last executing test programs: 3.06440659s ago: executing program 0 (id=1565): rt_sigaction(0x40, &(0x7f0000000000)={0x0, 0x2, 0x0, {[0x3]}}, 0x0, 0x8, &(0x7f00000002c0)) r0 = getpid() r1 = syz_open_procfs(r0, &(0x7f0000001040)='stat\x00') preadv(r1, &(0x7f0000000340)=[{&(0x7f0000001080)=""/97, 0x61}], 0x1, 0x3, 0x0) 3.041524282s ago: executing program 0 (id=1566): open(&(0x7f00009e1000)='./file0\x00', 0x8d63, 0x0) unshare(0x480) mkdir(0x0, 0x0) r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c) sendto$inet6(r3, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) socket$inet6_dccp(0xa, 0x6, 0x0) write$binfmt_elf64(r3, &(0x7f0000000a40)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [{}]}, 0x78) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) close_range(r4, 0xffffffffffffffff, 0x0) r5 = socket$inet(0x2, 0xa, 0x0) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000300)={'dummy0\x00', &(0x7f00000035c0)=@ethtool_gstrings={0x2f}}) r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x6}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0x6}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x4}}, [@snprintf={{0x4, 0x0, 0x8, 0x6}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x6}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x6}, {}, {}, {0x18, 0x2, 0x2, 0x0, r6}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x4}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) lseek(r8, 0x0, 0x500) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002080)=ANY=[@ANYBLOB], 0x158}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000040)={@multicast2, 0x0, 0x0, 0x60, 0x0, [{@local}, {@remote}, {@loopback}, {@multicast1}, {@remote}, {@loopback}]}}) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0) sched_setscheduler(0x0, 0x0, 0x0) 2.803615481s ago: executing program 0 (id=1567): socket$inet6_sctp(0xa, 0x5, 0x84) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x3, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x7c}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rxrpc_call\x00', r3}, 0x10) sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYRES32=r2], 0x18}, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000100)=0x8) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00'}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x48) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10, 0x0}, 0x0) close(r4) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, &(0x7f00000000c0), &(0x7f0000000000)=""/8, 0x2}, 0x20) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r6}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000b00)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000000}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r7 = gettid() r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r8, &(0x7f0000000200)=""/209, 0xd1) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r8, 0x4040534e, &(0x7f0000000080)={0x335}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r8, 0x40505331, &(0x7f0000000180)) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r8, 0xc08c5336, &(0x7f0000000300)={0x0, 0x0, 0x0, 'queue0\x00'}) tkill(r7, 0x7) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) 2.301988372s ago: executing program 0 (id=1574): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) (async) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) (async) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) (async) socket$inet6_mptcp(0xa, 0x1, 0x106) (async) setsockopt$inet6_buf(r3, 0x29, 0x6, 0x0, 0x0) (async) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$inet6_int(r4, 0x29, 0x50, 0x0, &(0x7f00000002c0)) 2.301812242s ago: executing program 3 (id=1575): rt_sigaction(0x40, &(0x7f0000000000)={0x0, 0x2, 0x0, {[0x3]}}, 0x0, 0x8, &(0x7f00000002c0)) r0 = syz_open_procfs(0x0, &(0x7f0000001040)='stat\x00') preadv(r0, &(0x7f0000000340)=[{&(0x7f0000001080)=""/97, 0x61}], 0x1, 0x3, 0x0) 2.265565135s ago: executing program 3 (id=1577): syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00'}) socket(0x10, 0x80002, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', 0x0}) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f00000001c0)=0x100, 0x4) sendto$packet(r1, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14) r4 = perf_event_open(&(0x7f0000000140)={0x5, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_bp={0x0}}, 0x0, 0xd, 0xffffffffffffffff, 0x0) r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r6) sendmsg$NLBL_MGMT_C_ADD(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="14010025", @ANYRES16=r7, @ANYBLOB="cd3e0000000000000000010000000800020005000000ce0001"], 0x114}}, 0x0) keyctl$link(0x2, r5, 0xfffffffffffffffb) perf_event_open(&(0x7f0000000200)={0x3, 0x80, 0x2, 0x5, 0x7f, 0x7, 0x0, 0x7, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x4, @perf_config_ext={0x9, 0x9}, 0x14041, 0x7, 0x1, 0x2, 0x1, 0x5, 0x9, 0x0, 0x21, 0x0, 0x3a}, 0xffffffffffffffff, 0xb, r4, 0xb) r8 = perf_event_open$cgroup(&(0x7f0000000040)={0x5, 0x80, 0xfd, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x4}, 0x3, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0xffffffff}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r9 = memfd_secret(0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x3, 0x80, 0x50, 0x1f, 0xb, 0x89, 0x0, 0x4, 0x0, 0x8, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc35, 0x1, @perf_config_ext={0x0, 0xfffffffffffffff8}, 0x208, 0x1, 0x8, 0x3, 0x3, 0x5, 0x3, 0x0, 0x1fc, 0x0, 0xc00000}, r9, 0xf, r8, 0x4) r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TCSETS(r10, 0x40045431, &(0x7f0000000080)) r11 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'}) sendmsg$nl_route(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYRES8=r12, @ANYRES8, @ANYRES8=r1, @ANYRES8=r1, @ANYRESOCT=r7, @ANYRESHEX=r6, @ANYBLOB="8538893b6add55994e169c369ebe589f93f0f39397c6e4bee8090d708f884d539e0903510f945120215733eeecb451ba46431944acc65b4fc3d7db3ee07abf8dbf7450cb71acd93d3f89ea41e027f542ea320bff51e687381347fcc737ce095b", @ANYRESHEX=r2, @ANYRESHEX=r8, @ANYRES16=r4, @ANYRES8=r4], 0x28}}, 0x0) r13 = syz_open_pts(r10, 0x0) ioctl$TCFLSH(r13, 0x5411, 0xf0ff1f00000000) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) 2.2125684s ago: executing program 3 (id=1580): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) unshare(0x8000480) semget$private(0x0, 0x4000, 0x0) 1.461173421s ago: executing program 2 (id=1589): socket$inet6_tcp(0xa, 0x1, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{}, {0x54}, {0x6}]}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@ipv4_delroute={0x24, 0x19, 0x1, 0x0, 0x0, {}, [@RTA_DST={0x8, 0x1, @dev}]}, 0x24}}, 0x0) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x10, &(0x7f0000000100), 0xfe, 0x458, &(0x7f00000001c0)="$eJzs3MtvG8UfAPDvOnH6/iW/Uh4tLYSXqHgkTfqgBy5FIHEACQkORZxMmlalboOaINGqgoJQOaJK3BFHJP4CLpQLAk5IXOGOkCqUC4XTorV3UzexnThx4hJ/PtImM95xZr67O/F4xusA+tZo9iOJ2BkRv0bEcD17Z4HR+q9b81em/p6/MpVEmr7+Z1Ir99f8lamiaPG8HfVMOtCm3mtvRVSq1emLeX587vy747OXLj979nzlzPSZ6QuTx48fOXxg6Njk0a7EuStr674PZvbvffnN669Onbz+9o9fZ+3dme9vjKNbRutHt6knul1Zj+1qSCeDPWwIHcn6aHa6yrX+PxwDsW1h33C89HFPGwesqzQtpVta776apmm6tVYO2HwSfRv6VPFCn73/LbYNGnrcFW6eiIV5jFv5Vt8zGKW8THkd6x+NiJNX//ki22Kd5iEAABrdOBERzzQb/5XivoZy/8vXhkYi4v8RsTsi7omIPRFxb0St7P0R8UCH9S9eIVk6/kmHVxXYCmXjv+fzta07x3/F6C9GBvLcrlr85eT02er0ofyYHIzyliw/0aaO71785bNW+xrHf9mW1V+MBfN2/DG4aILuVKVcWUvMjW5+FBHJSJP4kyiWcbLx8d6I2Nfh3y7WhM4+9dX+VmWWj7+NLqwzpV9GPFk//1djUfyFpOX65MRzxyaPjm+N6vSh8eKqWOqnn6+91qr+NcXfBTdvpLG96fW/EP9IsjVi9tLlc7X12tnO67j226ct39Os7vqfqwwlb9TSQ/lj71fm5i5ORAwlryx9fPL2c4t8UT67/g8+1rz/747bR+LBiMgu4gMR8VBEPJy3/ZGIeDQiPmkT/w8vPP5O5/G3mZXvoiz+U8ud/2g8/50nBs59/03n8Rey83+kljqYP5Kd/+XiWmkD13LsAAAA4L+iVPsMfFIaW0iXSmNj9c/w74ntperM7NzTp2feu3Cq/ln5kSiXipmu4Yb50Il8brjITy7KH87njT8f2FbLj03NVDudKwa6a0eL/p/5vd0NPMDm4H4t6F/6P/Qv/R/6l/4P/Uv/h/7VrP9/2IN2ABtvmdf/bRvVDmDjGf9D/9L/oX/p/9CXWt4bX1rTLf8SPUp8O7S272pYeSJKd0nImyZRjqa7Blf8ZRarTGxpuqvX/5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6498AAAD//+qa3cY=") (fail_nth: 31) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) ioctl$TCSETS(r0, 0x8926, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "bb5dee4cbd49ae22ae0200"}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90) r4 = open(&(0x7f0000000100)='./bus\x00', 0x400145042, 0x0) ioctl$USBDEVFS_FREE_STREAMS(r4, 0x8008551d, &(0x7f00000006c0)={0x8d68, 0x16, [{0x5}, {}, {0x3}, {0x1, 0x1}, {0x2}, {0x6}, {0x3, 0x1}, {0x3, 0x1}, {0x2}, {0xd}, {0xa}, {0xe}, {0xa}, {0xb, 0x1}, {0x8}, {0x7}, {0xc}, {0x8}, {0xf}, {0xe}, {0xb, 0x1}, {0x4, 0x1}]}) mmap(&(0x7f0000310000/0x3000)=nil, 0x3000, 0x7800007, 0x1010, r3, 0x4000) creat(&(0x7f0000000000)='./bus\x00', 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) fallocate(0xffffffffffffffff, 0x0, 0x0, 0xceec) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000140)={'#! ', './bus'}, 0x9) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000000000000000000020000000000"], 0x0, 0x1a}, 0x20) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) 1.028892636s ago: executing program 0 (id=1593): syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00') pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="02"], 0x10}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) perf_event_open$cgroup(&(0x7f0000000080)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x81}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f0000001180)=ANY=[@ANYBLOB="8500000013000000350000000000ba00850000000700000095000000000000004cf12aa5cbd56806f81f06a9c0ff431553ca08030871e23089f5e0a141d524588f32cb447f90ee60b191e2c825cd4d580e7953f911aa1f7017230163cf09493497cbe593f90a847687a1ef1f83dd6c1023678a1086f790f9dce435558fe138d7362090db7457c14bc34e6bde0887c697add9a7ab69000000004f0a9c139e19b27de95dbfb3fe241454a04080bf668ce021879c820f9b80fe233888f0008000007027d4b33729d714e0e205db36aa52281c71e90bbd1615e3a833c63d330700f514c622ff99237bfb3557b4e44bdfdae050a0678a3d8407b0a45c623d8ef9baf37ac4effeac63a1606ff3c25ac788dbcc31bb76fbf87fc74300000000932d2793674f1f8719d07a6396b18b6e214bd29aef8d03483012c76199e301494d766a733d7117fc9107bc5b9267fbf8b0d2e2f4f6582b9510d30a5d3d3bd12bc338028e217e7d59efd3090be5bf2f9d1c42104df0da362f586aa2397bb7866d97163b2bdc3364b08dfcc0415c369736ea2897e6bb88e8fae37345fb21b69331e250886b7bf9efdcd5e998f7cfad443c3336c6abfc401c4f774942c7e5a56f0c3281afbf9b1f5e2a7080d147347508a7d2884a2b49b6039c221dabadcd313c01384dd93ff43a3ff43b69bb8659a89d857f3b15de7b06fd9fe93470ee07794c213f9c51a7ecaa2cdc70024c3aa400000000000000000000000000000000000000000000000085d16fbc2f7845935b8abf55ae4fc25c736170a4b9b78bacd235e49c0c773e783f48e36d61aebcaaeec26da752aba7eda57fbe0fbb9d771e1d5b2979ab12b6467ae7d8d746"], &(0x7f0000000140)='GPL\x00', 0x0, 0xfffffe1f, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x49}, 0x15) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r6, 0x0, 0x12, 0xfffffffffffffd85, &(0x7f00000000c0)="61df712bc884fed5722780b688a8", 0x0, 0x739d, 0x0, 0x20}, 0x28) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LOCAL={0x8, 0x2, @remote}]}}}, @IFLA_MASTER={0x8, 0x3, r5}]}, 0x40}, 0x1, 0x8}, 0x0) 1.028634286s ago: executing program 1 (id=1594): perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x5c, 0x2, 0x6, 0x301, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x15, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}, @IPSET_ATTR_PORT_TO={0x6}]}]}, 0x5c}}, 0x0) 952.898412ms ago: executing program 1 (id=1598): perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000001980)={0x8, {"85f080884e142b266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb69e6f4048f2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778681ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659e506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b560300020000000000005131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa812a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe65701000000000000000742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d158607883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca89db0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7f6ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x12, r0, 0x0) r1 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r1, 0x10d, 0xac, 0x0, &(0x7f0000000080)) 948.645243ms ago: executing program 1 (id=1599): rt_sigaction(0x40, &(0x7f0000000000)={0x0, 0x2, 0x0, {[0x3]}}, 0x0, 0x8, &(0x7f00000002c0)) r0 = syz_open_procfs(0x0, &(0x7f0000001040)='stat\x00') preadv(r0, &(0x7f0000000340)=[{&(0x7f0000001080)=""/97, 0x61}], 0x1, 0x3, 0x0) 928.733684ms ago: executing program 1 (id=1600): r0 = syz_io_uring_setup(0x637, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000380)=@IORING_OP_LINKAT={0x27, 0xc, 0x0, 0xffffffffffffffff, &(0x7f0000000b40)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0/file0\x00', &(0x7f0000000340)='./file1\x00', 0xffffffffffffffff, 0x0, 0x1}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 868.690509ms ago: executing program 1 (id=1601): setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x20}, {0x35, 0x0, 0x0, 0x8000}, {0x6, 0x0, 0x0, 0x1}]}, 0x10) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_STATION(r0, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001140)=ANY=[@ANYRESHEX=r0, @ANYRESHEX=0x0], 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='cq_drain_complete\x00', r0}, 0x10) io_uring_setup(0x1c2c, &(0x7f00000002c0)={0x0, 0x0, 0x200}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0) r2 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c0000001200010003950000000000000a0900004001"], 0x4c}}, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x3, &(0x7f0000000000)=[{0x14}, {0x2c}, {0x6}]}) socket$pppl2tp(0x18, 0x1, 0x1) r3 = perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='./file5\x00', 0x300001a, &(0x7f00000009c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c646d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75650000000000000003667365743d30121df478303030383030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be27ef17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e676cc6e5b2e542e426bceaab9b2cf261046247bce0565d13a6ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4656e47fe5a25502919954242f8d771fc2acf14f2cee04696a9d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d32da887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab924472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893f64421a40f4822ffcc284dfe9ae1c6e4a04293c970f2dae776decf07b085eb5fdeda7d365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2c7fb0340a249135057f87882717e166ef509c14fdcf38f63141e4ed36737c6e55498b350f41c8caed3e347c149162b4c6ed629be8eaaa25d59747816197aff2cf68a42d73e8146c72fedb130521de285872a4ca5353cc354a0b0e2ce57275b34276d28d91b2c0c2fa1041f818ea96f65a3000057dfb8858cfd194f7431e4b734f848268c5a000f01000000010000000360236584faaf1a4d4fabd3b68929729fd006fa91186ac3d0d222e00c77ad726cdc16c8456d6f598254bda7c72b24a6b213162cd6e6f205d1", @ANYRESHEX], 0x0, 0x2af, &(0x7f0000001540)="$eJzs3c9qM1UUAPAzSZpGXSSIG0VwQBeuSuvWTaNUELtSIqgbg21BklJoIWAFa1d9Apfia/gIrn0Dwa3grl1URiYz0yQ2qfn6F77v94PSw7333DmZG1Io5MzXb+4Pdg6SOD3/I1qtJGqbsRkXSXSiFpUfoxEAwPPjIsvi76yIk/JnOY3aw1UFADyk4u9/4alrAQAex2dffPlJd3t769M0bcXr7bNRL4mI/bNRr5jv7sW3MYzdWI92XEZkV4r4o4+3t6KR5jrxzv7JqDea2b/7V8Q4fyPa0Zmfv5EWyvxeRP57JV6ONLp7K9VW7Xhtfv57c/Kj14x3356qfy3a8fs3cRDD2Ik8d5L/w0aafpj9dP79V/ll8vykFr3V8bqJrF4Gy/+LBAAAAAAAAAAAAAAAAAAAAAAAFlhL06Ro3zPu35MPlf136pfj+bW00pntz1PkXzXDKfoDZVG26DnJ4ueqv856mqZZuXCS34g3Gh4sAAAAAAAAAAAAAAAAAAAAALmj744H/eFw9/DOQX3QH1bdAKqv9d92w82pkbfieNCvL95wdflrTXcbyGu9cXE0GnEPt2WZ4KW8ngVrfinrffadVyeH+3mZXh3Mvb6KVz+4qjAtp6qbPOgn/3etVnVwv05PNeO29YzPdrh7mI3fEpfZ7Jm2FtzM5j3djeYrc6f+ybJsuX3e/7M4o3IkGbfYWO7qK2Ww8N3Sun4Wvy3ecOFHRv2unzkAAAAAAAAAAAAAAAAAAMB8s1+c/o/TG1NrD1YUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyyyfP/q6AVEbMj14KTMnl2KiuHZxY34/DoKV8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL4Z/AwAA///qOEc1") unshare(0x68040200) r4 = socket$inet6_udp(0xa, 0x2, 0x0) getsockopt$IP6T_SO_GET_INFO(r4, 0x29, 0x40, &(0x7f0000000480)={'mangle\x00'}, &(0x7f0000000040)=0x54) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000aecd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c1faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fca4e0b6fab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b79db2e3d5986c82b5aa94e539b204d58f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000020000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72b0000000000001cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2cc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78ac02ca3cdf6a662db1c9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e559d17879570c8ad943e392955f4f979ea13201bafedcd2063d11dd665647223c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151ffdf6f7820549cda6cb799c6e924966a7f90bf8fd1e75ee76bd89346cfbb5567e54d3504723177d356c4604b7a492ecec37e83efceefd7ca2533659edc8be05cc85451c6a14507434eb54b6f43caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffca9ec9a7a3755e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a294351c5356c1d06c92cf8ce3c7c56cd31121624d74517fd3666277f670e812b28e2f30d035cee5d0e77a3c7220000000000000005a474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f034b8d3ebce68663ef5af469abe75b314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041e12282ce24463aaf28345bd168b4177ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f09000000000000004fc4bda3453602004535a976eacd3adaa4d2ee6fe0d072ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d401adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa700a86407e79ae29d2c117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb40f7f02f750d6c977a191852c9ae031db044b2353199546609f9f69a6cfefdf879d447df53f3b9b70d10355b00300000000000000553d18a6cc50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5631820420bf5b6522c0e21c882c66f4f25ffb6d95e07de02205fca4f18a2eb5b63e45d5d80fe527340935aa3c0b4f3f45bfff2418a18217747ae442e31560e5b741445ea2a1acee2a81425ff000000d2a0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa6623920dacc107f532348cc21164efe794874eac73381e961f3d9c8c21578fe3245097c280abe51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f88735fce5115dc83ed73d8ee4a91322608c6fc01e1b9e16587bb5f721303e6b89e5c54d680ac66d09af90dbf5000000000000fa08ad0731c4b839688b22c4da2a6bc4cf45854d221a2d5f96bc64647f15daa2ba79cd0f4254ed55217912ef84bd2927df82fc061aef2920c49b2a90886da75561173fa186cb7ee86dd4285c4721eb428c953296bb2f5d825da54dbef07c1b349b4901e093d13e6b9a0000009b5b22e887bc061d40bcaf0aa18623fd9b7179ccc692ba74b531b65c4decf9d080a8ac7e82d4cde1267aa64b2a94fd87a009e6742c2ddc3a9d7eccbb1831b1fa218277c2814a91cab7cb59c697166d6f1bb1a360470000000000000000000000000000000000000000000000000000f9f9b4ce7e871f507084c8c88e0652decbe579b03ed84ea94597dd1059620a050f69ea03b99b4e19d35f4a3b54e96ae2172effecec80f6baa4bf69a6ebf5392882df78b0983e662dc0cb64b77f3f006b6b25443197ae93f0be6de5a703d003f00720943c0e4b33af000000000000000000"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r5) clock_nanosleep(0x0, 0x0, &(0x7f00000001c0), 0x0) r6 = socket(0x2b, 0x1, 0x0) ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f00000069c0)=0x3) setsockopt$inet6_tcp_TLS_TX(r6, 0x11e, 0x1, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r8 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="3c020000190001000000000000000000ff5ba40ef21dfabc7000000000000001ac1414bb00000000000000000000000000000000000000000a000000000000008b52abefc2bb1df4d4ef849eb34cb50a5278c3fc64b10f99140eca2b55740025f1cfb7184ebba983b3d3c4818ff449d92457cf7c0f543d4409839df14b0d43a087ad90975ed25b1452b7d65a76c2c4270d211fce5ecd9a5031990b374aab81e06f6755d8daf507f6c0eee0c1cbce63d2d292ab1627909cefc22fb4843770fdf4bcf039371ce569f1bddcc319c27fabc2b61bfef1ad711c362b7d7a9bd70711e4463bc4821295a1df5a82cb50daf1959f308c2b1d01ed8155518d12b167be8657926adbb6c6ae5290e2c6e5266467a6505d47438fac55361763853f7acb83e86ea28516cc55764f3144f47b72e0ff9fc0dae9ba4deee4c8bffcaf", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084010500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000fe8000000000000000000000000000bb000000003c00000000000000fe800000000000000000000000000000feffffff000000000000000000000000000000007f000001000000000000000000000000000000006c00000000000000ac1414aa0000000000000000000000000000000000000000000000000000000000000000fe8000000000000000000000000000aa00000000330000000000000000000000000000000000ffff000000000000000000000000000000000000000000000000fe880000000000000000000000000001000000006c00000000000000e00000010000000000000000000000000000000000000000000000000000000000000000ac1414bb000000000000000000000000000000006c00000002000000fc010000000000000000000000000000000000000400"/500], 