last executing test programs: 4.317600488s ago: executing program 3 (id=673): recvmsg(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/221, 0xdd}, 0x20) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="0b00000073797a3000000000000200"/131], 0x119) writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000040)="01000000", 0x4}], 0x3f) 4.264568455s ago: executing program 3 (id=674): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="000000000087fb00b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd4d, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000001000", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB="00bcc50918d3"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_SOCK_GET(r3, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000c00)={0x2c0, 0x0, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x150, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xdf3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x2, @mcast1, 0x2}}, {0x14, 0x2, @in={0x2, 0x4e22, @rand_addr=0x64010100}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'pimreg0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ip6gre0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0xffff, @mcast1, 0x9}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_NODE={0x58, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xd}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "47df53304615d5683aea7334379fb278da385adeceaabe1e70d117"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}]}, @TIPC_NLA_BEARER={0x104, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x5, @rand_addr=' \x01\x00', 0x2}}, {0x14, 0x2, @in={0x2, 0x4e20, @rand_addr=0x64010100}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffb}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x8000, @empty, 0x91}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x0, @mcast1, 0x43f}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x7f, @mcast1, 0x81}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x2c0}, 0x1, 0x0, 0x0, 0x8000}, 0x800) readlink(0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000006000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) dup3(r1, r0, 0x0) 4.180200815s ago: executing program 3 (id=675): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0x0, 0x52e, &(0x7f0000000f00)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ////8+wKHhUtID7hAOjFcXV2f8+nMsBIBLl3r/n+/A3mcLMBIKfY1AhAYZf/3/f9zpelDJQQAAAzcdGtKCqXs673pKBRKpYibrZ8FKCZrG9XKfEQ8ERG/nSlea9YXWlsm514zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAIy0iMKfkl+2n+U/N/P8dPf3AxPJv1o/CTwREW/98I3v311uNHYXmsv/drS88YNs+YvD+AYDAAAA6Na5Tm/N/znsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNe89eHulM/Xx8qlBxf3LFyJiNi/+eEy25pNRjIjrf09i/MR2SUSMDSD+4b2I+Ghe/KSZ1lHIvPiDeBPOiR+z2buQF//GAOLDVXa/efx5La//FeLZ1jy//41H/E/9g+p9/Iuj499Yj/5/s88YT73zs3LP+PcinhrPP/504ic94j/XZ/yvf+3goNe69EcRc53Pn9YR72SE41K5sbVTru8f3N7YWl6vrFe2FxcXXl56Zemlpfny2ka1kv2bG+M7T//8/bPafz338y/Jsund/udz9pf3mfSfd+4++HCncng6/q3ncuL/6sfZK07HL2RxPpWVm+vnOuXDdvmkZ376m2fOav/qcfuLD/P/f6vXTrud6ihP9/unAwBcgPr+weZytVrZHdlC8yr9EUhD4REsfGugO0zTNG32qZxV9yOin/0kMeCWFvLzOS70PAIM+8gEAAAM2vFJ/7AzAQAAAAAAAAAAAAAAAAAAgKvrMp6y1h3z+BHIySAeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/DQAA///dpdP7") r0 = syz_io_uring_setup(0x19af, &(0x7f00000000c0)={0x0, 0x7e1c, 0x0, 0x0, 0x29a}, &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_UNLINKAT={0x24, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000140)='8', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="24000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r4], 0x28}}], 0x1, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) kexec_load(0x100000001000000, 0x1, &(0x7f0000000580)=[{0x0, 0x0, 0x3ff, 0x8}], 0x3e0000) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x3, 0x4, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) splice(r3, 0x0, r5, 0x0, 0x39000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000680)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x1, 0x0, @void, @value, @void, @value}, 0x50) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="50020000", @ANYRES16, @ANYBLOB="0100000000000000000001000000080001000000000004000480080002000100000010000c7d0c000b8008000a00b4ed000004000880c8000c8024000900f36aad4208000a156878badf10076800d5441e0f080009002bd49f3b0c00008008000a00697100002c000b8008000a"], 0x250}}, 0x0) sendmsg$NLBL_CIPSOV4_C_REMOVE(r6, &(0x7f0000000800)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000007c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="90000000", @ANYRES16, @ANYBLOB="000426bd7000fddbdf250200000008000100030000004400088014000780080006007200000008000600480000002c00078008000600f40000000800063e8b000000080006000100000008000600bc0000000800050033fad1630800020001000000080002000100000008000100ffffffff04000c80f6ff0b800800020001000000080002000200000058c3340069b92fd89bb769b058d313c36df53f4624f2ab682e17c7424671f7a25e15273c6355d103ec8f9318b5037209ba6420aa91f8438275daf6b5538e4af3582885c1a519ca84d2f8b1643d9dbb07e1101d41f6087f2962ec3582f7d32a7f1c329d7e4e832c413f36d24037b7f06fdf33e0ba56087d7521c55ca1460a7a975f9bc0e8287db59f9e7eb5da0da3a7efded868659e394acf69e77e7076db"], 0x90}}, 0x4004) socket(0x2c, 0xa, 0x3) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r8 = syz_open_dev$loop(&(0x7f0000000040), 0xfff, 0x129183) r9 = syz_clone(0x22801800, &(0x7f00000014c0)="1eaad669b3246d9220ec8b6dbaf6242b8723145341ba7847cb4d4abffb1644d79e3b11843b61b310e35f1c5c4ce908db0f1bea576b3118eca5b96be37d131b210d3dc608c7e4d5eac27a6150a0d98c1d273e41e071c2ab5c909765578323f36c5fd2f7b5c1d9aa875c3b22ea03eb168e3bc66fa085a69d28d4a24c0e57642785316ed355c87ca5142e01f0cbf86ae81939d34d53b03e5d613e11c74d3f5737b9ed184468945d942b4007966daec4f752f55ea677f55cc22ee806687af49c01df5e54e13827911b8e88c1c99c163901ed30bac64c68f5e81e5ff253da808751ea6a35e6e1a5a3e3226c1ff677e47972cd113d9004f976b1d8ef3692502550db601d852aeffee9c4d2bd06869aaf9f593496fd40f1141bdaa0d4cf1d04f42227eb6018e883d9bddfe5afa52e7adee4b3a40e0ad030f1cb6fb88ca66a634e252471baea70498890648b522065fab53ee15f85d5181e5d37de35c8e1e39c1b86b83ff411fc415d63e3ed8f3518b600d6b15a895a2bc36fc13986cb359c7d542f16c6826e2fa7a6f81b2feaad70fd2033ba9cb3e1a2df25b4af6464e7cffd7ce13e2f2a70f0e48d2a656ecdb8f3624d5c34976c705778bafda1beb52eb51e96b173d0ce1df9c4e05f774de4fb5cd99ca9d72677033a3597cc69622ab627416f4f456cd88b7353bd2aa6aa7624ef9649bb234f13d77c43598c4b11d3442674b3414b559a18a05a06d4937dc81c32be29a133b7d82f655b40df37f2ea444c954c943e5d9e235c5d3743268ffcfb14eb8e26d45528982129b6801c352f2feed2cbd287e90ce3d186462f4b173fecc1ef5b3ab81571d606a1b7d2f0b2f91cf2f5fa9030000a5c3ecc43cbc9ff21544f9d9240b23f6208653efbd6abae3bdaf514cd44ae50969bde672523d21ce5e892e9675d0b26e16dc59bd9bfe5c1e85690ee103c55c7d97aea6ac3fb9e71dec63770d609fe666d6b5161a63986f5063210778640c8946a642619516584fef9d719b909ac40af963dbe7f6b7d874cf0300ab33dc42f09954a5902b13de198641b811fab58687e3f26de24911b8ce5bb3e722eee81741167583f10a0edb88b196ab2d438ab9341b4419096b6c9027c833197265a2b81910cba688ded5c6ebfb3b3e163cf4e816f17656fc452206286824fd59472e0103f8a0f79c7cc9aa2895525a7d24b3da099279de8cbfcf8083a4dd13de740369ad59b9cc5048a7ba4adb87fb7a19454c5c6fd4a4d53e71d6b9ecf3f5843c0ba2b12574b8c3ffbdbbb5b536954d3f881e9bc5a66cbd03294db5ec34f4ce00e8bcec51052b74d2c3d4b38e24e50462cf29bda9cf19847a1a2306752c16253f78e49f3786aacafc58a26162b1fe9104e389b52ee962895db8beb503396556ee92072c31dc6e5657887ad72f9602d2ae7f760e3ea382a7fb760a2467f3418fe01ea8892ef2f0b6c4ef689599dafa0bf8a2218e181bfd0fa0e42ab6dbacf884886ac7b625ead0670f62d16e678df0a34d03252f89546ef005a57bf9976daf551b215ba5afa8bb82deff9cbd9aa71e51f4f962f24160752d25417ac76ce7b9a5b1497933bb2c8f7ee9f9075d0577f90678973ed730501f806e4c26d8ff204150335d3b164ea59a785970ead6799e42ae76a940f53ab797443bf1810eb8b413b1fa6806bf6a02cec12ff7eab1a4b853fa71bc6a1409c16f36e201cf04455d4434bd65cf2a536dbbedc126ba151bca25ff493aaceabfcdda8a885703862f02033b754fd8831edcdfd4db9ada8d038c67fbccbf5465430e362be245d4996c98a4e3e673cbf395dd4a2ed7a55d1810cb7a5ef080051f5fe4191b2a5d5ec908cad2727ff52b78245a8d8215f9341a545d38992f4c65b12a01d2d71ee7d7a0617829347f8003be743ee48a03e3bef23b4f8faa1aa1a93f980d9af4a487bde86171c9fd4a1c4a8977c5517f3c00ca3c6e08050d206a7d8477c425eadb8a10df802eea6eb920a05fa2d6e8fe56253822043d367e552b742c9c9591efaa6f99430b66f789dc77bd39a62244140dd61a266103214875d4719929388f7e90a07b9f9ec886c7fddb69c3ddd621b7ee9c4c9a8c40c76d89f9c23f0f0842ea5fa7e09719014e61faebebc26f7881ca48341cc8ccc45f42c393dbae398b89d30e1940c6b2084a78d489abb56a6e7308efc6f952be41ad07a3002175c2bf61c438faabd24426f0a9c7d51f3c960aaf0563cccec18af76bd755f9ba5a5186d3db4ad4ae3753b9b4172b3678a79d88582a5f99bf0736645ad7b3f58e3261f6d6eff01e0826e58ccf6fb8b32ad83298c45fe41d2d57c36b8dc29f7b9a62a564d5026366b7a5e9569c8d77f810a37f582b254dbce8885d80c22771de4039a401c6ee93d22ecf8fa38251afa0c113c5581870ef471d23ea19c8fc834f79fe9a1b5f7965889d770e1aa8d281ef182cb5b8a77977a80d810787cf0f5f3cb29a23ed568ff405753bbadda10acab51000d4a970ac6b3a8e5a355bbfc50b4be12689f6ccbdcbd942c57cd07659aada4335a1084cb9dae8caf57f05f2bc254eadb576d9a5650aaecb4ea002865a7d722a84e37e9d22fae31fc79c7a2639d464cfdefa6085276c7742fdc38e32e1272e7cd927216baf761551a1b3bbb570d67f9bbba5c3b44a6024231bafeb58314b7fe9240fac15ae855d3618f25fdbcfffcdc27abc4ba3eebd42d6362295ddfdc7cae3cecd22f6fafb97711c0321efcbd9edb93aa5422f4a0d255d5a0076c541b7758cc468989bdad252c45a0f0f4d9cf348e06921604ccd08ad2f8ea5b4171308ddc8e1c3fb9a8b7a3fc4fb8f0327d93d0f638fe0eb9382f398779dbff1f678200f8c55710cebbcb52c277968f15bf6263ee1bca676892b0bf47d89c12ce58c3cb8858748ce1ada83d5ffa3d8ae28fc2e1c737c7e3076ed5a567869cdf5ddf0979f127b8b989184015749578f777000544fb1298d3668fcdadb8a38d8eadc2125c0372f478c3add6b79300fb222c0f67502dcb654b10469c8b6dc03ba0e2499fa8225061a28dc94016986e16d4cf2fb316cf5bbe361704ea9213f7a4fe30993950efa68856b5117ab7c04612d8e7d23e772154555910e31cf99cec4c5b7491af2428546c30d6c8ed3cc3c93ce5b4e794745a7eebb4f789be8ea89b9e6de7f06501e2112f1e5b020da35f4e2ea2376b68ea3306e46a8fdfdf231d5be522b909fd15da2d2e81c00e14fdc10c51e822978467039306747fb8f8ed3ebb72cfb52fb96f752b704cef77862292867a39a2978cbb6b72fa298477053215d0dce8170aadb3649392525a9fe8567e78fe19cf52d2d4a393668e21885997693043520823ac5745095c30dd2c4275935bf8488afd77d06e6b1261439f6a6be4eace0287c7bd0b8387dbea16adf5293bc5b19acca59d8a8379befbf8de742dca826f3e3a7707d6be1d92a70947b31c8e8cbe4761cee0864ddf4d90a92cd8efe69d7ef507fa452644b4c76c1407457114b82808b382f8a9dfe3b1a7747dca306e7dc8f169c89f93069a79ac0fe0de91ef37c19b29e6ec42298ed6ea5d46d63b06c2788c8114e8172720d914d93f985634de8d041e77a7d8a88582507561e06ad36113be3d3d0edd334a1c8f322cdd2533dfac67a98464477508417518c001591b7de1bbabd224694a88b2b3d23c1a0282cec10e66abdba4ec62a14b8b89d870cf59781e805253ca9afaa43449eddb1c0e00bf59126a879a720f70c5c28eec8a4d306ec7a14ec8ff29e3f8f30eecddca652175b0924aa984424b6ae358ec525cafd7a50e79d51e8fb13c33471439f4e8c34379e63e3fbb02