last executing test programs: 2.202352349s ago: executing program 3 (id=3983): write(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000280)={0x2, 0x0}, 0x8) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000002c0)={r0, 0xff, 0x10}, 0xc) socket$can_bcm(0x1d, 0x2, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r1 = fsopen(&(0x7f0000000380)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r3, 0x0, 0x8000000000000}, 0x18) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r4 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000f00)=ANY=[@ANYBLOB="00020201"], 0x18) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x2, @loopback, 0x8}, 0x1c) writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1) 2.179828459s ago: executing program 3 (id=3984): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='kfree\x00', r0}, 0x18) r1 = mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000040)={0x0, 0x6, 0x101}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000380)={0x1, &(0x7f0000000280)=[{0x6, 0xfe, 0x0, 0x7ffffffe}]}) ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, 0x0) mq_timedsend(r1, 0x0, 0x0, 0x4, 0x0) mq_timedreceive(r1, &(0x7f0000000140)=""/4096, 0x1000, 0x0, 0x0) 2.10473662s ago: executing program 3 (id=3986): socket$key(0xf, 0x3, 0x2) mknod$loop(0x0, 0x6000, 0x0) r0 = creat(0x0, 0x0) dup2(r0, r0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="380100001000130780ffffff00000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/62, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}, 0x1, 0xe}, 0x0) 2.062581301s ago: executing program 3 (id=3987): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1, 0x0, 0x4}, 0x18) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2) setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r2, 0x0, 0x2, 0x0, 0x0, 0x0) 1.941449002s ago: executing program 3 (id=3988): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004a702000300020048"], 0x48) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0x800, 0xe}}, './file0\x00'}) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000a00)=@mangle={'mangle\x00', 0x1f, 0x6, 0x598, 0x2b8, 0x2b8, 0x1e8, 0x4c8, 0x1e8, 0x4c8, 0x4c8, 0x4c8, 0x4c8, 0x4c8, 0x6, &(0x7f00000005c0), {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@mh={{0x28}, {',\n'}}]}, @HL={0x28, 'HL\x00', 0x0, {0x0, 0x5}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@private2={0xfc, 0x2, '\x00', 0x1}, @ipv4=@dev={0xac, 0x14, 0x14, 0x17}, 0x13, 0x0, 0xc046}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x7, 0xea, 0x534}}}, {{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x3}}, @inet=@rpfilter={{0x28}, {0x14}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@local, @ipv6=@private1, 0x5, 0x19}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5f8) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(0xffffffffffffffff, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r2, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0x0, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}}, @ib={0x1b, 0x0, 0x0, {"7d0300"}, 0x0, 0x0, 0x6}}}, 0x118) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRESHEX=r0], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, 0x2, r1, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x2) r4 = signalfd4(r3, &(0x7f0000000080)={[0xfe]}, 0x8, 0x0) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000580)='br_fdb_add\x00', r5}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) r6 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x6}, 0x0, 0x1, 0x4, 0x1, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x40082406, &(0x7f0000000540)='(pu&00\t(|') futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000361b000000000000000000001811f6a7", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r7}, 0x10) recvmmsg(0xffffffffffffffff, &(0x7f0000001140), 0x700, 0x2, 0x0) futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, &(0x7f0000000000)={0x77359400}, 0x0, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r8 = socket$kcm(0x10, 0x2, 0x0) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000580)='br_fdb_add\x00', r9}, 0x10) sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001340)=@generic={&(0x7f0000001300)='./file0\x00', r0}, 0x18) ioctl$TCXONC(r1, 0x540a, 0x1) syz_open_dev$sg(&(0x7f00000001c0), 0x8, 0x36dcb2be65557877) ioctl$TIOCGSID(r4, 0x5429, &(0x7f0000000100)=0x0) syz_open_procfs(r10, &(0x7f0000000140)='net/sockstat6\x00') 1.657240456s ago: executing program 4 (id=3994): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="380100001000130780ffffff00000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/62, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000e000000200"/94], 0x138}, 0x1, 0xe}, 0x0) 1.628518097s ago: executing program 4 (id=3995): write(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000280)={0x2, 0x0}, 0x8) bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000002c0)={r0, 0xff, 0x10}, 0xc) socket$can_bcm(0x1d, 0x2, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) r1 = fsopen(&(0x7f0000000380)='hugetlbfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r3, 0x0, 0x8000000000000}, 0x18) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r4 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000f00)=ANY=[@ANYBLOB="00020201"], 0x18) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x2, @loopback, 0x8}, 0x1c) writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1) 1.609608377s ago: executing program 4 (id=3996): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000014000780080008400000000008001240ffffffe80500010006000000050005000200000005000400000000000900020073797a31000000000d000300686173683a6e6574"], 0x5c}}, 0x0) 1.591127257s ago: executing program 4 (id=3997): socket$key(0xf, 0x3, 0x2) mknod$loop(0x0, 0x6000, 0x0) r0 = creat(0x0, 0x0) dup2(r0, r0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="380100001000130780ffffff00000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/63, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}, 0x1, 0xe}, 0x0) 1.559604848s ago: executing program 4 (id=3999): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000140), 0x400000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000280), 0x111, 0x1}}, 0x20) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12) write(r4, &(0x7f0000004200)='t', 0x1) sendfile(r4, r3, 0x0, 0x3ffff) sendfile(r4, r3, 0x0, 0x7ffff000) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) r5 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r5, 0x2007ffc) sendfile(r5, r5, 0x0, 0x800000009) 1.523442308s ago: executing program 2 (id=4000): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0) symlink(&(0x7f0000000380)='./file0\x00', &(0x7f0000000600)='./file1/file2\x00') 1.484566428s ago: executing program 2 (id=4001): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c0000001900010929bd700080000000021810180000fd0100000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xcf14}}, './file0\x00'}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0}) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f00000002c0)=0xffffffff) rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8) r2 = gettid() rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) tkill(r2, 0x12) 1.40116123s ago: executing program 0 (id=4003): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={0x0, r1, 0x0, 0x100000000}, 0x18) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000400)=ANY=[@ANYBLOB="54020000170001000000000000000000200100000000000000000000000000010000000000000000ac141400000000000000000000000000fc020000000000000003000000000000e000000200001000000000000000000000000000000000080a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1242ffff040000000000000000000037660b6aff000000000000000000000000000000000000000002"], 0x254}}, 0x0) 1.353907941s ago: executing program 2 (id=4004): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff3}}}, 0x24}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10) ioperm(0x0, 0xd, 0x4000000000000020) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x4, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r4}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00') writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff00", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0xfe80, &(0x7f00000005c0)=[{&(0x7f0000000940)="2e00000010008188e6b62aa73772cc9f1ba1f8482e0000005e140602000000000e000a001000000002800000128c", 0x2e}], 0x1}, 0x0) 1.35363879s ago: executing program 0 (id=4005): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe935"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) creat(&(0x7f0000000000)='./file0\x00', 0x0) 1.308800371s ago: executing program 2 (id=4008): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe1b) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f00000004c0)={[{@acl}, {@barrier}, {@barrier_val}, {@sysvgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x587, &(0x7f0000002100)="$eJzs3U1rG9caAOB3ZMn5cO6NAyHcexeXQBZNSSPHdj9SKDRdljY00O5TYSsmWI6CJYfYDTRZNJtuSiiU0kDpD+i+y9A/0F8RaAOhBNMuSkFl5JGt2JIdOzJSoueBSc6ZD595feY9PqORUABD62T6Ty7ivxHxVRJxtG1bPrKNJ9f2W31yayZdkmg0Pv49iSRb19o/yf4fyyr/iYifv4g4k9vabm15Zb5UqZQXs/pEfeH6RG155ezVhdJcea58bWp6+vwb01Nvv/Vmz2J99dKf33704P3zX55a/ebHR8fuJXEhjmTb2uN4DrfbKydLf2elQlzYtONkDxobJEm/T4A9GcnyvBDpGHA0RrKsB15+n0dEY02uAQyZpJn/YxvjADAkWvOA1r19j+6DXxiP31u7AWrGPtoef37ttZE42Lw3OryaPHVnlN7vjveg/bSNn367fy9dYvvXIQ7tUAfYldt3IuJcPr91/E+y8W/vzjVfPN7e5jaG7e8P9NODdP7zWqf5X259/hMd5j9jHXJ3L3bO/9yjHjTTVTr/e6fj/Hd96BofyWr/as75CsmVq5XyuYj4d0ScjsKBtL7d85zzqw8b3ba1z//SJW2/NRfMzuNR/sDTx8yW6qWIGH2euFse34n4X75T/Ml6/ycd+j/9fVzq+BMLW9acKN//f7f2d45/fzV+iHilY/9vPNFKtn8+OdG8HiZaV8VWf9w98Uu39vsdf9r/h7ePfzxpf15b230b3x/8q9xt216v/9Hkk2a5lQQ3S/X64mTEaPJhs36wff3UxrGtemv/NP7Tp7Yf/zpd/+nN16fPGP/d43e77joI/T+7q/7ffeHhB5991639Z+v/15ul09mabPzrLLtWnvUEn/f3BwAAAAAAAIMkFxFHIskV18u5XLG49v6O43E4V6nW6meuVJeuzUbzs7LjUci1nnQfbXs/xGT2fthWfWpTfToijkXE1yOHmvXiTLUy2+/gAQAAAAAAAAAAAAAAAAAAYECMdfn8f+rXkX6fHbDvml9scKDfZwH0w45f+d+Lb3oCBtKO+Q+8tOQ/DC/5D8NL/sPwkv8wvOQ/DC/5D8NL/gMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXbp4MV0aq09uzaT12RvLS/PVG2dny7X54sLSTHGmuni9OFetzlXKxZnqwk4/r1KtXp+ciqWbE/VyrT5RW165vFBdula/fHWhNFe+XC5s7Jrb38gAAAAAAAAAAAAAAAAAAADgxVFbXpkvVSrlRYWuhXdjIE5jPwNcs6fD84MShUKXwp2se3d3VB8HJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY5J8AAAD//9ybLZI=") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) r1 = socket$kcm(0x29, 0x6, 0x0) r2 = accept4$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs, &(0x7f0000000140)=0x6e, 0x80000) ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f00000001c0)={r2}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000c7aa00859d37040e1a8bd30000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/19], 0x48) sendmsg$ETHTOOL_MSG_PAUSE_SET(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000010651fbe347b2c2b00000c00018008000100", @ANYRES8=r6], 0x20}}, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000180)='wg1\x00') r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='ext4_allocate_inode\x00', r7, 0x0, 0xfffffffff7ffffe9}, 0x18) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) 1.109340834s ago: executing program 1 (id=4012): mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x9135}, 0x18) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffff"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) creat(&(0x7f0000000000)='./file0\x00', 0x0) 928.454897ms ago: executing program 2 (id=4013): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x4004000) recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r3 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r2}, 0x8) close(r3) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 658.11661ms ago: executing program 4 (id=4014): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341) socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) prlimit64(0x0, 0xe, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff}) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x80000}, @IFLA_BR_AGEING_TIME={0x8, 0x4, 0x1}]}}}]}, 0x44}}, 0x0) 492.593153ms ago: executing program 0 (id=4015): ptrace(0x10, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0xfffffffc, 0x0, @void, @value, @void, @value}, 0x50) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x6, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r0}, 0x10) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) r1 = getpid() io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x7, 0x0, 0x1) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) unshare(0x64000600) 463.867623ms ago: executing program 3 (id=4016): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000140), 0x400000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000280), 0x111, 0x1}}, 0x20) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffcb9}]}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==") r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12) write(r4, &(0x7f0000004200)='t', 0x1) sendfile(r4, r3, 0x0, 0x3ffff) sendfile(r4, r3, 0x0, 0x7ffff000) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18) socket$pppl2tp(0x18, 0x1, 0x1) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) socket$inet6_udp(0xa, 0x2, 0x0) r6 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r6, 0x2007ffc) sendfile(r6, r6, 0x0, 0x800000009) 261.951876ms ago: executing program 0 (id=4017): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c0000001900010929bd700080000000021810180000fd0100000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xcf14}}, './file0\x00'}) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f00000002c0)=0xffffffff) rt_sigprocmask(0x0, &(0x7f0000000100)={[0xfffffffffffe]}, 0x0, 0x8) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000001ec0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000700)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) socket$netlink(0x10, 0x3, 0x0) r3 = gettid() rt_sigtimedwait(&(0x7f0000000240)={[0xffffffffffffffff]}, 0x0, 0x0, 0x8) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'tunl0\x00'}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) ioperm(0x8000, 0x3ff, 0x3) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) tkill(r3, 0x12) 221.034897ms ago: executing program 1 (id=4018): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={0x0, r1, 0x0, 0x100000000}, 0x18) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000400)=ANY=[@ANYBLOB="54020000170001000000000000000000200100000000000000000000000000010000000000000000ac141400000000000000000000000000fc020000000000000003000000000000e000000200001000000000000000000000000000000000080a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1242ffff040000000000000000000037660b6aff000000000000000000000000000000000000000002"], 0x254}}, 0x0) 184.285647ms ago: executing program 1 (id=4019): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x198) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r3 = dup(r2) write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000005c0)) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) bind$inet6(r0, &(0x7f0000000380)={0xa, 0x4e23, 0xb4, @local, 0x7cbc}, 0x1c) mount$bind(0x0, &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x0) 156.466407ms ago: executing program 1 (id=4020): ptrace(0x10, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32=0xffffffffffffffff], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16=r1, @ANYRES32, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) unshare(0x64000600) 97.237288ms ago: executing program 0 (id=4021): socket$key(0xf, 0x3, 0x2) mknod$loop(0x0, 0x6000, 0x0) r0 = creat(0x0, 0x0) dup2(r0, r0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="380100001000130780ffffff00000000ffffffff000000000000000000000000fe8000000000000000000000000000bb00"/63, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200000000000000000048000200656362286369706865725f6e756c6c29"], 0x138}, 0x1, 0xe}, 0x0) 36.343809ms ago: executing program 1 (id=4022): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1d, 0x48, &(0x7f0000000dc0)=ANY=[@ANYBLOB="1800000000000000000000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018350000050000000000000000000000b7080000000000007b8af8ff00000000b7080000c2db00007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRESDEC, @ANYBLOB="0000000000000000b70500000800000085000000a500000018000000da000000000000002800000018210000", @ANYRES32, @ANYBLOB="00000000c40100009500000000000000b7080000000000007b8af8ff00000000b7080000060000007b8af000bfa100000000000007010000f8ffffffbfa40000774c0b0000000007040000f0ffffffb70200ca0800000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000b7080000000000007b8af8ff00000000b7080000080000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000310000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000085100000fdffffff85100000feffffffbf91000000000000b702000002000000850000008e010000b7000000000000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0xc, 0x34, &(0x7f0000000280)=""/52, 0x41100, 0x1, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x6, 0x2004}, 0x8, 0x10, &(0x7f00000003c0)={0x5, 0x4, 0x7ff, 0xe}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x6, &(0x7f0000000400)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000440)=[{0x2, 0x5, 0xc, 0x6}, {0x0, 0x1, 0x8, 0x8}, {0x2, 0x3, 0xe, 0xb}, {0x2, 0x5}, {0x0, 0x5, 0x9, 0x2}, {0x0, 0x3, 0x8, 0xa}], 0x10, 0x5, @void, @value}, 0x94) fcntl$setlease(0xffffffffffffffff, 0x400, 0x1) capset(&(0x7f0000000180)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x4081, 0xffffffff}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.sectors\x00', 0x275a, 0x0) mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x108, 0x0) 30.537279ms ago: executing program 0 (id=4023): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b\x00\x00\x00\b'], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.sectors\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r2, 0x0) mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x108, 0x0) 8.69299ms ago: executing program 2 (id=4024): write(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000280)={0x2}, 0x8) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r0}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r1, 0x0, 0x8000000000000}, 0x18) r2 = socket$inet6(0xa, 0x3, 0x3c) setsockopt$inet6_IPV6_RTHDR(r2, 0x29, 0x39, &(0x7f0000000f00)=ANY=[@ANYBLOB="00020201"], 0x18) 0s ago: executing program 1 (id=4025): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, 0x0, &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r1}, 0x18) creat(&(0x7f0000000000)='./file0\x00', 0x0) kernel console output (not intermixed with test programs): _1: entered allmulticast mode [ 244.261297][T15755] bridge_slave_1: entered promiscuous mode [ 244.278569][T16018] ALSA: seq fatal error: cannot create timer (-19) [ 244.300175][T12817] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.310842][T16042] loop3: detected capacity change from 0 to 1024 [ 244.318950][T16042] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 244.329847][T16042] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 244.330923][T15755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 244.344197][T16042] EXT4-fs (loop3): orphan cleanup on readonly fs [ 244.349330][T16049] bridge_slave_1: left allmulticast mode [ 244.353433][T16042] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 244.358903][T16049] bridge_slave_1: left promiscuous mode [ 244.373496][T16042] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 244.379161][T16049] bridge0: port 2(bridge_slave_1) entered disabled state [ 244.390033][T16042] EXT4-fs error (device loop3): ext4_free_blocks:6587: comm syz.3.3045: Freeing blocks not in datazone - block = 0, count = 4096 [ 244.407459][T16042] EXT4-fs (loop3): 1 orphan inode deleted [ 244.413542][T16049] bridge_slave_0: left allmulticast mode [ 244.414061][T16042] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 244.419333][T16049] bridge_slave_0: left promiscuous mode [ 244.437309][T16049] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.486933][T15755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 244.527076][T15755] team0: Port device team_slave_0 added [ 244.535186][ T4715] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.545653][T15755] team0: Port device team_slave_1 added [ 244.577339][T15755] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 244.584436][T15755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 244.610445][T15755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 244.627906][T15755] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 244.634991][T15755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 244.661139][T15755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 244.747893][T12817] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 244.758131][T12817] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 244.775537][T12817] bond0 (unregistering): Released all slaves [ 244.786040][T12817] bond1 (unregistering): (slave veth3): Releasing active interface [ 244.797132][T12817] bond1 (unregistering): Released all slaves [ 244.812916][ T29] kauditd_printk_skb: 243 callbacks suppressed [ 244.812933][ T29] audit: type=1401 audit(1746862734.397:5119): op=setxattr invalid_context="" [ 244.828470][ T29] audit: type=1401 audit(1746862734.427:5120): op=setxattr invalid_context="" [ 244.840799][T12817] bond2 (unregistering): Released all slaves [ 244.850026][T12817] bond3 (unregistering): Released all slaves [ 244.880456][T16136] ALSA: seq fatal error: cannot create timer (-19) [ 244.892808][T15755] hsr_slave_0: entered promiscuous mode [ 244.913049][T15755] hsr_slave_1: entered promiscuous mode [ 244.919527][T15755] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 244.929552][T15755] Cannot create hsr debugfs directory [ 244.958299][ T29] audit: type=1400 audit(1746862734.557:5121): avc: denied { watch } for pid=16168 comm="syz.2.3057" path="/31" dev="tmpfs" ino=174 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 244.982744][T16169] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.040246][T12817] hsr_slave_1: left promiscuous mode [ 245.048118][T12817] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 245.055668][T12817] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 245.066392][T12817] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 245.073835][T12817] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 245.084790][T12817] veth1_macvtap: left promiscuous mode [ 245.090347][T12817] veth0_macvtap: left promiscuous mode [ 245.098906][T12817] veth1_vlan: left promiscuous mode [ 245.104422][T12817] veth0_vlan: left promiscuous mode [ 245.178115][ T29] audit: type=1401 audit(1746862734.777:5122): op=setxattr invalid_context="system_u:object_r:crond_var_run_t:s0" [ 245.214400][ T29] audit: type=1400 audit(1746862734.807:5123): avc: denied { watch } for pid=16176 comm="syz.4.3058" path="/519/file0" dev="tmpfs" ino=2802 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 245.243285][ T29] audit: type=1400 audit(1746862734.837:5124): avc: denied { create } for pid=16176 comm="syz.4.3058" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 245.263103][ T29] audit: type=1400 audit(1746862734.837:5125): avc: denied { read } for pid=16176 comm="syz.4.3058" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 245.315167][T12817] team0 (unregistering): Port device team_slave_1 removed [ 245.328489][T12817] team0 (unregistering): Port device team_slave_0 removed [ 245.336419][ T51] smc: removing ib device syz! [ 245.375865][T16169] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.447255][T16169] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.540085][T16169] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.629961][T16169] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.651585][T16169] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.667563][T16169] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.680054][T16169] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 245.756077][ T29] audit: type=1326 audit(1746862735.357:5126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16274 comm="syz.3.3061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 245.779734][ T29] audit: type=1326 audit(1746862735.357:5127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16274 comm="syz.3.3061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 245.803304][ T29] audit: type=1326 audit(1746862735.357:5128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16274 comm="syz.3.3061" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 245.891266][T15755] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 245.903818][T16297] __nla_validate_parse: 17 callbacks suppressed [ 245.903837][T16297] netlink: 300 bytes leftover after parsing attributes in process `syz.3.3064'. [ 245.904894][T16282] ALSA: seq fatal error: cannot create timer (-19) [ 245.911311][T15755] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 245.951130][T15755] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 245.960303][T15755] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 245.995114][T15755] 8021q: adding VLAN 0 to HW filter on device bond0 [ 246.006868][T15755] 8021q: adding VLAN 0 to HW filter on device team0 [ 246.025120][T15755] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 246.035566][T15755] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 246.051962][ T3876] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.059186][ T3876] bridge0: port 1(bridge_slave_0) entered forwarding state [ 246.068377][ T3876] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.075482][ T3876] bridge0: port 2(bridge_slave_1) entered forwarding state [ 246.158073][T15755] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 246.451075][T16342] FAULT_INJECTION: forcing a failure. [ 246.451075][T16342] name failslab, interval 1, probability 0, space 0, times 0 [ 246.463814][T16342] CPU: 1 UID: 0 PID: 16342 Comm: syz.3.3071 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 246.463912][T16342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 246.463925][T16342] Call Trace: [ 246.463932][T16342] [ 246.463939][T16342] __dump_stack+0x1d/0x30 [ 246.463989][T16342] dump_stack_lvl+0xe8/0x140 [ 246.464013][T16342] dump_stack+0x15/0x1b [ 246.464032][T16342] should_fail_ex+0x265/0x280 [ 246.464135][T16342] ? sctp_association_new+0x71/0x1200 [ 246.464177][T16342] should_failslab+0x8c/0xb0 [ 246.464214][T16342] __kmalloc_cache_noprof+0x4c/0x320 [ 246.464241][T16342] sctp_association_new+0x71/0x1200 [ 246.464335][T16342] ? __ipv6_addr_type+0x1ed/0x210 [ 246.464369][T16342] sctp_connect_new_asoc+0x1a8/0x3a0 [ 246.464429][T16342] sctp_sendmsg+0xf10/0x18d0 [ 246.464469][T16342] ? selinux_socket_sendmsg+0x111/0x1b0 [ 246.464534][T16342] ? __pfx_sctp_sendmsg+0x10/0x10 [ 246.464580][T16342] inet_sendmsg+0xc2/0xd0 [ 246.464617][T16342] __sock_sendmsg+0x102/0x180 [ 246.464663][T16342] __sys_sendto+0x268/0x330 [ 246.464756][T16342] __x64_sys_sendto+0x76/0x90 [ 246.464794][T16342] x64_sys_call+0x2eb6/0x2fb0 [ 246.464820][T16342] do_syscall_64+0xd0/0x1a0 [ 246.464863][T16342] ? clear_bhb_loop+0x25/0x80 [ 246.464926][T16342] ? clear_bhb_loop+0x25/0x80 [ 246.464953][T16342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.465006][T16342] RIP: 0033:0x7fe624d3e969 [ 246.465024][T16342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.465047][T16342] RSP: 002b:00007fe6233a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 246.465069][T16342] RAX: ffffffffffffffda RBX: 00007fe624f65fa0 RCX: 00007fe624d3e969 [ 246.465085][T16342] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003 [ 246.465149][T16342] RBP: 00007fe6233a7090 R08: 0000200000000140 R09: 000000000000001c [ 246.465164][T16342] R10: 0000000006044094 R11: 0000000000000246 R12: 0000000000000001 [ 246.465179][T16342] R13: 0000000000000000 R14: 00007fe624f65fa0 R15: 00007ffe69f83748 [ 246.465201][T16342] [ 246.715367][T15755] veth0_vlan: entered promiscuous mode [ 246.726913][T15755] veth1_vlan: entered promiscuous mode [ 246.763210][T16401] ALSA: seq fatal error: cannot create timer (-19) [ 246.822930][T15755] veth0_macvtap: entered promiscuous mode [ 246.845964][T15755] veth1_macvtap: entered promiscuous mode [ 246.880673][T15755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.891490][T15755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.901544][T15755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.912063][T15755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.921966][T15755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.932443][T15755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.942372][T15755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.952848][T15755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.962695][T15755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 246.973231][T15755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 246.986227][T15755] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 246.994575][T15755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.005040][T15755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.014955][T15755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.025463][T15755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.035359][T15755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.045865][T15755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.055715][T15755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.066208][T15755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.076049][T15755] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 247.086547][T15755] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 247.097193][T15755] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 247.110824][T15755] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.119716][T15755] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.128539][T15755] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.137344][T15755] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.184430][T16434] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 247.200576][T16428] infiniband syz!: set active [ 247.205401][T16428] infiniband syz!: added team_slave_0 [ 247.211347][T16434] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 247.222027][T16434] FAULT_INJECTION: forcing a failure. [ 247.222027][T16434] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 247.235329][T16434] CPU: 1 UID: 0 PID: 16434 Comm: syz.2.3080 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 