0x23c}}, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @notrack={{0xc}, @void}}, {0x20, 0x1, 0x0, 0x1, @rt={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_RT_DREG={0x8, 0x1, 0x1, 0x0, 0xf}, @NFTA_RT_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x88}}, 0x0) sendmsg$NFT_BATCH(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001180)=ANY=[], 0x3c}}, 0x0) 868.490689ms ago: executing program 2 (id=1602): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000002100010000000000000000000210140000000000000000000c000c40000000000000000000080018004e224e2508000200ac1e000100000000000000"], 0x40}}, 0x0) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720a05fef8ffffff71a400fe0000000071101000000000001d400200000000004704000001ed00000f030000000000001d440000000000006b0a02fe0000000072030000000a0000b500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0) bpf$BPF_PROG_DETACH(0x10, &(0x7f0000000000)={@map, 0xffffffffffffffff, 0x0, 0x0, 0x4, @prog_fd}, 0x20) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mremap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil) io_setup(0x300, &(0x7f0000000080)) open(0x0, 0x20000, 0x21) 865.056309ms ago: executing program 3 (id=1603): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x6, 0x0) listen(r0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001040)={0x0, 0x50}}, 0x0) r3 = syz_io_uring_setup(0x2705, &(0x7f0000000440)={0x0, 0x0, 0x10140, 0x1}, &(0x7f00000002c0)=0x0, &(0x7f0000001440)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000001400)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, r0, 0x0}) io_uring_enter(r3, 0xa3d, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x5169, 0x0, &(0x7f0000000100), &(0x7f0000000000)=0x0) r7 = dup3(r2, r1, 0x80000) syz_io_uring_setup(0x6000a98, &(0x7f0000000300)={0x0, 0x5b17, 0x8, 0x2, 0x1ed, 0x0, r7}, 0x0, &(0x7f00000005c0)) perf_event_open(&(0x7f0000000340)={0x4, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x7, 0x0, 0x1000, 0xfffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f00000005c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000150700000fff07003506000002000000170600000ee50000bf250000000000003d350000000000006507000002000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff3d3501000000000095000000000000000500000000000000950007000000000001722fabb733a0c857c7c45402000000a2d23da04d1ffc187fa130c7267c2de00435fd233cc0f0d9b2c3127c46b0f408398d09ee4dc258d726eae098804de25df627a64ac7efde50fd7f1dd5b17ed764c33b06598bae66ea38541a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d8a4b6e6155cecc13a5ddfab726eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a459db8e7ada8ee987cc0000f6aae6a2213f4bb7b72ee19baaa6496c921b500fab987b62bbfd769664875469f58151b5ba0e4b84ea6500aeae078084123b254aeed0055787c01db742ed418ff76ee08d6fe0cc780a1005da7b778501e12cd7a0bb3780196d1fb84e6c12dddc60addc75a1f880bd58e7d1056a4d177e0067aa7c5ec09e1b762390a4f38d15794e698611b97a1bc9bc62513ad5ba767998919ccb61028200000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x2000000, 0x75, 0x0, &(0x7f00000003c0)="305998e051556472445890b62b09ba0804c77138aef969364b82578bd07dfa9725f69916ce6a9aaeb59ddf07000000440b604434ed34ad6af2d49e8b0358a25f0a052b5dbf94a3d2727a3d8a9de835a053f7ff76cb093457004a2011ecc24a6bcc7342af83304b2ef1dd35a4bfa6b8a705e8accb3a", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socket$inet6_udplite(0xa, 0x2, 0x88) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) mlockall(0x7) syz_io_uring_submit(0x0, r6, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0}) r8 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'geneve1\x00'}) socket$nl_route(0x10, 0x3, 0x0) r9 = syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0)) r10 = open(0x0, 0x0, 0x0) fcntl$dupfd(r10, 0x0, r9) socket$key(0xf, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 847.15889ms ago: executing program 3 (id=1604): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x20) bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r3, &(0x7f0000000400)='\r', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) write$binfmt_misc(r1, &(0x7f0000000400)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0xf003) openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) socket$inet6_sctp(0xa, 0x5, 0x84) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x80, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r4, 0x47f9, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x0, 0x0, &(0x7f00000000c0)={0x0, 0x989680}, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000002c0)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0xa, 0x6, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x9f, &(0x7f0000000380)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x28, 0x8, 0x8, &(0x7f0000000440)}}, 0x10) socket(0x11, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000240)=0x1, 0x4) 393.416258ms ago: executing program 2 (id=1610): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000040)) 379.486539ms ago: executing program 2 (id=1611): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000f056000100000000f70000000007020000", @ANYRES32, @ANYBLOB=' '], 0x38}}, 0x0) 357.159981ms ago: executing program 2 (id=1612): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x9100) setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000040)=0x7fff, 0x4) syz_emit_ethernet(0xb9, &(0x7f0000000080)={@empty, @multicast, @void, {@generic={0x4, "1aa0df11892f7459d72a885e4051a35a7fa47a706dfb3e8e6b2e745d1ab492a0a682c7ff07e033be206b443fb2394cbc158a21c66e937654060b92b0dd90958aca382bb7232efa346e6e35073498c63f137479f3da42c383f03aed87d90a199ffa3e9c5a9895dbf610114acd8f44fbed3dd7a6e9d808c326cbfe062e6b86d9f73558c6c3a9349bf6fbb6741d15c11db346ea3c1bae3421d2d5c6e38be658a08f2a436e8bc84b673888b43a"}}}, &(0x7f0000000140)={0x1, 0x2, [0xc3, 0xc25, 0x770, 0xae5]}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r0) sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r1, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x120, r2, 0x100, 0x70bd29, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x1}}]}, 0x120}, 0x1, 0x0, 0x0, 0x4000000}, 0x14) quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f00000003c0)=@nbd={'/dev/nbd', 0x0}, 0xee01, &(0x7f0000000400)={0x3629, 0x0, 0xfffffffffffffffd, 0x2, 0x8, 0x4, 0x9, 0x9, 0x8}) r3 = syz_genetlink_get_family_id$gtp(&(0x7f00000004c0), r1) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000500)={'batadv_slave_0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000540)={'vcan0\x00', 0x0}) sendmsg$GTP_CMD_GETPDP(r1, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x34, r3, 0x20, 0x70bd26, 0x25dfdbfd, {}, [@GTPA_LINK={0x8}, @GTPA_FLOW={0x6, 0x6, 0x4}, @GTPA_LINK={0x8, 0x1, r4}, @GTPA_LINK={0x8, 0x1, r5}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x80000) r6 = socket$kcm(0x29, 0x5, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r6, 0x89e1, &(0x7f0000000640)={r0}) accept(r6, &(0x7f0000000680)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, &(0x7f0000000700)=0x80) r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000780), r1) sendmsg$IPVS_CMD_ZERO(r7, &(0x7f0000000940)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x120, r8, 0x300, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'nq\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0x60, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x80}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x30}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010100}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'geneve0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_vlan\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x9}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x3a}]}, @IPVS_CMD_ATTR_DAEMON={0x64, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x400}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0xa5}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth0_to_bridge\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_STATE={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x10}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x10}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}]}, 0x120}, 0x1, 0x0, 0x0, 0x40001}, 0x48004) connect$l2tp6(r0, &(0x7f0000000980)={0xa, 0x0, 0x25, @remote, 0xe, 0x2}, 0x20) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000a00), r1) sendmsg$IPVS_CMD_SET_CONFIG(r9, &(0x7f0000000b00)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x7c, r10, 0x200, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_SERVICE={0x38, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x2}}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2e}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x4}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xffff7fff}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x44000}, 0x840) r11 = socket$nl_generic(0x10, 0x3, 0x10) r12 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000b80), r9) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r11, &(0x7f0000000c80)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000c40)={&(0x7f0000000bc0)={0x5c, r12, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @empty}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x5}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0xb}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40040}, 0x80) sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f0000000e00)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d00)={0xb0, r8, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x80000001}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x80}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8b}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x80}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x23}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e20}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1e}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}]}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}]}, 0xb0}, 0x1, 0x0, 0x0, 0x8855}, 0x4000000) r13 = dup3(r11, r6, 0x80000) sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000001080)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001040)={&(0x7f0000000e80)={0x198, 0x0, 0x20, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x48, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3d, 0x4, {'gcm(aes)\x00', 0x15, "98f76dd8db1022cf2824a1e3aee33987b9d7d6026c"}}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0x38, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8001}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x10100}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}]}, @TIPC_NLA_SOCK={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffeff}]}, @TIPC_NLA_LINK={0xbc, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x44, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffff0001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6c5}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x401}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1b}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffff9}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x4810}, 0x40) r14 = openat$cgroup_ro(r13, &(0x7f00000010c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x0, 0x0) ioctl$TIOCSERGETLSR(r14, 0x5459, &(0x7f0000001100)) r15 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001180), r6) sendmsg$NL80211_CMD_TESTMODE(r1, &(0x7f0000002500)={&(0x7f0000001140)={0x10, 0x0, 0x0, 0x4002}, 0xc, &(0x7f00000024c0)={&(0x7f0000001200)={0x12c0, r15, 0x4, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TESTDATA={0x1e, 0x45, "2d2d58668a472d9ea1e2008ebbd8618588d35d0d34ab88e2c455"}, @NL80211_ATTR_TESTDATA={0x51, 0x45, "93403ed6ed2c53a226d1f638cc548cf674c1513dff1f33be62b986f9032322c2e4b0838c28b93de7c3abc2276f3d8f1349d54d576283a05c15d1baf0ce0dd3398eff30cdc3b9f7bf4e0a8cd02f"}, @NL80211_ATTR_TESTDATA={0xd5, 0x45, "e508db9ed756558af3f061e2810e3c4acab19186bed1b6d827839df3c5121e1b8e80deb828cd893fc89e583fd5bebeab244dc490c91af1da8449e964342ecfc776992cfc849f2547d800e4358e52211ac7a3c237675aa3f3d599419e33a65d5816193dfb41c1ffe879c9939b28939d986e167d7be69571eb72a3fe71af4bdb9e4d48cee2fb8c070dc4a8bce662c160f8ff22bbb0b5a729395857ecc8ff14a10db7dcaeb50ffd53b2afb7f609c91bed1a35499a2c38c23076c06fe9fd30bfa9b5ed738b6bb93c2e527811019b53c4ab8008"}, @NL80211_ATTR_TESTDATA={0x4c, 0x45, "aac891079c66d141e4996795f77ea5eb3bdaa18e7f097a79ba965b11dd68d9cc66dbcf169e6219ef32d4db14a66cc39aef6c8abc436e1efcc2629176752adbdd19dce0eedf1a9a68"}, @NL80211_ATTR_TESTDATA={0xdf, 0x45, "e8167c90043c4dc7994c655969eac50f9652b7f0205b9b0f375626028215a5c27bdafef5a79e134258309e1c5b99ac4fa2cbc9f40478818ae229b65f80d0e682a6dd5da574e1e55bebafff72049ae3e3c9c9d6135cfe5ef0ab5de0b65917aa46a62def4f3e3c4ac29dda3bcaa1d56610c9d32b844377f2a31a5c916fa9c76429bfad22542e15dbb9c2d9e4ed54fe5da806824f0c186f39bd2219c91f5b68382232464487aad08ea2e8510f8a711932cf42ca7a6a6066b0d3779cc0013475bd78e25bd7be306421ca9329a76ee094349861a67af6b2021308ddd886"}, @NL80211_ATTR_TESTDATA={0x4}, @NL80211_ATTR_TESTDATA={0x1004, 0x45, "31a358c51f002fb7cc3ebad3bbc017b2b8306f39c182c434d8e461d71c0003b0c4cb1ef5c63b5db78f86ab3decce9350979ce6a3c7dd0a46dbe1514386fef494290f6724eabb7ad5f3cc08ab2de0f218df042a16a7f7f97103a42cbfba56e6fa8fc72df467f1078fb8387f04e14367a6f87a063e7f51bdc3b06d0992746b9cd41cae56812d7aeae1c53781b13839a37178926550d4f69d5a063610ac2c68790645c534243431e12ebfccb383bc96cc4982161af0fe2a50401ea8effc189fb397cd5abb87e09dd64ece941eb9e7861c80da7e869f58595415bed6508f232646c872336f9ce2bde42b65a11cb42eabf964366ba1e1841d95a431eb135531edbccc2ef5f80dd0896d1cb7d233fcbaa227ad23db584539aa6ce8f3fb9033e5bd5c6a7764b078828f983562218e2a68239d6a8206afb75c5c32db5d7bc285df7a4d9dcb10567cfed9bb721fa8472c129c9c56ae18413bfffe62e7988ebc7536e9246136dbc78ca71d6d234de1be099fa8360194f865ae1537bee278ceb510081e902e3f44df60a76917cc5a0325f9b2d006ac0b73d55804431fac5da0367658d64de5c9a83081ab6ea3ecfcd20005b1a5ea03e86f7b94a5051863d59d2a58f79d7b283432158df5980d3409e87e025916fea4432b3a71e1f8471cf5fb836df723d0de1db4b950402ebf65de9202d4d39b19eae2cec5df46a9210dea13c470e24486b2260f4f8e36827a3dabb43a1f6da12779ef48bf176938c2904ffd16baa78a30c99574eae3b753dc3b2bbd76fa934b6d2fe11324b2acf84d1017bef84d5acd4467fdabae1d97f191cb3c03f5b838e28e557aa39745bde2cd5d2f5cf200558fffcefa06de613c2eb52e25536178364d9cdd92a515890e6c524607aeb8da0aa359fbccb2ee2cea72ef4e69230ca1de9c6e28cb26e8a73eb1b0f2adab46abf7a6642fbc7397bf147f181378654b63564bef2ceaf3bed878a4e0a6912991ba5c989f7acb1564e385ad95d09b55a20b9b5f4373a23b7095deb25cbea1137af36ef6eb1b5299ac68eccbd90d5476adbba79a94487083048e47dd88c69bef3e2f3c4ca15eb017f3fa1127d8e0da9d968006af8d09c941004db886c399e59ab153bf2139f4d3aacf9fb43f8791246db6fe40c30b0a481c14433c0b689b127b4d9921da13df6351af066f9023b2b2337327f853317ad39f8d323a2d96c3b74f5827a6f4afbd4b73b167ce2bff842f6259aca27c3c23a9524c180ba817a929b686463593b81341421e9718a7a1b56895d821fda70ddc017b6a4a891d4d4cc92ca9eb1c2c39393922a2e780f923d09af5d7594894fd1348feaf96be7666b1a135da814d7aac2508b17f65f6e6c82d874f3331639399347231c4791a43900d9f5065aa292c8e83b8819b18fff57fb6c2c60c2dc374a3f68e28f1b1ac0c7736ad8aed0592f4805df0a104affdeaca85999cf5f0d526508ace2bab99ff298aae7d04f58d1d81d7c23cdfcef5e6c6bacc81649c0b69bdc57c1f0e1cb098fc5c7c8ca7dbae2110a229be016c5471fc70472d145020353bc4f6ae2931f5b0919d0dc576a3556b7f06578a232dc3b5b56a4177f16fc6c8cd6d9e050b8a1a9f91bb4e82461d0037d246d2979435036ce8e342679fb01991a3c2992665f5ca8f66b8b97361e333ee420f0a88af99023c1ae88a4fbfe4e1cdaa82b3ddd06760c94e56532c8df62de84862f71a275febc573a58b0502ad11cfea583ecb1d3a8ed2482ccfdc40293dd4bd8e65e7615dafeb0991f931abf24347985459a9a028dacab0e82c62097104d428a45f6925e70630c420f09cf8ee445081216b51af7a7d54de915cae2a57518875a01ba0320f304695fa26031f1091ed60f579fdad74ada843855be0fc570a0155d91815cc77087c710ab0f33a638249b65913acc290b432f9c20c366c448c6dd699750da223421d887277aa5cf7aa05f989cf988b71e649784e50db29442fe702c14148d5ab3f5a2622e0bb39445ec442dd8eeeacd7710fd584f6beb439d2f4a58226ebd66c655ab3186bece788db871fbde2aa15e1d42fd2dd9fdaa7e68bd57d68cd278e37368bc8d386b5853999aa256b0c4966406b94dc1ccf418b49e2a487fd9981e9b4533674fd9565b56127e4e1998fe151abe7cc39555b25db960e6f80d18d7b4b87a9d3ed8182223963ba98d23bed5e19bba57d9776c125767a3bbffda7291cd11570631c0c19abe15bbae421a9134c65ab2974d7a39a7768ca3abe7be4aefa99c574a227f94722ed2a1a7fa54b6740077e2315f4a8b73ae13ff577c91449b4b0728e9ffc7f5ba92b5c19b3bd6167a0b83b236ba837f07ca0ea142cdcbbc5ae678158ad0445cfb47834aeedad7ee14f6586433cb6a3af8797e7666e676c9b905b00486d801cb20b0ed46e0db89b314f1ccc1cf6f8c0dee2903cf45b8d774706d8d89789991355914a6eaf58431b6ed9b2a9d7c7471756ccd386706cf1f703a07f6aac53781f836ff2a5da86662124fe77b444b9ef2d71f648e85069f4ec213f7a53e702b4c3a51a0abd64b9f234af5ee3ab51f72940ad0f18674b02fbc95615bd04811922237bc4d3874926173c73465760e7b890ece859d51f2f7873879174aa14963306d0d44569ac12d212d58d4e237390258b545b5194f1fe422405b58c280dafe835e444b028259077983465f92e2dc76c31582d86007de58f54d9019aafe982b866ce3a108c31d7752156b9722314299b326025cb0b833604c6c594adc76e02b5466697e9eb19311cc77a185e21103342308d521e4f9b4145a72ea8d4735eeaa568706b3ad93b42eee45d0fd377be220fd7eaef7fd67955b21984644384f103fee927d38f11314bb34980e6af77f07a81d76edd37a8c4997f098d0cfb6bdc0ff7d25a1a587f246f6f26d79636204f83bae0549e4d019593e221bf5b3d9619371acbb0f63349b212716d0713bc5528985e36f164070db52cd123b0be5dfbab965bb525529dbbfd0410110368e22092e0d08961f6b0dc771c92a4a051d8d6cc477da60d7695b44e8ad07e1263cf48ce8a465ef70abb2b64e48e1ec151360e9f91e4794a040fe1bb62073968266745d95d595b0046a3dbc7f05359d050523898b75195798212f62503db4f2e069b2bea83f65dfea07829e190fa31112fc9d0b0af30c18c367e7b694effa60ece610f96ca92dc58ec0c24ee671ea9a90c7754cf6b2755a69e67b385670230fad3c9c9c82eb9a299af6a77779fb21fe41042b0c05efa9d8a79eb0c17d2521b3add29c788d207b8b03cab95747ffde76edd6e0fb8d81dce36e5e8bbb1eed6fd90990de76de07f32217cc9baba1e036870a79327017c117db96057ace83b92f247af351140648589261c9b860b67f8fc3342e336089495942e7c016d41310ec653ff348428c471be531d8ffd0050859ad42720d3c9e7ad69dabcdd43758afbca9107a996f65721d062a4da2e1033d58ecaddd17bdc0d632a3046af4fed990328e71e74c6c8bd42a5f0cb1704f46827e105ba2ea9dad3b9dba1afc99eb958282f960b5df6971de089ef1236fc61f9a3d9a8a97e4a924f31611769793efc648974621b2f8b7e6b9e877b72aaeaea892ec8c4a89a37cc7d751f39829a84a894672c38423252e3038e87f0a8c9864e5c7980c30e5088b22d3b7823eb16e6d762635af641542d31c8af07bdb5bc621063075a62d31dffea6bcaa705b08dfb056d67834f201f83a182547f5af1091c46684420fe421a12203737e0a37f9bbff57b8ecf926a6332b9c275ea327c7d97002353cd2291954dbc438f21b58767420f71bd8cae917c496c271d9ecee1c9936f46aeac88ee03542d520d4722ff60d7332145d8f7adfd635cac96c521e022276b7f3ea379bff5410d4663501c867f658fc5e73944d403fc342132b0e65dda2e824877ea81cd1afd887b962b8dfff3f15e68320bff0fee58a7ecaa32a7ba44412e4fbe59c5b554c742cf00180a8e68d0edc5d95cce60d485bbc2da74c0b2ab7c15a3c5795b0113e20113c51bbd6f2432d54d03884f251ee752440a94653010044df50c0d676d962499581d56a6256941ca1394022e2b9ce52ea40e63566f28059bb78d4b9491d0e0e29b20def845fe20ee99837ffd280aa2e528f0e81d4f14103ff362fcac01791b0bd691abcf1a372f85d621e3672f78022e3c75b19d7f41216012da2e3441b87ec57da5d7ff258eb2cf0238f65bbe0043b9b3db3364bd856b3f2b1d781bdbe406f8f140c541234e6358794691a3ae441e057e05b76eac837fb51460bb6165a8cde4e18a0c6cc3a04fb97e1209f22b641054aa4cf8d0682e042434f7fce9d18aca650b17db78570931da3178a578397b1c858574f1e321925d3915a6de17fd0aaf58749e7c238a5065d43ed35c85b9f8aaffe29cb42df36b852b7927ac31ce6fb13684a621fdde6e0c68d76a6f2896f9148f37e098c9501053caf8dc58abc9636862a3c447e6f1f4d09902e4c68ec6e3b3e371231187c1cc4c7c671a478e4eb0bcd020a113d43335eb72a24e593e012fabe3bbde4f618c7d48928d3183b6842f636ef9e37a612b7a478fc796294e53c55a011afdffc90842d51a1422373976d0217bf1937fb3ff7d7be7cdfbb0e27e0e9dc96edb7241bfba4e87ab47682338fc0161959fbb3ed5ee93f073a10e4cdeae15f5028059ee36561096672b9bf8f580926361f16ff8304061266a0deeaae634e777fcd138bb9b7e74b119d5f2646e7b8963e8d5907862862123204febb31afa3ed08a2584d9feb8d3ad4c28552a9fb68026950e2ab421e5caee5d8527bb1f27179de1b64ddc421f9c5b26302f257d5e3ce3904fea263220fe19a354abb97f4f1f2b3d1884fa916d09745f7c3fc7a1a9e5c7a98ce080abf4a29a80f06a6cac360301dab50644e43883e07fafb5c7d526c80401128474cacd475c269060af536a5d077c5c3aea8a3015fe1d132abb1e33a8f621f8f645c728306f9e93205f4318b54a6bd9b0cec70fbc6f49caa8b25b9919745a1aab8d78ee3f25a88fae989b3a2a3dd6463d3a80f64ea6cba1d550055c74939ad97f7f7de82612ce5d865af83839453f95552c7e9c7f8d44e229ca8eed2dd8b7c1125b09ffd7eef7ab78a0a98c8007689f443dfce23c3683dbb1505ce8de205b9792477a4e7252c0551a808eb00b2a728ede92e2260affe55a6ef846ea8c23b4bc2fa5e573facdd3cba969a19ae4c15881320cb9905914c0826ca8c32ea794cab93c0f4af7424747bb01f9c04ca8c8635eb9d4ec31201bc12c2138dc5e6d87a7fcb2e5b2f0a15b4beed84cc0eab600e499dcd5841d973f387f3b2913bccd01cbc4422cde5aca18e2e3a2f19ed2171919327fb81113a59889e5226f0f00e8d6eb7eade404b2825fbda209aae1077dd553a97b370ac081cd572b4532c8ffa9232151a869b5c786163cf4f029155f5d8e9099a288c152033a350596fd2a1ab32bd9bf4855aaf9834c88f4c5a7d82cb69bb42a02d1155886833560ceb09caaed16a723dd192b8fd2afd791288fff71dde0a1b485c89e8ae4d97d5b4e0f0021136c1ce1860fd2434c740dd404552d2d6188f4ed78ca235a2414a3c53017e42afdcc97e9fa9592dbb37a63ab3586a302ff32b94e933ac71ea58f6f9ce5a1b040723ed68e12dbb9b7207ea0e8e8415ff3fb4f3ef5d8f4054f4cc78c7b1356abfccd4650cfc00ef583373a94e339bb7832e80a1a50bfd49ae8cf299522ab439a8499c1a5fab32bacb4ae2588f352cea51201c38bf1c3911c8893010f736aded0"}, @NL80211_ATTR_TESTDATA={0x22, 