e957f1f937d6f46bbf1b1b6c09732ae4f84257103d80e36bf0e1bfab056e4a72f1a9ffd7b2b193b3324f580a51532a1bfa41853f71b593639e845197211ddf6eeec5d191b1f972f2899435f1356337dce9b1e48cfbd7fe9781199a605fc08b0a6b7c79e9f7f5383443813a0295ce9cd02c15b55818639ea4340f47c8a5d1b1685c1ffe1418f0ba85c0d14c94570e864759a4269c78256360a7491f192613bc58702ff24292b160385d68f07b1863c0b6d21ae4615a9f879a7c20419ab505ba565da06f23ed42da1ad781cf7488ccd9fdc5e35b603c49b07f10c76a105e2e093371230d7d6a141ef39a41098cbb3ffe0d17d49dc4824142d0d5aef174614baac12218cb55d06dd05d180696820aeb96000b4587ce25794b88c6b864a569804499500aa39bb0a8ebc856bee44772c279cdfacd941685a7dacf78e3ea24afefddae95b83d7e1de5e25ee50ec28b0f29f39e8c816ddad86515017f48dc97bf16e984bc36428eb8d3c7e434000fa25aa4e6d0be32e88ef03d664ced6b89ed848e777cb3debd29d6e3930c21fc01b1914465b803d5cb0df5f782aabd826d767a4451b0d5308e83e34e616a2220d6a12e0f2be4784943cb812b089416eb6c0ef2c03b693b546b5ac33b0a5afc90df7ed8c4e3eea07a30a150ca670df983e878f9ed134e05075874203da2cbfcf28315e3839754bb23d6dfba8416a1c15b506f3897e4ea70b820284e5bb1112a4dcc71c7b41644bbc74d1442ac89df5dd85fa8ec928509107c0b4a5c120498b9347f05f332806d7d49fdb2878e7250e9cb6f76911c46bc1865b1ed02d7048aa71df164f9ce7e8eebc80051b712cea5a25ff401cbca2bdcf57d7aa4b0cdd0d51d9ab4e50beafae2c71447800e9c3fb7c6f3ab1510a417d879be099b4084f0989c4576db40aeaa71bd391d2edf69463290739423ce71b3537dd5667d0768e90b3ff273a2d9b2213a62babd8a5be1e5e283bd803561b9199660f2323bc0b9604b1650ed02dc8e90687ef0ac84bd61df3e6a435884508a2d3f0d9f8f48910a5028df4618408780346df32ca4d09a849e4a151b0caa29a0dc0883ae6669911abc7409b1d668d3f84db605541a7ac7d5f52e326be88277820a73e52bea3a571dc661602d4de875c68f4bec6cdd47940c9114602445de33fd65f1908ac668c6a6810d92f3582bb68f295d91b629332e45a8d938989252b0a48fa1a7b61ed1bf886fe7ac38e1ffec62cb37227d4b9f1efb55978d823f1d664f834bec6baff728f9649676ab3a1ed78a7212a60ed48e431a53697c876926ca1e5c3f2afab83b14c1c82c4053ffa44cc20f3fd4ebaf3ee21d6968541b8933b8c337dd70a448755e22c61ae3925fdada4889d7c84981237827064db79f3e7191540a44463c1a8268516d013b6cf5eac9b5423014d9ad844014b50daa4cbc9285", 0xe8a, &(0x7f0000000180), &(0x7f0000000380), &(0x7f00000004c0)="840e893e0f8781dc113ace76532e22") ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f0000000580)={'\x00', 0xac0, 0x3, 0x1, 0x2, 0x0, r9}) 3.407800014s ago: executing program 0 (id=699): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="18020000100000000000000000000000850000008800000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x4}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014001180b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x70, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_SEQ_ADJ_REPLY={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}]}]}, 0x70}}, 0x0) 3.406864084s ago: executing program 0 (id=700): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES16], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000140)=0x20, 0x4) setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000000180)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000100)=0x20, 0x4) bind$xdp(0xffffffffffffffff, &(0x7f00000002c0)={0x2c, 0x8, r0}, 0x10) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000880)={&(0x7f0000000ec0)={0x194, 0x0, 0x800, 0x70bd27, 0x25dfdbfb, {}, [@HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3d8da76306115de9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x194}, 0x1, 0x0, 0x0, 0x4044000}, 0x40000000) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_io_uring_setup(0x207, &(0x7f0000000440)={0x0, 0x8e00, 0x10100}, &(0x7f0000000300), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x6f7c, &(0x7f00000008c0), &(0x7f0000000040)=0x0, &(0x7f00000002c0)) r5 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0) finit_module(r5, 0x0, 0x0) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) r7 = dup(r6) ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x0, 0x400, 0x4, 0x100, 0x4}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x12, &(0x7f0000000200)=@raw=[@generic={0x80, 0xe, 0x5, 0x7fff, 0xa3}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xe3fe}}, @call={0x85, 0x0, 0x0, 0x69}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x1}], 0xfffffffffffffffd, 0xffff, 0x9b, &(0x7f0000000340)=""/155, 0x41100, 0x40, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000080)={0x8, 0x5}, 0x8, 0x10, &(0x7f00000000c0)={0x1, 0x9, 0x4a2, 0xb}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) ioctl$KDFONTOP_SET(r5, 0x4b72, &(0x7f0000000400)={0x0, 0x1, 0xe, 0x16, 0x1d0, &(0x7f0000000a00)="f6a560bdd5a830a2eaef22039250b24cac8726ce6f1500e7539edda54ada410cb208bdadd029ff88475cff3f62d16075163dc0df2b5ff3182f83b3301f57f780b8e1c93189d8c028edbcaa920989cc6357061ad12d513fbe09d2dac903a892045d2deab9fecad23ee0944cc1226de87f2a24e9301b1e835e0de1c1ba443fe8e045a2218292cbd8e0a0fc8144b83335fe8833cfb9955cd59366bee83fa7659d5d7487373cb015da7149e3f237bff36cfc195ca7181f4a82010d43aa2da4bf453263d0fb150ec67bd2b2c6c1abb5c67df18f5b6a237ea25c5625b897d14e6ada006169e086b35342f70217ca9617bbb33f523a03eb305440379f45555af2e890cc1923c63c49a26cbb57bb7db44b52e1bed5b0e5b6553c0002e281b989bb12b5452f3397c9c53dfa40d1d25683176e942f7a689f82cd9bc7692b4d1ffe156f4c8c2d12e13dd33ad74c2bec8f357d09609af69f4f4955c2a7be74092cc7edc5c4ad5dbf7f19ca6c55ba6018c06a746eecf2caf4791d7d6d9a45829254e625fc67519bbea774f674304ab4b4dcf5e898253b5536fe35dacbfb20e57eb06a1936353a51a6373854acf10381fd9f218226e62004c8eb722d06ac65074803033aa0ac33b2df636abff9aba83192e1638ba9720798a3df5bed2231ed2b50c0d64a3b60b8293761669c6021ff8c6093b7795bb91e9f37052abf6df678d7fcf6353640bb62c969f5b2cff149660f59a9d181a3a34ecb0ce70479d616f2614a8144776444b12d39ab38a6f203781f79fed4cccad06b36a5632dc7a78599bca484ee29664f0836b74b3c2d65fa4969f0eb776db7861384486acb615e737f55134625d92e23573f575d24f2856492ae960dbf179f127134848dee2fcb54a9583ebd0b45b67a9ffb87a149467df5e2a181d1b6b785727e8e5c9ed3d4ea8d5fcd68e4fc4de019de1d1f68880d9af4e8dd8f11b9f4e59a8c416c78658a936bfbd55cc7a2c9142a444eef82ea3c00458df9530a2571221fd7589b0f7e894357b88af34c26a2738ab7aab9257227c503d2e9ac9479097f3ae8ebf8f0f7c371f488be75a03a1c17b82ea6d673b6409ade3f5cc933b529a23dd4bf708214fd51f357a9ba864e90c6d5071fc622f5caf4a8c8b923f5370bf455d30d975d29db02482831b74b4c3ea6ca32d5172c1681099f88b1863a9ba9dda6a1423aa37b916d9c9a8fbf4bdd60fe849f364b85b36ece19cb3ad2c79178bbedf807250db360f28847136820c8d2cce542a5cc4e522b2a0b257caec2d579d9e5f4079b0a6fe50ee62130c180e6250411a0907099720eab36b84b5d9d6206ad7a107e6d68bd4ab55969f10957fe7fb892f84bc08543d1e04dcc1496c73b11b506f538c70cff57d745c71f4d3a2f22d973ba96001006f3b98e0c6c66e935bec8afe0eea8efff3e22e6e8509a17adaf3eba8b"}) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_SYMLINKAT={0x26, 0x0, 0x0, r7, 0x0, 0x0}) io_uring_enter(r2, 0x1849, 0x0, 0x0, 0x0, 0x0) setsockopt$bt_l2cap_L2CAP_CONNINFO(r7, 0x6, 0x2, &(0x7f00000006c0)={0xf8e5, "fc33f8"}, 0x6) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ENABLE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='l\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000003000000580001800d0001007564703a73797a300000000044000400200001000a000000000000000000000000000000000000000000000100000000200002000a00000000000000000000000000000000000001"], 0x6c}}, 0x0) 3.381234427s ago: executing program 0 (id=701): r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f000000a1c0)=[{{0x0, 0x0, &(0x7f0000003740)=[{&(0x7f000000b580)=""/4110, 0x100e}, {&(0x7f0000000900)=""/85, 0x55}, {&(0x7f0000000400)=""/121, 0x79}, {&(0x7f0000000b40)=""/206, 0xce}], 0x4}, 0x6}, {{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x9}], 0x3, 0x2202, 0x0) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="18000000"], 0x18}], 0x1}, 0x2000080) 2.535655405s ago: executing program 0 (id=708): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0a00000001000000080000000800000000000000", @ANYRES32=0x0, @ANYBLOB], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000080), &(0x7f00000006c0)='%-010d \x00'}, 0x20) mkdir(0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r3}, 0x10) bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8) getpgid(0x0) r4 = gettid() ptrace$setregset(0x4205, r4, 0x6, &(0x7f00000002c0)={&(0x7f0000000400)="cd1c7f2ab879367bb71b39bef2b83cadd417dcc72d6bb69ead99d806c4445be3347be24a5226dc71ef0bfe3da7bed105f92a43bf05c7db53c56eb73b9e617ce6b92d7e6625cb06fb12f09e0b414b88b0fc87c8b04e4074ca3b614692065a15d364d0c0df420decc1f03617430892ce22ffb4f165fd3e121e5fb8603e777637a5470022c1f811217bd871a3a505ded2d2e78bcb7dd8afd7edbe1411071071b33048f3a78d520d98064776ec471adbc65f31ececc37076c9b62dcbab812e085ac8647d87e6b2e5aabb4b8bc108ec", 0xcd}) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f0000000240), 0x0, 0x52e, &(0x7f0000000f00)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ////8+wKHhUtID7hAOjFcXV2f8+nMsBIBLl3r/n+/A3mcLMBIKfY1AhAYZf/3/f9zpelDJQQAAAzcdGtKCqXs673pKBRKpYibrZ8FKCZrG9XKfEQ8ERG/nSlea9YXWlsm514zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAIy0iMKfkl+2n+U/N/P8dPf3AxPJv1o/CTwREW/98I3v311uNHYXmsv/drS88YNs+YvD+AYDAAAA6Na5Tm/N/znsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNe89eHulM/Xx8qlBxf3LFyJiNi/+eEy25pNRjIjrf09i/MR2SUSMDSD+4b2I+Ghe/KSZ1lHIvPiDeBPOiR+z2buQF//GAOLDVXa/efx5La//FeLZ1jy//41H/E/9g+p9/Iuj499Yj/5/s88YT73zs3LP+PcinhrPP/504ic94j/XZ/yvf+3goNe69EcRc53Pn9YR72SE41K5sbVTru8f3N7YWl6vrFe2FxcXXl56Zemlpfny2ka1kv2bG+M7T//8/bPafz338y/Jsund/udz9pf3mfSfd+4++HCncng6/q3ncuL/6sfZK07HL2RxPpWVm+vnOuXDdvmkZ376m2fOav/qcfuLD/P/f6vXTrud6ihP9/unAwBcgPr+weZytVrZHdlC8yr9EUhD4REsfGugO0zTNG32qZxV9yOin/0kMeCWFvLzOS70PAIM+8gEAAAM2vFJ/7AzAQAAAAAAAAAAAAAAAAAAgKvrMp6y1h3z+BHIySAeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/DQAA///dpdP7") sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r5 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$FS_IOC_ENABLE_VERITY(r2, 0x40086604, 0x0) sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) 1.55295278s ago: executing program 0 (id=721): prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x9, 0x81, 0x9, 0x9}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a0000000200000009000000080000"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair(0x1e, 0x5, 0x2, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50) setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x4, 0x4, 0x3c8, 0x1f8, 0x110, 0x0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2}}, {@mac=@random="3c192477987a"}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @dev={0xac, 0x14, 0x14, 0x22}, @broadcast, 0x4}}}, {{@arp={@loopback, @private=0xa010102, 0xff, 0xffffff00, 0xd, 0x10, {@mac=@multicast, {[0xff, 0xff, 0x0, 0x0, 0xff]}}, {@empty, {[0x0, 0xff, 0x0, 0x0, 0xff]}}, 0x8, 0x0, 0x0, 0x8, 0x1, 0x5a, 'macvlan0\x00', 'ipvlan0\x00', {0xff}, {}, 0x0, 0x100}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x2}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, 0x0, 0x0, 