [ 53.871067][ T5327] 9pnet_fd: Insufficient options for proto=fd [ 53.877281][ T5325] program syz.3.580 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 53.904024][ T5331] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 53.956856][ T5345] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 53.974428][ T5348] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 54.004123][ T5352] netlink: 'syz.4.594': attribute type 27 has an invalid length. [ 54.070513][ T5360] loop3: detected capacity change from 0 to 1024 [ 54.088068][ T5352] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.096803][ T5360] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 54.118509][ T5360] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e842e118, mo2=0000] [ 54.136883][ T5360] System zones: 0-1, 3-12 [ 54.147040][ T5360] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.593: Invalid block bitmap block 0 in block_group 0 [ 54.161193][ T5360] EXT4-fs error (device loop3): ext4_acquire_dquot:6860: comm syz.3.593: Failed to acquire dquot type 0 [ 54.173666][ T5360] EXT4-fs error (device loop3): ext4_free_blocks:6590: comm syz.3.593: Freeing blocks not in datazone - block = 0, count = 4096 [ 54.191235][ T5360] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.593: Invalid inode bitmap blk 0 in block_group 0 [ 54.205413][ T5360] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem [ 54.221579][ T5360] EXT4-fs (loop3): 1 orphan inode deleted [ 54.235041][ T5360] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.252772][ T1512] EXT4-fs error (device loop3): ext4_release_dquot:6883: comm kworker/u8:5: Failed to release dquot type 0 [ 54.320539][ T5375] __nla_validate_parse: 7 callbacks suppressed [ 54.320554][ T5375] netlink: 24 bytes leftover after parsing attributes in process `syz.1.596'. [ 54.345127][ T5352] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.354212][ T5352] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.363102][ T5352] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.372055][ T5352] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 54.485460][ T5392] netlink: 'syz.0.599': attribute type 8 has an invalid length. [ 54.560426][ T5398] batadv0: mtu less than device minimum [ 54.572574][ T5400] ref_ctr_offset mismatch. inode: 0x1f3 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x82 [ 54.782846][ T5420] TCP: Unexpected MD5 Hash found for [fe80::b00:bb].0->[ff02::1].20002 [S] [ 54.815618][ T4928] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.863642][ T5426] netlink: 72 bytes leftover after parsing attributes in process `syz.0.615'. [ 54.886977][ T5430] loop3: detected capacity change from 0 to 512 [ 54.893422][ T5430] ext4: Unknown parameter 'fowner' [ 54.895179][ T5432] loop0: detected capacity change from 0 to 2364 [ 54.905659][ T5432] isofs_fill_super: root inode is not a directory. Corrupted media? [ 54.979229][ T5432] netlink: 24 bytes leftover after parsing attributes in process `syz.0.616'. [ 55.011353][ T5451] netlink: 4 bytes leftover after parsing attributes in process `syz.0.621'. [ 55.018080][ T5445] loop2: detected capacity change from 0 to 8192 [ 55.035072][ T5453] loop0: detected capacity change from 0 to 1024 [ 55.041880][ T5453] EXT4-fs: Ignoring removed oldalloc option [ 55.048369][ T5453] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 55.056892][ T5445] loop2: p1 < > p2 p3 < p5 > [ 55.062860][ T5445] loop2: partition table partially beyond EOD, truncated [ 55.070051][ T5445] loop2: p1 start 277760 is