247.235363][T16434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 247.235375][T16434] Call Trace: [ 247.235381][T16434] [ 247.235389][T16434] __dump_stack+0x1d/0x30 [ 247.235412][T16434] dump_stack_lvl+0xe8/0x140 [ 247.235441][T16434] dump_stack+0x15/0x1b [ 247.235462][T16434] should_fail_ex+0x265/0x280 [ 247.235502][T16434] should_fail+0xb/0x20 [ 247.235612][T16434] should_fail_usercopy+0x1a/0x20 [ 247.235635][T16434] _copy_from_user+0x1c/0xb0 [ 247.235665][T16434] memdup_user+0x5e/0xd0 [ 247.235695][T16434] raw_ioctl+0x81b/0x1dc0 [ 247.235730][T16434] ? ioctl_has_perm+0x289/0x2e0 [ 247.235790][T16434] ? do_vfs_ioctl+0x993/0x15b0 [ 247.235815][T16434] ? selinux_file_ioctl+0x2e3/0x370 [ 247.235850][T16434] ? __fget_files+0x184/0x1c0 [ 247.235901][T16434] ? __pfx_raw_ioctl+0x10/0x10 [ 247.235932][T16434] __se_sys_ioctl+0xcb/0x140 [ 247.235958][T16434] __x64_sys_ioctl+0x43/0x50 [ 247.235984][T16434] x64_sys_call+0x19a8/0x2fb0 [ 247.236015][T16434] do_syscall_64+0xd0/0x1a0 [ 247.236044][T16434] ? clear_bhb_loop+0x25/0x80 [ 247.236067][T16434] ? clear_bhb_loop+0x25/0x80 [ 247.236098][T16434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.236181][T16434] RIP: 0033:0x7faf76d6e969 [ 247.236213][T16434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.236234][T16434] RSP: 002b:00007faf753d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 247.236321][T16434] RAX: ffffffffffffffda RBX: 00007faf76f95fa0 RCX: 00007faf76d6e969 [ 247.236334][T16434] RDX: 0000000000000000 RSI: 0000000040095505 RDI: 0000000000000003 [ 247.236345][T16434] RBP: 00007faf753d7090 R08: 0000000000000000 R09: 0000000000000000 [ 247.236356][T16434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 247.236367][T16434] R13: 0000000000000000 R14: 00007faf76f95fa0 R15: 00007fff3ff0ed98 [ 247.236389][T16434] [ 247.270748][T16428] RDS/IB: syz!: added [ 247.452005][T16428] smc: adding ib device syz! with port count 1 [ 247.460692][T16428] smc: ib device syz! port 1 has pnetid [ 247.491129][T16456] FAULT_INJECTION: forcing a failure. [ 247.491129][T16456] name failslab, interval 1, probability 0, space 0, times 0 [ 247.503993][T16456] CPU: 1 UID: 0 PID: 16456 Comm: syz.1.3024 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 247.504105][T16456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 247.504122][T16456] Call Trace: [ 247.504129][T16456] [ 247.504139][T16456] __dump_stack+0x1d/0x30 [ 247.504165][T16456] dump_stack_lvl+0xe8/0x140 [ 247.504189][T16456] dump_stack+0x15/0x1b [ 247.504267][T16456] should_fail_ex+0x265/0x280 [ 247.504362][T16456] should_failslab+0x8c/0xb0 [ 247.504470][T16456] kmem_cache_alloc_noprof+0x50/0x310 [ 247.504549][T16456] ? copy_fs_struct+0x31/0x110 [ 247.504595][T16456] copy_fs_struct+0x31/0x110 [ 247.504646][T16456] ksys_unshare+0x2c6/0x6d0 [ 247.504687][T16456] ? ksys_write+0x16e/0x1a0 [ 247.504720][T16456] __x64_sys_unshare+0x1f/0x30 [ 247.504800][T16456] x64_sys_call+0x2d4b/0x2fb0 [ 247.504900][T16456] do_syscall_64+0xd0/0x1a0 [ 247.505036][T16456] ? clear_bhb_loop+0x25/0x80 [ 247.505099][T16456] ? clear_bhb_loop+0x25/0x80 [ 247.505139][T16456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.505165][T16456] RIP: 0033:0x7f83129be969 [ 247.505181][T16456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 247.505199][T16456] RSP: 002b:00007f8311027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 247.505220][T16456] RAX: ffffffffffffffda RBX: 00007f8312be5fa0 RCX: 00007f83129be969 [ 247.505236][T16456] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200 [ 247.505253][T16456] RBP: 00007f8311027090 R08: 0000000000000000 R09: 0000000000000000 [ 247.505266][T16456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 247.505277][T16456] R13: 0000000000000001 R14: 00007f8312be5fa0 R15: 00007ffc5ee7b928 [ 247.505296][T16456] [ 247.773772][T16458] loop1: detected capacity change from 0 to 1024 [ 247.851979][T16458] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 247.888649][T16458] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 247.956064][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.076765][T16519] 9pnet_fd: Insufficient options for proto=fd [ 248.112622][T16527] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 248.173230][T16536] FAULT_INJECTION: forcing a failure. [ 248.173230][T16536] name failslab, interval 1, probability 0, space 0, times 0 [ 248.186066][T16536] CPU: 1 UID: 0 PID: 16536 Comm: syz.0.3101 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 248.186139][T16536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 248.186231][T16536] Call Trace: [ 248.186239][T16536] [ 248.186281][T16536] __dump_stack+0x1d/0x30 [ 248.186314][T16536] dump_stack_lvl+0xe8/0x140 [ 248.186423][T16536] dump_stack+0x15/0x1b [ 248.186444][T16536] should_fail_ex+0x265/0x280 [ 248.186485][T16536] ? proc_do_submiturb+0x83e/0x1db0 [ 248.186592][T16536] should_failslab+0x8c/0xb0 [ 248.186627][T16536] __kmalloc_cache_noprof+0x4c/0x320 [ 248.186682][T16536] proc_do_submiturb+0x83e/0x1db0 [ 248.186724][T16536] ? proc_do_submiturb+0xe1/0x1db0 [ 248.186829][T16536] ? should_fail_ex+0xdb/0x280 [ 248.186935][T16536] proc_submiturb+0x7b/0xa0 [ 248.186972][T16536] usbdev_ioctl+0xcc2/0x1710 [ 248.187003][T16536] ? __pfx_usbdev_ioctl+0x10/0x10 [ 248.187034][T16536] __se_sys_ioctl+0xcb/0x140 [ 248.187079][T16536] __x64_sys_ioctl+0x43/0x50 [ 248.187176][T16536] x64_sys_call+0x19a8/0x2fb0 [ 248.187203][T16536] do_syscall_64+0xd0/0x1a0 [ 248.187230][T16536] ? clear_bhb_loop+0x25/0x80 [ 248.187255][T16536] ? clear_bhb_loop+0x25/0x80 [ 248.187325][T16536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.187352][T16536] RIP: 0033:0x7ff64ad4e969 [ 248.187371][T16536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.187394][T16536] RSP: 002b:00007ff6493b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 248.187417][T16536] RAX: ffffffffffffffda RBX: 00007ff64af75fa0 RCX: 00007ff64ad4e969 [ 248.187433][T16536] RDX: 0000200000000000 RSI: 000000008038550a RDI: 0000000000000004 [ 248.187484][T16536] RBP: 00007ff6493b7090 R08: 0000000000000000 R09: 0000000000000000 [ 248.187496][T16536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 248.187512][T16536] R13: 0000000000000000 R14: 00007ff64af75fa0 R15: 00007ffd5e918928 [ 248.187536][T16536] [ 248.678133][T16607] loop2: detected capacity change from 0 to 1024 [ 248.695218][T16607] EXT4-fs: Ignoring removed nobh option [ 248.700926][T16607] EXT4-fs: Ignoring removed bh option [ 248.739979][T16607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 248.818119][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.840643][T16614] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3108'. [ 248.898838][T16621] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3109'. [ 248.898949][T16620] 9pnet_fd: Insufficient options for proto=fd [ 249.324789][T16635] xt_CHECKSUM: unsupported CHECKSUM operation 68 [ 249.347003][T16638] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3116'. [ 249.950487][T16656] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0 [ 250.378134][ T29] kauditd_printk_skb: 80 callbacks suppressed [ 250.378150][ T29] audit: type=1326 audit(1746862739.977:5209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.3.3126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 250.408085][ T29] audit: type=1326 audit(1746862739.977:5210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.3.3126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 250.433909][T16692] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 250.442467][ T29] audit: type=1326 audit(1746862739.977:5211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.3.3126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 250.446253][T16692] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 250.466052][ T29] audit: type=1326 audit(1746862740.007:5212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16693 comm="syz.3.3126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe624d71225 code=0x7ffc0000 [ 250.481935][T16696] loop0: detected capacity change from 0 to 1024 [ 250.497336][ T29] audit: type=1326 audit(1746862740.007:5213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.3.3126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 250.527462][ T29] audit: type=1326 audit(1746862740.007:5214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.3.3126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 250.551004][ T29] audit: type=1326 audit(1746862740.027:5215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.3.3126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 250.575013][ T29] audit: type=1326 audit(1746862740.027:5216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.3.3126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 250.598602][ T29] audit: type=1326 audit(1746862740.027:5217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.3.3126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 250.622530][ T29] audit: type=1326 audit(1746862740.027:5218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16691 comm="syz.3.3126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe624d3e969 code=0x7ffc0000 [ 250.648564][T16527] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 250.662364][T16696] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 250.699092][T16696] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 250.732588][T15029] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.832635][T16717] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3131'. [ 250.843210][T16714] FAULT_INJECTION: forcing a failure. [ 250.843210][T16714] name failslab, interval 1, probability 0, space 0, times 0 [ 250.855911][T16714] CPU: 1 UID: 0 PID: 16714 Comm: syz.4.3130 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 250.855946][T16714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 250.855962][T16714] Call Trace: [ 250.855978][T16714] [ 250.855987][T16714] __dump_stack+0x1d/0x30 [ 250.856007][T16714] dump_stack_lvl+0xe8/0x140 [ 250.856109][T16714] dump_stack+0x15/0x1b [ 250.856130][T16714] should_fail_ex+0x265/0x280 [ 250.856161][T16714] should_failslab+0x8c/0xb0 [ 250.856326][T16714] kmem_cache_alloc_node_noprof+0x57/0x320 [ 250.856368][T16714] ? __alloc_skb+0x101/0x320 [ 250.856403][T16714] __alloc_skb+0x101/0x320 [ 250.856486][T16714] netlink_alloc_large_skb+0xba/0xf0 [ 250.856588][T16714] netlink_sendmsg+0x3cf/0x6b0 [ 250.856628][T16714] ? __pfx_netlink_sendmsg+0x10/0x10 [ 250.856660][T16714] __sock_sendmsg+0x142/0x180 [ 250.856697][T16714] ____sys_sendmsg+0x31e/0x4e0 [ 250.856722][T16714] ___sys_sendmsg+0x17b/0x1d0 [ 250.856761][T16714] __x64_sys_sendmsg+0xd4/0x160 [ 250.856790][T16714] x64_sys_call+0x2999/0x2fb0 [ 250.856816][T16714] do_syscall_64+0xd0/0x1a0 [ 250.856852][T16714] ? clear_bhb_loop+0x25/0x80 [ 250.856873][T16714] ? clear_bhb_loop+0x25/0x80 [ 250.856959][T16714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.856982][T16714] RIP: 0033:0x7fb7deade969 [ 250.856998][T16714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.857020][T16714] RSP: 002b:00007fb7dd147038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 250.857047][T16714] RAX: ffffffffffffffda RBX: 00007fb7ded05fa0 RCX: 00007fb7deade969 [ 250.857062][T16714] RDX: 0000000000044042 RSI: 0000200000000980 RDI: 0000000000000006 [ 250.857077][T16714] RBP: 00007fb7dd147090 R08: 0000000000000000 R09: 0000000000000000 [ 250.857092][T16714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 250.857106][T16714] R13: 0000000000000000 R14: 00007fb7ded05fa0 R15: 00007ffc87742f38 [ 250.857130][T16714] [ 251.098464][T16721] loop3: detected capacity change from 0 to 8192 [ 251.108410][T16727] netlink: 300 bytes leftover after parsing attributes in process `syz.0.3135'. [ 251.143983][T16721] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 251.152759][T16721] FAT-fs (loop3): Filesystem has been set read-only [ 251.160903][T16721] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 251.245201][T16757] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3139'. [ 251.329075][T16768] pim6reg: entered allmulticast mode [ 251.371350][T16768] pim6reg: left allmulticast mode [ 251.524654][T16817] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3147'. [ 251.552820][T16822] loop2: detected capacity change from 0 to 512 [ 251.561971][T16822] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 251.573485][T16822] EXT4-fs (loop2): 1 truncate cleaned up [ 251.579642][T16822] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 251.599418][T16826] loop4: detected capacity change from 0 to 128 [ 251.728589][T16527] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 251.784269][T16846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3156'. [ 251.797821][T16527] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 251.866549][T16527] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.885398][T16527] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.890757][T16860] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3159'. [ 251.898077][T16527] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.914637][T16527] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.944475][T16866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3160'. [ 252.007134][T16872] loop3: detected capacity change from 0 to 128 [ 252.290595][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.316342][T16923] loop0: detected capacity change from 0 to 1024 [ 252.324308][T16923] EXT4-fs: quotafile must be on filesystem root [ 252.343516][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.421248][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.446011][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.461304][T16884] chnl_net:caif_netlink_parms(): no params data found [ 252.511392][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 252.602961][T16884] bridge0: port 1(bridge_slave_0) entered blocking state [ 252.610285][T16884] bridge0: port 1(bridge_slave_0) entered disabled state [ 252.617915][T16884] bridge_slave_0: entered allmulticast mode [ 252.626200][T16884] bridge_slave_0: entered promiscuous mode [ 252.643312][T16884] bridge0: port 2(bridge_slave_1) entered blocking state [ 252.650674][T16884] bridge0: port 2(bridge_slave_1) entered disabled state [ 252.660226][T16884] bridge_slave_1: entered allmulticast mode [ 252.667339][T16884] bridge_slave_1: entered promiscuous mode [ 252.680586][T17096] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 252.693789][T17099] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3171'. [ 252.721327][T17100] loop0: detected capacity change from 0 to 512 [ 252.757318][T17100] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 252.770195][T17100] EXT4-fs (loop0): 1 truncate cleaned up [ 252.777044][T17100] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.789641][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 252.801051][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 252.812235][ T12] bond0 (unregistering): Released all slaves [ 252.821572][ T12] bond1 (unregistering): Released all slaves [ 252.831731][T16884] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.845939][T16884] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.901816][T17161] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3177'. [ 252.918184][T17164] netlink: 