0x0, {@mac=@link_local, {[0xff]}}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_vlan\x00', 'ipvlan1\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x3}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES64, @ANYRES32=r0, @ANYRESOCT, @ANYRESDEC, @ANYRESDEC], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) write$binfmt_elf64(r4, &(0x7f0000001340)=ANY=[], 0xa89) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r4, &(0x7f00000002c0)="e2b3b8c51d71eadd2cf9dda251607cf2ac834ad26f541d5e9aa46cff60ba3d1ba4e90b24a30075ff6423ae78237d68331d7e125b57ef23912b3f43376608d71bd2be176d4f54c54f91176ff4e6ce2d6ad7c2eb", 0x53, 0x8c1, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x880, 0x20) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f00000001c0)={[{@usrquota}, {@usrjquota, 0x22}, {@nobarrier}, {@noload}, {@data_err_ignore}, {@grpjquota, 0x22}, {@grpquota}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) 1.525485143s ago: executing program 4 (id=722): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r3, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) r4 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f00000002c0)={0x42, 0x5}, 0x10) sendmsg$tipc(r4, &(0x7f0000002340)={0x0, 0x0, 0x0}, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 1.453178251s ago: executing program 4 (id=725): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000500)=ANY=[], 0x1, 0x2b6, &(0x7f00000000c0)="$eJzs3UFrY1UUAODz0jSNukgRN4qLB7pwVaZu3bTKCGJXSgR1ocXpgCRhIIWAI5iZ1fwCl/4Pf4IbN/4Dwa3gri6qV17ee01iX9PS1hT1+1an995z73nvQrrKyeevjgYPHmXx9OTn6HazaO3FXvyZxXa0ovYk2nFe0xgA8G/we0rxW7pOZrt1+9UAAOtQ/v8v3XUtAMB6fPjxJ+/vHxzc/yDPu/Fy79mkn0XE6NmkX87vP4wvYxhHcS96cRqRzpTxu+8d3I92XtiO10fTSb/IHH32Y7X//q8Rs/zd6MV2c/5uXlrIn076m/F85LH/cLMutRcvNee/2ZAf/U688dpC/TvRi5++iEcxjAdR5M7zv9nN83fStydff1ocU+RnrehvzdbNpY113gsAAAAAAAAAAAAAAAAAAAAAAP9tO3mele17Zv17iqGq/87G6Wx+J69tL/fnKfOzeqOyP1CKqkXPNMV3dX+de3mep2rhPL8dr7T9iAAAAAAAAAAAAAAAAAAAAAAUjr96PDgcDo/GtxLU3QDqr/Vfd5+9+cjWUrkNi7euftZit4Gi1pWLo92O1RuepNLlz9WqD21e89zFUzcItuaX+1GUQX0xN9o5/e2Fv/h2+ffjwWFeralf8uAwu+ysbr3P94tTnbjpS0izCk/T8p12z0pdzurc0pvvvNA49UdK6Wr7vPVLeUfVSDZrsXG10zeroPEBi6B7/i5+uHjDCz8yNq75UQMAAAAAAAAAAAAAAAAAAFyi/K7vk6PxccPk05WprX+sKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYs/L3/4dH47OgGxHLI+eCaZW8ak0VdGJ8fMePCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/AXwEAAP//wZJM4A==") perf_event_open(&(0x7f0000001a00)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2401, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0xb937}, 0x0, 0xe5c, 0x0, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000100)={0x2, 0x80, 0xde, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = io_uring_setup(0x30d3, &(0x7f00000000c0)={0x0, 0xed7, 0x2, 0x0, 0x8017}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80350, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0) recvmsg(r3, &(0x7f00000005c0)={0x0, 0xfffffffffffffe7e, 0x0, 0x0, &(0x7f0000003e00)=""/4102, 0x1001}, 0x0) socketpair(0x0, 0x0, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r2, 0x8946, &(0x7f0000000900)={'wg2\x00', @random='\x00\x00\x00 \x00'}) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10) bind$bt_hci(r6, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10) socket$netlink(0x10, 0x3, 0x0) r9 = add_key(&(0x7f0000000080)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000040)='9', 0x1, 0xfffffffffffffffc) keyctl$chown(0x4, r9, 0xee00, 0xffffffffffffffff) keyctl$chown(0x4, r9, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f00000005c0)={0x3, 0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000380)=""/67, 0x43}, {&(0x7f0000000500)=""/23, 0x17}, {&(0x7f0000000440)=""/134, 0x86}], &(0x7f0000000400)=[0xe]}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000980)=@base={0xa, 0x8, 0x1, 0x40, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 1.399254377s ago: executing program 1 (id=727): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES16], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000140)=0x20, 0x4) setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000000180)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000100)=0x20, 0x4) bind$xdp(0xffffffffffffffff, &(0x7f00000002c0)={0x2c, 0x8, r0}, 0x10) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000880)={&(0x7f0000000ec0)={0x194, 0x0, 0x800, 0x70bd27, 0x25dfdbfb, {}, [@HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3d8da76306115de9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x194}, 0x1, 0x0, 0x0, 0x4044000}, 0x40000000) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_io_uring_setup(0x207, &(0x7f0000000440)={0x0, 0x8e00, 0x10100}, &(0x7f0000000300), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x6f7c, &(0x7f00000008c0), &(0x7f0000000040)=0x0, &(0x7f00000002c0)) r5 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0) finit_module(r5, 0x0, 0x0) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) r7 = dup(r6) ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x0, 0x400, 0x4, 0x100, 0x4}}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x12, &(0x7f0000000200)=@raw=[@generic={0x80, 0xe, 0x5, 0x7fff, 0xa3}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xe3fe}}, @call={0x85, 0x0, 0x0, 0x69}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x3}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @func={0x85, 0x0, 0x1, 0x0, 0x6}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x1}], 0xfffffffffffffffd, 0xffff, 0x9b, &(0x7f0000000340)=""/155, 0x41100, 0x40, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000080)={0x8, 0x5}, 0x8, 0x10, &(0x7f00000000c0)={0x1, 0x9, 0x4a2, 0xb}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) ioctl$KDFONTOP_SET(r5, 0x4b72, &(0x7f0000000400)={0x0, 0x1, 0xe, 0x16, 0x1d0, &(0x7f0000000a00)="f6a560bdd5a830a2eaef22039250b24cac8726ce6f1500e7539edda54ada410cb208bdadd029ff88475cff3f62d16075163dc0df2b5ff3182f83b3301f57f780b8e1c93189d8c028edbcaa920989cc6357061ad12d513fbe09d2dac903a892045d2deab9fecad23ee0944cc1226de87f2a24e9301b1e835e0de1c1ba443fe8e045a2218292cbd8e0a0fc8144b83335fe8833cfb9955cd59366bee83fa7659d5d7487373cb015da7149e3f237bff36cfc195ca7181f4a82010d43aa2da4bf453263d0fb150ec67bd2b2c6c1abb5c67df18f5b6a237ea25c5625b897d14e6ada006169e086b35342f70217ca9617bbb33f523a03eb305440379f45555af2e890cc1923c63c49a26cbb57bb7db44b52e1bed5b0e5b6553c0002e281b989bb12b5452f3397c9c53dfa40d1d25683176e942f7a689f82cd9bc7692b4d1ffe156f4c8c2d12e13dd33ad74c2bec8f357d09609af69f4f4955c2a7be74092cc7edc5c4ad5dbf7f19ca6c55ba6018c06a746eecf2caf4791d7d6d9a45829254e625fc67519bbea774f674304ab4b4dcf5e898253b5536fe35dacbfb20e57eb06a1936353a51a6373854acf10381fd9f218226e62004c8eb722d06ac65074803033aa0ac33b2df636abff9aba83192e1638ba9720798a3df5bed2231ed2b50c0d64a3b60b8293761669c6021ff8c6093b7795bb91e9f37052abf6df678d7fcf6353640bb62c969f5b2cff149660f59a9d181a3a34ecb0ce70479d616f2614a8144776444b12d39ab38a6f203781f79fed4cccad06b36a5632dc7a78599bca484ee29664f0836b74b3c2d65fa4969f0eb776db7861384486acb615e737f55134625d92e23573f575d24f2856492ae960dbf179f127134848dee2fcb54a9583ebd0b45b67a9ffb87a149467df5e2a181d1b6b785727e8e5c9ed3d4ea8d5fcd68e4fc4de019de1d1f68880d9af4e8dd8f11b9f4e59a8c416c78658a936bfbd55cc7a2c9142a444eef82ea3c00458df9530a2571221fd7589b0f7e894357b88af34c26a2738ab7aab9257227c503d2e9ac9479097f3ae8ebf8f0f7c371f488be75a03a1c17b82ea6d673b6409ade3f5cc933b529a23dd4bf708214fd51f357a9ba864e90c6d5071fc622f5caf4a8c8b923f5370bf455d30d975d29db02482831b74b4c3ea6ca32d5172c1681099f88b1863a9ba9dda6a1423aa37b916d9c9a8fbf4bdd60fe849f364b85b36ece19cb3ad2c79178bbedf807250db360f28847136820c8d2cce542a5cc4e522b2a0b257caec2d579d9e5f4079b0a6fe50ee62130c180e6250411a0907099720eab36b84b5d9d6206ad7a107e6d68bd4ab55969f10957fe7fb892f84bc08543d1e04dcc1496c73b11b506f538c70cff57d745c71f4d3a2f22d973ba96001006f3b98e0c6c66e935bec8afe0eea8efff3e22e6e8509a17adaf3eba8b"}) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_SYMLINKAT={0x26, 0x0, 0x0, r7, 0x0, 0x0}) io_uring_enter(r2, 0x1849, 0x0, 0x0, 0x0, 0x0) setsockopt$bt_l2cap_L2CAP_CONNINFO(r7, 0x6, 0x2, &(0x7f00000006c0)={0xf8e5, "fc33f8"}, 0x6) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ENABLE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='l\x00\x00', @ANYRES16, @ANYBLOB="0100000000000000000003000000580001800d0001007564703a73797a300000000044000400200001000a000000000000000000000000000000000000000000000100000000200002000a00000000000000000000000000000000000001"], 0x6c}}, 0x0) 1.278230361s ago: executing program 1 (id=728): perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000040), 0x3, 0x5eb, &(0x7f0000000c00)="$eJzs3ctvFEcaAPCvxw9sjNYDWu0ue1gsrVYg7WJjAysU5QDXCFnkoVxyiYMNIRiwsKPEJBJGIpdIUS5RFCmnHEL+iwSFK6fklEMuOUVIKIk4RspEPdNtPHaPX9jTiP79pGG6q6Zd1djfVHVNVU8AlTWS/lOLOBgRc0nEcLK0nNcbWeZI63WPfnv/fPpIotF4+Zckkiwtf32SPQ9lBw9ExHffJnGgZ22584s3Lk/Nzs5cz/bHFq7Mjc0v3jh66crUxZmLM1cn/j9x6uSJk6fGj23rvG4WpJ29/dY7wx9Ovvbl578n41/9OJnE6Xghe+HK89gpIzHS/D9J1mYNndrpwkrSk/2dNBqNRp6W9JZbJzYv//31RcTfYzh64vEvbzg+eLHUygG7qpG03ruBKkrEP1RU3g/Ir+1XXwfXSumVAN3w8ExrAGBt/Pe2xgZjoDk2sPdREiuHdZKI2N7IXLt9EXH/3uTtC/cmb8cujcMBxZZuRcQ/iuI/acZ/PQai3oz/Wlv8p/2Cc9lzmv7SNstfPVQs/qF7WvE/sG78R4f4fz19vtmK4Te2WX798eabg23xP7jdUwIAAAAAAIDKunsmIv5X9Pl/bXn+TxTM/xmKiNM7UP7Iqv21n//XHuxAMUCBh2cini+c/1vLZ//We1YsYa1HX3Lh0uzMsYj4S0Qcib496f74OmUc/ejAZ53yRrL5f/kjLf9+Nhcwq8eD3j3tx0xPLUw9wSkDmYe3Iv5ZOP83WW7/k4L2P31nmNtkGQf+c+dcp7yN4x/YLY0vIg4Xtv+P71qRrH9/jrFmf2As7xWs9a/3Pv66U/nbjX+3mIAnl7b/e9eP/3qy8n4981sv4/hib6NT3nb7//3JK827CvVnae9OLSxcH4/oT872pKlt6RNbrzM8i/J4yOMljf8j/15//K+o/z8YEUurfnbya/ua4tzf/hj6qVN99P+hPGn8T2+p/d/6xsSd+jedyt9c+3+i2dYfyVKM/0HLp3mY9renF4Rjb1FWt+sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+CWkTsi6Q2urxdq42ORgxFxF9jb2322vzCfy9ce/vqdJrX/P7/Wv5Nv8Ot/ST//v/6iv2JVfvHI2J/RHzSM9jcHz1/bXa67JMHAAAAAAAAAAAAAAAAAACAp8RQh/X/qZ97yq4dsOt6y64AUJqC+P++jHoA3af9h+oS/1Bd4h+qS/xDdYl/qC7xD9Ul/qG6xD8AAAAAADxT9h+6+0MSEUvPDTYfqf4sr6/UmgG7rVZ2BYDSuMUPVJepP1BdrvGBZIP8gY4HbXTkeubOP8HBAAAAAAAAAAAAAFA5hw9a/w9VZf0/VJf1/1Bd+fr/QyXXA+g+1/hAbLCSv3D9/4ZHAQAAAAAAAAAAAAA7aX7xxuWp2dmZ6zZefTqq0c2NRqNxM/0reFrqs/MbSTZDvSuF5lPhu3+m/Zs5wXyt3+Z+cnnvSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLs/AwAA//+JjCTl") open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) (fail_nth: 1) 1.223830968s ago: executing program 4 (id=729): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000ca3694", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000002000000000000000000000000070200006111960884fc57f0532d6bbfd3ac1144a81714d8c76790b9e5beef8421c8b08937dd741474175608bcd18c03f1d7c30b844b6175581d56b8aca9bb7aa34a327469eae6c23621577c7b75e47e37a89b33e42bdaa8c947ba"], 0x18}, 0x1, 