beyond EOD, truncated [ 55.076456][ T5445] loop2: p2 start 6684676 is beyond EOD, truncated [ 55.078227][ T5453] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.083655][ T5445] loop2: p5 start 6684676 is beyond EOD, truncated [ 55.168377][ T3834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.217772][ T5470] loop0: detected capacity change from 0 to 1024 [ 55.224358][ T5470] EXT4-fs: Ignoring removed i_version option [ 55.230753][ T5470] EXT4-fs: Invalid want_extra_isize 67108992 [ 55.274884][ T5473] loop2: detected capacity change from 0 to 1024 [ 55.288652][ T5471] netlink: 32 bytes leftover after parsing attributes in process `syz.0.624'. [ 55.289131][ T5473] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.313225][ T5473] EXT4-fs (loop2): shut down requested (0) [ 55.327822][ T4477] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.349676][ T5481] netlink: 'syz.1.627': attribute type 64 has an invalid length. [ 55.354691][ T5483] netlink: 32 bytes leftover after parsing attributes in process `syz.0.628'. [ 55.357481][ T5481] netlink: 184 bytes leftover after parsing attributes in process `syz.1.627'. [ 55.357500][ T5481] netlink: 8 bytes leftover after parsing attributes in process `syz.1.627'. [ 55.357511][ T5481] A link change request failed with some changes committed already. Interface macsec0 may have been left with an inconsistent configuration, please check. [ 55.417603][ T5490] netlink: 12 bytes leftover after parsing attributes in process `syz.2.626'. [ 55.447298][ T5502] FAULT_INJECTION: forcing a failure. [ 55.447298][ T5502] name failslab, interval 1, probability 0, space 0, times 0 [ 55.459981][ T5502] CPU: 1 PID: 5502 Comm: syz.2.632 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 55.469952][ T5502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 55.480000][ T5502] Call Trace: [ 55.483303][ T5502] [ 55.486229][ T5502] dump_stack_lvl+0xf2/0x150 [ 55.490808][ T5502] dump_stack+0x15/0x20 [ 55.495133][ T5502] should_fail_ex+0x229/0x230 [ 55.499840][ T5502] ? skb_clone+0x154/0x1f0 [ 55.504284][ T5502] __should_failslab+0x92/0xa0 [ 55.509059][ T5502] should_failslab+0x9/0x20 [ 55.513574][ T5502] kmem_cache_alloc_noprof+0x4c/0x290 [ 55.518976][ T5502] skb_clone+0x154/0x1f0 [ 55.523241][ T5502] __netlink_deliver_tap+0x2bd/0x4c0 [ 55.528531][ T5502] netlink_sendskb+0x123/0x140 [ 55.533364][ T5502] netlink_unicast+0x291/0x660 [ 55.538211][ T5502] netlink_ack+0x4c2/0x4f0 [ 55.542788][ T5502] netlink_rcv_skb+0x19c/0x230 [ 55.547633][ T5502] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 55.553148][ T5502] rtnetlink_rcv+0x1c/0x30 [ 55.557583][ T5502] netlink_unicast+0x58d/0x660 [ 55.562428][ T5502] netlink_sendmsg+0x5ca/0x6e0 [ 55.567369][ T5502] ? __pfx_netlink_sendmsg+0x10/0x10 [ 55.572642][ T5502] __sock_sendmsg+0x140/0x180 [ 55.577311][ T5502] sock_write_iter+0x164/0x1b0 [ 55.582106][ T5502] vfs_write+0x78f/0x900 [ 55.586353][ T5502] ? __pfx_sock_write_iter+0x10/0x10 [ 55.591720][ T5502] ksys_write+0xeb/0x1b0 [ 55.595972][ T5502] __x64_sys_write+0x42/0x50 [ 55.600629][ T5502] x64_sys_call+0x27ef/0x2d70 [ 55.605375][ T5502] do_syscall_64+0xc9/0x1c0 [ 55.609965][ T5502] ? clear_bhb_loop+0x55/0xb0 [ 55.614653][ T5502] ? clear_bhb_loop+0x55/0xb0 [ 55.619334][ T5502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.625267][ T5502] RIP: 0033:0x7fb9c3dc4bd9 [ 55.629741][ T5502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.649335][ T5502] RSP: 002b:00007fb9c3046048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 