300 bytes leftover after parsing attributes in process `syz.1.3176'. [ 252.946034][T17173] EXT4-fs error (device loop0): ext4_find_dest_de:2054: inode #2: block 13: comm syz.0.3172: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 252.979810][ T12] hsr_slave_1: left promiscuous mode [ 252.985682][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 252.993219][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 253.025474][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 253.033032][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 253.049796][ T12] veth1_macvtap: left promiscuous mode [ 253.056183][ T12] veth0_macvtap: left promiscuous mode [ 253.061952][ T12] veth1_vlan: left promiscuous mode [ 253.067391][ T12] veth0_vlan: left promiscuous mode [ 253.073415][T17192] loop4: detected capacity change from 0 to 1024 [ 253.103743][T17192] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 253.196507][ T12] team0 (unregistering): Port device team_slave_1 removed [ 253.209255][T17199] netlink: 300 bytes leftover after parsing attributes in process `syz.1.3181'. [ 253.239919][ T12] team0 (unregistering): Port device team_slave_0 removed [ 253.261534][T17192] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 253.280857][T17161] bridge_slave_1: left allmulticast mode [ 253.286619][T17161] bridge_slave_1: left promiscuous mode [ 253.292394][T17161] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.314174][ T3616] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.341811][T17161] bridge_slave_0: left allmulticast mode [ 253.347635][T17161] bridge_slave_0: left promiscuous mode [ 253.353322][T17161] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.448476][T16884] team0: Port device team_slave_0 added [ 253.455948][T16884] team0: Port device team_slave_1 added [ 253.478240][T16884] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 253.485328][T16884] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 253.511376][T16884] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 253.526578][T16884] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 253.533581][T16884] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 253.559631][T16884] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 253.614227][T15029] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 253.614600][T16884] hsr_slave_0: entered promiscuous mode [ 253.631969][T16884] hsr_slave_1: entered promiscuous mode [ 253.842248][T17361] loop1: detected capacity change from 0 to 512 [ 253.856775][T17361] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 253.879925][T17361] EXT4-fs (loop1): 1 truncate cleaned up [ 253.888119][T17361] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 254.013915][T17398] EXT4-fs error (device loop1): ext4_find_dest_de:2054: inode #2: block 13: comm syz.1.3194: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 254.091242][T17406] ALSA: seq fatal error: cannot create timer (-19) [ 254.152358][T16884] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 254.196322][T16884] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 254.207905][T16884] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 254.227186][T16884] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 254.275279][T16884] 8021q: adding VLAN 0 to HW filter on device bond0 [ 254.381539][T16884] 8021q: adding VLAN 0 to HW filter on device team0 [ 254.401477][ T264] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.408690][ T264] bridge0: port 1(bridge_slave_0) entered forwarding state [ 254.529003][ T264] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.536195][ T264] bridge0: port 2(bridge_slave_1) entered forwarding state [ 254.644932][T16884] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 254.790962][T16884] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 254.925107][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.054962][T16884] veth0_vlan: entered promiscuous mode [ 255.092927][T16884] veth1_vlan: entered promiscuous mode [ 255.159268][T16884] veth0_macvtap: entered promiscuous mode [ 255.171449][T16884] veth1_macvtap: entered promiscuous mode [ 255.203839][T16884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.214497][T16884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.224394][T16884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.235272][T16884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.245171][T16884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.255704][T16884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.265545][T16884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.276075][T16884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.285931][T16884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.296382][T16884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.315206][T16884] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 255.352550][T16884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.363072][T16884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.373041][T16884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.383509][T16884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.393429][T16884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.403946][T16884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.413817][T16884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.424322][T16884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.434172][T16884] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.444625][T16884] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.460786][ T29] kauditd_printk_skb: 337 callbacks suppressed [ 255.460802][ T29] audit: type=1400 audit(1746862745.056:5556): avc: denied { write } for pid=17546 comm="syz.2.3224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 255.487611][T16884] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 255.497771][T16884] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.506560][T16884] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.515319][T16884] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.524091][T16884] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.538204][T17551] loop2: detected capacity change from 0 to 1024 [ 255.569462][T17551] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 255.599955][T17551] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 255.666989][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.686929][ T29] audit: type=1400 audit(1746862745.286:5557): avc: denied { mounton } for pid=17563 comm="syz.0.3226" path="/syzcgroup/cpu/syz0/cgroup.procs" dev="cgroup" ino=53 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1 [ 255.730136][T17566] bridge_slave_1: left allmulticast mode [ 255.735873][T17566] bridge_slave_1: left promiscuous mode [ 255.741552][T17566] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.784168][T17572] loop0: detected capacity change from 0 to 2048 [ 255.791255][T17566] bridge_slave_0: left allmulticast mode [ 255.797112][T17566] bridge_slave_0: left promiscuous mode [ 255.803150][T17566] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.406090][ T29] audit: type=1400 audit(1746862745.976:5558): avc: denied { bind } for pid=17621 comm="syz.2.3236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 256.425704][ T29] audit: type=1400 audit(1746862745.976:5559): avc: denied { node_bind } for pid=17621 comm="syz.2.3236" saddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1 [ 256.538050][T17627] FAULT_INJECTION: forcing a failure. [ 256.538050][T17627] name failslab, interval 1, probability 0, space 0, times 0 [ 256.550851][T17627] CPU: 1 UID: 0 PID: 17627 Comm: syz.2.3237 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 256.550953][T17627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 256.550974][T17627] Call Trace: [ 256.550979][T17627] [ 256.550987][T17627] __dump_stack+0x1d/0x30 [ 256.551049][T17627] dump_stack_lvl+0xe8/0x140 [ 256.551136][T17627] dump_stack+0x15/0x1b [ 256.551156][T17627] should_fail_ex+0x265/0x280 [ 256.551192][T17627] should_failslab+0x8c/0xb0 [ 256.551221][T17627] kmem_cache_alloc_noprof+0x50/0x310 [ 256.551319][T17627] ? skb_clone+0x151/0x1f0 [ 256.551345][T17627] skb_clone+0x151/0x1f0 [ 256.551365][T17627] __netlink_deliver_tap+0x2c9/0x500 [ 256.551414][T17627] netlink_unicast+0x64c/0x670 [ 256.551449][T17627] netlink_sendmsg+0x58b/0x6b0 [ 256.551491][T17627] ? __pfx_netlink_sendmsg+0x10/0x10 [ 256.551571][T17627] __sock_sendmsg+0x142/0x180 [ 256.551640][T17627] ____sys_sendmsg+0x345/0x4e0 [ 256.551660][T17627] ___sys_sendmsg+0x17b/0x1d0 [ 256.551690][T17627] __sys_sendmmsg+0x178/0x300 [ 256.551746][T17627] __x64_sys_sendmmsg+0x57/0x70 [ 256.551770][T17627] x64_sys_call+0x2f2f/0x2fb0 [ 256.551794][T17627] do_syscall_64+0xd0/0x1a0 [ 256.551814][T17627] ? clear_bhb_loop+0x25/0x80 [ 256.551835][T17627] ? clear_bhb_loop+0x25/0x80 [ 256.551897][T17627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.551923][T17627] RIP: 0033:0x7faf76d6e969 [ 256.551942][T17627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 256.551963][T17627] RSP: 002b:00007faf753d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 256.551985][T17627] RAX: ffffffffffffffda RBX: 00007faf76f95fa0 RCX: 00007faf76d6e969 [ 256.552001][T17627] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003 [ 256.552068][T17627] RBP: 00007faf753d7090 R08: 0000000000000000 R09: 0000000000000000 [ 256.552082][T17627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 256.552097][T17627] R13: 0000000000000000 R14: 00007faf76f95fa0 R15: 00007fff3ff0ed98 [ 256.552117][T17627] [ 256.881537][T17655] loop2: detected capacity change from 0 to 1024 [ 256.958994][T17655] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 256.985330][T17684] __nla_validate_parse: 13 callbacks suppressed [ 256.985367][T17684] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3241'. [ 257.014898][T17655] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 257.089916][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 257.144729][ T29] audit: type=1326 audit(1746862746.736:5560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17708 comm="syz.1.3245" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x0 [ 257.243798][ T29] audit: type=1400 audit(1746862746.836:5561): avc: denied { getopt } for pid=17708 comm="syz.1.3245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 257.254935][T17720] ALSA: seq fatal error: cannot create timer (-19) [ 257.287882][ T29] audit: type=1326 audit(1746862746.886:5562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17723 comm="syz.2.3246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 257.288681][T17724] loop2: detected capacity change from 0 to 128 [ 257.311525][ T29] audit: type=1326 audit(1746862746.886:5563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17723 comm="syz.2.3246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 257.341679][ T29] audit: type=1326 audit(1746862746.886:5564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17723 comm="syz.2.3246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7faf76d6e9a3 code=0x7ffc0000 [ 257.365974][ T29] audit: type=1326 audit(1746862746.886:5565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17723 comm="syz.2.3246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7faf76d6d41f code=0x7ffc0000 [ 257.409274][T17729] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3248'. [ 257.412151][T17733] netlink: 300 bytes leftover after parsing attributes in process `syz.2.3249'. [ 257.535745][T17747] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3252'. [ 257.699180][T17785] ALSA: seq fatal error: cannot create timer (-19) [ 257.886999][T17796] netlink: 300 bytes leftover after parsing attributes in process `syz.2.3261'. [ 257.984573][T17808] FAULT_INJECTION: forcing a failure. [ 257.984573][T17808] name failslab, interval 1, probability 0, space 0, times 0 [ 257.997466][T17808] CPU: 1 UID: 0 PID: 17808 Comm: syz.0.3265 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 257.997496][T17808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 257.997511][T17808] Call Trace: [ 257.997518][T17808] [ 257.997527][T17808] __dump_stack+0x1d/0x30 [ 257.997632][T17808] dump_stack_lvl+0xe8/0x140 [ 257.997652][T17808] dump_stack+0x15/0x1b [ 257.997669][T17808] should_fail_ex+0x265/0x280 [ 257.997778][T17808] ? find_get_pmu_context+0x58/0x450 [ 257.997806][T17808] should_failslab+0x8c/0xb0 [ 257.997840][T17808] __kmalloc_cache_noprof+0x4c/0x320 [ 257.997939][T17808] find_get_pmu_context+0x58/0x450 [ 257.998029][T17808] __se_sys_perf_event_open+0x909/0x1170 [ 257.998063][T17808] __x64_sys_perf_event_open+0x67/0x80 [ 257.998085][T17808] x64_sys_call+0x27ec/0x2fb0 [ 257.998111][T17808] do_syscall_64+0xd0/0x1a0 [ 257.998148][T17808] ? clear_bhb_loop+0x25/0x80 [ 257.998174][T17808] ? clear_bhb_loop+0x25/0x80 [ 257.998199][T17808] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.998297][T17808] RIP: 0033:0x7ff64ad4e969 [ 257.998315][T17808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.998336][T17808] RSP: 002b:00007ff6493b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 257.998358][T17808] RAX: ffffffffffffffda RBX: 00007ff64af75fa0 RCX: 00007ff64ad4e969 [ 257.998373][T17808] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100 [ 257.998388][T17808] RBP: 00007ff6493b7090 R08: 0000000000000000 R09: 0000000000000000 [ 257.998489][T17808] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 257.998504][T17808] R13: 0000000000000001 R14: 00007ff64af75fa0 R15: 00007ffd5e918928 [ 257.998523][T17808] [ 258.330009][T17860] loop1: detected capacity change from 0 to 256 [ 258.414513][T17871] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3274'. [ 258.450695][T17874] loop2: detected capacity change from 0 to 8192 [ 258.465449][T17879] netlink: 300 bytes leftover after parsing attributes in process `syz.4.3278'. [ 258.478716][T17884] No such timeout policy "syz0" [ 258.486392][T17884] 9pnet_fd: Insufficient options for proto=fd [ 258.506401][T17874] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 258.514993][T17874] FAT-fs (loop2): Filesystem has been set read-only [ 258.541361][T17887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3279'. [ 258.550272][T17893] FAULT_INJECTION: forcing a failure. [ 258.550272][T17893] name failslab, interval 1, probability 0, space 0, times 0 [ 258.550305][T17893] CPU: 0 UID: 0 PID: 17893 Comm: syz.4.3281 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 258.550351][T17893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 258.550367][T17893] Call Trace: [ 258.550376][T17893] [ 258.550385][T17893] __dump_stack+0x1d/0x30 [ 258.550414][T17893] dump_stack_lvl+0xe8/0x140 [ 258.550439][T17893] dump_stack+0x15/0x1b [ 258.550462][T17893] should_fail_ex+0x265/0x280 [ 258.550586][T17893] should_failslab+0x8c/0xb0 [ 258.550624][T17893] kmem_cache_alloc_noprof+0x50/0x310 [ 258.550667][T17893] ? getname_flags+0x80/0x3b0 [ 258.550753][T17893] getname_flags+0x80/0x3b0 [ 258.550860][T17893] do_sys_openat2+0x60/0x110 [ 258.550887][T17893] __x64_sys_openat+0xf2/0x120 [ 258.550914][T17893] x64_sys_call+0x1af/0x2fb0 [ 258.551008][T17893] do_syscall_64+0xd0/0x1a0 [ 258.551117][T17893] ? clear_bhb_loop+0x25/0x80 [ 258.551145][T17893] ? clear_bhb_loop+0x25/0x80 [ 