0x5502000000000000}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x1a, &(0x7f0000000240)=ANY=[@ANYBLOB="180500f1a1d739470d00"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018200000", @ANYRES32, @ANYBLOB="00000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000000500000010000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x90) write$UHID_CREATE2(r0, &(0x7f00000002c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SG_NEXT_CMD_LEN(r1, 0xc0481273, &(0x7f0000000000)) 1.223333558s ago: executing program 4 (id=730): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x16, 0xf, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095", @ANYBLOB="1800000000000000000000000300000018110000", @ANYRESDEC=r0, @ANYRESDEC], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffff36) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) sendto$packet(r5, &(0x7f0000000000)="05000806", 0x5e0, 0x0, &(0x7f0000000080)={0x11, 0x8100, r6}, 0x14) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000539d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r8}, 0x10) signalfd4(r4, &(0x7f00000003c0)={[0x2]}, 0x8, 0x0) socket(0x10, 0x803, 0x0) socket(0x1, 0x803, 0x0) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) socket$nl_route(0x10, 0x3, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r10, 0x8933, &(0x7f0000000040)) r11 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r11, 0x8933, &(0x7f0000000480)) r12 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r12, 0x8922, &(0x7f0000000080)={'dummy0\x00'}) 1.153445926s ago: executing program 3 (id=731): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="18020000100000000000000000000000850000008800000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014001180b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x70, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_SEQ_ADJ_REPLY={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}]}]}, 0x70}}, 0x0) 1.012646722s ago: executing program 3 (id=733): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x181900, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) r3 = socket$inet6(0xa, 0x80002, 0x88) bind$inet6(r3, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) set_mempolicy(0x2002, 0x0, 0x9) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r6 = dup(r5) write$binfmt_elf64(r6, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b000008"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000680)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@access_uid}], [], 0x6b}}) ioctl$PPPIOCDISCONN(r6, 0x7439) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88b59edace0000033e8283f2305e02000002ff02000000000000000000000000000104004e20004d03"], 0x0) recvmsg(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000003380)=""/4096, 0x45}, {0x0}], 0x2}, 0x100) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10) socket$rds(0x15, 0x5, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f00000007c0)="7800000018002502b9409b02ffff48000203be04020406050a08040c5c000800580004000a0000000d0085a168d0bf46d32345653600648d270005000a00000049935ade4a460c89b6ec0cff3959547f509058ba86c902007a000f4a32000407160012000a0000000000e000e218d1dd3b6ed538f2523250", 0x78, 0x0, 0x0, 0x0) 1.005907063s ago: executing program 4 (id=734): r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f000000a1c0)=[{{0x0, 0x0, &(0x7f0000003740)=[{&(0x7f000000b580)=""/4110, 0x100e}, {&(0x7f0000000900)=""/85, 0x55}, {&(0x7f0000000400)=""/121, 0x79}, {&(0x7f0000000b40)=""/206, 0xce}], 0x4}, 0x6}, {{0x0, 0x0, 0x0}, 0x6}, {{0x0, 0x0, 0x0}, 0x9}], 0x3, 0x2202, 0x0) sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="180000004200"], 0x18}], 0x1}, 0x2000080) 945.09976ms ago: executing program 1 (id=735): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r3, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10) r4 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f00000002c0)={0x42, 0x5}, 0x10) sendmsg$tipc(r4, &(0x7f0000002340)={0x0, 0x0, 0x0}, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 922.474463ms ago: executing program 1 (id=736): r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = io_uring_setup(0x4f01, &(0x7f0000000180)) r3 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r3, &(0x7f000047b000)={0xa, 0x404e20, 0x0, @empty, 0xfffffffe}, 0x1c) listen(r3, 0x400000001ffffffd) r4 = socket$inet6(0xa, 0x6, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x1adc51, 0x0) mount$bind(0x0, &(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x80000, 0x0) connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r5 = accept4(r3, 0x0, 0x0, 0x0) close_range(r2, r5, 0x0) 750.931062ms ago: executing program 0 (id=741): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2000008, &(0x7f00000003c0), 0x0, 0x52e, &(0x7f0000000f00)="$eJzs3cFvI1cZAPBvnDib7GabFDhApZZCi7IVrJ00tI04lCIhOFVClPsSEieK4sRR7LSbqILsX4CEECBxggsXJP4AJLQSF44IqRKcQSoCIdiCBAfoINvjJDjjxFuceNf5/aTZeW/GM9/3vHnjGc/TOIAr69mIeC0i3k/T9IWImMmWF7IpDttT83XvPXh7pTklkaZv/DWJJFvW2VeSzW9km01GxFe/HPGN5HTc+v7B5nK1WtnN6uXG1k65vn9we2Nreb2yXtleXFx4eemVpZeW5gfSzpsR8eoX//i9b//kS6/+4jNv/eHOn299s5nWdLb+ZDse0vhZK9tNL16b7Npg9wMGexQ121PsVKb62+beBeYDAEBvzXP8D0XEJyPihZiJsbNPZwEAAIDHUPr56fh3EpHmm+ixHAAAAHiMFFpjYJNCKRsLMB2FQqnUHsP7kbheqNbqjU+v1fa2V9tjZWejWFjbqFbms7HCs1FMmvWFVvm4/mJXfTEinoyI785MteqllVp1ddhffgAAAMAVcaPr+v8fM+3rfwAAAGDEzA47AQAAAODCuf4HAACA0ef6HwAAAEbaV15/vTmlnd+/Xn1zf2+z9ubt1Up9s7S1t1Jaqe3ulNZrtfXWM/u2zttftVbb+Wxs790tNyr1Rrm+f3Bnq7a33bizEZOX0iAAAADglCc/fv93SUQcfm6qNTVNDDsp4FKMH5WSbJ7T+3//RHv+7iUlBVyKsT5e8+61/OXOE+DxNt69oEdfB0ZPcdgJAEOXnLO+5+CdX2fzTww2HwAAYPDmPpZ////8+wKHhUtID7hAOjFcXV2f8+nMsBIBLl3r/n+/A3mcLMBIKfY1AhAYZf/3/f9zpelDJQQAAAzcdGtKCqXs673pKBRKpYibrZ8FKCZrG9XKfEQ8ERG/nSlea9YXWlsm514zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAIy0iMKfkl+2n+U/N/P8dPf3AxPJv1o/CTwREW/98I3v311uNHYXmsv/drS88YNs+YvD+AYDAAAA6Na5Tm/N/znsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNe89eHulM/Xx8qlBxf3LFyJiNi/+eEy25pNRjIjrf09i/MR2SUSMDSD+4b2I+Ghe/KSZ1lHIvPiDeBPOiR+z2buQF//GAOLDVXa/efx5La//FeLZ1jy//41H/E/9g+p9/Iuj499Yj/5/s88YT73zs3LP+PcinhrPP/504ic94j/XZ/yvf+3goNe69EcRc53Pn9YR72SE41K5sbVTru8f3N7YWl6vrFe2FxcXXl56Zemlpfny2ka1kv2bG+M7T//8/bPafz338y/Jsund/udz9pf3mfSfd+4++HCncng6/q3ncuL/6sfZK07HL2RxPpWVm+vnOuXDdvmkZ376m2fOav/qcfuLD/P/f6vXTrud6ihP9/unAwBcgPr+weZytVrZHdlC8yr9EUhD4REsfGugO0zTNG32qZxV9yOin/0kMeCWFvLzOS70PAIM+8gEAAAM2vFJ/7AzAQAAAAAAAAAAAAAAAAAAgKvrMp6y1h3z+BHIySAeoQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBD/DQAA///dpdP7") r0 = syz_io_uring_setup(0x19af, &(0x7f00000000c0)={0x0, 0x7e1c, 0x0, 0x0, 0x29a}, &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_UNLINKAT={0x24, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r4, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000140)='8', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="24000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r4], 0x28}}], 0x1, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) kexec_load(0x100000001000000, 0x1, &(0x7f0000000580)=[{0x0, 0x0, 0x3ff, 0x8}], 0x3e0000) perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x3, 0x4, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) splice(r3, 0x0, r5, 0x0, 0x39000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000680)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x1, 0x0, @void, @value, @void, @value}, 0x50) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000740)=ANY=[@ANYBLOB="50020000", @ANYRES16, @ANYBLOB="0100000000000000000001000000080001000000000004000480080002000100000010000c7d0c000b8008000a00b4ed000004000880c8000c8024000900f36aad4208000a156878badf10076800d5441e0f080009002bd49f3b0c00008008000a00697100002c000b8008000a"], 0x250}}, 0x0) sendmsg$NLBL_CIPSOV4_C_REMOVE(r6, &(0x7f0000000800)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000007c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="90000000", @ANYRES16, @ANYBLOB="000426bd7000fddbdf250200000008000100030000004400088014000780080006007200000008000600480000002c00078008000600f40000000800063e8b000000080006000100000008000600bc0000000800050033fad1630800020001000000080002000100000008000100ffffffff04000c80f6ff0b800800020001000000080002000200000058c3340069b92fd89bb769b058d313c36df53f4624f2ab682e17c7424671f7a25e15273c6355d103ec8f9318b5037209ba6420aa91f8438275daf6b5538e4af3582885c1a519ca84d2f8b1643d9dbb07e1101d41f6087f2962ec3582f7d32a7f1c329d7e4e832c413f36d24037b7f06fdf33e0ba56087d7521c55ca1460a7a975f9bc0e8287db59f9e7eb5da0da3a7efded868659e394acf69e77e7076db"], 0x90}}, 0x4004) socket(0x2c, 0xa, 0x3) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r8 = syz_open_dev$loop(&(0x7f0000000040), 0xfff, 0x129183) r9 = syz_clone(0x22801800, &(0x7f00000014c0)="1eaad669b3246d9220ec8b6dbaf6242b8723145341ba7847cb4d4abffb1644d79e3b11843b61b310e35f1c5c4ce908db0f1bea576b3118eca5b96be37d131b210d3dc608c7e4d5eac27a6150a0d98c1d273e41e071c2ab5c909765578323f36c5fd2f7b5c1d9aa875c3b22ea03eb168e3bc66fa085a69d28d4a24c0e57642785316ed355c87ca5142e01f0cbf86ae81939d34d53b03e5d613e11c74d3f5737b9ed184468945d942b4007966daec4f752f55ea677f55cc22ee806687af49c01df5e54e13827911b8e88c1c99c163901ed30bac64c68f5e81e5ff253da808751ea6a35e6e1a5a3e3226c1ff677e47972cd113d9004f976b1d8ef3692502550db601d852aeffee9c4d2bd06869aaf9f593496fd40f1141bdaa0d4cf1d04f42227eb6018e883d9bddfe5afa52e7adee4b3a40e0ad030f1cb6fb88ca66a634e252471baea70498890648b522065fab53ee15f85d5181e5d37de35c8e1e39c1b86b83ff411fc415d63e3ed8f3518b600d6b15a895a2bc36fc13986cb359c7d542f16c6826e2fa7a6f81b2feaad70fd2033ba9cb3e1a2df25b4af6464e7cffd7ce13e2f2a70f0e48d2a656ecdb8f3624d5c34976c705778bafda1beb52eb51e96b173d0ce1df9c4e05f774de4fb5cd99ca9d72677033a3597cc69622ab627416f4f456cd88b7353bd2aa6aa7624ef9649bb234f13d77c43598c4b11d3442674b3414b559a18a05a06d4937dc81c32be29a133b7d82f655b40df37f2ea444c954c943e5d9e235c5d3743268ffcfb14eb8e26d45528982129b6801c352f2feed2cbd287e90ce3d186462f4b173fecc1ef5b3ab81571d606a1b7d2f0b2f91cf2f5fa9030000a5c3ecc43cbc9ff21544f9d9240b23f6208653efbd6abae3bdaf514cd44ae50969bde672523d21ce5e892e9675d0b26e16dc59bd9bfe5c1e85690ee103c55c7d97aea6ac3fb9e71dec63770d609fe666d6b5161a63986f5063210778640c8946a642619516584fef9d719b909ac40af963dbe7f6b7d874cf0300ab33dc42f09954a5902b13de198641b811fab58687e3f26de24911b8ce5bb3e722eee81741167583f10a0edb88b196ab2d438ab9341b4419096b6c9027c833197265a2b81910cba688ded5c6ebfb3b3e163cf4e816f17656fc452206286824fd59472e0103f8a0f79c7cc9aa2895525a7d24b3da099279de8cbfcf8083a4dd13de740369ad59b9cc5048a7ba4adb87fb7a19454c5c6fd4a4d53e71d6b9ecf3f5843c0ba2b12574b8c3ffbdbbb5b536954d3f881e9bc5a66cbd03294db5ec34f4ce00e8bcec51052b74d2c3d4b38e24e50462cf29bda9cf19847a1a2306752c16253f78e49f3786aacafc58a26162b1fe9104e389b52ee962895db8beb503396556ee92072c31dc6e5657887ad72f9602d2ae7f760e3ea382a7fb760a2467f3418fe01ea8892ef2f0b6c4ef689599dafa0bf8a2218e181bfd0fa0e42ab6dbacf884886ac7b625ead0670f62d16e678df0a34d03252f89546ef005a57bf9976daf551b215ba5afa8bb82deff9cbd9aa71e51f4f962f24160752d25417ac76ce7b9a5b1497933bb2c8f7ee9f9075d0577f90678973ed730501f806e4c26d8