55.657735][ T5502] RAX: ffffffffffffffda RBX: 00007fb9c3f52f60 RCX: 00007fb9c3dc4bd9 [ 55.665697][ T5502] RDX: 000000000000001b RSI: 00000000200000c0 RDI: 0000000000000003 [ 55.673653][ T5502] RBP: 00007fb9c30460a0 R08: 0000000000000000 R09: 0000000000000000 [ 55.681658][ T5502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.689613][ T5502] R13: 000000000000000b R14: 00007fb9c3f52f60 R15: 00007ffc96bd5bc8 [ 55.697588][ T5502] [ 55.744276][ T5517] bond1: entered promiscuous mode [ 55.745222][ T5515] loop2: detected capacity change from 0 to 512 [ 55.749388][ T5517] bond1: entered allmulticast mode [ 55.761067][ T5517] 8021q: adding VLAN 0 to HW filter on device bond1 [ 55.772426][ T5517] bond1 (unregistering): Released all slaves [ 55.791318][ T5515] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 55.807966][ T5515] ext4 filesystem being mounted at /54/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 55.818951][ T5515] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.821148][ T5532] loop4: detected capacity change from 0 to 512 [ 55.869836][ T5532] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 55.880117][ T5542] netlink: 120 bytes leftover after parsing attributes in process `syz.1.644'. [ 55.950031][ T5564] bond0: entered promiscuous mode [ 55.955103][ T5564] bond_slave_0: entered promiscuous mode [ 55.960912][ T5564] bond_slave_1: entered promiscuous mode [ 55.970922][ T5564] team0: entered promiscuous mode [ 55.975966][ T5564] team_slave_0: entered promiscuous mode [ 55.982424][ T5564] team_slave_1: entered promiscuous mode [ 55.993165][ T5564] hsr1: Slave B (team0) is not up; please bring it up to get a fully working HSR network [ 56.007709][ T5571] loop3: detected capacity change from 0 to 8192 [ 56.049720][ T5587] xt_CT: No such helper "snmp_trap" [ 56.135001][ T5615] loop4: detected capacity change from 0 to 128 [ 56.213538][ T5591] loop2: detected capacity change from 0 to 512 [ 56.228252][ T5591] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 56.349544][ T5626] loop3: detected capacity change from 0 to 512 [ 56.356594][ T5626] journal_path: Lookup failure for './file2' [ 56.362591][ T5626] EXT4-fs: error: could not find journal device path [ 56.399327][ T5626] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 56.689235][ T5632] FAULT_INJECTION: forcing a failure. [ 56.689235][ T5632] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 56.702430][ T5632] CPU: 0 PID: 5632 Comm: syz.0.672 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 56.712402][ T5632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 56.722456][ T5632] Call Trace: [ 56.725812][ T5632] [ 56.728724][ T5632] dump_stack_lvl+0xf2/0x150 [ 56.733365][ T5632] dump_stack+0x15/0x20 [ 56.737578][ T5632] should_fail_ex+0x229/0x230 [ 56.742276][ T5632] should_fail+0xb/0x10 [ 56.746494][ T5632] should_fail_usercopy+0x1a/0x20 [ 56.751515][ T5632] _copy_to_iter+0x246/0xaf0 [ 56.756094][ T5632] ? down_read+0x171/0x4b0 [ 56.760492][ T5632] copy_page_to_iter+0x171/0x2b0 [ 56.765425][ T5632] process_vm_rw+0x5f0/0x8c0 [ 56.769999][ T5632] ? ksys_write+0x178/0x1b0 [ 56.774492][ T5632] __x64_sys_process_vm_readv+0x7a/0x90 [ 56.780068][ T5632] x64_sys_call+0x2597/0x2d70 [ 56.784738][ T5632] do_syscall_64+0xc9/0x1c0 [ 56.789231][ T5632] ? clear_bhb_loop+0x55/0xb0 [ 56.793921][ T5632] ? clear_bhb_loop+0x55/0xb0 [ 56.798642][ T5632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.804521][ T5632] RIP: 0033:0x7fd494f14bd9 [ 56.808968][ T5632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.828596][ T5632] RSP: 002b:00007fd494196048 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 56.837006][ T5632] RAX: ffffffffffffffda RBX: 00007fd4950a2f60 RCX: 00007fd494f14bd9 [ 56.844970][ T5632] RDX: 0000000000000002 RSI: 0000000020008400 RDI: 0000000000000115 [ 56.853022][ T5632] RBP: 00007fd4941960a0 R08: 0000000000000286 R09: 0000000000000000 [ 56.860978][ T5632] R10: 0000000020008640 R11: 0000000000000246 R12: 0000000000000002 [ 56.868971][ T5632] R13: 000000000000000b R14: 00007fd4950a2f60 R15: 00007ffdb6a3e3b8 [ 56.876927][ T5632] [ 57.072322][ T5650] loop1: detected capacity change from 0 to 128 [ 57.405724][ T5665] loop4: detected capacity change from 0 to 2048 [ 57.412492][ T5665] EXT4-fs: Ignoring removed nomblk_io_submit option [ 57.421529][ T5668] loop2: detected capacity change from 0 to 512 [ 57.428758][ T5668] EXT4-fs: Ignoring removed mblk_io_submit option [ 57.438277][ T5668] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 57.455671][ T5668] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.683: corrupted in-inode xattr: e_value out of bounds [ 57.470350][ T5668] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.683: couldn't read orphan inode 15 (err -117) [ 57.491646][ T5678] smc: net device erspan0 erased user defined pnetid SYZ2 [ 57.492122][ T5665] EXT4-fs error (device loop4): ext4_read_inline_dir:1560: inode #12: block 5: comm syz.4.682: path /140/file1/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0 [ 57.499434][ T5678] FAULT_INJECTION: forcing a failure. [ 57.499434][ T5678] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 57.533109][ T5678] CPU: 0 PID: 5678 Comm: syz.0.685 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 57.543155][ T5678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 57.553369][ T5678] Call Trace: [ 57.556634][ T5678] [ 57.559595][ T5678] dump_stack_lvl+0xf2/0x150 [ 57.564262][ T5678] dump_stack+0x15/0x20 [ 57.568525][ T5678] should_fail_ex+0x229/0x230 [ 57.573268][ T5678] should_fail+0xb/0x10 [ 57.577456][ T5678] should_fail_usercopy+0x1a/0x20 [ 57.582468][ T5678] _copy_to_user+0x1e/0xa0 [ 57.586871][ T5678] simple_read_from_buffer+0xa0/0x110 [ 57.592230][ T5678] proc_fail_nth_read+0xfc/0x140 [ 57.597164][ T5678] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 57.602712][ T5678] vfs_read+0x1a2/0x6e0 [ 57.606869][ T5678] ? __rcu_read_unlock+0x4e/0x70 [ 57.611823][ T5678] ? __fget_files+0x1da/0x210 [ 57.616492][ T5678] ksys_read+0xeb/0x1b0 [ 57.620643][ T5678] __x64_sys_read+0x42/0x50 [ 57.625137][ T5678] x64_sys_call+0x27e5/0x2d70 [ 57.629806][ T5678] do_syscall_64+0xc9/0x1c0 [ 57.634297][ T5678] ? clear_bhb_loop+0x55/0xb0 [ 57.639010][ T5678] ? clear_bhb_loop+0x55/0xb0 [ 57.643750][ T5678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.649697][ T5678] RIP: 0033:0x7fd494f136bc [ 57.654096][ T5678] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 57.673757][ T5678] RSP: 002b:00007fd494196040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 57.682153][ T5678] RAX: ffffffffffffffda RBX: 00007fd4950a2f60 RCX: 00007fd494f136bc [ 57.690114][ T5678] RDX: 000000000000000f RSI: 00007fd4941960b0 RDI: 0000000000000003 [ 57.698066][ T5678] RBP: 00007fd4941960a0 R08: 0000000000000000 R09: 0000000000000000 [ 57.706121][ T5678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 57.714074][ T5678] R13: 000000000000000b R14: 00007fd4950a2f60 R15: 00007ffdb6a3e3b8 [ 57.722032][ T5678] [ 57.728541][ T5683] loop1: detected capacity change from 0 