258.551172][T17893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.551200][T17893] RIP: 0033:0x7fb7deade969 [ 258.551291][T17893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.551314][T17893] RSP: 002b:00007fb7dd147038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 258.551338][T17893] RAX: ffffffffffffffda RBX: 00007fb7ded05fa0 RCX: 00007fb7deade969 [ 258.551382][T17893] RDX: 0000000000515002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 258.551398][T17893] RBP: 00007fb7dd147090 R08: 0000000000000000 R09: 0000000000000000 [ 258.551488][T17893] R10: 00000000000000c6 R11: 0000000000000246 R12: 0000000000000001 [ 258.551512][T17893] R13: 0000000000000000 R14: 00007fb7ded05fa0 R15: 00007ffc87742f38 [ 258.551535][T17893] [ 258.630945][T17896] loop1: detected capacity change from 0 to 512 [ 258.756171][T17896] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 258.783145][ T3390] kernel write not supported for file /17/attr/exec (pid: 3390 comm: kworker/1:3) [ 258.828312][T17911] loop3: detected capacity change from 0 to 256 [ 258.841981][T17911] FAULT_INJECTION: forcing a failure. [ 258.841981][T17911] name failslab, interval 1, probability 0, space 0, times 0 [ 258.854879][T17911] CPU: 1 UID: 0 PID: 17911 Comm: syz.3.3288 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 258.854909][T17911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 258.854924][T17911] Call Trace: [ 258.854931][T17911] [ 258.854939][T17911] __dump_stack+0x1d/0x30 [ 258.855028][T17911] dump_stack_lvl+0xe8/0x140 [ 258.855049][T17911] dump_stack+0x15/0x1b [ 258.855064][T17911] should_fail_ex+0x265/0x280 [ 258.855125][T17911] should_failslab+0x8c/0xb0 [ 258.855155][T17911] kmem_cache_alloc_noprof+0x50/0x310 [ 258.855255][T17911] ? skb_clone+0x151/0x1f0 [ 258.855279][T17911] skb_clone+0x151/0x1f0 [ 258.855301][T17896] EXT4-fs (loop1): 1 truncate cleaned up [ 258.855297][T17911] __netlink_deliver_tap+0x2c9/0x500 [ 258.855349][T17911] netlink_unicast+0x64c/0x670 [ 258.855387][T17911] netlink_sendmsg+0x58b/0x6b0 [ 258.855433][T17911] ? __pfx_netlink_sendmsg+0x10/0x10 [ 258.855483][T17911] __sock_sendmsg+0x142/0x180 [ 258.855585][T17911] ____sys_sendmsg+0x31e/0x4e0 [ 258.855614][T17911] ___sys_sendmsg+0x17b/0x1d0 [ 258.855662][T17911] __x64_sys_sendmsg+0xd4/0x160 [ 258.855693][T17911] x64_sys_call+0x2999/0x2fb0 [ 258.855721][T17911] do_syscall_64+0xd0/0x1a0 [ 258.855768][T17911] ? clear_bhb_loop+0x25/0x80 [ 258.855797][T17911] ? clear_bhb_loop+0x25/0x80 [ 258.855841][T17911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.855869][T17911] RIP: 0033:0x7f9c7bbbe969 [ 258.855887][T17911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.855988][T17911] RSP: 002b:00007f9c7a227038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 258.856074][T17911] RAX: ffffffffffffffda RBX: 00007f9c7bde5fa0 RCX: 00007f9c7bbbe969 [ 258.856164][T17911] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000007 [ 258.856179][T17911] RBP: 00007f9c7a227090 R08: 0000000000000000 R09: 0000000000000000 [ 258.856251][T17911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 258.856267][T17911] R13: 0000000000000000 R14: 00007f9c7bde5fa0 R15: 00007ffe0eb10088 [ 258.856290][T17911] [ 259.066892][T17896] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 259.231283][T17938] EXT4-fs error (device loop1): ext4_find_dest_de:2054: inode #2: block 13: comm syz.1.3283: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 259.371573][T17951] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3297'. [ 259.410704][T17949] loop3: detected capacity change from 0 to 8192 [ 259.431814][T17949] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 259.440488][T17949] FAT-fs (loop3): Filesystem has been set read-only [ 259.572984][T17980] loop4: detected capacity change from 0 to 512 [ 259.589799][T17980] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 259.609936][T17985] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3300'. [ 259.630782][T17980] EXT4-fs (loop4): 1 truncate cleaned up [ 259.650736][T17980] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 259.855743][T18000] EXT4-fs error (device loop4): ext4_find_dest_de:2054: inode #2: block 13: comm syz.4.3299: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 259.904848][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.928466][T18002] FAULT_INJECTION: forcing a failure. [ 259.928466][T18002] name failslab, interval 1, probability 0, space 0, times 0 [ 259.941715][T18002] CPU: 1 UID: 0 PID: 18002 Comm: syz.0.3304 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 259.941818][T18002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 259.941832][T18002] Call Trace: [ 259.941839][T18002] [ 259.941849][T18002] __dump_stack+0x1d/0x30 [ 259.941875][T18002] dump_stack_lvl+0xe8/0x140 [ 259.941898][T18002] dump_stack+0x15/0x1b [ 259.941943][T18002] should_fail_ex+0x265/0x280 [ 259.941984][T18002] should_failslab+0x8c/0xb0 [ 259.942013][T18002] kmem_cache_alloc_node_noprof+0x57/0x320 [ 259.942047][T18002] ? __alloc_skb+0x101/0x320 [ 259.942090][T18002] __alloc_skb+0x101/0x320 [ 259.942140][T18002] ? audit_log_start+0x365/0x6c0 [ 259.942179][T18002] audit_log_start+0x380/0x6c0 [ 259.942216][T18002] audit_seccomp+0x48/0x100 [ 259.942239][T18002] ? __seccomp_filter+0x68c/0x10d0 [ 259.942331][T18002] __seccomp_filter+0x69d/0x10d0 [ 259.942358][T18002] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 259.942446][T18002] ? vfs_write+0x75e/0x8d0 [ 259.942475][T18002] ? __rcu_read_unlock+0x4f/0x70 [ 259.942495][T18002] ? __fget_files+0x184/0x1c0 [ 259.942531][T18002] __secure_computing+0x82/0x150 [ 259.942605][T18002] syscall_trace_enter+0xcf/0x1e0 [ 259.942634][T18002] do_syscall_64+0xaa/0x1a0 [ 259.942731][T18002] ? clear_bhb_loop+0x25/0x80 [ 259.942757][T18002] ? clear_bhb_loop+0x25/0x80 [ 259.942784][T18002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.942869][T18002] RIP: 0033:0x7ff64ad4e969 [ 259.942889][T18002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.942912][T18002] RSP: 002b:00007ff6493b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 259.942935][T18002] RAX: ffffffffffffffda RBX: 00007ff64af75fa0 RCX: 00007ff64ad4e969 [ 259.942950][T18002] RDX: 0000000000000000 RSI: 000000000000008c RDI: 0000000000000010 [ 259.943015][T18002] RBP: 00007ff6493b7090 R08: 0000000000000000 R09: 0000000000000000 [ 259.943053][T18002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 259.943069][T18002] R13: 0000000000000000 R14: 00007ff64af75fa0 R15: 00007ffd5e918928 [ 259.943092][T18002] [ 260.779318][T18036] loop2: detected capacity change from 0 to 8192 [ 260.816831][T18038] bridge_slave_1: left allmulticast mode [ 260.822554][T18038] bridge_slave_1: left promiscuous mode [ 260.828438][T18038] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.858272][T18036] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 260.866914][T18036] FAT-fs (loop2): Filesystem has been set read-only [ 260.877455][T18038] bridge_slave_0: left allmulticast mode [ 260.883224][T18038] bridge_slave_0: left promiscuous mode [ 260.889717][T18038] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.949417][ T3616] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 260.964157][T18053] loop0: detected capacity change from 0 to 512 [ 260.971853][T18053] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 260.989270][ T29] kauditd_printk_skb: 54 callbacks suppressed [ 260.989288][ T29] audit: type=1326 audit(1746862750.585:5618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18058 comm="syz.4.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7deade969 code=0x7ffc0000 [ 260.990562][T18061] loop4: detected capacity change from 0 to 128 [ 260.995453][ T29] audit: type=1326 audit(1746862750.585:5619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18058 comm="syz.4.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7deade969 code=0x7ffc0000 [ 261.048934][ T29] audit: type=1326 audit(1746862750.585:5620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18058 comm="syz.4.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb7deade969 code=0x7ffc0000 [ 261.072541][ T29] audit: type=1326 audit(1746862750.585:5621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18058 comm="syz.4.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb7deade9a3 code=0x7ffc0000 [ 261.073638][T18070] loop4: detected capacity change from 0 to 512 [ 261.096199][ T29] audit: type=1326 audit(1746862750.585:5622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18058 comm="syz.4.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb7deadd41f code=0x7ffc0000 [ 261.108691][T18053] EXT4-fs (loop0): 1 truncate cleaned up [ 261.125616][ T29] audit: type=1326 audit(1746862750.585:5623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18058 comm="syz.4.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb7deade9f7 code=0x7ffc0000 [ 261.125689][ T29] audit: type=1326 audit(1746862750.585:5624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18058 comm="syz.4.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb7deadd2d0 code=0x7ffc0000 [ 261.133793][T18053] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 261.154945][ T29] audit: type=1326 audit(1746862750.585:5625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18058 comm="syz.4.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb7deade56b code=0x7ffc0000 [ 261.154983][ T29] audit: type=1326 audit(1746862750.625:5626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18058 comm="syz.4.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb7deadd5ca code=0x7ffc0000 [ 261.155035][ T29] audit: type=1326 audit(1746862750.625:5627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18058 comm="syz.4.3315" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb7deadd5ca code=0x7ffc0000 [ 261.156605][T18070] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 261.274735][T18070] EXT4-fs (loop4): 1 truncate cleaned up [ 261.280945][T18070] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 261.322463][T18080] loop1: detected capacity change from 0 to 1024 [ 261.349445][T18081] EXT4-fs error (device loop0): ext4_find_dest_de:2054: inode #2: block 13: comm syz.0.3314: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 261.371722][T18080] EXT4-fs: Invalid journal IO priority (must be 0-7) [ 262.410289][T18119] EXT4-fs error (device loop4): ext4_find_dest_de:2054: inode #2: block 13: comm syz.4.3316: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 262.955711][ T3616] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.988079][T15029] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 263.223104][T18166] __nla_validate_parse: 5 callbacks suppressed [ 263.223124][T18166] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3333'. [ 263.312456][T18162] loop1: detected capacity change from 0 to 8192 [ 263.360748][T18170] loop0: detected capacity change from 0 to 2048 [ 264.604682][T18202] loop3: detected capacity change from 0 to 512 [ 264.692667][T18202] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 264.716052][T18202] EXT4-fs (loop3): 1 truncate cleaned up [ 264.727169][T18202] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 264.959330][T18288] EXT4-fs error (device loop3): ext4_find_dest_de:2054: inode #2: block 13: comm syz.3.3337: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 265.041114][T18292] loop1: detected capacity change from 0 to 1024 [ 265.048761][T18292] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 265.059739][T18292] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 265.098027][T18292] JBD2: no valid journal superblock found [ 265.103821][T18292] EXT4-fs (loop1): Could not load journal inode [ 265.544152][T18347] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3351'. [ 265.665263][T18353] FAULT_INJECTION: forcing a failure. [ 265.665263][T18353] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 265.678574][T18353] CPU: 0 UID: 0 PID: 18353 Comm: syz.4.3353 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 265.678602][T18353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 265.678618][T18353] Call Trace: [ 265.678626][T18353] [ 265.678636][T18353] __dump_stack+0x1d/0x30 [ 265.678670][T18353] dump_stack_lvl+0xe8/0x140 [ 265.678769][T18353] dump_stack+0x15/0x1b [ 265.678784][T18353] should_fail_ex+0x265/0x280 [ 265.678856][T18353] should_fail+0xb/0x20 [ 265.678897][T18353] should_fail_usercopy+0x1a/0x20 [ 265.678943][T18353] _copy_from_user+0x1c/0xb0 [ 265.678965][T18353] __sys_sendto+0x19e/0x330 [ 265.679016][T18353] __x64_sys_sendto+0x76/0x90 [ 265.679111][T18353] x64_sys_call+0x2eb6/0x2fb0 [ 265.679132][T18353] do_syscall_64+0xd0/0x1a0 [ 265.679159][T18353] ? clear_bhb_loop+0x25/0x80 [ 265.679187][T18353] ? clear_bhb_loop+0x25/0x80 [ 265.679265][T18353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.679301][T18353] RIP: 0033:0x7fb7deade969 [ 265.679319][T18353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.679356][T18353] RSP: 002b:00007fb7dd126038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 265.679374][T18353] RAX: ffffffffffffffda RBX: 00007fb7ded06080 RCX: 00007fb7deade969 [ 265.679385][T18353] RDX: 0000000000034000 RSI: 0000200000000300 RDI: 0000000000000003 [ 265.679400][T18353] RBP: 00007fb7dd126090 R08: 0000200000000380 R09: 0000000000000010 [ 265.679425][T18353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 265.679440][T18353] R13: 0000000000000001 R14: 00007fb7ded06080 R15: 00007ffc87742f38 [ 265.679463][T18353] [ 265.945825][T16884] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 266.053498][T18378] netlink: 'syz.3.3360': attribute type 1 has an invalid length. [ 266.076446][T18378] netlink: 3 bytes leftover after parsing attributes in process `syz.3.3360'. [ 266.089641][T18378] batadv1: entered promiscuous mode [ 266.094887][T18378] batadv1: entered allmulticast mode [ 266.235840][T18394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3365'. [ 266.271019][ T29] kauditd_printk_skb: 208 callbacks suppressed [ 266.271038][ T29] audit: type=1326 audit(1746862755.865:5836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.0.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 266.320261][ T29] audit: type=1326 audit(1746862755.865:5837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.0.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 266.343910][ T29] audit: type=1326 audit(1746862755.865:5838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.0.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 266.367548][ T29] audit: type=1326 audit(1746862755.865:5839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.0.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 266.375941][T18403] loop3: detected capacity change from 0 to 512 [ 266.390969][ T29] audit: type=1326 audit(1746862755.865:5840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.0.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 266.400266][T18403] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 266.420782][ T29] audit: type=1326 audit(1746862755.865:5841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.0.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 266.420831][ T29] audit: type=1326 audit(1746862755.865:5842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.0.