ff204150335d3b164ea59a785970ead6799e42ae76a940f53ab797443bf1810eb8b413b1fa6806bf6a02cec12ff7eab1a4b853fa71bc6a1409c16f36e201cf04455d4434bd65cf2a536dbbedc126ba151bca25ff493aaceabfcdda8a885703862f02033b754fd8831edcdfd4db9ada8d038c67fbccbf5465430e362be245d4996c98a4e3e673cbf395dd4a2ed7a55d1810cb7a5ef080051f5fe4191b2a5d5ec908cad2727ff52b78245a8d8215f9341a545d38992f4c65b12a01d2d71ee7d7a0617829347f8003be743ee48a03e3bef23b4f8faa1aa1a93f980d9af4a487bde86171c9fd4a1c4a8977c5517f3c00ca3c6e08050d206a7d8477c425eadb8a10df802eea6eb920a05fa2d6e8fe56253822043d367e552b742c9c9591efaa6f99430b66f789dc77bd39a62244140dd61a266103214875d4719929388f7e90a07b9f9ec886c7fddb69c3ddd621b7ee9c4c9a8c40c76d89f9c23f0f0842ea5fa7e09719014e61faebebc26f7881ca48341cc8ccc45f42c393dbae398b89d30e1940c6b2084a78d489abb56a6e7308efc6f952be41ad07a3002175c2bf61c438faabd24426f0a9c7d51f3c960aaf0563cccec18af76bd755f9ba5a5186d3db4ad4ae3753b9b4172b3678a79d88582a5f99bf0736645ad7b3f58e3261f6d6eff01e0826e58ccf6fb8b32ad83298c45fe41d2d57c36b8dc29f7b9a62a564d5026366b7a5e9569c8d77f810a37f582b254dbce8885d80c22771de4039a401c6ee93d22ecf8fa38251afa0c113c5581870ef471d23ea19c8fc834f79fe9a1b5f7965889d770e1aa8d281ef182cb5b8a77977a80d810787cf0f5f3cb29a23ed568ff405753bbadda10acab51000d4a970ac6b3a8e5a355bbfc50b4be12689f6ccbdcbd942c57cd07659aada4335a1084cb9dae8caf57f05f2bc254eadb576d9a5650aaecb4ea002865a7d722a84e37e9d22fae31fc79c7a2639d464cfdefa6085276c7742fdc38e32e1272e7cd927216baf761551a1b3bbb570d67f9bbba5c3b44a6024231bafeb58314b7fe9240fac15ae855d3618f25fdbcfffcdc27abc4ba3eebd42d6362295ddfdc7cae3cecd22f6fafb97711c0321efcbd9edb93aa5422f4a0d255d5a0076c541b7758cc468989bdad252c45a0f0f4d9cf348e06921604ccd08ad2f8ea5b4171308ddc8e1c3fb9a8b7a3fc4fb8f0327d93d0f638fe0eb9382f398779dbff1f678200f8c55710cebbcb52c277968f15bf6263ee1bca676892b0bf47d89c12ce58c3cb8858748ce1ada83d5ffa3d8ae28fc2e1c737c7e3076ed5a567869cdf5ddf0979f127b8b989184015749578f777000544fb1298d3668fcdadb8a38d8eadc2125c0372f478c3add6b79300fb222c0f67502dcb654b10469c8b6dc03ba0e2499fa8225061a28dc94016986e16d4cf2fb316cf5bbe361704ea9213f7a4fe30993950efa68856b5117ab7c04612d8e7d23e772154555910e31cf99cec4c5b7491af2428546c30d6c8ed3cc3c93ce5b4e794745a7eebb4f789be8ea89b9e6de7f06501e2112f1e5b020da35f4e2ea2376b68ea3306e46a8fdfdf231d5be522b909fd15da2d2e81c00e14fdc10c51e822978467039306747fb8f8ed3ebb72cfb52fb96f752b704cef77862292867a39a2978cbb6b72fa298477053215d0dce8170aadb3649392525a9fe8567e78fe19cf52d2d4a393668e21885997693043520823ac5745095c30dd2c4275935bf8488afd77d06e6b1261439f6a6be4eace0287c7bd0b8387dbea16adf5293bc5b19acca59d8a8379befbf8de742dca826f3e3a7707d6be1d92a70947b31c8e8cbe4761cee0864ddf4d90a92cd8efe69d7ef507fa452644b4c76c1407457114b82808b382f8a9dfe3b1a7747dca306e7dc8f169c89f93069a79ac0fe0de91ef37c19b29e6ec42298ed6ea5d46d63b06c2788c8114e8172720d914d93f985634de8d041e77a7d8a88582507561e06ad36113be3d3d0edd334a1c8f322cdd2533dfac67a98464477508417518c001591b7de1bbabd224694a88b2b3d23c1a0282cec10e66abdba4ec62a14b8b89d870cf59781e805253ca9afaa43449eddb1c0e00bf59126a879a720f70c5c28eec8a4d306ec7a14ec8ff29e3f8f30eecddca652175b0924aa984424b6ae358ec525cafd7a50e79d51e8fb13c33471439f4e8c34379e63e3fbb02e957f1f937d6f46bbf1b1b6c09732ae4f84257103d80e36bf0e1bfab056e4a72f1a9ffd7b2b193b3324f580a51532a1bfa41853f71b593639e845197211ddf6eeec5d191b1f972f2899435f1356337dce9b1e48cfbd7fe9781199a605fc08b0a6b7c79e9f7f5383443813a0295ce9cd02c15b55818639ea4340f47c8a5d1b1685c1ffe1418f0ba85c0d14c94570e864759a4269c78256360a7491f192613bc58702ff24292b160385d68f07b1863c0b6d21ae4615a9f879a7c20419ab505ba565da06f23ed42da1ad781cf7488ccd9fdc5e35b603c49b07f10c76a105e2e093371230d7d6a141ef39a41098cbb3ffe0d17d49dc4824142d0d5aef174614baac12218cb55d06dd05d180696820aeb96000b4587ce25794b88c6b864a569804499500aa39bb0a8ebc856bee44772c279cdfacd941685a7dacf78e3ea24afefddae95b83d7e1de5e25ee50ec28b0f29f39e8c816ddad86515017f48dc97bf16e984bc36428eb8d3c7e434000fa25aa4e6d0be32e88ef03d664ced6b89ed848e777cb3debd29d6e3930c21fc01b1914465b803d5cb0df5f782aabd826d767a4451b0d5308e83e34e616a2220d6a12e0f2be4784943cb812b089416eb6c0ef2c03b693b546b5ac33b0a5afc90df7ed8c4e3eea07a30a150ca670df983e878f9ed134e05075874203da2cbfcf28315e3839754bb23d6dfba8416a1c15b506f3897e4ea70b820284e5bb1112a4dcc71c7b41644bbc74d1442ac89df5dd85fa8ec928509107c0b4a5c120498b9347f05f332806d7d49fdb2878e7250e9cb6f76911c46bc1865b1ed02d7048aa71df164f9ce7e8eebc80051b712cea5a25ff401cbca2bdcf57d7aa4b0cdd0d51d9ab4e50beafae2c71447800e9c3fb7c6f3ab1510a417d879be099b4084f0989c4576db40aeaa71bd391d2edf69463290739423ce71b3537dd5667d0768e90b3ff273a2d9b2213a62babd8a5be1e5e283bd803561b9199660f2323bc0b9604b1650ed02dc8e90687ef0ac84bd61df3e6a435884508a2d3f0d9f8f48910a5028df4618408780346df32ca4d09a849e4a151b0caa29a0dc0883ae6669911abc7409b1d668d3f84db605541a7ac7d5f52e326be88277820a73e52bea3a571dc661602d4de875c68f4bec6cdd47940c9114602445de33fd65f1908ac668c6a6810d92f3582bb68f295d91b629332e45a8d938989252b0a48fa1a7b61ed1bf886fe7ac38e1ffec62cb37227d4b9f1efb55978d823f1d664f834bec6baff728f9649676ab3a1ed78a7212a60ed48e431a53697c876926ca1e5c3f2afab83b14c1c82c4053ffa44cc20f3fd4ebaf3ee21d6968541b8933b8c337dd70a448755e22c61ae3925fdada4889d7c84981237827064db79f3e7191540a44463c1a8268516d013b6cf5eac9b5423014d9ad844014b50daa4cbc9285", 0xe8a, &(0x7f0000000180), &(0x7f0000000380), &(0x7f00000004c0)="840e893e0f8781dc113ace76532e22") ioctl$BLKTRACESETUP(r8, 0xc0481273, &(0x7f0000000580)={'\x00', 0xac0, 0x3, 0x1, 0x2, 0x0, r9}) 306.724534ms ago: executing program 2 (id=748): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298ea"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00') writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8) 306.131964ms ago: executing program 2 (id=749): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) clock_gettime(0x0, &(0x7f0000000040)) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) timer_gettime(0x0, 0x0) (fail_nth: 2) 68.978532ms ago: executing program 1 (id=750): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x16, 0xf, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095", @ANYBLOB="1800000000000000000000000300000018110000", @ANYRESDEC=r0, @ANYRESDEC], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffff36) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2}, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f00000001c0)={'batadv0\x00', 0x0}) sendto$packet(r5, &(0x7f0000000000)="05000806", 0x5e0, 0x0, &(0x7f0000000080)={0x11, 0x8100, r6}, 0x14) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000539d00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffcfb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r8}, 0x10) signalfd4(r4, &(0x7f00000003c0)={[0x2]}, 0x8, 0x0) socket(0x10, 0x803, 0x0) socket(0x1, 0x803, 0x0) r9 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r9, 0x8933, &(0x7f0000000480)={'batadv0\x00', 0x0}) sendto$packet(r9, &(0x7f0000000080)="020000ffffffba000040000086dd", 0xe, 0x0, &(0x7f0000000000)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @random="6d6eb1f60783"}, 0x14) 53.398444ms ago: executing program 4 (id=751): prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000000100)={0x1, &(0x7f0000000080)=[{0x9, 0x81, 0x9, 0x9}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a0000000200000009000000080000"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair(0x1e, 0x5, 0x2, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x50) setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x4, 0x4, 0x3c8, 0x1f8, 0x110, 0x0, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2}}, {@mac=@random="3c192477987a"}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac, @empty, @dev={0xac, 0x14, 0x14, 0x22}, @broadcast, 0x4}}}, {{@arp={@loopback, @private=0xa010102, 0xff, 0xffffff00, 0xd, 0x10, {@mac=@multicast, {[0xff, 0xff, 0x0, 0x0, 0xff]}}, {@empty, {[0x0, 0xff, 0x0, 0x0, 0xff]}}, 0x8, 0x0, 0x0, 0x8, 0x1, 0x5a, 'macvlan0\x00', 'ipvlan0\x00', {0xff}, {}, 0x0, 0x100}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x2}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff, 0x0, 0x0, 0x0, {@mac=@link_local, {[0xff]}}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_vlan\x00', 'ipvlan1\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x3}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYRES64, @ANYRES32=r0, @ANYRESOCT, @ANYRESDEC, @ANYRESDEC], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10) write$binfmt_elf64(r4, &(0x7f0000001340)=ANY=[], 0xa89) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r4, &(0x7f00000002c0)="e2b3b8c51d71eadd2cf9dda251607cf2ac834ad26f541d5e9aa46cff60ba3d1ba4e90b24a30075ff6423ae78237d68331d7e125b57ef23912b3f43376608d71bd2be176d4f54c54f91176ff4e6ce2d6ad7c2eb", 0x53, 0x8c1, 0x0, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x880, 0x20) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f00000001c0)={[{@usrquota}, {@usrjquota, 0x22}, {@nobarrier}, {@noload}, {@data_err_ignore}, {@grpjquota, 0x22}, {@grpquota}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) 53.143784ms ago: executing program 2 (id=752): bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000002000000000000000000000000070200006111960884fc57f0532d6bbfd3ac1144a81714d8c76790b9e5beef8421c8b08937dd741474175608bcd18c03f1d7c30b844b6175581d56b8aca9bb7aa34a327469eae6c23621577c7b75e47e37a89b33e42bdaa8c947ba"], 0x18}, 0x1, 0x5502000000000000}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x0, 0x1a, &(0x7f0000000240)=ANY=[@ANYBLOB="180500f1a1d739470d00"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018200000", @ANYRES32, @ANYBLOB="00000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000000500000010000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x90) write$UHID_CREATE2(r0, &(0x7f00000002c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SG_NEXT_CMD_LEN(r1, 0xc0481273, &(0x7f0000000000)) 52.365954ms ago: executing program 3 (id=753): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sg(&(0x7f00000001c0), 0x0, 0x42880) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002540)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000000)='*', 0x1}], 0x1, &(0x7f0000000980)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x40) msgctl$IPC_STAT(0x0, 0x2, &(0x7f0000000240)=""/8) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt(r4, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8) r5 = socket$inet_sctp(0x2, 0x1, 0x84) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r6, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r4, 0x84, 0x5, &(0x7f00000003c0)={r7, @in6={{0xa, 0x0, 0x0, @mcast2}}}, 0x84) recvmsg$unix(r3, &(0x7f0000002500)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x1000000}, 0x0) setns(r1, 0x24020000) r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xf, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYRESOCT=r1], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r9, 