to 128 [ 57.729039][ T5665] EXT4-fs (loop4): Remounting filesystem read-only [ 57.735745][ T5668] netlink: 'syz.2.683': attribute type 1 has an invalid length. [ 57.844035][ T5699] netlink: 'syz.4.691': attribute type 1 has an invalid length. [ 57.870279][ T5703] loop4: detected capacity change from 0 to 1024 [ 57.909764][ T5703] EXT4-fs error (device loop4): ext4_empty_dir:3127: inode #11: block 36: comm syz.4.696: bad entry in directory: inode out of bounds - offset=4096, inode=3840, rec_len=1024, size=1024 fake=0 [ 58.006437][ T5747] loop0: detected capacity change from 0 to 128 [ 58.019992][ T5750] ip6gretap0: entered promiscuous mode [ 58.033953][ T5750] macvtap1: entered allmulticast mode [ 58.039466][ T5750] ip6gretap0: entered allmulticast mode [ 58.054574][ T5750] ip6gretap0: left allmulticast mode [ 58.059981][ T5750] ip6gretap0: left promiscuous mode [ 58.077780][ T5755] delete_channel: no stack [ 58.083638][ T5755] Process accounting resumed [ 58.106015][ T5755] Process accounting resumed [ 58.139600][ T5764] loop4: detected capacity change from 0 to 512 [ 58.162355][ T5764] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 58.163466][ T29] kauditd_printk_skb: 55 callbacks suppressed [ 58.163477][ T29] audit: type=1400 audit(1720988406.938:610): avc: denied { ioctl } for pid=5742 comm="syz.3.707" path="socket:[13285]" dev="sockfs" ino=13285 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 58.212814][ T5767] 0·X: renamed from hsr0 (while UP) [ 58.220046][ T5767] 0·X: entered allmulticast mode [ 58.224996][ T5767] hsr_slave_0: entered allmulticast mode [ 58.230780][ T5767] hsr_slave_1: entered allmulticast mode [ 58.237915][ T5767] A link change request failed with some changes committed already. Interface c0·X may have been left with an inconsistent configuration, please check. [ 58.284418][ T29] audit: type=1400 audit(1720988407.058:611): avc: denied { checkpoint_restore } for pid=5763 comm="syz.4.717" capability=40 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 58.321614][ T5778] loop0: detected capacity change from 0 to 256 [ 58.335788][ T5778] FAT-fs (loop0): Directory bread(block 64) failed [ 58.342526][ T5778] FAT-fs (loop0): Directory bread(block 65) failed [ 58.353022][ T5778] FAT-fs (loop0): Directory bread(block 66) failed [ 58.360297][ T5778] FAT-fs (loop0): Directory bread(block 67) failed [ 58.366983][ T5778] FAT-fs (loop0): Directory bread(block 68) failed [ 58.373523][ T5778] FAT-fs (loop0): Directory bread(block 69) failed [ 58.381866][ T5778] FAT-fs (loop0): Directory bread(block 70) failed [ 58.388444][ T5778] FAT-fs (loop0): Directory bread(block 71) failed [ 58.397069][ T5778] FAT-fs (loop0): Directory bread(block 72) failed [ 58.403642][ T5778] FAT-fs (loop0): Directory bread(block 73) failed [ 58.555725][ T5806] loop1: detected capacity change from 0 to 256 [ 58.563045][ T5806] FAT-fs (loop1): Unrecognized mount option "nodots' èõ˜" or missing value [ 58.566301][ T5810] FAULT_INJECTION: forcing a failure. [ 58.566301][ T5810] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 58.584876][ T5810] CPU: 0 PID: 5810 Comm: syz.3.732 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 58.594923][ T5810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 58.604954][ T5810] Call Trace: [ 58.608209][ T5810] [ 58.611116][ T5810] dump_stack_lvl+0xf2/0x150 [ 58.615692][ T5810] dump_stack+0x15/0x20 [ 58.619901][ T5810] should_fail_ex+0x229/0x230 [ 58.624579][ T5810] should_fail+0xb/0x10 [ 58.628711][ T5810] should_fail_usercopy+0x1a/0x20 [ 58.633723][ T5810] _copy_to_user+0x1e/0xa0 [ 58.638117][ T5810] simple_read_from_buffer+0xa0/0x110 [ 58.643590][ T5810] proc_fail_nth_read+0xfc/0x140 [ 58.648567][ T5810] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 58.654137][ T5810] vfs_read+0x1a2/0x6e0 [ 58.658353][ T5810] ? __rcu_read_unlock+0x4e/0x70 [ 58.663278][ T5810] ? __fget_files+0x1da/0x210 [ 58.668016][ T5810] ksys_read+0xeb/0x1b0 [ 58.672159][ T5810] __x64_sys_read+0x42/0x50 [ 58.676667][ T5810] x64_sys_call+0x27e5/0x2d70 [ 58.681385][ T5810] do_syscall_64+0xc9/0x1c0 [ 58.685881][ T5810] ? clear_bhb_loop+0x55/0xb0 [ 58.690613][ T5810] ? clear_bhb_loop+0x55/0xb0 [ 58.695276][ T5810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.701150][ T5810] RIP: 0033:0x7f35e18f56bc [ 58.705542][ T5810] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 58.725197][ T5810] RSP: 002b:00007f35e0b78040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 58.733617][ T5810] RAX: ffffffffffffffda RBX: 00007f35e1a84f60 RCX: 00007f35e18f56bc [ 58.741568][ T5810] RDX: 000000000000000f RSI: 00007f35e0b780b0 RDI: 0000000000000006 [ 58.749575][ T5810] RBP: 00007f35e0b780a0 R08: 0000000000000000 R09: 0000000000000000 [ 58.757523][ T5810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 58.765471][ T5810] R13: 000000000000000b R14: 00007f35e1a84f60 R15: 00007ffd9c419d18 [ 58.773513][ T5810] [ 58.852767][ T5815] ipt_REJECT: ECHOREPLY no longer supported. [ 58.859481][ T29] audit: type=1400 audit(1720988407.638:612): avc: denied { connect } for pid=5811 comm="syz.3.733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 58.910306][ T29] audit: type=1400 audit(1720988407.688:613): avc: denied { read } for pid=5811 comm="syz.3.733" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 58.950242][ T29] audit: type=1400 audit(1720988407.728:614): avc: denied { setattr } for pid=5820 comm="syz.1.736" path="socket:[14399]" dev="sockfs" ino=14399 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 59.236421][ T5832] loop0: detected capacity change from 0 to 512 [ 59.243271][ T5832] EXT4-fs (loop0): external journal device major/minor numbers have changed [ 59.254172][ T5832] block device autoloading is deprecated and will be removed. [ 59.261781][ T5832] syz.0.739: attempt to access beyond end of device [ 59.261781][ T5832] loop75: rw=0, sector=2, nr_sectors = 2 limit=0 [ 59.276284][ T5832] EXT4-fs (loop0): couldn't read superblock of external journal [ 59.391006][ T5834] SET target dimension over the limit! [ 59.518641][ T5826] syz.4.737 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 59.529642][ T5826] CPU: 1 PID: 5826 Comm: syz.4.737 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 59.539614][ T5826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 59.549743][ T5826] Call Trace: [ 59.553009][ T5826] [ 59.555944][ T5826] dump_stack_lvl+0xf2/0x150 [ 59.560523][ T5826] dump_stack+0x15/0x20 [ 59.564786][ T5826] dump_header+0x83/0x2d0 [ 59.569121][ T5826] oom_kill_process+0x33e/0x4c0 [ 59.573970][ T5826] out_of_memory+0x9af/0xbe0 [ 59.578538][ T5826] ? try_to_free_mem_cgroup_pages+0x22a/0x4e0 [ 59.584686][ T5826] mem_cgroup_out_of_memory+0x13e/0x190 [ 59.590244][ T5826] try_charge_memcg+0x745/0xcd0 [ 59.595180][ T5826] ? _raw_spin_unlock+0x26/0x50 [ 59.600503][ T5826] ? radix_tree_lookup+0xf9/0x150 [ 59.605568][ T5826] mem_cgroup_swapin_charge_folio+0x107/0x1a0 [ 59.611704][ T5826] __read_swap_cache_async+0x2b9/0x520 [ 59.617205][ T5826] swap_cluster_readahead+0x276/0x3f0 [ 59.622569][ T5826] swapin_readahead+0xe2/0x7a0 [ 59.627403][ T5826] ? __filemap_get_folio+0x420/0x5b0 [ 59.632739][ T5826] ? swap_cache_get_folio+0x6e/0x210 [ 59.638049][ T5826] do_swap_page+0x3bc/0x1840 [ 59.642653][ T5826] ? cgroup_rstat_updated+0x99/0x550 [ 59.647943][ T5826] ? __rcu_read_lock+0x36/0x50 [ 59.652715][ T5826] handle_mm_fault+0x8b9/0x2ac0 [ 59.657683][ T5826] exc_page_fault+0x3b9/0x650 [ 59.662384][ T5826] asm_exc_page_fault+0x26/0x30 [ 59.667232][ T5826] RIP: 0033:0x7f36821a6564 [ 59.671690][ T5826] Code: 00 69 3d 53 b1 de 00 e8 03 00 00 48 8d 1d 14 9a 2b 00 e8 df b5 12 00 eb 11 0f 1f 44 00 00 48 81 c3 d8 00 00 00 48 39 dd 74 bc <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df e8 87 ee ff ff eb [ 59.691288][ T5826] RSP: 002b:00007ffee2fafbb0 EFLAGS: 00010202 [ 59.697340][ T5826] RAX: 0000000000000000 RBX: 00007f368245ff60 RCX: 0000000000000000 [ 59.705295][ T5826] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555575afd808 [ 59.713318][ T5826] RBP: 00007f3682461a60 R08: 0000000000000000 R09: 7fffffffffffffff [ 59.721272][ T5826] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000e9c7 [ 59.729228][ T5826] R13: 0000000000000032 R14: 00007f3682461a60 R15: 00007ffee2fafc90 [ 59.737213][ T5826] [ 59.740376][ T5826] memory: usage 307200kB, limit 307200kB, failcnt 157 [ 59.747198][ T5826] memory+swap: usage 307368kB, limit 9007199254740988kB, failcnt 0 [ 59.755082][ T5826] kmem: usage 307180kB, limit 9007199254740988kB, failcnt 0 [ 59.762384][ T5826] Memory cgroup stats for /syz4: [ 59.765117][ T5826] cache 12288 [ 59.765231][ T5836] __nla_validate_parse: 7 callbacks suppressed [ 59.765302][ T5836] netlink: 12 bytes leftover after parsing attributes in process `syz.3.740'. [ 59.770141][ T5826] rss 0 [ 59.791277][ T5826] shmem 0 [ 59.794204][ T5826] mapped_file 12288 [ 59.798048][ T5826] dirty 12288 [ 59.801674][ T5826] writeback 8192 [ 59.805205][ T5826] workingset_refault_anon 14 [ 59.809804][ T5826] workingset_refault_file 0 [ 59.814294][ T5826] swap 172032 [ 59.817676][ T5826] swapcached 8192 [ 59.821299][ T5826] pgpgin 33147 [ 59.824664][ T5826] pgpgout 33142 [ 59.828182][ T5826] pgfault 45187 [ 59.831634][ T5826] pgmajfault 14 [ 59.835085][ T5826] inactive_anon 0 [ 59.838724][ T5826] active_anon 8192 [ 59.840158][ T5840] loop3: detected capacity change from 0 to 1024 [ 59.842421][ T5826] inactive_file 0 [ 59.850480][ T5840] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 59.852336][ T5826] active_file 12288 [ 59.852345][ T5826] unevictable 0 [ 59.868228][ T5826] hierarchical_memory_limit 314572800 [ 59.873586][ T5826] hierarchical_memsw_limit 9223372036854771712 [ 59.879749][ T5826] total_cache 12288 [ 59.883557][ T5826] total_rss 0 [ 59.886844][ T5826] total_shmem 0 [ 59.890291][ T5826] total_mapped_file 12288 [ 59.894607][ T5826] total_dirty 12288 [ 59.898423][ T5826] total_writeback 8192 [ 59.902482][ T5826] total_workingset_refault_anon 14 [ 59.907610][ T5826] total_workingset_refault_file 0 [ 59.912620][ T5826] total_swap 172032 [ 59.915376][ T5842] program syz.1.743 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 59.916404][ T5826] total_swapcached 8192 [ 59.916413][ T5826] total_pgpgin 33147 [ 59.916420][ T5826] total_pgpgout 33142 [ 59.937661][ T5826] total_pgfault 45187 [ 59.941637][ T5826] total_pgmajfault 14 [ 59.945638][ T5826] total_inactive_anon 0 [ 59.949809][ T5826] total_active_anon 8192 [ 59.954035][ T5826] total_inactive_file 0 [ 59.958197][ T5826] total_active_file 12288 [ 59.962536][ T5826] total_unevictable 