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 266.478009][ T29] audit: type=1326 audit(1746862755.865:5843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.0.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 266.480388][T18403] EXT4-fs (loop3): 1 truncate cleaned up [ 266.501454][ T29] audit: type=1326 audit(1746862755.865:5844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.0.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 266.511484][T18403] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.530778][ T29] audit: type=1326 audit(1746862755.865:5845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18399 comm="syz.0.3367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 266.636066][T18417] loop1: detected capacity change from 0 to 512 [ 266.687107][T18424] EXT4-fs error (device loop3): ext4_find_dest_de:2054: inode #2: block 13: comm syz.3.3368: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 266.722745][T18417] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 266.767425][T18417] EXT4-fs (loop1): 1 truncate cleaned up [ 266.775281][T18417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.902842][T18419] loop0: detected capacity change from 0 to 128 [ 266.980481][T18445] EXT4-fs error (device loop1): ext4_find_dest_de:2054: inode #2: block 13: comm syz.1.3372: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 267.004106][T18447] netlink: 300 bytes leftover after parsing attributes in process `syz.4.3381'. [ 267.106436][T18453] loop4: detected capacity change from 0 to 512 [ 267.127522][T18453] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 267.172973][T18453] EXT4-fs (loop4): 1 truncate cleaned up [ 267.197365][T18453] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 267.224885][T16884] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.289274][T18465] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3386'. [ 267.303374][T18468] loop0: detected capacity change from 0 to 256 [ 267.322090][T18470] EXT4-fs error (device loop4): ext4_find_dest_de:2054: inode #2: block 13: comm syz.4.3383: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 267.357750][T18468] FAT-fs (loop0): Directory bread(block 64) failed [ 267.372430][T18468] FAT-fs (loop0): Directory bread(block 65) failed [ 267.408800][T18468] FAT-fs (loop0): Directory bread(block 66) failed [ 267.415725][T18468] FAT-fs (loop0): Directory bread(block 67) failed [ 267.422602][T18468] FAT-fs (loop0): Directory bread(block 68) failed [ 267.429425][T18468] FAT-fs (loop0): Directory bread(block 69) failed [ 267.436125][T18468] FAT-fs (loop0): Directory bread(block 70) failed [ 267.442832][T18468] FAT-fs (loop0): Directory bread(block 71) failed [ 267.449561][T18468] FAT-fs (loop0): Directory bread(block 72) failed [ 267.467885][T18468] FAT-fs (loop0): Directory bread(block 73) failed [ 267.495316][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.743466][T18509] loop3: detected capacity change from 0 to 2048 [ 267.828513][T18515] netlink: 300 bytes leftover after parsing attributes in process `syz.1.3394'. [ 267.922987][T18522] loop3: detected capacity change from 0 to 512 [ 267.930229][T18524] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3395'. [ 267.937331][T18522] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 267.982442][T18522] EXT4-fs (loop3): 1 truncate cleaned up [ 267.996279][T18522] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 268.079308][T18535] loop2: detected capacity change from 0 to 128 [ 268.130832][T18544] EXT4-fs error (device loop3): ext4_find_dest_de:2054: inode #2: block 13: comm syz.3.3396: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 268.133056][T18543] loop1: detected capacity change from 0 to 512 [ 268.157952][T18543] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 268.179924][T18543] EXT4-fs (loop1): 1 truncate cleaned up [ 268.196774][ T3616] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.209870][T18543] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 268.375419][T18572] loop2: detected capacity change from 0 to 2048 [ 268.386387][T18566] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3407'. [ 268.386833][T18575] EXT4-fs error (device loop1): ext4_find_dest_de:2054: inode #2: block 13: comm syz.1.3402: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 268.417864][T18577] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3408'. [ 268.648753][T18596] 9pnet_fd: Insufficient options for proto=fd [ 268.761561][T18608] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3421'. [ 268.787888][T16884] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.834673][T18616] FAULT_INJECTION: forcing a failure. [ 268.834673][T18616] name failslab, interval 1, probability 0, space 0, times 0 [ 268.847602][T18616] CPU: 0 UID: 0 PID: 18616 Comm: syz.4.3424 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 268.847636][T18616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 268.847652][T18616] Call Trace: [ 268.847659][T18616] [ 268.847669][T18616] __dump_stack+0x1d/0x30 [ 268.847741][T18616] dump_stack_lvl+0xe8/0x140 [ 268.847759][T18616] dump_stack+0x15/0x1b [ 268.847777][T18616] should_fail_ex+0x265/0x280 [ 268.847817][T18616] should_failslab+0x8c/0xb0 [ 268.847861][T18616] kmem_cache_alloc_noprof+0x50/0x310 [ 268.847900][T18616] ? audit_log_start+0x365/0x6c0 [ 268.847951][T18616] audit_log_start+0x365/0x6c0 [ 268.847992][T18616] audit_seccomp+0x48/0x100 [ 268.848040][T18616] ? __seccomp_filter+0x68c/0x10d0 [ 268.848069][T18616] __seccomp_filter+0x69d/0x10d0 [ 268.848089][T18616] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 268.848116][T18616] ? vfs_write+0x75e/0x8d0 [ 268.848230][T18616] __secure_computing+0x82/0x150 [ 268.848253][T18616] syscall_trace_enter+0xcf/0x1e0 [ 268.848304][T18616] do_syscall_64+0xaa/0x1a0 [ 268.848333][T18616] ? clear_bhb_loop+0x25/0x80 [ 268.848359][T18616] ? clear_bhb_loop+0x25/0x80 [ 268.848430][T18616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.848474][T18616] RIP: 0033:0x7fb7deade969 [ 268.848490][T18616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.848512][T18616] RSP: 002b:00007fb7dd147038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 268.848541][T18616] RAX: ffffffffffffffda RBX: 00007fb7ded05fa0 RCX: 00007fb7deade969 [ 268.848552][T18616] RDX: 0000000000000032 RSI: 00002000000002c0 RDI: 0000000000000003 [ 268.848564][T18616] RBP: 00007fb7dd147090 R08: 0000000000000000 R09: 0000000000000000 [ 268.848575][T18616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 268.848647][T18616] R13: 0000000000000000 R14: 00007fb7ded05fa0 R15: 00007ffc87742f38 [ 268.848669][T18616] [ 269.123926][T18627] 9pnet_fd: Insufficient options for proto=fd [ 269.163171][T18629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3426'. [ 269.183163][T18633] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3431'. [ 269.209787][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 269.232144][T18642] netlink: 300 bytes leftover after parsing attributes in process `syz.1.3433'. [ 270.637562][T18705] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3438'. [ 270.786640][T18711] 9pnet_fd: Insufficient options for proto=fd [ 271.103617][T18755] loop0: detected capacity change from 0 to 512 [ 271.110497][T18757] loop2: detected capacity change from 0 to 1024 [ 271.122609][T18755] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 271.243526][T18643] netlink: 830 bytes leftover after parsing attributes in process `syz.3.3428'. [ 271.262866][T18755] EXT4-fs (loop0): 1 truncate cleaned up [ 271.280940][T18757] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 271.453695][T18755] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 271.894641][T18817] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3451'. [ 271.948662][T15029] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.111726][ T29] kauditd_printk_skb: 72 callbacks suppressed [ 272.111744][ T29] audit: type=1326 audit(1746862761.704:5916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18827 comm="syz.1.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 272.159502][ T29] audit: type=1326 audit(1746862761.704:5917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18827 comm="syz.1.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 272.183161][ T29] audit: type=1326 audit(1746862761.704:5918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18827 comm="syz.1.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 272.206775][ T29] audit: type=1326 audit(1746862761.704:5919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18827 comm="syz.1.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 272.230296][ T29] audit: type=1326 audit(1746862761.704:5920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18827 comm="syz.1.3456" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 272.294428][T18838] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3459'. [ 272.356707][ T29] audit: type=1326 audit(1746862761.934:5921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18837 comm="syz.1.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 272.380416][ T29] audit: type=1326 audit(1746862761.934:5922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18837 comm="syz.1.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 272.403880][ T29] audit: type=1326 audit(1746862761.934:5923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18837 comm="syz.1.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 272.427490][ T29] audit: type=1326 audit(1746862761.934:5924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18837 comm="syz.1.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 272.450920][ T29] audit: type=1326 audit(1746862761.934:5925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18837 comm="syz.1.3459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 272.497509][T18846] loop4: detected capacity change from 0 to 512 [ 272.504473][T18846] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 272.505623][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.535707][T18846] EXT4-fs (loop4): 1 truncate cleaned up [ 272.544875][T18846] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 272.749012][T18875] loop2: detected capacity change from 0 to 2048 [ 272.939856][ T36] kernel write not supported for file /226/attr/exec (pid: 36 comm: kworker/1:1) [ 273.074384][T18904] loop3: detected capacity change from 0 to 2048 [ 273.600786][ T3616] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 273.631400][T18941] loop3: detected capacity change from 0 to 2048 [ 273.640917][T18945] __nla_validate_parse: 6 callbacks suppressed [ 273.640935][T18945] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3486'. [ 273.662094][T18918] netlink: 830 bytes leftover after parsing attributes in process `syz.1.3476'. [ 273.883366][T18963] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3491'. [ 274.009867][ T1040] kernel write not supported for file /237/attr/exec (pid: 1040 comm: kworker/0:2) [ 274.270832][T18955] chnl_net:caif_netlink_parms(): no params data found [ 274.434615][T18955] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.441770][T18955] bridge0: port 1(bridge_slave_0) entered disabled state [ 274.462220][T18955] bridge_slave_0: entered allmulticast mode [ 274.472764][T18955] bridge_slave_0: entered promiscuous mode [ 274.493536][T18955] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.498923][T19150] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3501'. [ 274.500676][T18955] bridge0: port 2(bridge_slave_1) entered disabled state [ 274.525973][T18955] bridge_slave_1: entered allmulticast mode [ 274.533512][T18955] bridge_slave_1: entered promiscuous mode [ 274.571774][T18955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 274.592768][T18955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 274.626286][T19186] loop1: detected capacity change from 0 to 512 [ 274.630538][T18971] netlink: 830 bytes leftover after parsing attributes in process `syz.2.3490'. [ 274.646524][T19186] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 274.663885][T18955] team0: Port device team_slave_0 added [ 274.673390][T18955] team0: Port device team_slave_1 added [ 274.680625][T19186] EXT4-fs (loop1): 1 truncate cleaned up [ 274.710758][T19186] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 274.748475][T18955] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 274.755502][T18955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 274.781567][T18955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 274.825928][T18955] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 274.833051][T18955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 274.859052][T18955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 274.886106][T19267] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3503'. [ 274.976540][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 274.992282][T18955] hsr_slave_0: entered promiscuous mode [ 275.000719][T18955] hsr_slave_1: entered promiscuous mode [ 275.006848][T18955] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 275.016707][T18955] Cannot create hsr debugfs directory [ 275.079077][ T36] kernel write not supported for file /247/attr/exec (pid: 36 comm: kworker/1:1) [ 275.193406][T18955] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.251094][T18955] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.313440][T18955] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.356126][T19383] ALSA: seq fatal error: cannot create timer (-19) [ 275.371100][T18955] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.492689][T18955] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 275.505045][T19394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3515'. [ 275.519669][T18955] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 275.542223][T18955] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 275.560574][T18955] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 275.581253][T19409] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3516'. [ 275.606248][T19385] netlink: 830 bytes leftover after parsing attributes in process `syz.0.3511'. [ 275.634341][T18955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 275.656970][T18955] 8021q: adding VLAN 0 to HW filter on device team0 [ 275.671172][ T51] bridge0: port 1(bridge_slave_0) entered blocking state [ 275.678364][ T51] bridge0: port 1(bridge_slave_0) entered forwarding state [ 275.708944][ T264] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.716109][ T264] bridge0: port 2(bridge_slave_1) entered forwarding state [ 275.735973][T18955] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 275.746632][T18955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 275.828755][T18955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 275.985988][T18955] veth0_vlan: entered promiscuous mode [ 275.994890][T19439] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3522'. [ 275.997510][T18955] veth1_vlan: entered promiscuous mode [ 276.020271][T18955] veth0_macvtap: entered promiscuous mode [ 276.029556][T18955] veth1_macvtap: entered promiscuous mode [ 276.040528][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.051110][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.061082][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.072160][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.082084][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.092628][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.102555][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.113041][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.123037][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.133591][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.143514][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 276.154112][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.170418][T18955] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 276.183120][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.193719][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.203699][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.214324][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.224318][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.234857][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.244741][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.255363][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.265343][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.275962][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.285814][T18955] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 276.296331][T18955] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 276.307262][T18955] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 276.315792][T18955] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.324793][T18955] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.333631][T18955] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 276.342412][T18955] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.626415][ T29] kauditd_printk_skb: 69 callbacks suppressed [ 277.626431][ T29] audit: type=1326 audit(1746862767.214:5995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19499 comm="syz.2.