0x45, "4605521ca85db7da999d250626805b3c3299cac5a32966af0f5dbd557f87"}]}, 0x12c0}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) 356.478331ms ago: executing program 2 (id=1613): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) unshare(0x8000480) semget$private(0x0, 0x4000, 0x0) 356.258051ms ago: executing program 4 (id=1614): perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02fe000008"], 0xfe44, 0x0) 226.384091ms ago: executing program 4 (id=1615): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x10, 0xffffffffffffffff, 0x0) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="00020201"], 0x18) sendmmsg$inet6(r0, &(0x7f0000000080)=[{{&(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000300)='Y', 0x1}], 0x1, 0x0, 0xfe80}}], 0x1, 0x40) 226.082971ms ago: executing program 4 (id=1616): io_submit(0x0, 0x1, &(0x7f0000000540)=[0x0]) socket$nl_xfrm(0x10, 0x3, 0x6) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0x362, &(0x7f0000000c00)="$eJzs3c9rI2UYwPFn0mw66bJNDqIoSB/0opehrZ7VILsgBly6G3H3IMzaiYaMSZkJlYjYevIq3vwHBJc97m1B/Qd68bZevHjrZUHQIuJI5kebSSY/aU27/X6g5Jl532dm3mQIzxuYt4cffPNps+5bdbsjOVPFEBE5EilLThJG/JoL44L025dXr/7x+MVbd+6+W6lWr2+p3qjcfm1TVVfXfvzsi2Lc7dGyHJQ/PHyy+fvBswfPH/57+5OGrw1fW+2O2nqv/VvHvuc6ut3wm5bqTdexfUcbLd/xovZ21F532zs7XbVb29dWdjzH99VudbXpdLXT1o7XVftju9FSy7L02opcLubAdmBMzqnd39qyK7OeyZApDo3/z99BEIxp9ryKvSRiFYdaavfP9LoAAMC5NFD/f5fUCGXJHReURmouMFz/J3FY//dKw5P6/8FLP3euvv9wNa7/HxWy6v/Xf43yU/V/7+ynXv//MLA9XBFdeHuzdJ6v/se5slYY2pWen/Xq/5V4/h76yniwHgbU/wAAAAAAAAAAAAAAAAAAAAAAXARHQVAKgqCUvCZ/J48QxNvJ1rgHjXHhHAVLcZT+/JfjFQWO7wc8lW7duStm+OBeflXE/Xq3tluLXuP2pOO6lOSf8H6IRQtO7IeN2lOWn9y9OH9vtxbdVxURFVcc2ZCSlFP5YXzjner1DY2k8438Si+/Lo0wf1NK8kx2/mZmfkFeebkv35KS/PKRtMWV7fh7LMn/ckP17feqA/nFsF+WN8/+YwEAAAAA4FRZqmY8fc6cv1uWalZ7by4v/fPz4d8HjufX65nz83zphfxixw4AAAAAwGXhFz5v2q7reH53ZFCUSX2W46NFe0wRGXvAVJCfok8qeBwGV8b1Weob4bRHLsT/QWPay/D8rkx9zUnw57JkvpnJEq6pJjP1rs56rmT8U3Q2Z/0IPD83+9gdz1/rXY/ONZy+IPnZaFQfuTnvkUcFycq5kzo/9+33f813CiNetbe/6Y2H5oSRhoExsGd/wk37JAgmXs+Vs/zOAQAAALAYSdFf9JM9by32ggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuIROdZm0EcGixwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcF/8FAAD//w2+8P0=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_aout(r0, &(0x7f00000002c0)=ANY=[], 0xc1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r0, 0x0) r1 = socket(0x15, 0x5, 0x0) getsockopt(r1, 0x200000000114, 0x5, 0x0, &(0x7f0000000040)) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {}, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0) rt_sigqueueinfo(0x0, 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in6=@empty, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, [@mark={0xc, 0x15, {0x35075b}}]}, 0xc4}}, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) getsockopt$XDP_MMAP_OFFSETS(0xffffffffffffffff, 0x11b, 0x8, 0x0, &(0x7f0000000080)) r4 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000200), 0x35c, 0x0) read(r4, 0x0, 0x0) mkdirat(0xffffffffffffff9c, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, 0x0) memfd_create(0x0, 0x1) flistxattr(0xffffffffffffffff, 0x0, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x4d, 0x0, &(0x7f0000cab000)=0x2) 225.936151ms ago: executing program 4 (id=1617): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0) r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000004c0)=@newqdisc={0x7c, 0x24, 0xf0b, 0x2800, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x8002, @TCA_SFB_PARMS={0xffffffffffffffcb}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}]}, 0x7c}}, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) 225.754081ms ago: executing program 0 (id=1618): syz_open_dev$tty20(0xc, 0x4, 0x1) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x19, 0x4, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x61}, 0x90) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000001240)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, &(0x7f0000000280)={0x3, 0x0, 0x0, 0x0, 0x7fffffff}) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001500)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0}, 0x10) capset(&(0x7f0000000000), &(0x7f0000000280)) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) syz_emit_ethernet(0x1d9, &(0x7f0000001780)=ANY=[@ANYBLOB="aaaaaaaaaaaa6487a2bed3d688a84900810000000800450001c3e7000000006c907800000000000000000420880b000000000009ffff00000800000086dd7a32b8a8d32f4c1fb7f8f74e2dd83b68b39e84ed9123a4fe41119c46a1daa2677b4442449414755038774ae052e6bfd0020000004727975bb08a885ff201349d0bbddfcf7eccf6722ffc5f503d93a517f1a1ecff212668c7b31865b38aa642746577ba53c338eda1f33cda984e45ce116ef7b43387dd7d72ac95d8c3138360c516872f9e8dfad1c1160793a2d489685422b4c0f99e3a79aacb803d3357d5c56b1a4f729a0fcbe12e39ebf4bc5d1952"], 0x0) socket$key(0xf, 0x3, 0x2) fcntl$setpipe(0xffffffffffffffff, 0x40a, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) sendmsg$NL80211_CMD_SET_MCAST_RATE(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100630}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf0}]}, 0x24}, 0x1, 0x0, 0x0, 0x44004}, 0xc4) syz_clone(0x0, &(0x7f0000000780), 0x0, 0x0, 0x0, 0x0) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000140)) ioprio_set$pid(0x2, 0x0, 0x0) 140.837119ms ago: executing program 4 (id=1619): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000006d00000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, r0}, 0x10) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="180000000f1401"], 0x18}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000002c00)={0x0, 0x500, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x14c, 0x24, 0x4ee4e6a52ff56561, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_TARGET={0x8}, @TCA_CAKE_AUTORATE={0x8, 0x9, 0x1}]}}, @TCA_STAB={0x100, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xc, 0x2, 0x7ff, 0x0, 0x0, 0xfffffeff, 0x3, 0x8}}, {0x14, 0x2, [0x0, 0x1, 0x25a, 0x2, 0x0, 0x1, 0x2, 0xc]}}, {{0x1c, 0x1, {0x1a, 0x5, 0x8000, 0x5640d5c8, 0x0, 0x4136, 0xe, 0x3}}, {0xa, 0x2, [0x9, 0x0, 0x2]}}, {{0x1c, 0x1, {0x0, 0x0, 0x7, 0x0, 0x1, 0x3, 0x0, 0x4}}, {0xc, 0x2, [0x0, 0x10, 0xa, 0x0]}}, {{0x1c, 0x1, {0x1, 0x9f, 0x8001, 0x6a4, 0x0, 0x5, 0xd, 0x3}}, {0xa, 0x2, [0x1ff, 0x0, 0x7]}}, {{0x1c, 0x1, {0x2, 0x5, 0x8, 0x0, 0x2, 0x4, 0x8, 0x7}}, {0x12, 0x2, [0x1, 0x4, 0x6, 0x8, 0x2, 0x2, 0xff]}}, {{0x1c, 0x1, {0x3, 0x0, 0xa757, 0x9, 0x0, 0x4, 0x1, 0x1}}, {0x6, 0x2, [0xfff]}}]}, @TCA_RATE={0x6}]}, 0x14c}}, 0x0) 140.628418ms ago: executing program 4 (id=1620): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000002100010000000000000000000210140000000000000000000c000c40000000000000000000080018004e224e2508000200ac1e000100000000000000"], 0x40}}, 0x0) mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720a05fef8ffffff71a400fe0000000071101000000000001d400200000000004704000001ed00000f030000000000001d440000000000006b0a02fe0000000072030000000a0000b500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0) bpf$BPF_PROG_DETACH(0x10, &(0x7f0000000000)={@map, 0xffffffffffffffff, 0x0, 0x0, 0x4, @prog_fd}, 0x20) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) mremap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil) io_setup(0x300, &(0x7f0000000080)) open(0x0, 0x20000, 0x21) 35.850757ms ago: executing program 1 (id=1621): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x400000000000000) 0s ago: executing program 3 (id=1622): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x34, 0xb, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}]}]}, 0x34}}, 0x0) pipe(&(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x21, 0x0, 0x0, 0x0, 0x114}, 0x48) writev(r1, &(0x7f0000000200)=[{0x0}, {&(0x7f00000006c0)="e6", 0xfdef}], 0x2) r2 = socket$inet6(0xa, 0x3, 0x38) setsockopt$inet6_int(r2, 0x29, 0x36, &(0x7f0000000040), 0x4) writev(r1, &(0x7f0000000180)=[{&(0x7f0000000000)="729804819e25bf1576ffe5c12a5207113f19d58313aba5de68f29cba9eabb7ffc8ffa6ff5e57bb2a1a4db35012bba91acdbe6123e6d1b0e9b009f638c2262aa71fdb6fdca6f5afd31515336efa9d3ac3d1dcb773d177640fa9d940ae528c0de4820b43c5ca5aadd87316a4539842e59b2b62294946b288ccec1b315ad96484c9ce1069450e4b459926691d6e833aa0bc56251cb81bd60c84e5c38f6d84f5e0d7", 0xa0}, {&(0x7f0000002680)="1e253ec931cc2734d5462725cddf6374995c82eceeca917f107e897432b51de03d3abf33ccfe22c152a693d1c169216b00fc6f4fe59798df24f443d7d981499940ca3d0e7b639a9c5699f40130615e8699008a777f5e92eb4179005efedbc946304666375d5d574e27aed6dce365611418c626ce7655ab5a0fe9e00a99f9ea1e8bfb3e5a76e1a34b33f767108f528b26b97ee08cb6706031454e8c6835cf077a2b0015e7a5ad84006b8ee7e416f7fadd4f3a59d9b8bca7bbdc3202f972ed42f3bff0981ce8f99ed93be4171d0a42feedebc274526115293e6deba184062ef3be97711af06d6abf576bf08cb099c6181380b3aa2b48a8b254090a6a2c2cdb37b69d975af91d344c646aadc5ebdc26e1b652eb6b0363b98b03a7b7db3600b258ba87fe77ff18a3dbd2bdd24f8d7961602ced3562dce471a4f3d3397900e1c8629da04127ecd8b24bbf75052fa4b84d3a52c31f0d541e813c4ebb95e9067b452fa13314033dbe8e726ad3b14e7a29fcb3215932d2269b2bf8792c847e4542c6be4f9d1d6ff235dd9df3508b26566f0e193811a7f0a8cee12ca6bb11f69dc84b3e8e0c7f6beefee4af3571b8c83f52e2d6ebf04ed1d687fafc13174d428756aefb7c7b75fa6f50b7a169e52e3a13388bc3c6066a967684da965877e69c16e60ae8fd4c437e9f6cafc979502895bb51c48f17a5692204a17760f719911b33d07436f5b976637d405ddb214fa7452efe0892aa8715fc6aa3f674fbb6f6baaa6de869a781ac9944767a5edf9ce99c766262dca2003a8743ec33d436ac2256185b89cba63a387bfb034e8f13770dda355706e41bb9774dacd19c42b9436ae60744cd0e587802e93f2046b61194e2bbb6e5debac9feb601f2084f0d82e95d26813047ddf15b19659f25bded4a1fc05540af6432bf4c0c6d5489cdbdc1e89462ffd7b8a85a024fb66b0b697e8340b01226fe27d1d78e96f7eb4d90d0f1ae7217c61a1c29073257852e34df4824c1ee2926ecb7c31443a24470c4fb12b053c638d30c22a94ec145c50d582826ca4fdff72c687130a17c2ccf340fcde10fc8dc91cb8b593fba17ba50c7b12577cc860175312bcb52863013501b39e819b75451a1b81b40fc519a1f31e56441cfafe0cd13c5ec6cd55569f5fffa5aa0b8cbcb3d6ea3a4552173141b2bf5adab8a3f2738d2f0df749d4c59e464c3a3b6a3991ee13a07118ebc81b214716ae01d00ac660955c22d25846143e4054df8ac495ec86f19bb683e9842c875b51a95e422cb5438ea9fe39173cb26bef54a11cab1c08499c137081101d20074f94606d58d32c618391b4c110b6b7a0fa4d5ed47b7391929b78d6c2ec805ec92d4b579bffba4a2fdec41c3ce3d8239057d20592d5975a9", 0x3d9}], 0x2) read$rfkill(r1, &(0x7f0000000000), 0x8) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000002ac0)={@map=0x1, r1, 0x1e, 0x2030, 0x0, @link_id}, 0x20) io_uring_setup(0x979, &(0x7f0000000180)) r3 = socket(0x0, 0x0, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r4, &(0x7f0000001000)=ANY=[], 0xff2e) ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"}) r5 = syz_open_pts(r4, 0x0) r6 = dup3(r5, r4, 0x0) r7 = syz_io_uring_setup(0x6d10, &(0x7f00000002c0)={0x0, 0x0, 0x10100}, &(0x7f0000000180), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x701a, &(0x7f00000003c0), &(0x7f0000000240)=0x0, &(0x7f0000000280)) syz_io_uring_submit(r9, r8, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r7, 0x184c, 0x0, 0x0, 0x0, 0x0) ioctl$TCSETS(r6, 0x5402, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "1f833c21d11da827c619179619879eadcafc65"}) bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) r10 = socket$pppl2tp(0x18, 0x1, 0x1) r11 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r10, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r11, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e) r12 = socket$pppl2tp(0x18, 0x1, 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x100000001, 0x0) connect$pppl2tp(r12, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2, 0xfffffffd}}, 0x2e) setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r12, 0x111, 0x4, 0x20000000, 0x4) kernel console output (not intermixed with test programs): 3][ T29] audit: type=1400 audit(1720970423.618:1252): avc: denied { append } for pid=6914 comm="syz.2.1172" path="/10/file1/cgroup.controllers" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 88.592089][ T6915] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1172: bg 0: block 234: padding at end of block bitmap is not set [ 88.606652][ T6915] EXT4-fs (loop2): Remounting filesystem read-only [ 88.633071][ T6915] FAULT_INJECTION: forcing a failure. [ 88.633071][ T6915] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 88.646337][ T6915] CPU: 0 PID: 6915 Comm: syz.2.1172 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 88.656403][ T6915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 88.666741][ T6915] Call Trace: [ 88.670007][ T6915] [ 88.672923][ T6915] dump_stack_lvl+0xf2/0x150 [ 88.677506][ T6915] dump_stack+0x15/0x20 [ 88.681668][ T6915] should_fail_ex+0x229/0x230 [ 88.686326][ T6915] __should_fail_alloc_page+0xfd/0x110 [ 88.691888][ T6915] __alloc_pages_noprof+0x109/0x360 [ 88.697078][ T6915] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 88.702471][ T6915] alloc_migration_target_by_mpol+0x118/0x220 [ 88.708590][ T6915] migrate_pages_batch+0x327/0x1950 [ 88.713865][ T6915] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 88.720448][ T6915] migrate_pages+0xedf/0x1820 [ 88.725440][ T6915] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 88.732259][ T6915] ? mas_next_slot+0xbea/0xc40 [ 88.737017][ T6915] ? mbind_range+0x174/0x460 [ 88.741594][ T6915] __se_sys_mbind+0xf76/0x1160 [ 88.746387][ T6915] __x64_sys_mbind+0x78/0x90 [ 88.751013][ T6915] x64_sys_call+0x1d0a/0x2d70 [ 88.755716][ T6915] do_syscall_64+0xc9/0x1c0 [ 88.760241][ T6915] ? clear_bhb_loop+0x55/0xb0 [ 88.764964][ T6915] ? clear_bhb_loop+0x55/0xb0 [ 88.769705][ T6915] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.775666][ T6915] RIP: 0033:0x7fc7643a8bd9 [ 88.780101][ T6915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.799697][ T6915] RSP: 002b:00007fc76362a048 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 88.808139][ T6915] RAX: ffffffffffffffda RBX: 00007fc764536f60 RCX: 00007fc7643a8bd9 [ 88.816134][ T6915] RDX: 0000000000000000 RSI: 0000000000c00000 RDI: 0000000020000000 [ 88.824088][ T6915] RBP: 00007fc76362a0a0 R08: 0000000000000000 R09: 0000000000000002 [ 88.832040][ T6915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 88.840034][ T6915] R13: 000000000000000b R14: 00007fc764536f60 R15: 00007fff05ad5a08 [ 88.848047][ T6915] [ 88.928555][ T6929] netlink: 'syz.0.1177': attribute type 10 has an invalid length. [ 88.940631][ T29] audit: type=1400 audit(1720970424.028:1253): avc: denied { ioctl } for pid=6924 comm="syz.1.1176" path="socket:[19820]" dev="sockfs" ino=19820 ioctlcmd=0x5451 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 88.968114][ T6931] loop4: detected capacity change from 0 to 128 [ 88.976213][ T6929] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.989824][ T6929] bond0: (slave team0): Enslaving as an active interface with an up link [ 88.998673][ T6932] netlink: 'syz.0.1177': attribute type 10 has an invalid length. [ 89.007548][ T6934] loop1: detected capacity change from 0 to 512 [ 89.014440][ T6932] bond0: (slave team0): Releasing backup interface [ 89.014760][ T6934] EXT4-fs: test_dummy_encryption option not supported [ 89.031122][ T6932] bridge0: port 3(team0) entered blocking state [ 89.037470][ T6932] bridge0: port 3(team0) entered disabled state [ 89.043816][ T6932] team0: entered allmulticast mode [ 89.049012][ T6932] team_slave_0: entered allmulticast mode [ 89.054767][ T6932] team_slave_1: entered allmulticast mode [ 89.055163][ T6937] loop4: detected capacity change from 0 to 128 [ 89.061257][ T6932] team0: entered promiscuous mode [ 89.071854][ T6932] team_slave_0: entered promiscuous mode [ 89.077668][ T6932] team_slave_1: entered promiscuous mode [ 89.085028][ T6927] netlink: 'syz.2.1175': attribute type 10 has an invalid length. [ 89.095784][ T6927] batman_adv: batadv0: Adding interface: team0 [ 89.102012][ T6927] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.127238][ T6927] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 89.129966][ T29] audit: type=1400 audit(1720970424.218:1254): avc: denied { create } for pid=6936 comm="syz.4.1179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1 [ 89.171730][ T6943] loop0: detected capacity change from 0 to 512 [ 89.189060][ T29] audit: type=1400 audit(1720970424.268:1255): avc: denied { setattr } for pid=6944 comm="syz.4.1181" name="ptmx" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ptmx_t tclass=chr_file permissive=1 [ 89.189434][ T6943] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #15: comm syz.0.1180: casefold flag without casefold feature [ 89.212615][ T6946] netlink: 'syz.4.1181': attribute type 3 has an invalid length. [ 89.225990][ T6943] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz.0.1180: couldn't read orphan inode 15 (err -117) [ 89.252020][ T29] audit: type=1326 audit(1720970424.328:1256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6947 comm="syz.3.1182" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f25653dfbd9 code=0x0 [ 89.295713][ T6954] loop4: detected capacity change from 0 to 2048 [ 89.302616][ T6954] EXT4-fs (loop4): invalid inodes per group: 0 [ 89.302616][ T6954] [ 89.319136][ T6956] netlink: 'syz.0.1185': attribute type 3 has an invalid length. [ 89.327391][ T29] audit: type=1400 audit(1720970424.408:1257): avc: denied { recv } for pid=23 comm="ksoftirqd/1" saddr=10.128.0.163 src=30030 daddr=10.128.1.70 dest=47888 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 89.375037][ T6954] loop4: detected capacity change from 0 to 512 [ 89.381081][ T6961] loop0: detected capacity change from 0 to 128 [ 89.388568][ T6961] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 89.400257][ T6954] EXT4-fs error (device loop4): ext4_orphan_get:1420: comm syz.4.1184: bad orphan inode 100663296 [ 89.412143][ T6954] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.426563][ T29] audit: type=1400 audit(1720970424.508:1258): avc: denied { execute } for pid=6953 comm="syz.4.1184" path="/34/file0/hugetlb.2MB.rsvd.usage_in_bytes" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 89.454059][ T29] audit: type=1400 audit(1720970424.538:1259): avc: denied { getopt } for pid=6953 comm="syz.4.1184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 89.479725][ T6965] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1187'. [ 89.480614][ T6966] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1187'. [ 89.498189][ T6966] netlink: 'syz.0.1187': attribute type 21 has an invalid length. [ 89.506041][ T6966] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1187'. [ 89.534029][ T6971] loop0: detected capacity change from 0 to 128 [ 89.575405][ T6973] loop4: detected capacity change from 0 to 512 [ 89.588296][ T29] audit: type=1400 audit(1720970424.668:1260): avc: denied { read } for pid=6974 comm="syz.0.1190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 89.597057][ T6973] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 89.639298][ T6975] llcp: llcp_sock_recvmsg: Recv datagram failed state 3 -6 0 [ 89.711980][ T6299] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /36/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0 [ 89.741254][ T6299] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz-executor: path /36/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 89.765634][ T6299] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /36/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 89.787324][ T6299] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 14: comm syz-executor: path /36/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 89.808717][ T6299] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 15: comm syz-executor: path /36/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 89.830247][ T6299] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /36/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 89.852614][ T6299] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 17: comm syz-executor: path /36/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 89.875242][ T6299] EXT4-fs error (device loop4): ext4_map_blocks:580: inode #2: block 18: comm syz-executor: lblock 23 mapped to illegal pblock 18 (length 1) [ 89.903039][ T6995] netlink: 'syz.2.1198': attribute type 27 has an invalid length. [ 89.910950][ T6995] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1198'. [ 89.924992][ T7003] loop1: detected capacity change from 0 to 256 [ 89.931888][ T7003] FAT-fs (loop1): Unrecognized mount option "umask=00000000000— .