0 [ 59.966516][ T5826] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz4,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.737,pid=5826,uid=0 [ 59.973183][ T5850] loop1: detected capacity change from 0 to 512 [ 59.981291][ T5826] Memory cgroup out of memory: Killed process 5826 (syz.4.737) total-vm:80620kB, anon-rss:452kB, file-rss:9864kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000 [ 59.997418][ T5850] EXT4-fs (loop1): Unsupported encryption level 9 [ 60.030368][ T29] audit: type=1400 audit(1720988408.798:615): avc: denied { create } for pid=5839 comm="syz.3.742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 60.049644][ T29] audit: type=1400 audit(1720988408.798:616): avc: denied { connect } for pid=5839 comm="syz.3.742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 60.068991][ T29] audit: type=1400 audit(1720988408.808:617): avc: denied { sqpoll } for pid=5839 comm="syz.3.742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 60.109856][ T5855] vxcan1: tx address claim with dest, not broadcast [ 60.127580][ T5850] netlink: 28 bytes leftover after parsing attributes in process `syz.1.747'. [ 60.147124][ T5850] netlink: 28 bytes leftover after parsing attributes in process `syz.1.747'. [ 60.157986][ T1512] ================================================================== [ 60.158291][ T5858] netlink: 80 bytes leftover after parsing attributes in process `syz.0.749'. [ 60.166055][ T1512] BUG: KCSAN: data-race in __stop_tty / pty_write [ 60.181283][ T1512] [ 60.183594][ T1512] write to 0xffff8881128365bc of 1 bytes by task 5858 on cpu 0: [ 60.191209][ T1512] __stop_tty+0x42/0x90 [ 60.195357][ T1512] n_tty_ioctl_helper+0x223/0x240 [ 60.200381][ T1512] n_tty_ioctl+0xfd/0x200 [ 60.204707][ T1512] tty_ioctl+0x886/0xbe0 [ 60.209011][ T1512] __se_sys_ioctl+0xd3/0x150 [ 60.213606][ T1512] __x64_sys_ioctl+0x43/0x50 [ 60.218187][ T1512] x64_sys_call+0x1581/0x2d70 [ 60.222864][ T1512] do_syscall_64+0xc9/0x1c0 [ 60.227375][ T1512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.233278][ T1512] [ 60.235588][ T1512] read to 0xffff8881128365bc of 1 bytes by task 1512 on cpu 1: [ 60.243123][ T1512] pty_write+0x26/0xa0 [ 60.247186][ T1512] tty_put_char+0x8d/0xc0 [ 60.251513][ T1512] __process_echoes+0x393/0x6b0 [ 60.256372][ T1512] n_tty_receive_buf_common+0x8f9/0xbe0 [ 60.261923][ T1512] n_tty_receive_buf2+0x33/0x40 [ 60.266770][ T1512] tty_ldisc_receive_buf+0x63/0x100 [ 60.271967][ T1512] tty_port_default_receive_buf+0x59/0x90 [ 60.277685][ T1512] flush_to_ldisc+0x1ce/0x410 [ 60.282370][ T1512] process_scheduled_works+0x483/0x9a0 [ 60.287833][ T1512] worker_thread+0x526/0x720 [ 60.292427][ T1512] kthread+0x1d1/0x210 [ 60.296499][ T1512] ret_from_fork+0x4b/0x60 [ 60.300920][ T1512] ret_from_fork_asm+0x1a/0x30 [ 60.305690][ T1512] [ 60.308001][ T1512] value changed: 0x00 -> 0x01 [ 60.312669][ T1512] [ 60.314971][ T1512] Reported by Kernel Concurrency Sanitizer on: [ 60.321103][ T1512] CPU: 1 PID: 1512 Comm: kworker/u8:5 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 60.331323][ T1512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 60.341358][ T1512] Workqueue: events_unbound flush_to_ldisc [ 60.347148][ T1512] ================================================================== [ 60.371963][ T5827] syz.4.737 (5827) used greatest stack depth: 7376 bytes left [ 60.390662][ T29] audit: type=1400 audit(1720988409.168:618): avc: denied { connect } for pid=5853 comm="syz.0.749" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1