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 277.663095][ T29] audit: type=1326 audit(1746862767.234:5996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19499 comm="syz.2.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 277.686631][ T29] audit: type=1326 audit(1746862767.234:5997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19499 comm="syz.2.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 277.710565][ T29] audit: type=1326 audit(1746862767.234:5998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19499 comm="syz.2.3536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 277.786182][T19504] ALSA: seq fatal error: cannot create timer (-19) [ 277.856162][ T3390] kernel write not supported for file /211/attr/exec (pid: 3390 comm: kworker/1:3) [ 277.987695][T19517] loop2: detected capacity change from 0 to 1024 [ 278.031548][ T29] audit: type=1326 audit(1746862767.633:5999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19518 comm="syz.1.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 278.226391][ T29] audit: type=1326 audit(1746862767.643:6000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19518 comm="syz.1.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 278.249955][ T29] audit: type=1326 audit(1746862767.643:6001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19518 comm="syz.1.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 278.273446][ T29] audit: type=1326 audit(1746862767.643:6002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19518 comm="syz.1.3544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 278.408360][T19517] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 278.531941][T19517] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 278.662030][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 278.787287][T19577] ALSA: seq fatal error: cannot create timer (-19) [ 278.868473][T19585] __nla_validate_parse: 6 callbacks suppressed [ 278.868489][T19585] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3553'. [ 278.921863][T19587] netlink: 300 bytes leftover after parsing attributes in process `syz.0.3554'. [ 279.054479][T19596] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3556'. [ 279.064843][ T23] kernel write not supported for file /9/attr/exec (pid: 23 comm: kworker/1:0) [ 279.112828][T19598] loop2: detected capacity change from 0 to 512 [ 279.153305][T19598] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 279.174529][T19598] EXT4-fs (loop2): 1 truncate cleaned up [ 279.184912][T19598] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 279.316562][T19616] loop4: detected capacity change from 0 to 512 [ 279.334676][T19614] loop1: detected capacity change from 0 to 2048 [ 279.341119][T19616] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 279.382335][T19616] EXT4-fs (loop4): 1 truncate cleaned up [ 279.509643][T19622] EXT4-fs error (device loop2): ext4_find_dest_de:2054: inode #2: block 13: comm syz.2.3550: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 279.577352][T19616] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.094932][T19509] netlink: 830 bytes leftover after parsing attributes in process `syz.3.3539'. [ 280.138614][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.266675][T19704] loop1: detected capacity change from 0 to 1024 [ 280.280828][T18955] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.307502][T19704] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.357598][T19704] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 280.417453][T19723] bridge: RTM_NEWNEIGH with invalid ether address [ 280.419629][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 280.444745][T19725] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3573'. [ 280.473064][T19729] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3576'. [ 280.478497][T19728] loop0: detected capacity change from 0 to 512 [ 280.520617][T19728] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 280.581276][T19728] EXT4-fs (loop0): 1 truncate cleaned up [ 280.595480][T19728] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 280.639885][T19748] netlink: 300 bytes leftover after parsing attributes in process `syz.2.3582'. [ 281.090228][T19761] loop2: detected capacity change from 0 to 512 [ 281.206831][T19761] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 281.286660][T19761] EXT4-fs (loop2): 1 truncate cleaned up [ 281.293048][T19761] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 281.367180][T19763] ALSA: seq fatal error: cannot create timer (-19) [ 281.376538][T19816] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3589'. [ 281.392554][T19815] bridge: RTM_NEWNEIGH with invalid ether address [ 281.400089][T19816] bridge_slave_1: left allmulticast mode [ 281.405767][T19816] bridge_slave_1: left promiscuous mode [ 281.411638][T19816] bridge0: port 2(bridge_slave_1) entered disabled state [ 281.423153][T19816] bridge_slave_0: left allmulticast mode [ 281.428991][T19816] bridge_slave_0: left promiscuous mode [ 281.428995][T15029] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 281.434804][T19816] bridge0: port 1(bridge_slave_0) entered disabled state [ 281.543731][T19833] netlink: 300 bytes leftover after parsing attributes in process `syz.0.3593'. [ 281.637287][ T29] audit: type=1326 audit(1746862771.233:6003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19840 comm="syz.3.3596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7bbbe969 code=0x7ffc0000 [ 281.694115][ T29] audit: type=1326 audit(1746862771.273:6004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19840 comm="syz.3.3596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f9c7bbbe969 code=0x7ffc0000 [ 281.746659][T19847] loop3: detected capacity change from 0 to 512 [ 281.757463][T19847] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 281.797167][T19847] EXT4-fs (loop3): 1 truncate cleaned up [ 281.803652][T19847] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 281.959966][T19867] loop1: detected capacity change from 0 to 1024 [ 282.003847][T19867] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 282.029903][T19867] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 282.072691][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.090049][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.433072][T19914] loop0: detected capacity change from 0 to 1024 [ 282.567827][T19914] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 282.588890][T19914] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 282.635630][T15029] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.645090][T19971] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3624'. [ 282.683427][T16884] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.697865][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 282.697961][ T29] audit: type=1326 audit(1746862772.293:6010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19979 comm="syz.1.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 282.731035][ T29] audit: type=1326 audit(1746862772.323:6011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19979 comm="syz.1.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 282.754594][ T29] audit: type=1326 audit(1746862772.323:6012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19979 comm="syz.1.3628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 283.137306][ T29] audit: type=1326 audit(1746862772.713:6013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20045 comm="syz.4.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 283.161007][ T29] audit: type=1326 audit(1746862772.713:6014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20045 comm="syz.4.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 283.184914][ T29] audit: type=1326 audit(1746862772.713:6015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20045 comm="syz.4.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 283.208506][ T29] audit: type=1326 audit(1746862772.713:6016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20045 comm="syz.4.3642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 284.375425][ T1040] kernel write not supported for file /207/attr/exec (pid: 1040 comm: kworker/0:2) [ 284.626320][ T1040] kernel write not supported for file /289/attr/exec (pid: 1040 comm: kworker/0:2) [ 284.655056][T20144] __nla_validate_parse: 1 callbacks suppressed [ 284.655152][T20144] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3654'. [ 284.706790][T20150] loop1: detected capacity change from 0 to 1024 [ 284.730858][T20150] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 284.747915][T20150] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 284.771903][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 284.883110][T20180] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3661'. [ 285.408171][ T36] kernel write not supported for file /343/attr/exec (pid: 36 comm: kworker/1:1) [ 285.741340][T20246] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3669'. [ 285.818667][T20259] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3672'. [ 285.854096][T20261] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3673'. [ 285.953135][T20284] netlink: 300 bytes leftover after parsing attributes in process `syz.1.3681'. [ 286.030669][T20296] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3687'. [ 286.106113][T20304] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3690'. [ 286.529056][T20337] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3691'. [ 286.648070][T20336] loop4: detected capacity change from 0 to 128 [ 286.811463][T20351] netlink: 300 bytes leftover after parsing attributes in process `syz.2.3695'. [ 286.922043][ T29] audit: type=1326 audit(1746862776.522:6017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20362 comm="syz.2.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 286.945697][ T29] audit: type=1326 audit(1746862776.522:6018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20362 comm="syz.2.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 286.967973][T20365] loop1: detected capacity change from 0 to 1024 [ 286.999199][T20365] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.014843][ T29] audit: type=1326 audit(1746862776.572:6019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20362 comm="syz.2.3698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 287.018015][ T1040] kernel write not supported for file /371/attr/exec (pid: 1040 comm: kworker/0:2) [ 287.054022][T20365] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 287.100486][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.197503][T20336] loop4: detected capacity change from 0 to 256 [ 287.373930][T20336] FAT-fs (loop4): Directory bread(block 64) failed [ 287.383763][T20336] FAT-fs (loop4): Directory bread(block 65) failed [ 287.391586][T20336] FAT-fs (loop4): Directory bread(block 66) failed [ 287.399048][T20336] FAT-fs (loop4): Directory bread(block 67) failed [ 287.407474][T20336] FAT-fs (loop4): Directory bread(block 68) failed [ 287.415304][T20336] FAT-fs (loop4): Directory bread(block 69) failed [ 287.423982][T20336] FAT-fs (loop4): Directory bread(block 70) failed [ 287.431885][T20336] FAT-fs (loop4): Directory bread(block 71) failed [ 287.439714][T20336] FAT-fs (loop4): Directory bread(block 72) failed [ 287.447114][T20336] FAT-fs (loop4): Directory bread(block 73) failed [ 287.703649][T20454] loop3: detected capacity change from 0 to 512 [ 287.717447][T20454] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 287.734902][T20454] EXT4-fs (loop3): 1 truncate cleaned up [ 287.741348][T20454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.765830][T20459] loop4: detected capacity change from 0 to 1024 [ 287.792659][T20459] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.815628][T20459] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 287.843230][T18955] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.891371][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 287.891387][ T29] audit: type=1326 audit(1746862777.482:6029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20466 comm="syz.4.3715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 287.921084][ T29] audit: type=1326 audit(1746862777.482:6030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20466 comm="syz.4.3715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 287.944580][ T29] audit: type=1326 audit(1746862777.482:6031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20466 comm="syz.4.3715" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 288.157438][ T29] audit: type=1326 audit(1746862777.752:6032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20494 comm="syz.1.3724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 288.181294][ T29] audit: type=1326 audit(1746862777.752:6033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20494 comm="syz.1.3724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 288.204939][ T29] audit: type=1326 audit(1746862777.752:6034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20494 comm="syz.1.3724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 288.228710][ T29] audit: type=1326 audit(1746862777.752:6035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20494 comm="syz.1.3724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 288.252381][ T29] audit: type=1326 