0x0, 0x5}, 0x18) r10 = socket$inet6_udp(0xa, 0x2, 0x0) r11 = dup2(r10, r10) connect$pppl2tp(r11, &(0x7f00000000c0)=@pppol2tp={0xa, 0x1, {0xffff0000, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x26) sendmsg$netlink(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000009940)=ANY=[], 0x290}, {&(0x7f0000000140)=ANY=[@ANYBLOB="bc0800600c90297f0000000000000000ac080080a508000038a9d0720cc84514dccdfb1fd2efd73cdcda4463c756f9a639539313b2a2567370b4516a4ae84340116ab0964ca1fad1866f5a0dc87b47f9fb0802c74f68f804fb7670225dc1d6f5ee38f4fc8455668647558e8e6789622a6510c6fcc33c480b8453e6dda9a288d486a66f0494a24352be9c703050188ff8488c5212178aea5f5bb413ce42928cd3f1369243dd93cdbd811493eb646df8799855577411b6d91dc1c67d41a00ee5c9cda43c0bc5b5ee6c8d8cc000b073bc2fb1e27661678696573d23758e21a861dfe1c261b9ab378eca2d43331ccc5fdc5cadc974cb9ef6215faf9d71047cf558eefff1ece60e4b044e40923df6f3c15ed64b84ce8b1e9cf07e5d58031a9827f0589181e9027ee1d11d9a3d62d879e4358ad0b52d8899a34db7bf4d0429498c3a86faead2ee642ff59ac436737bc4185bc1b230c22c8e2be516e5bb2075810415f6d57ad9d419e7da1ccf9663564ed97655b06fcef467eb23593b8041553837253e7bd5f28ece82cf202f90d6d3e2fbd6eec550fd18ce0317f65af14ff56955e436aaa75e938b2e968bc1638bedfd352a3f0dd0c2a9d6d96e6f546993190334e145d2420f23b40dd79a80531364157648fb77a03ccb032a919e6d26318e00fffd1f87dbfee5121846508e86881d75fc2f5607379b3918cbeb15ec4e7f217ac85a140b0d607f1483ef959c2b28ff446ff1fcb810b47aaac1e4cc6b9215fbceabd517efc1a776dac240f1b97d2bdaf3b1e22481aa757fc2d7afd62ad539586fc92990261af89c5e01506ae8775622f3d8ae9537f107fb1b4cbc48108f800a8cba72d2576c8830152ea95cf0238146e8a030832d40603fc1489913c6a009701f93ee5222ac8ea0e43e28ff3380e309ab31de5f910fe9a53124f640d480fa21bc263be75875e64abac9d49d65b4ff1871b14ee03ead6faefb833392023286e9aed32a197801cc46fe3d5fb6c4e2f7faa2655f4655983fd25ffd185ced6631bc079e4bcea2e6a4d16d467c4f3bdd5782a690f745acd9ed156ffd77a105a254cab001cf218d9a7b78cde5896c2a803ae48e7241f36962817136eea0b15c196cc80d2a38bfa1f41c792f982d72592b92c66e8bdb86fa66220ffc71197e152e0b4c825491c3e7e26321b651a2dd195df105b74c25d6599ae597927f600008597bd3174cc6ad8724d715471f9afddb4e8574cceb90bd5625f8a7cd05ac07b4f33e1a6ed9f8c1051643df219365345029798355541ebf085035284331f6e74c37aa2d95e6b8d84a64fe4ed527beba7648fcbe3a17e7ee181aa174769fe0ba588529801d86a8235a18818996d5a003286588d4c32429db8846f6333222969b3606372f32c8a4db1c48270d552f1d47ecc43a13b8dd8c101e9ffe73d4843cd7418bd3c0d78bc6a1ed0b6c794405893804918f5200da41dcf14f4452523b54ddd5bd993d1870b713367985367e0d882104707e813f5625af5fddc01fa4c0379a988bb993c56cab6261f84b352742c2a7049e4c8048b2ab98fb821c7ceca1668f2b997f6cce126031e4b919fa1a8215fc2b3059bf4209487ebe3b9e82d62bec068ff04a541fa102807ffe9bd2690ef76584e0ce32cc51fd7a6b7a9606b6d069900a8a81e84d7ee444d901ed9329949cde5fa3599d06447befca5160199a916fcf49f6528978ace93e5aa04bb6a21ffcd0dddacc12214d09d564ba5843d12fe867a332d6a867b2774b8716e7da725a21c91c1a0fe361102736ea06ee59324b6ff1c8e6e6f73af4c5e48605eab83ca822a18b40a44471266b044e5cb967fd77978b6a8b7b3d262af3badebd96428fb2f219bfccb83ba378b60dac754be533976a7688352d86208b24c79604ae2d6620107378ef0d6023bdb2573c4f0eba329ee4c84a5969fc8218d4393377fbe961750e910f657d0edf0f06ca93662b50e8ba33721698f867ea7ac8e973dbb5cd1b049d453122b7b9e0fb27fde6a20d050000000000000051865d14e45ccf9c4d5759ad83eefc8f393472553edebf987f128a95a438da7770e9ccf20213a266a738358f4b1ecf6a1e74086a4064524719bc4f26b1c41cf53beb1a0e0feca79979d6376339901db52bfc86717f9cbc3f2b0c68426e01c647a5c919e9719ae854c380f106e53ac4a4200e21e2ddff287a60b4c1c1ca194ac61dd0e54f3d9e7bc0f1f35f3e624f067b00d5f1c965254e2820f7fcea034753d356d383a11550df563bc249e664ac9b4367947782b2a3f852fe4cb0e5ecea5f9f62a9c952c0bbd7e959d9ac69d6c3f4c58977c94e25b652e44fa8a3967e96233c43199daa5d71db38e2951a37bd0f2a27c733fb598d529e36d1ebb67d258b5e89f631d734da072a91abe011750332f61067784b88efbee8d81c6d685e4c95a33af8f8b9b3022887c1d4929ab97a314bb03eb2243dd3243b1f3c68238ac07788e93eff25b028b4b4ab91924ec18ce9947a8a82ae504940c86dc4110603aae1ca4a81895069c0a846a2125b634de94409b3c2fb02ef55f0c050dc8c4e1dccf7603c7e4bdf1c8054ed4056f4c6e30ed4efaf817513b77f26051ff3c79bc7f0da9b8d92e8af632486ef6a422fda5dfb2b7d3ed9442cb6ed8442a83d21ba84da29912248524db42bd5458393a290220c57eeaefb1c11c6ca58464274d417d294ca7dd3831fba590117d012b107e4460e35a4d0b28ffed042c7e7636e101c3ac3e2d7c02c7561617a9ec51726de4cda3ad7e29ad904ec0ad3becf74eb15dc938dd76c29876362acfdfe50f73e9a7b476d526037a12448a26d359a9e59cdf98434421bbf8cf37f3f42706a6d41f3210485e7746f8b4b976a33b5c1483bbee3d51ea1cef04926d005aaf6c3b669544b3a75ff20a90a190963f3564d7f7d89cc4c1adb471d5629a23b25e43bdf1f46abc2263637c48fc5649c6ca705b25c4b2fb2fd1de3db561beeeaeee260953ca9f3984d625a374ad214bbcb67f5f0308ad4a477e49c18272e08ada7f36a7c6de241c8a5bc07914ac2b3a6d18e516c3854635b3b561e0c7ee16c4f6446193836d3137a219a467ea874e91f7e4f40f00aadf1e88e6208faa436301421221e2326b7f680e65f263e55a4f8140572f0c463000000859bc155eddb3d8fad8c6d091527a2c2ca21a5e53f9d1b48e56599262c75da201821a0999947afdbaaa04307e32f567ac4f31883188c0fb5f27c7995646263fb3d738a72b74ed8e92f3261dc344d23054562337d908cc94f7629832c9c875565fe5724f28f102fff374972bf81cdd0ddcacf36238b6184"], 0x8bc}, {0x0, 0x184}], 0x3}, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) setuid(0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone(0xd5ba2180, 0x0, 0x0, 0x0, 0x0, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) 40.318055ms ago: executing program 1 (id=754): socket$kcm(0x10, 0xd19381be4eb40920, 0x0) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r2 = socket(0x1e, 0x1, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYRES16=r2, @ANYRESOCT=r0, @ANYRES8=r1, @ANYRESOCT=r1, @ANYRES16=r0], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000008000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r5, 0x107, 0x14, &(0x7f0000000080)=0x8, 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000280)={0x0, @in={{0x2, 0x4e26, @empty}}, 0x0, 0x0, 0x3f8, 0x1, 0x12, 0x1}, 0x9c) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r7}, &(0x7f00000004c0), &(0x7f0000000500)='%-5lx \x00'}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x18) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00') writev(r8, &(0x7f0000000400)=[{&(0x7f0000000040)="dc", 0x1}], 0x0) bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) fchdir(0xffffffffffffffff) r9 = inotify_init1(0x0) fcntl$setown(r9, 0x8, 0xffffffffffffffff) fcntl$getownex(r9, 0x10, 0x0) openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0) sendto$inet6(r6, &(0x7f0000000580)='\x00', 0x1, 0xc048000, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) r10 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', 0x0}) sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000900)=@gettclass={0x24, 0x2a, 0x10, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, r11, {0x3, 0x6}, {0xb, 0xfff6}, {0x1, 0xa}}, [""]}, 0x24}}, 0x0) 39.225445ms ago: executing program 2 (id=755): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0) 14.442298ms ago: executing program 2 (id=756): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014001180b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x70, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_SEQ_ADJ_REPLY={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}]}]}, 0x70}}, 0x0) 0s ago: executing program 2 (id=757): openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="000000000087fb00b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd4d, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0857f9f582f0300000000001000", 0x0, 0x2e00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB="00bcc50918d3"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_SOCK_GET(r3, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000c00)={0x2c0, 0x0, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x150, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xdf3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x2, @mcast1, 0x2}}, {0x14, 0x2, @in={0x2, 0x4e22, @rand_addr=0x64010100}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'pimreg0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ip6gre0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0xffff, @mcast1, 0x9}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_NODE={0x58, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xd}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "47df53304615d5683aea7334379fb278da385adeceaabe1e70d117"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}]}, @TIPC_NLA_BEARER={0x104, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x5, @rand_addr=' \x01\x00', 0x2}}, {0x14, 0x2, @in={0x2, 0x4e20, @rand_addr=0x64010100}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffb}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @remote}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x8000, @empty, 0x91}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x0, @mcast1, 0x43f}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x7f, @mcast1, 0x81}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x2c0}, 0x1, 0x0, 0x0, 0x8000}, 0x800) readlink(0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000006000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) dup3(r1, r0, 0x0) kernel console output (not intermixed with test programs): man_adv: batadv0: Adding interface: batadv_slave_0 [ 38.250346][ T3772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.276287][ T3772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.296236][ T3772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.303246][ T3772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.329194][ T3772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.338676][ T3795] netlink: 100 bytes leftover after parsing attributes in process `syz.3.83'. [ 38.374382][ T3772] hsr_slave_0: entered promiscuous mode [ 38.380498][ T3772] hsr_slave_1: entered promiscuous mode [ 38.386328][ T3772] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.394024][ T3772] Cannot create hsr debugfs directory [ 38.416569][ T3802] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 39.181181][ T40] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.241578][ T40] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.290774][ T40] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.366182][ T40] bridge_slave_1: left allmulticast mode [ 39.371855][ T40] bridge_slave_1: left promiscuous mode [ 39.377544][ T40] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.385570][ T40] bridge_slave_0: left allmulticast mode [ 39.391243][ T40] bridge_slave_0: left promiscuous mode [ 39.396832][ T40] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.481866][ T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 39.492479][ T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 39.502348][ T40] bond0 (unregistering): Released all slaves [ 39.561571][ T40] hsr_slave_0: left promiscuous