Î00077777" or missing value [ 89.943657][ T7005] loop2: detected capacity change from 0 to 128 [ 90.009578][ T7003] loop1: detected capacity change from 0 to 8192 [ 90.054757][ T7003] loop1: p1 p2 p4 [ 90.058532][ T7003] loop1: p1 size 108922248 extends beyond EOD, truncated [ 90.066984][ T7003] loop1: p2 start 861536256 is beyond EOD, truncated [ 90.073954][ T7003] loop1: p4 start 4194304 is beyond EOD, truncated [ 90.200791][ T7028] loop2: detected capacity change from 0 to 512 [ 90.219468][ T1522] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.287803][ T1522] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.438516][ T1522] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.533548][ T1522] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.603122][ T7054] 9pnet_fd: Insufficient options for proto=fd [ 90.632676][ T7059] loop0: detected capacity change from 0 to 256 [ 90.640571][ T7059] FAT-fs (loop0): Unrecognized mount option "umask=00000000000— .Î00077777" or missing value [ 90.652361][ T7031] chnl_net:caif_netlink_parms(): no params data found [ 90.701318][ T1522] bridge_slave_1: left allmulticast mode [ 90.707035][ T1522] bridge_slave_1: left promiscuous mode [ 90.712898][ T1522] bridge0: port 2(bridge_slave_1) entered disabled state [ 90.721474][ T1522] bridge_slave_0: left allmulticast mode [ 90.727231][ T1522] bridge_slave_0: left promiscuous mode [ 90.730887][ T7059] loop0: detected capacity change from 0 to 8192 [ 90.733056][ T1522] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.772126][ T7068] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1219'. [ 90.798335][ T7059] loop0: p1 p2 p4 [ 90.803771][ T7059] loop0: p1 size 108922248 extends beyond EOD, truncated [ 90.811370][ T7059] loop0: p2 start 861536256 is beyond EOD, truncated [ 90.811923][ T1522] batman_adv: batadv0: Removing interface: macvlan2 [ 90.818299][ T7059] loop0: p4 start 4194304 is beyond EOD, truncated [ 90.907556][ T1522] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 90.918363][ T1522] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 90.929055][ T1522] bond0 (unregistering): Released all slaves [ 90.936920][ T7031] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.944043][ T7031] bridge0: port 1(bridge_slave_0) entered disabled state [ 90.951383][ T7031] bridge_slave_0: entered allmulticast mode [ 90.960019][ T7030] 9pnet_fd: Insufficient options for proto=fd [ 90.960668][ T7031] bridge_slave_0: entered promiscuous mode [ 90.974592][ T7030] loop1: detected capacity change from 0 to 256 [ 90.975541][ T7031] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.980999][ T7030] FAT-fs (loop1): Unrecognized mount option "18446744073709551615" or missing value [ 90.987905][ T7031] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.005818][ T7031] bridge_slave_1: entered allmulticast mode [ 91.012568][ T7031] bridge_slave_1: entered promiscuous mode [ 91.024564][ T7072] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1222'. [ 91.074974][ T1522] hsr_slave_0: left promiscuous mode [ 91.080700][ T1522] hsr_slave_1: left promiscuous mode [ 91.088434][ T1522] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 91.095874][ T1522] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 91.108264][ T1522] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 91.115681][ T1522] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 91.126270][ T1522] veth1_macvtap: left promiscuous mode [ 91.131786][ T1522] veth0_macvtap: left promiscuous mode [ 91.137361][ T1522] veth1_vlan: left promiscuous mode [ 91.142680][ T1522] veth0_vlan: left promiscuous mode [ 91.200096][ T7091] loop1: detected capacity change from 0 to 2048 [ 91.239777][ T7091] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1227'. [ 91.249718][ T1522] team0 (unregistering): Port device team_slave_1 removed [ 91.257289][ T7091] loop1: detected capacity change from 0 to 128 [ 91.263900][ T1522] team0 (unregistering): Port device team_slave_0 removed [ 91.319321][ T7031] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.340841][ T7031] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.363593][ T7031] team0: Port device team_slave_0 added [ 91.377757][ T7031] team0: Port device team_slave_1 added [ 91.397831][ T7031] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.404934][ T7031] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.431036][ T7031] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.443715][ T7031] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.450774][ T7031] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 91.476746][ T7031] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 91.517718][ T7116] loop1: detected capacity change from 0 to 1024 [ 91.528421][ T7031] hsr_slave_0: entered promiscuous mode [ 91.534470][ T7031] hsr_slave_1: entered promiscuous mode [ 91.540560][ T7031] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 91.548299][ T7031] Cannot create hsr debugfs directory [ 91.555271][ T7116] FAULT_INJECTION: forcing a failure. [ 91.555271][ T7116] name failslab, interval 1, probability 0, space 0, times 0 [ 91.567883][ T7116] CPU: 1 PID: 7116 Comm: syz.1.1230 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 91.577922][ T7116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 91.587955][ T7116] Call Trace: [ 91.591213][ T7116] [ 91.594136][ T7116] dump_stack_lvl+0xf2/0x150 [ 91.598729][ T7116] dump_stack+0x15/0x20 [ 91.603067][ T7116] should_fail_ex+0x229/0x230 [ 91.607725][ T7116] ? __sigqueue_alloc+0xf6/0x180 [ 91.612648][ T7116] __should_failslab+0x92/0xa0 [ 91.617429][ T7116] should_failslab+0x9/0x20 [ 91.621960][ T7116] kmem_cache_alloc_noprof+0x4c/0x290 [ 91.627507][ T7116] __sigqueue_alloc+0xf6/0x180 [ 91.632346][ T7116] __send_signal_locked+0x139/0x700 [ 91.637523][ T7116] send_signal_locked+0x28f/0x3a0 [ 91.642584][ T7116] ? bpf_ringbuf_output+0x111/0x150 [ 91.647898][ T7116] do_send_sig_info+0x9f/0xf0 [ 91.652629][ T7116] group_send_sig_info+0x6d/0x90 [ 91.657612][ T7116] bpf_send_signal_common+0x1a5/0x230 [ 91.662964][ T7116] ? __pfx_bpf_send_signal_thread+0x10/0x10 [ 91.668837][ T7116] bpf_send_signal_thread+0x16/0x20 [ 91.674034][ T7116] ___bpf_prog_run+0x9ab/0x46c0 [ 91.679081][ T7116] __bpf_prog_run32+0x74/0xa0 [ 91.683747][ T7116] ? __rcu_read_lock+0x36/0x50 [ 91.688620][ T7116] bpf_trace_run3+0x10c/0x1d0 [ 91.693362][ T7116] __bpf_trace_ext4_es_insert_delayed_block+0x2b/0x40 [ 91.700110][ T7116] ext4_es_insert_delayed_block+0x58e/0x5f0 [ 91.705990][ T7116] ? __pfx_ext4_es_is_delonly+0x10/0x10 [ 91.711514][ T7116] ext4_da_get_block_prep+0x620/0xab0 [ 91.716951][ T7116] __block_write_begin_int+0x417/0xfa0 [ 91.722404][ T7116] ? __pfx_ext4_da_get_block_prep+0x10/0x10 [ 91.728304][ T7116] ? __pfx_ext4_da_get_block_prep+0x10/0x10 [ 91.734240][ T7116] __block_write_begin+0x5e/0x110 [ 91.739247][ T7116] ext4_da_write_begin+0x31a/0x550 [ 91.744483][ T7116] generic_perform_write+0x1d5/0x410 [ 91.749825][ T7116] ? __pfx_ext4_da_write_end+0x10/0x10 [ 91.755428][ T7116] ext4_buffered_write_iter+0x1f6/0x380 [ 91.761086][ T7116] ext4_file_write_iter+0x29f/0xe30 [ 91.766423][ T7116] ? kstrtouint+0x77/0xc0 [ 91.770896][ T7116] ? kstrtouint_from_user+0xb0/0xe0 [ 91.776084][ T7116] ? avc_policy_seqno+0x15/0x20 [ 91.780917][ T7116] ? selinux_file_permission+0x22c/0x360 [ 91.786608][ T7116] vfs_write+0x78f/0x900 [ 91.790881][ T7116] ? __pfx_ext4_file_write_iter+0x10/0x10 [ 91.796587][ T7116] ksys_write+0xeb/0x1b0 [ 91.800849][ T7116] __x64_sys_write+0x42/0x50 [ 91.805429][ T7116] x64_sys_call+0x27ef/0x2d70 [ 91.810116][ T7116] do_syscall_64+0xc9/0x1c0 [ 91.814651][ T7116] ? clear_bhb_loop+0x55/0xb0 [ 91.819446][ T7116] ? clear_bhb_loop+0x55/0xb0 [ 91.824105][ T7116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.830029][ T7116] RIP: 0033:0x7fbd526bbbd9 [ 91.834438][ T7116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.854096][ T7116] RSP: 002b:00007fbd5193d048 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 91.862570][ T7116] RAX: ffffffffffffffda RBX: 00007fbd52849f60 RCX: 00007fbd526bbbd9 [ 91.870528][ T7116] RDX: 000000000000fea7 RSI: 00000000200000c0 RDI: 0000000000000007 [ 91.878541][ T7116] RBP: 00007fbd5193d0a0 R08: 0000000000000000 R09: 0000000000000000 [ 91.886689][ T7116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 91.894673][ T7116] R13: 000000000000004d R14: 00007fbd52849f60 R15: 00007fffa24270f8 [ 91.902633][ T7116] [ 91.916145][ T67] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 91.932386][ T67] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28 [ 91.944800][ T67] EXT4-fs (loop1): This should not happen!! Data will be lost [ 91.944800][ T67] [ 91.954864][ T67] EXT4-fs (loop1): Total free blocks count 0 [ 91.960867][ T67] EXT4-fs (loop1): Free/Dirty block details [ 91.966819][ T67] EXT4-fs (loop1): free_blocks=68451041280 [ 91.972610][ T67] EXT4-fs (loop1): dirty_blocks=64 [ 91.977992][ T67] EXT4-fs (loop1): Block reservation details [ 91.983947][ T67] EXT4-fs (loop1): i_reserved_data_blocks=4 [ 92.011724][ T7077] chnl_net:caif_netlink_parms(): no params data found [ 92.079276][ T7130] loop2: detected capacity change from 0 to 1024 [ 92.087049][ T7130] EXT4-fs: Invalid want_extra_isize 1 [ 92.095064][ T7131] vhci_hcd: default hub control req: 0500 v0000 i0000 l0 [ 92.143259][ T7131] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1234'. [ 92.152396][ T7133] netlink: 'syz.1.1236': attribute type 12 has an invalid length. [ 92.202048][ T7077] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.209409][ T7077] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.229514][ T7077] bridge_slave_0: entered allmulticast mode [ 92.236033][ T7077] bridge_slave_0: entered promiscuous mode [ 92.248355][ T7077] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.255560][ T7077] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.273461][ T7148] loop2: detected capacity change from 0 to 2048 [ 92.274642][ T7077] bridge_slave_1: entered allmulticast mode [ 92.289785][ T7077] bridge_slave_1: entered promiscuous mode [ 92.307039][ T7077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.320013][ T7077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.320213][ T7148] loop2: detected capacity change from 0 to 128 [ 92.340777][ T7077] team0: Port device team_slave_0 added [ 92.347105][ T7077] team0: Port device team_slave_1 added [ 92.360848][ T7077] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.367965][ T7077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.393970][ T7077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.405498][ T7077] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.412445][ T7077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 92.438436][ T7077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.480876][ T7077] hsr_slave_0: entered promiscuous mode [ 92.493469][ T7077] hsr_slave_1: entered promiscuous mode [ 92.500054][ T7077] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 92.507839][ T7077] Cannot create hsr debugfs directory [ 92.514032][ T7165] nfs: Unknown parameter 'ÿÿÿÿÿÿÿÿ0xffffffffffffffff' [ 92.537267][ T7168] vhci_hcd: default hub control req: 0500 v0000 i0000 l0 [ 92.547567][ T7168] __nla_validate_parse: 2 callbacks suppressed [ 92.547580][ T7168] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1246'. [ 92.578276][ T7031] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 92.592318][ T7031] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 92.608485][ T7031] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 92.611074][ T7170] loop2: detected capacity change from 0 to 1024 [ 92.622201][ T7170] EXT4-fs: Invalid want_extra_isize 1 [ 92.623476][ T7031] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 92.648519][ T7077] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.689140][ T7031] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.702299][ T7031] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.720767][ T3445] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.727915][ T3445] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.737736][ T3445] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.744812][ T3445] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.763334][ T7031] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 92.773954][ T7031] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 92.795539][ T7077] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.837746][ T7077] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.853944][ T7031] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.892085][ T7191] loop2: detected capacity change from 0 to 764 [ 92.903601][ T7191] iso9660: Unknown parameter 'nl802154' [ 92.911829][ T7077] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.978922][ T7031] veth0_vlan: entered promiscuous mode [ 92.985829][ T11] team0: left allmulticast mode [ 92.990738][ T11] team_slave_0: left allmulticast mode [ 92.996345][ T11] team_slave_1: left allmulticast mode [ 93.001877][ T11] team0: left promiscuous mode [ 93.006705][ T11] team_slave_0: left promiscuous mode [ 93.012198][ T11] team_slave_1: left promiscuous mode [ 93.017794][ T11] bridge0: port 3(team0) entered disabled state [ 93.024823][ T11] bridge_slave_1: left allmulticast mode [ 93.030565][ T11] bridge_slave_1: left promiscuous mode [ 93.036198][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.043885][ T11] bridge_slave_0: left allmulticast mode [ 93.049625][ T11] bridge_slave_0: left promiscuous mode [ 93.055365][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.124306][ T7201] loop3: detected capacity change from 0 to 2048 [ 93.168084][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 93.171940][ T7201] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1252'. [ 93.189193][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 93.191887][ T7201] loop3: detected capacity change from 0 to 128 [ 93.207442][ T11] bond0 (unregistering): Released all slaves [ 93.232244][ T7031] veth1_vlan: entered promiscuous mode [ 93.241959][ T7077] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.258072][ T7077] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.265771][ T7206] vhci_hcd: default hub control req: 0500 v0000 i0000 l0 [ 93.280339][ T7031] veth0_macvtap: entered promiscuous mode [ 93.288603][ T7077] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.299108][ T11] hsr_slave_0: left promiscuous mode [ 93.305891][ T11] hsr_slave_1: left promiscuous mode [ 93.311553][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 93.319046][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 93.327998][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 93.335474][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 93.344684][ T11] veth1_macvtap: left promiscuous mode [ 93.350156][ T11] veth0_macvtap: left promiscuous mode [ 93.355730][ T11] veth1_vlan: left promiscuous mode [ 93.361009][ T11] veth0_vlan: left promiscuous mode [ 93.388698][ T7213] loop3: detected capacity change from 0 to 512 [ 93.474312][ T11] team0 (unregistering): Port device team_slave_1 removed [ 93.493172][ T11] team0 (unregistering): Port device team_slave_0 removed [ 93.533708][ T7206] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1254'. [ 93.543753][ T7031] veth1_macvtap: entered promiscuous mode [ 93.550231][ T7077] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.565948][ T7031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.576439][ T7031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.586449][ T7031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 93.596861][ T7031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.608900][ T7031] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.633203][ T7031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.643917][ T7031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.653945][ T7031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.664533][ T7031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.684065][ T7031] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.697798][ T7031] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.706776][ T7031] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.715617][ T7031] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.724291][ T7031] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.842142][ T7077] 8021q: adding VLAN 0 to HW filter on device bond0 [ 93.861849][ T7077] 8021q: adding VLAN 0 to HW filter on device team0 [ 93.893221][ T3887] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.900312][ T3887] bridge0: port 1(bridge_slave_0) entered forwarding state [ 93.927031][ T3887] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.934100][ T3887] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.031907][ T7077] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 94.042436][ T7077] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 94.400582][ T7077] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 94.495777][ T29] kauditd_printk_skb: 12 callbacks suppressed [ 94.495791][ T29] audit: type=1400 audit(1720970429.578:1273): avc: denied { watch } for pid=7257 comm="syz.3.1266" path="/285" dev="tmpfs" ino=1565 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 94.502401][ T7259] loop3: detected capacity change from 0 to 1024 [ 94.572086][ T7077] veth0_vlan: entered promiscuous mode [ 94.596147][ T7258] EXT4-fs (loop3): shut down requested (0) [ 94.602119][ T29] audit: type=1400 audit(1720970429.678:1274): avc: denied { ioctl } for pid=7257 comm="syz.3.1266" path="/285/file1/memory.numa_stat" dev="loop3" ino=18 ioctlcmd=0x587d scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 94.628450][ T7077] veth1_vlan: entered promiscuous mode [ 94.665624][ T7077] veth0_macvtap: entered promiscuous mode [ 94.674769][ T7077] veth1_macvtap: entered promiscuous mode [ 94.696416][ T7272] loop2: detected capacity change from 0 to 512 [ 94.698467][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.703633][ T7272] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002] [ 94.713104][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.713127][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.713141][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.713179][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 94.762121][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.776139][ T7272] System zones: 1-12 [ 94.780183][ T7272] EXT4-fs (loop2): orphan cleanup on readonly fs [ 94.788695][ T7272] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 33619980: comm syz.2.1267: invalid block [ 94.802247][ T7272] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1267: invalid indirect mapped block 1819239214 (level 1) [ 94.823102][ T7077] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.843230][ T7278] loop3: detected capacity change from 0 to 136 [ 94.853473][ T7272] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1267: bg 0: block 361: padding at end of block bitmap is not set [ 94.858730][ T7278] FAULT_INJECTION: forcing a failure. [ 94.858730][ T7278] name failslab, interval 1, probability 0, space 0, times 0 [ 94.877542][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.880342][ T7278] CPU: 0 PID: 7278 Comm: syz.3.1268 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 94.890726][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.900712][ T7278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 94.910526][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.920514][ T7278] Call Trace: [ 94.920523][ T7278] [ 94.920531][ T7278] dump_stack_lvl+0xf2/0x150 [ 94.930908][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.934159][ T7278] dump_stack+0x15/0x20 [ 94.937260][ T7077] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 94.941621][ T7278] should_fail_ex+0x229/0x230 [ 94.951404][ T7077] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 94.961462][ T7272] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 94.965960][ T7278] ? kvmalloc_node_noprof+0x72/0x170 [ 94.965994][ T7278] __should_failslab+0x92/0xa0 [ 94.970772][ T7272] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.1267: attempt to clear invalid blocks 33619980 len 1 [ 94.980407][ T7278] should_failslab+0x9/0x20 [ 94.990927][ T7077] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.994319][ T7278] __kmalloc_node_noprof+0xa8/0x380 [ 95.002352][ T7272] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1267: invalid indirect mapped block 1819239214 (level 0) [ 95.012404][ T7278] ? security_sid_to_context_core+0x2b8/0x2f0 [ 95.012433][ T7278] kvmalloc_node_noprof+0x72/0x170 [ 95.012458][ T7278] simple_xattr_alloc+0x43/0x90 [ 95.012572][ T7278] shmem_initxattrs+0x18a/0x2f0 [ 95.018984][ T7077] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.024219][ T7278] security_inode_init_security+0x19d/0x290 [ 95.029436][ T7077] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.043243][ T7278] ? __pfx_shmem_initxattrs+0x10/0x10 [ 95.043272][ T7278] shmem_mknod+0xa8/0x180 [ 95.043357][ T7278] shmem_mkdir+0x33/0x70 [ 95.043382][ T7278] vfs_mkdir+0x1f4/0x320 [ 95.049521][ T7077] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.054535][ T7278] do_mkdirat+0x12f/0x2a0 [ 95.059368][ T7077] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.064181][ T7278] __x64_sys_mkdirat+0x50/0x60 [ 95.064205][ T7278] x64_sys_call+0x2ce5/0x2d70 [ 95.074727][ T7272] EXT4-fs (loop2): 1 truncate cleaned up [ 95.078752][ T7278] do_syscall_64+0xc9/0x1c0 [ 95.078781][ T7278] ? clear_bhb_loop+0x55/0xb0 [ 95.078804][ T7278] ? clear_bhb_loop+0x55/0xb0 [ 95.156461][ T7278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.162433][ T7278] RIP: 0033:0x7f25653de517 [ 95.166831][ T7278] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.186450][ T7278] RSP: 002b:00007f2564660e78 EFLAGS: 00000206 ORIG_RAX: 0000000000000102 [ 95.194850][ T7278] RAX: ffffffffffffffda RBX: 00007f2564660f00 RCX: 00007f25653de517 [ 95.202884][ T7278] RDX: 00000000000001ff RSI: 0000000020000400 RDI: 00000000ffffff9c [ 95.210868][ T7278] RBP: 00000000200003c0 R08: 0000000000000000 R09: 00000000000003ef [ 95.218825][ T7278] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000400 [ 95.226779][ T7278] R13: 00007f2564660ec0 R14: 00000000000003f5 R15: 0000000020001640 [ 95.234782][ T7278] [ 95.243948][ T7288] netlink: 'syz.4.1272': attribute type 2 has an invalid length. [ 95.251795][ T7288] netlink: 'syz.4.1272': attribute type 9 has an invalid length. [ 95.259545][ T7288] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.1272'. [ 95.320768][ T7303] loop2: detected capacity change from 0 to 256 [ 95.331224][ T29] audit: type=1400 audit(1720970430.418:1275): avc: denied { mounton } for pid=7301 comm="syz.2.1273" path="/45/file1/file0" dev="loop2" ino=52 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1 [ 95.348580][ T7292] 9pnet: Could not find request transport: tc [ 95.356885][ T7299] netlink: 'syz.3.1276': attribute type 1 has an invalid length. [ 95.375329][ T6510] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 95.382122][ T7299] loop3: detected capacity change from 0 to 512 [ 95.383379][ T6510] FAT-fs (loop2): error, corrupted directory (invalid entries) [ 95.410431][ T7299] ext4 filesystem being mounted at /287/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 95.445861][ T7299] bond1: (slave macvlan2): Enslaving as a backup interface with a down link [ 95.512032][ T7333] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1282'. [ 95.570205][ T7346] loop1: detected capacity change from 0 to 512 [ 95.589217][ T7348] loop0: detected capacity change from 0 to 2048 [ 95.590756][ T7350] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1284'. [ 95.596182][ T7348] EXT4-fs: Ignoring removed nomblk_io_submit option [ 95.613820][ T7346] EXT4-fs: Ignoring removed mblk_io_submit option [ 95.620907][ T7346] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 95.631427][ T7348] EXT4-fs mount: 27 callbacks suppressed [ 95.631440][ T7348] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.638391][ T7350] loop3: detected capacity change from 0 to 512 [ 95.650952][ T7346] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 95.658034][ T7350] journal_path: Lookup failure for './file1' [ 95.671464][ T7350] EXT4-fs: error: could not find journal device path [ 95.671777][ T7348] EXT4-fs error (device loop0): ext4_read_inline_dir:1560: inode #12: block 5: comm syz.0.1287: path /4/file1/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0 [ 95.700558][ T7348] EXT4-fs (loop0): Remounting filesystem read-only [ 95.707439][ T7346] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 95.716881][ T7356] loop4: detected capacity change from 0 to 256 [ 95.718159][ T7346] EXT4-fs (loop1): orphan cleanup on readonly fs [ 95.732111][ T7346] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1286: Invalid block bitmap block 0 in block_group 0 [ 95.746973][ T7346] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1286: Invalid block bitmap block 0 in block_group 0 [ 95.764108][ T1522] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.764456][ T7346] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1286: Invalid block bitmap block 0 in block_group 0 [ 95.792441][ T7346] Quota error (device loop1): write_blk: dquota write failed [ 95.799958][ T7346] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 95.810119][ T7346] EXT4-fs error (device loop1): ext4_acquire_dquot:6860: comm syz.1.1286: Failed to acquire dquot type 1 [ 95.821904][ T7077] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.831680][ T7346] EXT4-fs (loop1): 1 orphan inode deleted [ 95.838104][ T11] Quota error (device loop1): do_check_range: Getting block 0 out of range 1-5 [ 95.847124][ T11] EXT4-fs error (device loop1): ext4_release_dquot:6883: comm kworker/u8:0: Failed to release dquot type 1 [ 95.859664][ T7346] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 95.881613][ T3078] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.915933][ T1522] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.952511][ T7391] loop4: detected capacity change from 0 to 512 [ 95.960982][ T1522] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.991214][ T7394] netlink: 'syz.1.1299': attribute type 3 has an invalid length. [ 96.002396][ T7394] netlink: 'syz.1.1299': attribute type 3 has an invalid length. [ 96.022007][ T1522] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.039368][ T7362] chnl_net:caif_netlink_parms(): no params data found [ 96.112678][ T7415] loop3: detected capacity change from 0 to 512 [ 96.120850][ T7415] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 96.137229][ T7362] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.143652][ T7415] EXT4-fs (loop3): 1 truncate cleaned up [ 96.144284][ T7362] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.150164][ T7415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.169403][ T7362] bridge_slave_0: entered allmulticast mode [ 96.176394][ T7362] bridge_slave_0: entered promiscuous mode [ 96.183475][ T7362] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.190671][ T7362] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.198887][ T7362] bridge_slave_1: entered allmulticast mode [ 96.205691][ T7362] bridge_slave_1: entered promiscuous mode [ 96.235860][ T29] audit: type=1400 audit(1720970431.298:1276): avc: denied { append } for pid=7425 comm="syz.0.1307" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 96.259050][ T29] audit: type=1400 audit(1720970431.298:1277): avc: denied { ioctl } for pid=7425 comm="syz.0.1307" path="/dev/nvram" dev="devtmpfs" ino=98 ioctlcmd=0x534e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 96.260269][ T1522] bridge_slave_1: left allmulticast mode [ 96.260285][ T1522] bridge_slave_1: left promiscuous mode [ 96.260391][ T1522] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.294303][ T1522] bridge_slave_0: left allmulticast mode [ 96.311192][ T1522] bridge_slave_0: left promiscuous mode [ 96.316868][ T1522] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.393006][ T3426] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.472903][ T1522] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 96.483751][ T1522] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 96.493909][ T1522] bond0 (unregistering): Released all slaves [ 96.504670][ T7427] netlink: 'syz.0.1307': attribute type 5 has an invalid length. [ 96.520413][ T7362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.540985][ T7429] netlink: 'syz.0.1307': attribute type 5 has an invalid length. [ 96.564978][ T7362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.582128][ T7442] loop3: detected capacity change from 0 to 512 [ 96.596007][ T7442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.618920][ T7442] ext4 filesystem being mounted at /295/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.632304][ T7362] team0: Port device team_slave_0 added [ 96.642180][ T7362] team0: Port device team_slave_1 added [ 96.666506][ T7446] loop0: detected capacity change from 0 to 2048 [ 96.667226][ T7442] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1310: bg 0: block 417: padding at end of block bitmap is not set [ 96.687928][ T7442] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 117 [ 96.700443][ T7442] EXT4-fs (loop3): This should not happen!! Data will be lost [ 96.700443][ T7442] [ 96.712291][ T1522] hsr_slave_0: left promiscuous mode [ 96.718295][ T1522] hsr_slave_1: left promiscuous mode [ 96.724087][ T1522] batman_adv: batadv0: Removing interface: team0 [ 96.731011][ T1522] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 96.738525][ T1522] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 96.746253][ T1522] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 96.753969][ T1522] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 96.762899][ T3426] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.773256][ T1522] veth1_macvtap: left promiscuous mode [ 96.778774][ T1522] veth0_macvtap: left promiscuous mode [ 96.784338][ T1522] veth1_vlan: left promiscuous mode [ 96.789604][ T1522] veth0_vlan: left promiscuous mode [ 96.878188][ T1522] team0 (unregistering): Port device team_slave_1 removed [ 96.888513][ T1522] team0 (unregistering): Port device team_slave_0 removed [ 96.923817][ T7362] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.930859][ T7362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.956831][ T7362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.972223][ T7362] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.979262][ T7362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.005228][ T7362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.015996][ T7458] netlink: 'syz.0.1315': attribute type 5 has an invalid length. [ 97.032633][ T7467] bond2: entered allmulticast mode [ 97.038581][ T7467] 8021q: adding VLAN 0 to HW filter on device bond2 [ 97.046550][ T7467] bridge0: port 2(bond2) entered blocking state [ 97.052862][ T7467] bridge0: port 2(bond2) entered disabled state [ 97.061418][ T7467] bond2: entered promiscuous mode [ 97.083104][ T7475] loop4: detected capacity change from 0 to 8192 [ 97.100908][ T7362] hsr_slave_0: entered promiscuous mode [ 97.109331][ T7475] loop4: p1 p2 p4 [ 97.113166][ T7475] loop4: p1 size 108922248 extends beyond EOD, truncated [ 97.120675][ T7362] hsr_slave_1: entered promiscuous mode [ 97.120759][ T7475] loop4: p2 start 861536256 is beyond EOD, truncated [ 97.133503][ T7475] loop4: p4 start 4194304 is beyond EOD, truncated [ 97.138252][ T7490] netlink: 220 bytes leftover after parsing attributes in process `syz.3.1325'. [ 97.156448][ T7487] netlink: 88 bytes leftover after parsing attributes in process `syz.0.1324'. [ 97.165861][ T7488] netlink: 88 bytes leftover after parsing attributes in process `syz.0.1324'. [ 97.211512][ T7499] loop0: detected capacity change from 0 to 128 [ 97.218336][ T7499] FAT-fs (loop0): Unrecognized mount option "01777777777777777777777" or missing value [ 97.240362][ T7502] netlink: 'syz.3.1330': attribute type 3 has an invalid length. [ 97.251275][ T29] audit: type=1326 audit(1720970432.338:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7501 comm="syz.3.1330" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f25653dfbd9 code=0x0 [ 97.353394][ T7510] usb usb5: usbfs: process 7510 (syz.4.1333) did not claim interface 0 before use [ 97.363509][ T7511] loop3: detected capacity change from 0 to 2048 [ 97.383360][ T7513] loop4: detected capacity change from 0 to 1024 [ 97.395375][ T7513] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 97.409195][ T7517] loop0: detected capacity change from 0 to 1024 [ 97.415822][ T7517] EXT4-fs: Invalid want_extra_isize 1 [ 97.429400][ T7511] GPT:first_usable_lbas don't match. [ 97.434779][ T7511] GPT:34 != 290 [ 97.438235][ T7511] GPT: Use GNU Parted to correct GPT errors. [ 97.444363][ T7511] loop3: p1 p2 p3 [ 97.482385][ T7528] loop0: detected capacity change from 0 to 512 [ 97.490065][ T7528] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 97.516933][ T7077] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 97.531679][ T7534] nftables ruleset with unbound chain [ 97.538064][ T7362] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.550053][ T7525] loop4: detected capacity change from 0 to 8192 [ 97.550898][ T7362] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.568180][ T7362] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.577242][ T7362] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.586904][ T7525] loop4: p1 p2 p4 [ 97.590865][ T7538] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.598194][ T7538] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.606729][ T7525] loop4: p1 size 108922248 extends beyond EOD, truncated [ 97.639881][ T7525] loop4: p2 start 861536256 is beyond EOD, truncated [ 97.646844][ T7525] loop4: p4 start 4194304 is beyond EOD, truncated [ 97.652135][ T7544] loop1: detected capacity change from 0 to 256 [ 97.662204][ T7362] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.677291][ T7362] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.687692][ T5900] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.694831][ T5900] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.708324][ T5900] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.715406][ T5900] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.762426][ T7362] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 97.785037][ T7555] loop4: detected capacity change from 0 to 512 [ 97.793774][ T7555] EXT4-fs (loop4): inodes count not valid: 27 vs 32 [ 97.824125][ T7362] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.887712][ T7362] veth0_vlan: entered promiscuous mode [ 97.895741][ T7362] veth1_vlan: entered promiscuous mode [ 97.912107][ T7362] veth0_macvtap: entered promiscuous mode [ 97.919639][ T7362] veth1_macvtap: entered promiscuous mode [ 97.930025][ T7362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.940534][ T7362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.950455][ T7362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.950885][ T7573] loop4: detected capacity change from 0 to 512 [ 97.960985][ T7362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.977233][ T7362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.978562][ T7573] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 97.987711][ T7362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.989641][ T7362] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.017708][ T7031] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 98.018473][ T7362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.037273][ T7362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.047354][ T7362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.057976][ T7362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.067990][ T7362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.078663][ T7362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.089684][ T7362] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.101932][ T7362] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.110640][ T7362] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.119317][ T7362] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.128068][ T7362] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.167359][ T7577] loop4: detected capacity change from 0 to 512 [ 98.209603][ T7577] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.211091][ T7586] FAULT_INJECTION: forcing a failure. [ 98.211091][ T7586] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 98.232655][ T7577] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 98.235362][ T7586] CPU: 0 PID: 7586 Comm: syz.2.1356 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 98.255752][ T7586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 98.266245][ T7586] Call Trace: [ 98.269514][ T7586] [ 98.272451][ T7586] dump_stack_lvl+0xf2/0x150 [ 98.277062][ T7586] dump_stack+0x15/0x20 [ 98.281224][ T7586] should_fail_ex+0x229/0x230 [ 98.285902][ T7586] __should_fail_alloc_page+0xfd/0x110 [ 98.291420][ T7586] __alloc_pages_noprof+0x109/0x360 [ 98.296618][ T7586] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 98.302053][ T7586] shmem_get_folio_gfp+0x3e4/0xb70 [ 98.307189][ T7586] shmem_write_begin+0xa0/0x1c0 [ 98.312089][ T7586] generic_perform_write+0x1d5/0x410 [ 98.317415][ T7586] ? __pfx_shmem_write_end+0x10/0x10 [ 98.322721][ T7586] shmem_file_write_iter+0xc8/0xf0 [ 98.327900][ T7586] vfs_write+0x78f/0x900 [ 98.332223][ T7586] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 98.338022][ T7586] ksys_write+0xeb/0x1b0 [ 98.342260][ T7586] __x64_sys_write+0x42/0x50 [ 98.346841][ T7586] x64_sys_call+0x27ef/0x2d70 [ 98.351580][ T7586] do_syscall_64+0xc9/0x1c0 [ 98.356078][ T7586] ? clear_bhb_loop+0x55/0xb0 [ 98.360771][ T7586] ? clear_bhb_loop+0x55/0xb0 [ 98.365440][ T7586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.371337][ T7586] RIP: 0033:0x7f400278675f [ 98.375756][ T7586] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 98.395445][ T7586] RSP: 002b:00007f4001a08e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 98.403843][ T7586] RAX: ffffffffffffffda RBX: 0000000000127800 RCX: 00007f400278675f [ 98.411867][ T7586] RDX: 0000000000127800 RSI: 00007f3ff95e9000 RDI: 0000000000000005 [ 98.419821][ T7586] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000a51 [ 98.427825][ T7586] R10: 0000000020000b02 R11: 0000000000000293 R12: 0000000000000005 [ 98.435938][ T7586] R13: 00007f4001a08f00 R14: 00007f4001a08ec0 R15: 00007f3ff95e9000 [ 98.443929][ T7586] [ 98.472571][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.512780][ T7594] loop2: detected capacity change from 0 to 128 [ 98.525023][ T7598] loop4: detected capacity change from 0 to 1024 [ 98.556000][ T7598] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 98.597417][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.611720][ T7617] IPv6: addrconf: prefix option has invalid lifetime [ 98.621973][ T7606] netlink: 'syz.0.1365': attribute type 27 has an invalid length. [ 98.681245][ T7606] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.688481][ T7606] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.766417][ T7606] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 98.784749][ T7606] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.836184][ T7642] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7642 comm=syz.4.1371 [ 98.852666][ T7644] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1372'. [ 98.867246][ T7642] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7642 comm=syz.4.1371 [ 98.886941][ T7606] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.895893][ T7606] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.905008][ T7606] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.913882][ T7606] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 98.951713][ T7647] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1374'. [ 99.021564][ T7647] loop4: detected capacity change from 0 to 2048 [ 99.070525][ T7647] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 99.128669][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.334462][ T29] audit: type=1400 audit(1720970434.408:1279): avc: denied { unmount } for pid=7362 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1 [ 99.655476][ T7673] FAULT_INJECTION: forcing a failure. [ 99.655476][ T7673] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 99.668568][ T7673] CPU: 0 PID: 7673 Comm: syz.2.1383 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 99.678636][ T7673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 99.688696][ T7673] Call Trace: [ 99.691974][ T7673] [ 99.694904][ T7673] dump_stack_lvl+0xf2/0x150 [ 99.699505][ T7673] dump_stack+0x15/0x20 [ 99.703672][ T7673] should_fail_ex+0x229/0x230 [ 99.708528][ T7673] should_fail+0xb/0x10 [ 99.712695][ T7673] should_fail_usercopy+0x1a/0x20 [ 99.717784][ T7673] _copy_to_user+0x1e/0xa0 [ 99.722210][ T7673] sctp_getsockopt_reconfig_supported+0x327/0x380 [ 99.728986][ T7673] sctp_getsockopt+0x4d4/0xab0 [ 99.733868][ T7673] sock_common_getsockopt+0x5b/0x70 [ 99.739128][ T7673] do_sock_getsockopt+0x121/0x1a0 [ 99.744187][ T7673] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 99.750087][ T7673] __sys_getsockopt+0x19a/0x210 [ 99.754953][ T7673] __x64_sys_getsockopt+0x66/0x80 [ 99.760033][ T7673] x64_sys_call+0x2d21/0x2d70 [ 99.764754][ T7673] do_syscall_64+0xc9/0x1c0 [ 99.769313][ T7673] ? clear_bhb_loop+0x55/0xb0 [ 99.774050][ T7673] ? clear_bhb_loop+0x55/0xb0 [ 99.778734][ T7673] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.784651][ T7673] RIP: 0033:0x7f4002787bd9 [ 99.789069][ T7673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.808770][ T7673] RSP: 002b:00007f4001a09048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 99.817226][ T7673] RAX: ffffffffffffffda RBX: 00007f4002915f60 RCX: 00007f4002787bd9 [ 99.825207][ T7673] RDX: 0000000000000075 RSI: 0000000000000084 RDI: 0000000000000003 [ 99.833177][ T7673] RBP: 00007f4001a090a0 R08: 0000000020000040 R09: 0000000000000000 [ 99.841224][ T7673] R10: 0000000020003140 R11: 0000000000000246 R12: 0000000000000001 [ 99.849212][ T7673] R13: 000000000000000b R14: 00007f4002915f60 R15: 00007fff49deaaf8 [ 99.857200][ T7673] [ 99.917443][ T29] audit: type=1400 audit(1720970434.998:1280): avc: denied { read write } for pid=7675 comm="syz.2.1385" name="rdma_cm" dev="devtmpfs" ino=226 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 99.984512][ T29] audit: type=1400 audit(1720970435.028:1281): avc: denied { open } for pid=7675 comm="syz.2.1385" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=226 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 100.055563][ T7687] loop2: detected capacity change from 0 to 512 [ 100.077376][ T7687] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.1389: corrupted in-inode xattr: e_value size too large [ 100.094590][ T7687] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.1389: couldn't read orphan inode 15 (err -117) [ 100.115950][ T7687] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 100.168958][ T7692] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1390'. [ 100.204010][ T29] audit: type=1400 audit(1720970435.278:1282): avc: denied { append } for pid=7686 comm="syz.2.1389" name="qrtr-tun" dev="devtmpfs" ino=232 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 100.243321][ T7362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.320807][ T29] audit: type=1326 audit(1720970435.398:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7701 comm="syz.2.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4002787bd9 code=0x7ffc0000 [ 100.346089][ T7695] loop0: detected capacity change from 0 to 256 [ 100.352639][ T7695] FAT-fs (loop0): Unrecognized mount option "" or missing value [ 100.365688][ T29] audit: type=1326 audit(1720970435.438:1284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7701 comm="syz.2.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4002787bd9 code=0x7ffc0000 [ 100.389177][ T29] audit: type=1326 audit(1720970435.438:1285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7701 comm="syz.2.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f4002787bd9 code=0x7ffc0000 [ 100.412590][ T29] audit: type=1326 audit(1720970435.438:1286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7701 comm="syz.2.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4002787bd9 code=0x7ffc0000 [ 100.436301][ T29] audit: type=1326 audit(1720970435.438:1287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7701 comm="syz.2.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f4002787bd9 code=0x7ffc0000 [ 100.459767][ T29] audit: type=1326 audit(1720970435.438:1288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7701 comm="syz.2.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4002787bd9 code=0x7ffc0000 [ 100.483281][ T29] audit: type=1326 audit(1720970435.438:1289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7701 comm="syz.2.1392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f4002787bd9 code=0x7ffc0000 [ 100.553525][ T7719] FAULT_INJECTION: forcing a failure. [ 100.553525][ T7719] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 100.566818][ T7719] CPU: 1 PID: 7719 Comm: syz.3.1398 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 100.576882][ T7719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 100.587007][ T7719] Call Trace: [ 100.590278][ T7719] [ 100.593200][ T7719] dump_stack_lvl+0xf2/0x150 [ 100.597808][ T7719] dump_stack+0x15/0x20 [ 100.601970][ T7719] should_fail_ex+0x229/0x230 [ 100.606640][ T7719] __should_fail_alloc_page+0xfd/0x110 [ 100.612089][ T7719] __alloc_pages_noprof+0x109/0x360 [ 100.617280][ T7719] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 100.622735][ T7719] alloc_pages_noprof+0xe1/0x100 [ 100.627666][ T7719] pte_alloc_one+0x32/0xf0 [ 100.632090][ T7719] handle_mm_fault+0x10da/0x2ac0 [ 100.637044][ T7719] exc_page_fault+0x296/0x650 [ 100.641800][ T7719] asm_exc_page_fault+0x26/0x30 [ 100.646641][ T7719] RIP: 0010:__get_user_4+0x11/0x20 [ 100.651788][ T7719] Code: 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 [ 100.671536][ T7719] RSP: 0018:ffffc90001283db8 EFLAGS: 00050202 [ 100.677589][ T7719] RAX: 0000000020000040 RBX: 0000000000000084 RCX: ffff88810126d280 [ 100.685619][ T7719] RDX: 0000000000000000 RSI: 0000000000000084 RDI: 0000000000000084 [ 100.693596][ T7719] RBP: 0000000020000040 R08: ffffffff8499e25e R09: 0000000000000000 [ 100.701643][ T7719] R10: 0001ffffffffffff R11: ffffffff8499e230 R12: 0000000000000075 [ 100.709667][ T7719] R13: 0000000000000075 R14: ffff88811258f6c0 R15: 0000000020003140 [ 100.717743][ T7719] ? __pfx_sctp_getsockopt+0x10/0x10 [ 100.723017][ T7719] ? sctp_getsockopt+0x2e/0xab0 [ 100.727859][ T7719] sctp_getsockopt+0x45/0xab0 [ 100.732526][ T7719] sock_common_getsockopt+0x5b/0x70 [ 100.738234][ T7719] do_sock_getsockopt+0x121/0x1a0 [ 100.743248][ T7719] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 100.749128][ T7719] __sys_getsockopt+0x19a/0x210 [ 100.754106][ T7719] __x64_sys_getsockopt+0x66/0x80 [ 100.759211][ T7719] x64_sys_call+0x2d21/0x2d70 [ 100.763880][ T7719] do_syscall_64+0xc9/0x1c0 [ 100.768377][ T7719] ? clear_bhb_loop+0x55/0xb0 [ 100.773050][ T7719] ? clear_bhb_loop+0x55/0xb0 [ 100.777786][ T7719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.783711][ T7719] RIP: 0033:0x7f25653dfbd9 [ 100.788107][ T7719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.807700][ T7719] RSP: 002b:00007f2564661048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 100.816154][ T7719] RAX: ffffffffffffffda RBX: 00007f256556df60 RCX: 00007f25653dfbd9 [ 100.824155][ T7719] RDX: 0000000000000075 RSI: 0000000000000084 RDI: 0000000000000003 [ 100.832169][ T7719] RBP: 00007f25646610a0 R08: 0000000020000040 R09: 0000000000000000 [ 100.840197][ T7719] R10: 0000000020003140 R11: 0000000000000246 R12: 0000000000000001 [ 100.848225][ T7719] R13: 000000000000000b R14: 00007f256556df60 R15: 00007ffc57ac61f8 [ 100.856184][ T7719] [ 100.955501][ T7728] loop3: detected capacity change from 0 to 1024 [ 100.962110][ T7728] EXT4-fs: Invalid want_extra_isize 1 [ 100.971593][ T7730] loop2: detected capacity change from 0 to 512 [ 100.978389][ T7730] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 100.988217][ T7730] EXT4-fs (loop2): orphan cleanup on readonly fs [ 100.994661][ T7730] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #3: comm syz.2.1404: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 101.014656][ T7730] EXT4-fs error (device loop2): ext4_quota_enable:7037: comm syz.2.1404: Bad quota inode: 3, type: 0 [ 101.026073][ T7730] EXT4-fs warning (device loop2): ext4_enable_quotas:7078: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 101.040810][ T7730] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 101.047977][ T7730] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 101.077863][ T7362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.141911][ T7742] FAULT_INJECTION: forcing a failure. [ 101.141911][ T7742] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 101.155197][ T7742] CPU: 1 PID: 7742 Comm: syz.2.1406 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 101.165259][ T7742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 101.175312][ T7742] Call Trace: [ 101.178584][ T7742] [ 101.181508][ T7742] dump_stack_lvl+0xf2/0x150 [ 101.186156][ T7742] dump_stack+0x15/0x20 [ 101.190318][ T7742] should_fail_ex+0x229/0x230 [ 101.195043][ T7742] __should_fail_alloc_page+0xfd/0x110 [ 101.200494][ T7742] __alloc_pages_noprof+0x109/0x360 [ 101.205716][ T7742] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 101.211142][ T7742] shmem_get_folio_gfp+0x3e4/0xb70 [ 101.216298][ T7742] shmem_write_begin+0xa0/0x1c0 [ 101.221235][ T7742] generic_perform_write+0x1d5/0x410 [ 101.226649][ T7742] ? __pfx_shmem_write_end+0x10/0x10 [ 101.231938][ T7742] shmem_file_write_iter+0xc8/0xf0 [ 101.237105][ T7742] vfs_write+0x78f/0x900 [ 101.241434][ T7742] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 101.247352][ T7742] ksys_write+0xeb/0x1b0 [ 101.251778][ T7742] __x64_sys_write+0x42/0x50 [ 101.256366][ T7742] x64_sys_call+0x27ef/0x2d70 [ 101.261116][ T7742] do_syscall_64+0xc9/0x1c0 [ 101.265615][ T7742] ? clear_bhb_loop+0x55/0xb0 [ 101.270337][ T7742] ? clear_bhb_loop+0x55/0xb0 [ 101.275007][ T7742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.280898][ T7742] RIP: 0033:0x7f400278675f [ 101.285302][ T7742] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 101.304898][ T7742] RSP: 002b:00007f4001a08e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 101.313393][ T7742] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f400278675f [ 101.321405][ T7742] RDX: 0000000000040000 RSI: 00007f3ff95e9000 RDI: 0000000000000004 [ 101.329385][ T7742] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000441 [ 101.337420][ T7742] R10: 00000000000003be R11: 0000000000000293 R12: 0000000000000004 [ 101.345377][ T7742] R13: 00007f4001a08f00 R14: 00007f4001a08ec0 R15: 00007f3ff95e9000 [ 101.353372][ T7742] [ 101.389164][ T7748] netlink: 'syz.2.1410': attribute type 30 has an invalid length. [ 101.445554][ T7753] hsr0: left allmulticast mode [ 101.450514][ T7753] hsr_slave_0: left allmulticast mode [ 101.456025][ T7753] hsr_slave_1: left allmulticast mode [ 101.461926][ T7753] hsr0: left promiscuous mode [ 101.466817][ T7753] bridge0: port 1(hsr0) entered disabled state [ 101.476377][ T7753] erspan1: left allmulticast mode [ 101.488043][ T7753] bond1: (slave macvlan2): Releasing backup interface [ 101.503566][ T7753] bond2: left allmulticast mode [ 101.508590][ T7753] bond2: left promiscuous mode [ 101.513434][ T7753] bridge0: port 2(bond2) entered disabled state [ 101.548989][ T7763] loop4: detected capacity change from 0 to 256 [ 101.556386][ T7763] FAT-fs (loop4): Unrecognized mount option "umask=00000000000— .Î00077777" or missing value [ 101.561995][ T7766] loop3: detected capacity change from 0 to 512 [ 101.577355][ T7766] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 101.596207][ T3426] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 101.609564][ T7760] syzkaller0: entered promiscuous mode [ 101.692013][ T7763] loop4: detected capacity change from 0 to 8192 [ 101.706770][ T7779] loop3: detected capacity change from 0 to 1024 [ 101.713525][ T7779] EXT4-fs: Invalid want_extra_isize 1 [ 101.724757][ T7763] loop4: p1 p2 p4 [ 101.728504][ T7763] loop4: p1 size 108922248 extends beyond EOD, truncated [ 101.736925][ T7763] loop4: p2 start 861536256 is beyond EOD, truncated [ 101.743641][ T7763] loop4: p4 start 4194304 is beyond EOD, truncated [ 101.796575][ T7784] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 101.837093][ T7786] loop4: detected capacity change from 0 to 512 [ 101.866061][ T7786] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 101.879764][ T7786] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.936415][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 102.118321][ T7802] loop3: detected capacity change from 0 to 512 [ 102.127692][ T7802] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 102.148099][ T3426] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 102.230599][ T7810] loop3: detected capacity change from 0 to 1024 [ 102.238454][ T7810] EXT4-fs: Invalid want_extra_isize 1 [ 102.358071][ T7820] loop4: detected capacity change from 0 to 512 [ 102.426007][ T7820] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 102.442631][ T7820] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 102.649231][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 102.992689][ T7834] loop4: detected capacity change from 0 to 512 [ 103.000854][ T7834] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 103.020352][ T7031] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 103.138524][ T7839] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 103.152062][ T7839] loop4: detected capacity change from 0 to 256 [ 103.232632][ T7842] loop3: detected capacity change from 0 to 1024 [ 103.239638][ T7842] EXT4-fs: Invalid want_extra_isize 1 [ 103.342596][ T7846] loop3: detected capacity change from 0 to 1024 [ 103.349418][ T7846] EXT4-fs: Invalid want_extra_isize 1 [ 103.411872][ T7849] FAULT_INJECTION: forcing a failure. [ 103.411872][ T7849] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 103.425208][ T7849] CPU: 0 PID: 7849 Comm: syz.3.1444 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 103.435464][ T7849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 103.445520][ T7849] Call Trace: [ 103.448799][ T7849] [ 103.451732][ T7849] dump_stack_lvl+0xf2/0x150 [ 103.456422][ T7849] dump_stack+0x15/0x20 [ 103.460679][ T7849] should_fail_ex+0x229/0x230 [ 103.465532][ T7849] __should_fail_alloc_page+0xfd/0x110 [ 103.471165][ T7849] __alloc_pages_noprof+0x109/0x360 [ 103.476377][ T7849] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 103.481764][ T7849] alloc_pages_noprof+0xe1/0x100 [ 103.486716][ T7849] pte_alloc_one+0x32/0xf0 [ 103.491158][ T7849] handle_mm_fault+0x10da/0x2ac0 [ 103.496119][ T7849] exc_page_fault+0x296/0x650 [ 103.500870][ T7849] asm_exc_page_fault+0x26/0x30 [ 103.505736][ T7849] RIP: 0010:__get_user_4+0x11/0x20 [ 103.510874][ T7849] Code: 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 c2 48 c1 fa 3f 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 [ 103.530919][ T7849] RSP: 0018:ffffc90000e07e28 EFLAGS: 00050206 [ 103.537059][ T7849] RAX: 0000000020002ffa RBX: ffffc90000e07f58 RCX: ffff8881242c1080 [ 103.545034][ T7849] RDX: 0000000000000000 RSI: ffffc90000e07eac RDI: 0000000020002ffa [ 103.553081][ T7849] RBP: ffffc90000e07e80 R08: 0001c90000e07fc7 R09: 0000000000000000 [ 103.561152][ T7849] R10: ffffc90000e07eb0 R11: 0000000000000000 R12: 0000000000000000 [ 103.569120][ T7849] R13: 0000000000000000 R14: ffffc90000e07eac R15: 0000000020002ffa [ 103.577178][ T7849] cap_validate_magic+0x36/0x1f0 [ 103.582174][ T7849] __se_sys_capset+0x52/0x2e0 [ 103.586882][ T7849] ? ksys_write+0x178/0x1b0 [ 103.591462][ T7849] __x64_sys_capset+0x31/0x40 [ 103.596236][ T7849] x64_sys_call+0xd3b/0x2d70 [ 103.600816][ T7849] do_syscall_64+0xc9/0x1c0 [ 103.605316][ T7849] ? clear_bhb_loop+0x55/0xb0 [ 103.610060][ T7849] ? clear_bhb_loop+0x55/0xb0 [ 103.614813][ T7849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.620700][ T7849] RIP: 0033:0x7f25653dfbd9 [ 103.625137][ T7849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.644801][ T7849] RSP: 002b:00007f2564661048 EFLAGS: 00000246 ORIG_RAX: 000000000000007e [ 103.653239][ T7849] RAX: ffffffffffffffda RBX: 00007f256556df60 RCX: 00007f25653dfbd9 [ 103.661281][ T7849] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020002ffa [ 103.669270][ T7849] RBP: 00007f25646610a0 R08: 0000000000000000 R09: 0000000000000000 [ 103.677244][ T7849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.685204][ T7849] R13: 000000000000000b R14: 00007f256556df60 R15: 00007ffc57ac61f8 [ 103.693231][ T7849] [ 103.772182][ T7858] loop3: detected capacity change from 0 to 512 [ 103.796267][ T7858] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 103.820404][ T3426] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 103.934736][ T7872] loop3: detected capacity change from 0 to 1024 [ 103.944750][ T7872] EXT4-fs: Invalid want_extra_isize 1 [ 103.956601][ T11] bridge_slave_1: left allmulticast mode [ 103.962305][ T11] bridge_slave_1: left promiscuous mode [ 103.968182][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.977815][ T11] bridge_slave_0: left allmulticast mode [ 103.983456][ T11] bridge_slave_0: left promiscuous mode [ 103.989296][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.057516][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 104.067391][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 104.092732][ T11] bond0 (unregistering): Released all slaves [ 104.143970][ T7855] chnl_net:caif_netlink_parms(): no params data found [ 104.162205][ T7878] vhci_hcd: default hub control req: 0500 v0000 i0000 l0 [ 104.186037][ T7878] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1454'. [ 104.239069][ T11] hsr_slave_0: left promiscuous mode [ 104.251717][ T11] hsr_slave_1: left promiscuous mode [ 104.265256][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 104.276343][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 104.331853][ T11] team0 (unregistering): Port device team_slave_1 removed [ 104.355478][ T11] team0 (unregistering): Port device team_slave_0 removed [ 104.431547][ T7855] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.438710][ T7855] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.465612][ T7855] bridge_slave_0: entered allmulticast mode [ 104.472128][ T7855] bridge_slave_0: entered promiscuous mode [ 104.487879][ T7883] vlan2: entered promiscuous mode [ 104.492935][ T7883] vlan2: entered allmulticast mode [ 104.508433][ T7855] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.515597][ T7855] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.534566][ T7855] bridge_slave_1: entered allmulticast mode [ 104.541036][ T7855] bridge_slave_1: entered promiscuous mode [ 104.585640][ T7855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.607063][ T7855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.642102][ T7855] team0: Port device team_slave_0 added [ 104.655908][ T7855] team0: Port device team_slave_1 added [ 104.681071][ T7855] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.688138][ T7855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.714270][ T7855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.750364][ T7855] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.757431][ T7855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.783481][ T7855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.863055][ T7855] hsr_slave_0: entered promiscuous mode [ 104.874944][ T7855] hsr_slave_1: entered promiscuous mode [ 104.884485][ T7855] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 104.892100][ T7855] Cannot create hsr debugfs directory [ 105.116367][ T7890] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1457'. [ 105.218427][ T7896] loop2: detected capacity change from 0 to 512 [ 105.221020][ T7855] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.248775][ T7855] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 105.256893][ T7896] EXT4-fs (loop2): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 105.258421][ T7855] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 105.286149][ T7855] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 105.347537][ T7362] EXT4-fs (loop2): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 105.393242][ T7855] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.404677][ T7905] vhci_hcd: default hub control req: 0500 v0000 i0000 l0 [ 105.416721][ T7855] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.430856][ T7905] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1464'. [ 105.448127][ T3156] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.455221][ T3156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.478476][ T3156] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.485617][ T3156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.599118][ T7855] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.716856][ T7855] veth0_vlan: entered promiscuous mode [ 105.725648][ T7855] veth1_vlan: entered promiscuous mode [ 105.757435][ T7855] veth0_macvtap: entered promiscuous mode [ 105.776815][ T7855] veth1_macvtap: entered promiscuous mode [ 105.792818][ T7855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.803387][ T7855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.813290][ T7855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.823757][ T7855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.833765][ T7855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.844219][ T7855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.855939][ T7855] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.867884][ T7855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 105.878395][ T7855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.888334][ T7855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 105.898794][ T7855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.908631][ T7855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 105.919111][ T7855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.932254][ T7855] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.942111][ T7855] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.950978][ T7855] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.959759][ T7855] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.968573][ T7855] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.022940][ T7935] loop0: detected capacity change from 0 to 256 [ 106.029729][ T7935] FAT-fs (loop0): Unrecognized mount option "umask=00000000000— .Î00077777" or missing value [ 106.142918][ T7935] loop0: detected capacity change from 0 to 8192 [ 106.206062][ T7935] loop0: p1 p2 p4 [ 106.209946][ T7935] loop0: p1 size 108922248 extends beyond EOD, truncated [ 106.218106][ T7935] loop0: p2 start 861536256 is beyond EOD, truncated [ 106.224844][ T7935] loop0: p4 start 4194304 is beyond EOD, truncated [ 106.309631][ T7940] FAULT_INJECTION: forcing a failure. [ 106.309631][ T7940] name failslab, interval 1, probability 0, space 0, times 0 [ 106.322398][ T7940] CPU: 0 PID: 7940 Comm: syz.0.1468 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 106.332506][ T7940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 106.342571][ T7940] Call Trace: [ 106.345848][ T7940] [ 106.348766][ T7940] dump_stack_lvl+0xf2/0x150 [ 106.353353][ T7940] dump_stack+0x15/0x20 [ 106.357504][ T7940] should_fail_ex+0x229/0x230 [ 106.362193][ T7940] ? kvmalloc_node_noprof+0x72/0x170 [ 106.367479][ T7940] __should_failslab+0x92/0xa0 [ 106.372291][ T7940] should_failslab+0x9/0x20 [ 106.376844][ T7940] __kmalloc_node_noprof+0xa8/0x380 [ 106.382115][ T7940] kvmalloc_node_noprof+0x72/0x170 [ 106.387229][ T7940] alloc_netdev_mqs+0x6e6/0x8b0 [ 106.392152][ T7940] rtnl_create_link+0x233/0x680 [ 106.397080][ T7940] rtnl_newlink+0xe10/0x1690 [ 106.401723][ T7940] ? security_capable+0x64/0x80 [ 106.406573][ T7940] ? ns_capable+0x7d/0xb0 [ 106.410905][ T7940] ? __pfx_rtnl_newlink+0x10/0x10 [ 106.416005][ T7940] rtnetlink_rcv_msg+0x85e/0x910 [ 106.420975][ T7940] ? perf_trace_kmem_cache_free+0x128/0x160 [ 106.426927][ T7940] ? __memcg_slab_free_hook+0xc9/0x1e0 [ 106.432375][ T7940] ? kmem_cache_free+0xd8/0x280 [ 106.437289][ T7940] ? nlmon_xmit+0x51/0x60 [ 106.441644][ T7940] ? __kfree_skb+0x102/0x150 [ 106.446255][ T7940] ? consume_skb+0x57/0x180 [ 106.450794][ T7940] ? nlmon_xmit+0x51/0x60 [ 106.455110][ T7940] ? dev_hard_start_xmit+0x3c1/0x3f0 [ 106.460414][ T7940] ? __dev_queue_xmit+0xb21/0x1e50 [ 106.465520][ T7940] ? ref_tracker_free+0x3a5/0x410 [ 106.470530][ T7940] netlink_rcv_skb+0x12c/0x230 [ 106.475337][ T7940] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 106.480867][ T7940] rtnetlink_rcv+0x1c/0x30 [ 106.485373][ T7940] netlink_unicast+0x58d/0x660 [ 106.490176][ T7940] netlink_sendmsg+0x5ca/0x6e0 [ 106.494993][ T7940] ? __pfx_netlink_sendmsg+0x10/0x10 [ 106.500268][ T7940] __sock_sendmsg+0x140/0x180 [ 106.505042][ T7940] ____sys_sendmsg+0x312/0x410 [ 106.509864][ T7940] __sys_sendmsg+0x1e9/0x280 [ 106.514495][ T7940] __x64_sys_sendmsg+0x46/0x50 [ 106.519257][ T7940] x64_sys_call+0xb25/0x2d70 [ 106.523835][ T7940] do_syscall_64+0xc9/0x1c0 [ 106.528351][ T7940] ? clear_bhb_loop+0x55/0xb0 [ 106.533025][ T7940] ? clear_bhb_loop+0x55/0xb0 [ 106.537696][ T7940] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.543700][ T7940] RIP: 0033:0x7ff127735bd9 [ 106.548099][ T7940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 106.567826][ T7940] RSP: 002b:00007ff1269b7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 106.576277][ T7940] RAX: ffffffffffffffda RBX: 00007ff1278c3f60 RCX: 00007ff127735bd9 [ 106.584299][ T7940] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000011 [ 106.592341][ T7940] RBP: 00007ff1269b70a0 R08: 0000000000000000 R09: 0000000000000000 [ 106.600383][ T7940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 106.608441][ T7940] R13: 000000000000000b R14: 00007ff1278c3f60 R15: 00007fffadc2c188 [ 106.616521][ T7940] [ 106.698839][ T7944] loop2: detected capacity change from 0 to 256 [ 106.716006][ T7944] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 106.754171][ T7944] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 106.800604][ T7946] loop0: detected capacity change from 0 to 512 [ 106.802056][ T7946] EXT4-fs (loop0): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 106.808742][ T7855] EXT4-fs (loop0): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 107.021633][ T7953] vhci_hcd: default hub control req: 0500 v0000 i0000 l0 [ 107.040499][ T7953] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1474'. [ 107.171974][ T7963] loop2: detected capacity change from 0 to 512 [ 107.226389][ T7963] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 107.246799][ T7963] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 107.370026][ T7974] loop3: detected capacity change from 0 to 512 [ 107.405862][ T7974] EXT4-fs (loop3): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 107.441360][ T7978] netlink: 'syz.0.1485': attribute type 2 has an invalid length. [ 107.449236][ T7978] netlink: 'syz.0.1485': attribute type 9 has an invalid length. [ 107.457034][ T7978] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1485'. [ 107.473310][ T7963] FAULT_INJECTION: forcing a failure. [ 107.473310][ T7963] name failslab, interval 1, probability 0, space 0, times 0 [ 107.486018][ T7963] CPU: 0 PID: 7963 Comm: syz.2.1479 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 107.496097][ T7963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 107.506152][ T7963] Call Trace: [ 107.509516][ T7963] [ 107.512439][ T7963] dump_stack_lvl+0xf2/0x150 [ 107.517040][ T7963] dump_stack+0x15/0x20 [ 107.521200][ T7963] should_fail_ex+0x229/0x230 [ 107.525974][ T7963] ? __es_insert_extent+0x575/0xf60 [ 107.531273][ T7963] __should_failslab+0x92/0xa0 [ 107.536055][ T7963] should_failslab+0x9/0x20 [ 107.540568][ T7963] kmem_cache_alloc_noprof+0x4c/0x290 [ 107.545952][ T7963] __es_insert_extent+0x575/0xf60 [ 107.551078][ T7963] ext4_es_insert_extent+0x3e5/0x1c10 [ 107.556474][ T7963] ext4_map_blocks+0x3ee/0xf50 [ 107.561252][ T7963] ext4_getblk+0x112/0x500 [ 107.565685][ T7963] ext4_bread+0x2c/0x110 [ 107.569930][ T7963] __ext4_read_dirblock+0x77/0x5b0 [ 107.575044][ T7963] ext4_empty_dir+0x14d/0x5a0 [ 107.579718][ T7963] ext4_rmdir+0x1b4/0x600 [ 107.584055][ T7963] vfs_rmdir+0x26d/0x320 [ 107.588311][ T7963] do_rmdir+0x194/0x320 [ 107.592477][ T7963] __x64_sys_unlinkat+0xa4/0xb0 [ 107.597343][ T7963] x64_sys_call+0x2637/0x2d70 [ 107.602025][ T7963] do_syscall_64+0xc9/0x1c0 [ 107.606540][ T7963] ? clear_bhb_loop+0x55/0xb0 [ 107.611223][ T7963] ? clear_bhb_loop+0x55/0xb0 [ 107.615923][ T7963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.621822][ T7963] RIP: 0033:0x7f4002787bd9 [ 107.626230][ T7963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.645929][ T7963] RSP: 002b:00007f4001a09048 EFLAGS: 00000246 ORIG_RAX: 0000000000000107 [ 107.654350][ T7963] RAX: ffffffffffffffda RBX: 00007f4002915f60 RCX: 00007f4002787bd9 [ 107.662418][ T7963] RDX: 0000000000000200 RSI: 0000000020000280 RDI: 0000000000000008 [ 107.670831][ T7963] RBP: 00007f4001a090a0 R08: 0000000000000000 R09: 0000000000000000 [ 107.678799][ T7963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 107.686761][ T7963] R13: 000000000000000b R14: 00007f4002915f60 R15: 00007fff49deaaf8 [ 107.694733][ T7963] [ 107.698465][ T3426] EXT4-fs (loop3): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 107.711259][ T7981] vhci_hcd: default hub control req: 0500 v0000 i0000 l0 [ 107.720913][ T7981] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1487'. [ 107.741511][ T7362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.764897][ T7983] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1486'. [ 107.776179][ T7985] loop0: detected capacity change from 0 to 512 [ 107.789270][ T7985] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 107.800767][ T7985] EXT4-fs (loop0): orphan cleanup on readonly fs [ 107.808913][ T7985] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1489: bg 0: block 248: padding at end of block bitmap is not set [ 107.826322][ T7985] __quota_error: 48 callbacks suppressed [ 107.826337][ T7985] Quota error (device loop0): write_blk: dquota write failed [ 107.839397][ T7985] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 107.849382][ T7985] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz.0.1489: Failed to acquire dquot type 1 [ 107.874960][ T7985] EXT4-fs (loop0): 1 truncate cleaned up [ 107.881451][ T7985] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 107.980831][ T7985] EXT4-fs error (device loop0): ext4_lookup:1858: inode #2: comm syz.0.1489: deleted inode referenced: 12 [ 107.993174][ T8005] loop3: detected capacity change from 0 to 1024 [ 107.999934][ T7985] EXT4-fs error (device loop0): ext4_lookup:1858: inode #2: comm syz.0.1489: deleted inode referenced: 12 [ 108.013381][ T7985] EXT4-fs error (device loop0): ext4_lookup:1858: inode #2: comm syz.0.1489: deleted inode referenced: 12 [ 108.036054][ T8005] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.057450][ T29] audit: type=1400 audit(1720970443.138:1338): avc: denied { connect } for pid=8004 comm="syz.3.1493" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 108.079785][ T3426] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.101622][ T7855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.308755][ T29] audit: type=1400 audit(1720970443.388:1339): avc: denied { setattr } for pid=8013 comm="syz.3.1494" path="/dev/snd/seq" dev="devtmpfs" ino=230 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1 [ 108.344526][ T29] audit: type=1400 audit(1720970443.388:1340): avc: denied { listen } for pid=8013 comm="syz.3.1494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 108.408182][ T8019] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1496'. [ 108.522152][ T8021] loop0: detected capacity change from 0 to 8192 [ 108.549236][ T8025] netlink: 'syz.3.1499': attribute type 2 has an invalid length. [ 108.557039][ T8025] netlink: 'syz.3.1499': attribute type 9 has an invalid length. [ 108.564814][ T8025] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.1499'. [ 108.645399][ T8027] vhci_hcd: default hub control req: 0500 v0000 i0000 l0 [ 108.671695][ T8027] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1500'. [ 108.920772][ T29] audit: type=1326 audit(1720970443.998:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8051 comm="syz.4.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc830045bd9 code=0x7fc00000 [ 108.955721][ T29] audit: type=1326 audit(1720970444.028:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8051 comm="syz.4.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc830045bd9 code=0x7fc00000 [ 108.999613][ T8057] qrtr: Invalid version 6 [ 109.130263][ T8082] hsr_slave_0: left promiscuous mode [ 109.136336][ T8082] hsr_slave_1: left promiscuous mode [ 109.156464][ T8060] chnl_net:caif_netlink_parms(): no params data found [ 109.191825][ T8060] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.199048][ T8060] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.206287][ T8060] bridge_slave_0: entered allmulticast mode [ 109.213026][ T8060] bridge_slave_0: entered promiscuous mode [ 109.220063][ T8060] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.227197][ T8060] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.234491][ T8060] bridge_slave_1: entered allmulticast mode [ 109.242068][ T8060] bridge_slave_1: entered promiscuous mode [ 109.260009][ T8060] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 109.271057][ T8060] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 109.292087][ T8060] team0: Port device team_slave_0 added [ 109.300259][ T8060] team0: Port device team_slave_1 added [ 109.315695][ T8060] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 109.322731][ T8060] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.348758][ T8060] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 109.360123][ T8060] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 109.367157][ T8060] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 109.393074][ T8060] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 109.423559][ T8060] hsr_slave_0: entered promiscuous mode [ 109.429874][ T8060] hsr_slave_1: entered promiscuous mode [ 109.435895][ T8060] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 109.443518][ T8060] Cannot create hsr debugfs directory [ 109.524713][ T8060] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.539752][ T8103] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1521'. [ 109.600688][ T8060] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.649179][ T29] audit: type=1326 audit(1720970444.728:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8051 comm="syz.4.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc830045bd9 code=0x7fc00000 [ 109.672811][ T29] audit: type=1326 audit(1720970444.728:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8051 comm="syz.4.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc830045bd9 code=0x7fc00000 [ 109.702955][ T8060] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.770911][ T8119] loop4: detected capacity change from 0 to 512 [ 109.777234][ T8060] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.782373][ T8119] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 109.807824][ T8127] loop2: detected capacity change from 0 to 1024 [ 109.823143][ T8127] EXT4-fs: Invalid want_extra_isize 1 [ 109.840904][ T8060] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 109.849786][ T8060] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 109.858405][ T8060] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 109.867720][ T8060] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 109.883391][ T8060] bridge0: port 2(bridge_slave_1) entered blocking state [ 109.890601][ T8060] bridge0: port 2(bridge_slave_1) entered forwarding state [ 109.897918][ T8060] bridge0: port 1(bridge_slave_0) entered blocking state [ 109.905741][ T8060] bridge0: port 1(bridge_slave_0) entered forwarding state [ 109.941123][ T8060] 8021q: adding VLAN 0 to HW filter on device bond0 [ 109.954306][ T3887] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.962725][ T3887] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.987013][ T8138] loop2: detected capacity change from 0 to 2048 [ 109.989050][ T8060] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.004761][ T3156] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.011853][ T3156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.018963][ T8138] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.023356][ T3908] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.038225][ T3908] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.066776][ T8060] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 110.077265][ T8060] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 110.091089][ T7362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.136070][ T8150] loop2: detected capacity change from 0 to 512 [ 110.152148][ T8060] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.161562][ T8150] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.180021][ T8150] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.225885][ T8060] veth0_vlan: entered promiscuous mode [ 110.236316][ T8060] veth1_vlan: entered promiscuous mode [ 110.264221][ T7362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.273975][ T8060] veth0_macvtap: entered promiscuous mode [ 110.284147][ T8060] veth1_macvtap: entered promiscuous mode [ 110.298816][ T8060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 110.309558][ T8060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.319437][ T8060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 110.329891][ T8060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.339764][ T8060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 110.350203][ T8060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.360074][ T8060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 110.370899][ T8060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.383074][ T8060] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.393744][ T8060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 110.404278][ T8060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.414106][ T8060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 110.424556][ T8060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.434524][ T8060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 110.445200][ T8060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.455241][ T8060] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 110.465755][ T8060] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 110.477028][ T8060] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.487800][ T8060] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.496597][ T8060] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.505422][ T8060] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.514118][ T8060] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.550087][ T8171] loop2: detected capacity change from 0 to 1024 [ 110.569299][ T8171] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.573427][ T8174] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8174 comm=syz.1.1511 [ 110.583211][ T29] audit: type=1326 audit(1720970445.668:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8170 comm="syz.2.1538" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4002787bd9 code=0x0 [ 110.709110][ T8184] loop1: detected capacity change from 0 to 256 [ 110.731581][ T3907] kernel write not supported for file bpf-prog (pid: 3907 comm: kworker/0:13) [ 110.766983][ T8186] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1539'. [ 111.089045][ T8195] loop3: detected capacity change from 0 to 128 [ 111.426930][ T7362] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 111.446033][ T7362] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 111.692200][ T8220] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=8220 comm=syz.0.1549 [ 111.696812][ T8219] loop1: detected capacity change from 0 to 2048 [ 111.711366][ T8219] EXT4-fs: Ignoring removed mblk_io_submit option [ 111.719651][ T7362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.732482][ T1522] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.745278][ T8219] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.779755][ T1522] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.829194][ T1522] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.891227][ T1522] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.905443][ T8225] chnl_net:caif_netlink_parms(): no params data found [ 111.939427][ T8225] bridge0: port 1(bridge_slave_0) entered blocking state [ 111.946651][ T8225] bridge0: port 1(bridge_slave_0) entered disabled state [ 111.953897][ T8225] bridge_slave_0: entered allmulticast mode [ 111.960450][ T8225] bridge_slave_0: entered promiscuous mode [ 111.969466][ T8225] bridge0: port 2(bridge_slave_1) entered blocking state [ 111.976585][ T8225] bridge0: port 2(bridge_slave_1) entered disabled state [ 111.983906][ T8225] bridge_slave_1: entered allmulticast mode [ 111.990943][ T8225] bridge_slave_1: entered promiscuous mode [ 112.010139][ T8225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 112.020975][ T8225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 112.047486][ T8225] team0: Port device team_slave_0 added [ 112.054888][ T8225] team0: Port device team_slave_1 added [ 112.072579][ T1522] bridge_slave_1: left allmulticast mode [ 112.078377][ T1522] bridge_slave_1: left promiscuous mode [ 112.084062][ T1522] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.092925][ T1522] bridge_slave_0: left allmulticast mode [ 112.098641][ T1522] bridge_slave_0: left promiscuous mode [ 112.104254][ T1522] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.208622][ T1522] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 112.219580][ T1522] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 112.229395][ T1522] bond0 (unregistering): Released all slaves [ 112.242468][ T8225] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 112.249472][ T8225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.275615][ T8225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 112.303147][ T8225] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 112.310238][ T8225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 112.336249][ T8225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 112.368141][ T8225] hsr_slave_0: entered promiscuous mode [ 112.374588][ T8225] hsr_slave_1: entered promiscuous mode [ 112.380638][ T8225] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 112.388436][ T8225] Cannot create hsr debugfs directory [ 112.397786][ T1522] hsr_slave_0: left promiscuous mode [ 112.405764][ T1522] hsr_slave_1: left promiscuous mode [ 112.411553][ T1522] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 112.419021][ T1522] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 112.428826][ T1522] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 112.436548][ T1522] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 112.448811][ T1522] veth1_macvtap: left promiscuous mode [ 112.454311][ T1522] veth0_macvtap: left promiscuous mode [ 112.454699][ T8248] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13 sclass=netlink_route_socket pid=8248 comm=syz.0.1555 [ 112.459855][ T1522] veth1_vlan: left promiscuous mode [ 112.477492][ T1522] veth0_vlan: left promiscuous mode [ 112.517213][ T8253] loop4: detected capacity change from 0 to 1024 [ 112.529299][ T8060] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /4/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=117440527, rec_len=0, size=2048 fake=0 [ 112.553762][ T8250] loop0: detected capacity change from 0 to 1024 [ 112.560660][ T8250] EXT4-fs: Ignoring removed oldalloc option [ 112.568131][ T8253] EXT4-fs: Invalid want_extra_isize 1 [ 112.574016][ T8250] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 112.586428][ T8060] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters [ 112.602686][ T8250] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 112.623595][ T8060] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.643573][ T8250] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.664009][ T8258] loop4: detected capacity change from 0 to 164 [ 112.681766][ T8258] syz.4.1559: attempt to access beyond end of device [ 112.681766][ T8258] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 112.696158][ T1522] team0 (unregistering): Port device team_slave_1 removed [ 112.698430][ T8258] syz.4.1559: attempt to access beyond end of device [ 112.698430][ T8258] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 112.716842][ T8258] syz.4.1559: attempt to access beyond end of device [ 112.716842][ T8258] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 112.717426][ T1522] team0 (unregistering): Port device team_slave_0 removed [ 112.730771][ T8258] syz.4.1559: attempt to access beyond end of device [ 112.730771][ T8258] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 112.751326][ T8258] syz.4.1559: attempt to access beyond end of device [ 112.751326][ T8258] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 112.765803][ T8258] syz.4.1559: attempt to access beyond end of device [ 112.765803][ T8258] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 112.779283][ T8263] syz.4.1559: attempt to access beyond end of device [ 112.779283][ T8263] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 112.793142][ T8258] syz.4.1559: attempt to access beyond end of device [ 112.793142][ T8258] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 112.806712][ T8263] syz.4.1559: attempt to access beyond end of device [ 112.806712][ T8263] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 112.821118][ T8263] syz.4.1559: attempt to access beyond end of device [ 112.821118][ T8263] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 113.021275][ T8274] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1562'. [ 113.041643][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 113.041656][ T29] audit: type=1400 audit(1720970448.118:1353): avc: denied { setattr } for pid=8275 comm="syz.3.1563" name="001" dev="devtmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 113.186225][ T8279] usb usb5: usbfs: process 8279 (syz.3.1563) did not claim interface 0 before use [ 113.199996][ T8225] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 113.219604][ T8225] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 113.237836][ T8225] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 113.252500][ T8225] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 113.347307][ T8225] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.374575][ T8225] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.386569][ T3156] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.393684][ T3156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 113.433871][ T3908] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.441013][ T3908] bridge0: port 2(bridge_slave_1) entered forwarding state [ 113.445338][ T29] audit: type=1400 audit(1720970448.508:1354): avc: denied { write } for pid=8284 comm="syz.0.1566" name="ptp0" dev="devtmpfs" ino=220 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 113.533993][ T8225] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 113.626986][ T8225] veth0_vlan: entered promiscuous mode [ 113.634007][ T8302] loop4: detected capacity change from 0 to 1024 [ 113.643634][ T8225] veth1_vlan: entered promiscuous mode [ 113.649428][ T8302] EXT4-fs: Invalid want_extra_isize 1 [ 113.663242][ T8225] veth0_macvtap: entered promiscuous mode [ 113.670888][ T8225] veth1_macvtap: entered promiscuous mode [ 113.680633][ T8225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.691075][ T8225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.701048][ T8225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.711545][ T8225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.721463][ T8225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.732135][ T8225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.742062][ T8225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.752488][ T8225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.764089][ T8225] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 113.776289][ T8225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 113.786761][ T8225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.796656][ T8225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 113.807166][ T8225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.817196][ T8225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 113.827637][ T8225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.837607][ T8225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 113.848046][ T8225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.858803][ T8225] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 113.868625][ T8225] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.877360][ T8225] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.886199][ T8225] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.894900][ T8225] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.930392][ T29] audit: type=1400 audit(1720970449.008:1355): avc: denied { shutdown } for pid=8307 comm="syz.4.1570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 113.950180][ T29] audit: type=1400 audit(1720970449.008:1356): avc: denied { write } for pid=8307 comm="syz.4.1570" path="socket:[26201]" dev="sockfs" ino=26201 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 114.150567][ T8343] FAULT_INJECTION: forcing a failure. [ 114.150567][ T8343] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 114.163756][ T8343] CPU: 1 PID: 8343 Comm: syz.2.1581 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 114.173957][ T8343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 114.184171][ T8343] Call Trace: [ 114.187442][ T8343] [ 114.190422][ T8343] dump_stack_lvl+0xf2/0x150 [ 114.195077][ T8343] dump_stack+0x15/0x20 [ 114.199345][ T8343] should_fail_ex+0x229/0x230 [ 114.204100][ T8343] should_fail+0xb/0x10 [ 114.208293][ T8343] should_fail_usercopy+0x1a/0x20 [ 114.213315][ T8343] _copy_from_user+0x1e/0xd0 [ 114.217898][ T8343] kstrtouint_from_user+0x76/0xe0 [ 114.222925][ T8343] proc_fail_nth_write+0x4f/0x160 [ 114.227979][ T8343] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 114.233680][ T8343] vfs_write+0x28b/0x900 [ 114.238115][ T8343] ? __fget_files+0x1da/0x210 [ 114.242793][ T8343] ksys_write+0xeb/0x1b0 [ 114.247037][ T8343] __x64_sys_write+0x42/0x50 [ 114.251736][ T8343] x64_sys_call+0x27ef/0x2d70 [ 114.256414][ T8343] do_syscall_64+0xc9/0x1c0 [ 114.260980][ T8343] ? clear_bhb_loop+0x55/0xb0 [ 114.265739][ T8343] ? clear_bhb_loop+0x55/0xb0 [ 114.270409][ T8343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.276387][ T8343] RIP: 0033:0x7fbfefbc575f [ 114.280787][ T8343] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 114.300384][ T8343] RSP: 002b:00007fbfeee48040 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 114.308793][ T8343] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fbfefbc575f [ 114.316766][ T8343] RDX: 0000000000000001 RSI: 00007fbfeee480b0 RDI: 0000000000000012 [ 114.324809][ T8343] RBP: 00007fbfeee480a0 R08: 0000000000000000 R09: 0000000000000000 [ 114.332768][ T8343] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 114.340758][ T8343] R13: 000000000000000b R14: 00007fbfefd54f60 R15: 00007ffde114ace8 [ 114.348721][ T8343] [ 114.571329][ T8351] loop4: detected capacity change from 0 to 1024 [ 114.607223][ T8351] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.664002][ T8351] EXT4-fs (loop4): shut down requested (0) [ 114.691636][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.887249][ T29] audit: type=1400 audit(1720970449.958:1357): avc: denied { ioctl } for pid=8370 comm="syz.4.1588" path="socket:[26394]" dev="sockfs" ino=26394 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 114.918145][ T8375] loop4: detected capacity change from 0 to 1024 [ 114.937620][ T8373] FAULT_INJECTION: forcing a failure. [ 114.937620][ T8373] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 114.950848][ T8373] CPU: 1 PID: 8373 Comm: syz.2.1589 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 114.961012][ T8373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 114.971099][ T8373] Call Trace: [ 114.974376][ T8373] [ 114.977303][ T8373] dump_stack_lvl+0xf2/0x150 [ 114.981901][ T8373] dump_stack+0x15/0x20 [ 114.986069][ T8373] should_fail_ex+0x229/0x230 [ 114.990758][ T8373] should_fail+0xb/0x10 [ 114.994776][ T8375] EXT4-fs: Ignoring removed mblk_io_submit option [ 114.994928][ T8373] should_fail_usercopy+0x1a/0x20 [ 115.006433][ T8373] copy_page_from_iter_atomic+0x22a/0xda0 [ 115.012193][ T8373] ? shmem_write_begin+0xa0/0x1c0 [ 115.017276][ T8373] ? shmem_write_begin+0x10c/0x1c0 [ 115.022382][ T8373] generic_perform_write+0x21a/0x410 [ 115.027683][ T8373] ? __pfx_shmem_write_end+0x10/0x10 [ 115.029272][ T8378] loop1: detected capacity change from 0 to 256 [ 115.033114][ T8373] shmem_file_write_iter+0xc8/0xf0 [ 115.044541][ T8373] vfs_write+0x78f/0x900 [ 115.048828][ T8373] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 115.054633][ T8373] ksys_write+0xeb/0x1b0 [ 115.058922][ T8373] __x64_sys_write+0x42/0x50 [ 115.063664][ T8373] x64_sys_call+0x27ef/0x2d70 [ 115.068364][ T8373] do_syscall_64+0xc9/0x1c0 [ 115.072861][ T8373] ? clear_bhb_loop+0x55/0xb0 [ 115.077566][ T8373] ? clear_bhb_loop+0x55/0xb0 [ 115.082249][ T8373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.088173][ T8373] RIP: 0033:0x7fbfefbc575f [ 115.092588][ T8373] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 115.112192][ T8373] RSP: 002b:00007fbfeee47e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 115.120710][ T8373] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007fbfefbc575f [ 115.128676][ T8373] RDX: 0000000000040000 RSI: 00007fbfe6a28000 RDI: 0000000000000009 [ 115.136686][ T8373] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000452 [ 115.144647][ T8373] R10: 00000000200001c2 R11: 0000000000000293 R12: 0000000000000009 [ 115.152643][ T8373] R13: 00007fbfeee47f00 R14: 00007fbfeee47ec0 R15: 00007fbfe6a28000 [ 115.160602][ T8373] [ 115.180728][ T8373] loop2: detected capacity change from 0 to 512 [ 115.205531][ T8375] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal [ 115.223273][ T8373] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1589: bg 0: block 288: padding at end of block bitmap is not set [ 115.267060][ T8373] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 115.295505][ T8373] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.1589: attempt to clear invalid blocks 1024 len 1 [ 115.340570][ T8373] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1589: invalid indirect mapped block 1819239214 (level 0) [ 115.365068][ T8373] EXT4-fs (loop2): 1 truncate cleaned up [ 115.371806][ T8373] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.435097][ T29] audit: type=1326 audit(1720970450.518:1358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8402 comm="syz.1.1601" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff9da6a0bd9 code=0x0 [ 115.470036][ T8225] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.511398][ T8411] loop1: detected capacity change from 0 to 256 [ 115.524921][ T8413] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1602'. [ 115.551721][ T29] audit: type=1326 audit(1720970450.628:1359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8408 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f25653dfbd9 code=0x7ffc0000 [ 115.557520][ T8411] netlink: 388 bytes leftover after parsing attributes in process `syz.1.1601'. [ 115.586852][ T29] audit: type=1326 audit(1720970450.658:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8408 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f25653dfbd9 code=0x7ffc0000 [ 115.610288][ T29] audit: type=1326 audit(1720970450.658:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8408 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f25653dfc13 code=0x7ffc0000 [ 115.633603][ T29] audit: type=1326 audit(1720970450.658:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8408 comm="syz.3.1604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f25653d6c27 code=0x7ffc0000 [ 115.677814][ T8418] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=8418 comm=syz.4.1605 [ 115.846662][ T8428] loop4: detected capacity change from 0 to 8192 [ 115.879263][ T8430] loop4: detected capacity change from 0 to 512 [ 115.896308][ T8430] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.910800][ T8430] ext4 filesystem being mounted at /87/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 115.982563][ T7031] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.091338][ T8448] loop4: detected capacity change from 0 to 128 [ 116.141451][ T8452] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1617'. [ 116.180364][ T8457] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1620'. [ 116.509783][ T3197] ================================================================== [ 116.517879][ T3197] BUG: KCSAN: data-race in n_tty_receive_char_flow_ctrl / tty_set_termios [ 116.526391][ T3197] [ 116.528713][ T3197] write to 0xffff88811262d121 of 1 bytes by task 8466 on cpu 0: [ 116.536424][ T3197] tty_set_termios+0x480/0x8b0 [ 116.541196][ T3197] set_termios+0x365/0x4e0 [ 116.545621][ T3197] tty_mode_ioctl+0x391/0x5d0 [ 116.550300][ T3197] n_tty_ioctl_helper+0x8d/0x240 [ 116.555247][ T3197] n_tty_ioctl+0xfd/0x200 [ 116.559574][ T3197] tty_ioctl+0x886/0xbe0 [ 116.563902][ T3197] __se_sys_ioctl+0xd3/0x150 [ 116.568501][ T3197] __x64_sys_ioctl+0x43/0x50 [ 116.573090][ T3197] x64_sys_call+0x1581/0x2d70 [ 116.577769][ T3197] do_syscall_64+0xc9/0x1c0 [ 116.582289][ T3197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.588198][ T3197] [ 116.590790][ T3197] read to 0xffff88811262d121 of 1 bytes by task 3197 on cpu 1: [ 116.598328][ T3197] n_tty_receive_char_flow_ctrl+0x22/0x1a0 [ 116.604149][ T3197] n_tty_lookahead_flow_ctrl+0xee/0x130 [ 116.609700][ T3197] tty_port_default_lookahead_buf+0x8a/0xc0 [ 116.615612][ T3197] flush_to_ldisc+0x31c/0x410 [ 116.620311][ T3197] process_scheduled_works+0x483/0x9a0 [ 116.625786][ T3197] worker_thread+0x526/0x720 [ 116.630380][ T3197] kthread+0x1d1/0x210 [ 116.634463][ T3197] ret_from_fork+0x4b/0x60 [ 116.638883][ T3197] ret_from_fork_asm+0x1a/0x30 [ 116.643654][ T3197] [ 116.645975][ T3197] value changed: 0x11 -> 0xc6 [ 116.650636][ T3197] [ 116.652952][ T3197] Reported by Kernel Concurrency Sanitizer on: [ 116.659098][ T3197] CPU: 1 PID: 3197 Comm: kworker/u8:7 Not tainted 6.10.0-rc7-syzkaller-00266-g4d145e3f830b #0 [ 116.669340][ T3197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 116.679402][ T3197] Workqueue: events_unbound flush_to_ldisc [ 116.685226][ T3197] ==================================================================