audit(1746862777.752:6036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20494 comm="syz.1.3724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 288.283876][T20499] loop4: detected capacity change from 0 to 1024 [ 288.297187][T20493] loop2: detected capacity change from 0 to 1024 [ 288.319303][ T29] audit: type=1326 audit(1746862777.912:6037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20506 comm="syz.0.3729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 288.343058][ T29] audit: type=1326 audit(1746862777.912:6038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20506 comm="syz.0.3729" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff64ad4e969 code=0x7ffc0000 [ 288.378063][T20493] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.380757][T16884] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.400716][T20499] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.432307][T20499] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 288.520195][T18955] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.636588][ T23] kernel write not supported for file /240/attr/exec (pid: 23 comm: kworker/1:0) [ 288.712488][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.810716][T20588] loop2: detected capacity change from 0 to 512 [ 288.817955][T20588] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 288.831882][T20588] EXT4-fs (loop2): 1 truncate cleaned up [ 288.838238][T20588] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 288.964345][T20600] EXT4-fs error (device loop2): ext4_find_dest_de:2054: inode #2: block 13: comm syz.2.3748: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 289.682406][T20685] __nla_validate_parse: 12 callbacks suppressed [ 289.682424][T20685] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3764'. [ 289.712372][T20687] netlink: 300 bytes leftover after parsing attributes in process `syz.3.3765'. [ 289.743471][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.761671][T20691] loop4: detected capacity change from 0 to 512 [ 289.774546][T20691] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 289.819717][T20707] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3771'. [ 289.829060][T20691] EXT4-fs (loop4): 1 truncate cleaned up [ 289.838819][T20691] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 289.933546][T20726] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3777'. [ 289.977859][T20729] EXT4-fs error (device loop4): ext4_find_dest_de:2054: inode #2: block 13: comm syz.4.3767: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 290.084649][T20734] netlink: 300 bytes leftover after parsing attributes in process `syz.2.3779'. [ 290.188233][T20761] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3781'. [ 290.357753][T20776] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3786'. [ 290.436658][T20784] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3790'. [ 290.561792][T20792] netlink: 300 bytes leftover after parsing attributes in process `syz.3.3792'. [ 290.623511][T20801] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3794'. [ 290.729053][T20823] loop2: detected capacity change from 0 to 512 [ 290.757244][T20823] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 290.796005][T20823] EXT4-fs (loop2): 1 truncate cleaned up [ 290.810359][T20823] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 290.828691][T18955] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.253608][T20930] loop4: detected capacity change from 0 to 1024 [ 291.282983][T20930] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.313855][T20930] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 291.367908][T18955] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.436196][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.453438][ T10] kernel write not supported for file /441/attr/exec (pid: 10 comm: kworker/0:1) [ 291.526726][T20967] ALSA: seq fatal error: cannot create timer (-19) [ 291.608929][T20982] loop4: detected capacity change from 0 to 1024 [ 291.621724][T20982] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.633654][ T2970] kernel write not supported for file /453/attr/exec (pid: 2970 comm: kworker/1:2) [ 291.644646][T20982] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 291.670783][T18955] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.885534][ T10] kernel write not supported for file /136/attr/exec (pid: 10 comm: kworker/0:1) [ 291.920424][T21031] loop3: detected capacity change from 0 to 1024 [ 291.932667][T21031] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.949777][T21031] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 291.974062][T16884] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.213219][ T36] kernel write not supported for file /393/attr/exec (pid: 36 comm: kworker/1:1) [ 292.374849][T21109] loop1: detected capacity change from 0 to 512 [ 292.382062][T21109] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 292.661380][T21109] EXT4-fs (loop1): 1 truncate cleaned up [ 292.685792][T21109] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 292.972842][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.133322][T21185] loop0: detected capacity change from 0 to 1024 [ 293.163751][T21185] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 293.184242][T21185] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 293.217984][T15029] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 293.262819][ T29] kauditd_printk_skb: 109 callbacks suppressed [ 293.262836][ T29] audit: type=1326 audit(1746862782.862:6148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21204 comm="syz.4.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 293.313273][ T29] audit: type=1326 audit(1746862782.892:6149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21204 comm="syz.4.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 293.336906][ T29] audit: type=1326 audit(1746862782.892:6150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21204 comm="syz.4.3878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 293.421402][ T29] audit: type=1326 audit(1746862783.022:6151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21227 comm="syz.2.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 293.447146][ T29] audit: type=1326 audit(1746862783.022:6152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21227 comm="syz.2.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 293.470928][ T29] audit: type=1326 audit(1746862783.042:6153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21227 comm="syz.2.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 293.494564][ T29] audit: type=1326 audit(1746862783.042:6154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21227 comm="syz.2.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 293.518280][ T29] audit: type=1326 audit(1746862783.042:6155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21227 comm="syz.2.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 293.541750][ T29] audit: type=1326 audit(1746862783.042:6156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21227 comm="syz.2.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 293.565570][ T29] audit: type=1326 audit(1746862783.042:6157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21227 comm="syz.2.3884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf76d6e969 code=0x7ffc0000 [ 293.687553][ T1040] kernel write not supported for file /486/attr/exec (pid: 1040 comm: kworker/0:2) [ 294.705331][T21365] loop2: detected capacity change from 0 to 512 [ 294.712524][T21365] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 294.724303][T21365] EXT4-fs (loop2): 1 truncate cleaned up [ 294.732620][T21365] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 294.851591][T21370] EXT4-fs error (device loop2): ext4_find_dest_de:2054: inode #2: block 13: comm syz.2.3909: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 295.103832][T21372] loop3: detected capacity change from 0 to 1024 [ 295.128495][T21372] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 295.147747][T21372] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 295.225457][T16884] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 295.417361][T21418] __nla_validate_parse: 21 callbacks suppressed [ 295.417382][T21418] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3918'. [ 295.531697][T21425] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3919'. [ 296.068379][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.156106][T21468] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3923'. [ 296.316850][T21508] netlink: 72 bytes leftover after parsing attributes in process `syz.0.3930'. [ 296.351105][T21512] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3932'. [ 296.933241][T21548] loop1: detected capacity change from 0 to 1024 [ 296.980995][T21548] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 297.064026][T21548] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3935: bg 0: block 88: padding at end of block bitmap is not set [ 297.095696][T15755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 297.167003][ T10] kernel write not supported for file /176/attr/exec (pid: 10 comm: kworker/0:1) [ 297.477782][T21599] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3944'. [ 297.489656][T21597] netlink: 72 bytes leftover after parsing attributes in process `syz.1.3942'. [ 297.527045][T21601] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3943'. [ 297.976191][T21640] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3949'. [ 297.986055][ T23] kernel write not supported for file /185/attr/exec (pid: 23 comm: kworker/1:0) [ 298.004119][T21643] loop3: detected capacity change from 0 to 1024 [ 298.034300][T21643] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 298.072764][T21643] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 298.086901][T21660] netlink: 72 bytes leftover after parsing attributes in process `syz.2.3956'. [ 298.108958][T16884] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.326255][ T29] kauditd_printk_skb: 64 callbacks suppressed [ 298.326272][ T29] audit: type=1326 audit(1746862787.921:6222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21686 comm="syz.1.3966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 298.356178][ T29] audit: type=1326 audit(1746862787.921:6223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21686 comm="syz.1.3966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 298.379653][ T29] audit: type=1326 audit(1746862787.921:6224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21686 comm="syz.1.3966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 298.403271][ T29] audit: type=1326 audit(1746862787.921:6225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21686 comm="syz.1.3966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 298.426848][ T29] audit: type=1326 audit(1746862787.921:6226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21686 comm="syz.1.3966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 298.450652][ T29] audit: type=1326 audit(1746862787.921:6227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21686 comm="syz.1.3966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 298.508456][ T29] audit: type=1326 audit(1746862788.101:6228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21686 comm="syz.1.3966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 298.774826][ T29] audit: type=1326 audit(1746862788.291:6229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21686 comm="syz.1.3966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83129be969 code=0x7ffc0000 [ 299.120178][ T2970] kernel write not supported for file /451/attr/exec (pid: 2970 comm: kworker/1:2) [ 299.286691][ T29] audit: type=1326 audit(1746862788.881:6230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21765 comm="syz.4.3977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 299.310337][ T29] audit: type=1326 audit(1746862788.881:6231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21765 comm="syz.4.3977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd90abbe969 code=0x7ffc0000 [ 299.458775][T21788] loop4: detected capacity change from 0 to 1024 [ 299.570294][T21788] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 299.798297][T18955] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.932497][ T2970] kernel write not supported for file /535/attr/exec (pid: 2970 comm: kworker/1:2) [ 300.329361][T21858] loop2: detected capacity change from 0 to 1024 [ 300.612972][T21858] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 300.649171][T21858] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm wg1: bg 0: block 88: padding at end of block bitmap is not set [ 300.699704][T14278] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 301.174737][T21888] loop3: detected capacity change from 0 to 512 [ 301.183653][T21888] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 301.195254][T21888] EXT4-fs (loop3): 1 truncate cleaned up [ 301.203088][T21888] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 301.371949][T21916] __nla_validate_parse: 16 callbacks suppressed [ 301.371969][T21916] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4017'. [ 301.411965][T21918] netlink: 300 bytes leftover after parsing attributes in process `syz.1.4018'. [ 301.536776][T21929] netlink: 72 bytes leftover after parsing attributes in process `syz.0.4021'. [ 301.638331][T21888] ================================================================== [ 301.646483][T21888] BUG: KCSAN: data-race in filemap_splice_read / filemap_splice_read [ 301.654602][T21888] [ 301.656941][T21888] write to 0xffff888118d33ee8 of 8 bytes by task 21895 on cpu 1: [ 301.664691][T21888] filemap_splice_read+0x47e/0x6b0 [ 301.669848][T21888] ext4_file_splice_read+0x8f/0xb0 [ 301.675012][T21888] splice_direct_to_actor+0x26c/0x680 [ 301.680424][T21888] do_splice_direct+0xda/0x150 [ 301.685216][T21888] do_sendfile+0x380/0x640 [ 301.689664][T21888] __x64_sys_sendfile64+0x105/0x150 [ 301.694896][T21888] x64_sys_call+0xb39/0x2fb0 [ 301.699528][T21888] do_syscall_64+0xd0/0x1a0 [ 301.704056][T21888] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.709960][T21888] [ 301.712290][T21888] write to 0xffff888118d33ee8 of 8 bytes by task 21888 on cpu 0: [ 301.720009][T21888] filemap_splice_read+0x47e/0x6b0 [ 301.725146][T21888] ext4_file_splice_read+0x8f/0xb0 [ 301.730274][T21888] splice_direct_to_actor+0x26c/0x680 [ 301.735669][T21888] do_splice_direct+0xda/0x150 [ 301.740976][T21888] do_sendfile+0x380/0x640 [ 301.745421][T21888] __x64_sys_sendfile64+0x105/0x150 [ 301.750637][T21888] x64_sys_call+0xb39/0x2fb0 [ 301.755241][T21888] do_syscall_64+0xd0/0x1a0 [ 301.759760][T21888] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.765663][T21888] [ 301.767988][T21888] value changed: 0x000000000000035e -> 0x000000000000035f [ 301.775097][T21888] [ 301.777416][T21888] Reported by Kernel Concurrency Sanitizer on: [ 301.783562][T21888] CPU: 0 UID: 0 PID: 21888 Comm: syz.3.4016 Not tainted 6.15.0-rc5-syzkaller-00204-g0e1329d4045c #0 PREEMPT(voluntary) [ 301.796071][T21888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 301.806135][T21888] ================================================================== [ 301.935905][T16884] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.