mode [ 39.567348][ T40] hsr_slave_1: left promiscuous mode [ 39.573467][ T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 39.581081][ T40] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 39.590094][ T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 39.597535][ T40] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 39.607155][ T40] veth1_macvtap: left promiscuous mode [ 39.612941][ T40] veth0_macvtap: left promiscuous mode [ 39.618534][ T40] veth1_vlan: left promiscuous mode [ 39.623741][ T40] veth0_vlan: left promiscuous mode [ 39.694252][ T40] team0 (unregistering): Port device team_slave_1 removed [ 39.704554][ T40] team0 (unregistering): Port device team_slave_0 removed [ 39.879146][ T3772] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.892775][ T3753] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 39.901484][ T3753] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 39.910666][ T3753] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 39.922681][ T3772] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 39.934579][ T3753] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 39.973254][ T3753] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.984837][ T3753] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.996971][ T3772] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.012879][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.020014][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.030501][ T173] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.037641][ T173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.063330][ T3772] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 40.112572][ T3772] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 40.123373][ T3772] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 40.132479][ T3772] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 40.140861][ T3772] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 40.160712][ T3753] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.194636][ T3772] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.207718][ T3772] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.221306][ T1820] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.228457][ T1820] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.246195][ T1820] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.253289][ T1820] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.280477][ T3753] veth0_vlan: entered promiscuous mode [ 40.290668][ T3753] veth1_vlan: entered promiscuous mode [ 40.307131][ T3753] veth0_macvtap: entered promiscuous mode [ 40.314830][ T3753] veth1_macvtap: entered promiscuous mode [ 40.325130][ T3753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.335685][ T3753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.345609][ T3753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.356311][ T3753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.366160][ T3753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.376610][ T3753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.386513][ T3753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.396989][ T3753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.407724][ T3753] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.424372][ T3772] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.447622][ T3753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.458232][ T3753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.468234][ T3753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.478860][ T3753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.488696][ T3753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.499171][ T3753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.509033][ T3753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.519486][ T3753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.531462][ T3753] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.542666][ T3753] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.551506][ T3753] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.560274][ T3753] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.568995][ T3753] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.590521][ T3921] syz.3.93[3921] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 40.590622][ T3921] syz.3.93[3921] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 40.601925][ T3921] syz.3.93[3921] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 40.649931][ T3772] veth0_vlan: entered promiscuous mode [ 40.673392][ T3772] veth1_vlan: entered promiscuous mode [ 40.695084][ T3772] veth0_macvtap: entered promiscuous mode [ 40.703068][ T3772] veth1_macvtap: entered promiscuous mode [ 40.715469][ T3772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.726013][ T3772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.735863][ T3772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.746467][ T3772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.756312][ T3772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.766934][ T3772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.776814][ T3772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.787270][ T3772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.797200][ T3772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.807713][ T3772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.819248][ T3772] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.837257][ T3772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.847751][ T3772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.857755][ T3772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.868283][ T3772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.878169][ T3772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.888747][ T3772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.898640][ T3772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.909087][ T3772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.918912][ T3772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.929444][ T3772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.940444][ T3772] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.951379][ T3772] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.960293][ T3772] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.969103][ T3772] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.977854][ T3772] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.991976][ T1820] bridge_slave_1: left allmulticast mode [ 40.997766][ T1820] bridge_slave_1: left promiscuous mode [ 41.003609][ T1820] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.011953][ T1820] bridge_slave_0: left allmulticast mode [ 41.017669][ T1820] bridge_slave_0: left promiscuous mode [ 41.023522][ T1820] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.088720][ T3939] Invalid ELF header magic: != ELF [ 41.190745][ T1820] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 41.201050][ T1820] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 41.211287][ T1820] bond0 (unregistering): Released all slaves [ 41.266242][ T1820] hsr_slave_0: left promiscuous mode [ 41.280905][ T1820] hsr_slave_1: left promiscuous mode [ 41.286931][ T1820] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 41.294385][ T1820] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 41.314253][ T1820] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 41.321835][ T1820] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 41.331425][ T1820] veth1_macvtap: left promiscuous mode [ 41.336914][ T1820] veth0_macvtap: left promiscuous mode [ 41.342535][ T1820] veth1_vlan: left promiscuous mode [ 41.347761][ T1820] veth0_vlan: left promiscuous mode [ 41.425631][ T1820] team0 (unregistering): Port device team_slave_1 removed [ 41.436292][ T1820] team0 (unregistering): Port device team_slave_0 removed [ 41.538302][ T3943] chnl_net:caif_netlink_parms(): no params data found [ 41.579239][ T3943] bridge0: port 1(bridge_slave_0) entered blocking state [ 41.586312][ T3943] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.593697][ T3943] bridge_slave_0: entered allmulticast mode [ 41.600845][ T3943] bridge_slave_0: entered promiscuous mode [ 41.608761][ T3943] bridge0: port 2(bridge_slave_1) entered blocking state [ 41.615877][ T3943] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.623600][ T3943] bridge_slave_1: entered allmulticast mode [ 41.630297][ T3943] bridge_slave_1: entered promiscuous mode [ 41.651065][ T3943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 41.663369][ T3943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 41.684739][ T3943] team0: Port device team_slave_0 added [ 41.691431][ T3943] team0: Port device team_slave_1 added [ 41.706984][ T3943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 41.714001][ T3943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.739990][ T3943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 41.754282][ T3943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 41.761266][ T3943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.787219][ T3943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 41.816697][ T3943] hsr_slave_0: entered promiscuous mode [ 41.823101][ T3943] hsr_slave_1: entered promiscuous mode [ 41.829415][ T3943] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 41.837092][ T3943] Cannot create hsr debugfs directory [ 41.878009][ T3981] Invalid ELF header magic: != ELF [ 41.906875][ T1820] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 41.992609][ T1820] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.052104][ T1820] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.062684][ T3988] syz.4.113[3988] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 42.062808][ T3988] syz.4.113[3988] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 42.074174][ T3988] syz.4.113[3988] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 42.111828][ T1820] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 42.195281][ T1820] bridge_slave_1: left allmulticast mode [ 42.201037][ T1820] bridge_slave_1: left promiscuous mode [ 42.206679][ T1820] bridge0: port 2(bridge_slave_1) entered disabled state [ 42.215831][ T1820] bridge_slave_0: left allmulticast mode [ 42.221577][ T1820] bridge_slave_0: left promiscuous mode [ 42.227361][ T1820] bridge0: port 1(bridge_slave_0) entered disabled state [ 42.257756][ T3996] Invalid ELF header magic: != ELF [ 42.330770][ T1820] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 42.341029][ T1820] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 42.351319][ T1820] bond0 (unregistering): Released all slaves [ 42.401517][ T1820] hsr_slave_0: left promiscuous mode [ 42.407376][ T1820] hsr_slave_1: left promiscuous mode [ 42.413512][ T1820] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 42.421035][ T1820] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 42.429931][ T1820] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 42.437391][ T1820] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 42.447186][ T1820] veth1_macvtap: left promiscuous mode [ 42.452734][ T1820] veth0_macvtap: left promiscuous mode [ 42.458272][ T1820] veth1_vlan: left promiscuous mode [ 42.463592][ T1820] veth0_vlan: left promiscuous mode [ 42.516877][ T4017] Invalid ELF header magic: != ELF [ 42.560012][ T3262] udevd[3262]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 42.570955][ T1820] team0 (unregistering): Port device team_slave_1 removed [ 42.581366][ T1820] team0 (unregistering): Port device team_slave_0 removed [ 42.813658][ T3943] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 42.822703][ T3943] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 42.831901][ T3943] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 42.840861][ T3943] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 42.883494][ T3943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 42.897769][ T3943] 8021q: adding VLAN 0 to HW filter on device team0 [ 42.907742][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.914848][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 42.928820][ T1750] bridge0: port 2(bridge_slave_1) entered blocking state [ 42.935909][ T1750] bridge0: port 2(bridge_slave_1) entered forwarding state [ 42.992433][ T3943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 43.056877][ T3943] veth0_vlan: entered promiscuous mode [ 43.065145][ T3943] veth1_vlan: entered promiscuous mode [ 43.079968][ T3943] veth0_macvtap: entered promiscuous mode [ 43.087368][ T3943] veth1_macvtap: entered promiscuous mode [ 43.097570][ T3943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 43.108110][ T3943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.118002][ T3943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 43.128497][ T3943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.138337][ T3943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 43.148772][ T3943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.158583][ T3943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 43.169379][ T3943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.180147][ T3943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 43.190250][ T3943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 43.200804][ T3943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.210712][ T3943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 43.221185][ T3943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.231044][ T3943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 43.241461][ T3943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.251306][ T3943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 43.261731][ T3943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 43.272342][ T3943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 43.282498][ T3943] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.291278][ T3943] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.300043][ T3943] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.308855][ T3943] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.351539][ T4077] Invalid ELF header magic: != ELF [ 43.455638][ T1820] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 43.470974][ T29] kauditd_printk_skb: 207 callbacks suppressed [ 43.470988][ T29] audit: type=1326 audit(1729623795.590:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4087 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 43.512300][ T29] audit: type=1326 audit(1729623795.620:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4087 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 43.535151][ T29] audit: type=1326 audit(1729623795.620:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4087 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 43.558031][ T29] audit: type=1326 audit(1729623795.620:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4087 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 43.580984][ T29] audit: type=1326 audit(1729623795.620:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4087 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 43.603989][ T29] audit: type=1326 audit(1729623795.620:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4087 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 43.626835][ T29] audit: type=1326 audit(1729623795.620:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4087 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 43.649749][ T29] audit: type=1326 audit(1729623795.620:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4087 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 43.672605][ T29] audit: type=1326 audit(1729623795.620:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4087 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 43.695520][ T29] audit: type=1326 audit(1729623795.620:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4087 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 43.722074][ T4092] chnl_net:caif_netlink_parms(): no params data found [ 43.765353][ T4092] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.772526][ T4092] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.779823][ T4092] bridge_slave_0: entered allmulticast mode [ 43.786243][ T4092] bridge_slave_0: entered promiscuous mode [ 43.793162][ T4092] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.800539][ T4092] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.807870][ T4092] bridge_slave_1: entered allmulticast mode [ 43.815089][ T4092] bridge_slave_1: entered promiscuous mode [ 43.831627][ T4092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.842027][ T4092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.860431][ T4092] team0: Port device team_slave_0 added [ 43.866684][ T4092] team0: Port device team_slave_1 added [ 43.881811][ T4092] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 43.888808][ T4092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.914873][ T4092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 43.926155][ T4092] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 43.933139][ T4092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.959150][ T4092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 43.983589][ T4092] hsr_slave_0: entered promiscuous mode [ 43.989628][ T4092] hsr_slave_1: entered promiscuous mode [ 43.995526][ T4092] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 44.003091][ T4092] Cannot create hsr debugfs directory [ 44.154333][ T4114] Invalid ELF header magic: != ELF [ 44.168899][ T4116] FAULT_INJECTION: forcing a failure. [ 44.168899][ T4116] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 44.182109][ T4116] CPU: 1 UID: 0 PID: 4116 Comm: syz.4.137 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 44.192757][ T4116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 44.202872][ T4116] Call Trace: [ 44.206201][ T4116] [ 44.209116][ T4116] dump_stack_lvl+0xf2/0x150 [ 44.213709][ T4116] dump_stack+0x15/0x20 [ 44.217889][ T4116] should_fail_ex+0x223/0x230 [ 44.222643][ T4116] should_fail+0xb/0x10 [ 44.226801][ T4116] should_fail_usercopy+0x1a/0x20 [ 44.231812][ T4116] _copy_from_user+0x1e/0xd0 [ 44.236400][ T4116] copy_msghdr_from_user+0x54/0x2a0 [ 44.241623][ T4116] __sys_sendmsg+0x171/0x270 [ 44.246252][ T4116] __x64_sys_sendmsg+0x46/0x50 [ 44.251123][ T4116] x64_sys_call+0x2689/0x2d60 [ 44.255824][ T4116] do_syscall_64+0xc9/0x1c0 [ 44.260339][ T4116] ? clear_bhb_loop+0x55/0xb0 [ 44.265041][ T4116] ? clear_bhb_loop+0x55/0xb0 [ 44.269757][ T4116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 44.275657][ T4116] RIP: 0033:0x7fc41bebdff9 [ 44.280162][ T4116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 44.299765][ T4116] RSP: 002b:00007fc41ab31038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 44.308239][ T4116] RAX: ffffffffffffffda RBX: 00007fc41c075f80 RCX: 00007fc41bebdff9 [ 44.316277][ T4116] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000005 [ 44.324248][ T4116] RBP: 00007fc41ab31090 R08: 0000000000000000 R09: 0000000000000000 [ 44.332228][ T4116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 44.340195][ T4116] R13: 0000000000000000 R14: 00007fc41c075f80 R15: 00007fff4e501278 [ 44.348234][ T4116] [ 44.701027][ T1820] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.751940][ T1820] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.831029][ T1820] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 44.923762][ T1820] bridge_slave_1: left allmulticast mode [ 44.929637][ T1820] bridge_slave_1: left promiscuous mode [ 44.935352][ T1820] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.945424][ T1820] bridge_slave_0: left allmulticast mode [ 44.951195][ T1820] bridge_slave_0: left promiscuous mode [ 44.956881][ T1820] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.070519][ T1820] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 45.080832][ T1820] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 45.091887][ T1820] bond0 (unregistering): Released all slaves [ 45.131936][ T1820] hsr_slave_0: left promiscuous mode [ 45.137893][ T1820] hsr_slave_1: left promiscuous mode [ 45.144867][ T1820] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 45.152944][ T1820] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 45.162024][ T1820] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 45.169524][ T1820] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 45.179686][ T1820] veth1_macvtap: left promiscuous mode [ 45.185177][ T1820] veth0_macvtap: left promiscuous mode [ 45.190836][ T1820] veth1_vlan: left promiscuous mode [ 45.196060][ T1820] veth0_vlan: left promiscuous mode [ 45.306283][ T1820] team0 (unregistering): Port device team_slave_1 removed [ 45.316524][ T1820] team0 (unregistering): Port device team_slave_0 removed [ 45.383585][ T4169] Invalid ELF header magic: != ELF [ 45.524201][ T4194] netlink: 16 bytes leftover after parsing attributes in process `syz.3.150'. [ 45.533286][ T4194] netlink: 52 bytes leftover after parsing attributes in process `syz.3.150'. [ 45.559099][ T4194] netlink: 'syz.3.150': attribute type 2 has an invalid length. [ 45.570491][ T4092] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 45.586424][ T4092] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 45.600965][ T4163] chnl_net:caif_netlink_parms(): no params data found [ 45.610820][ T4092] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 45.632034][ T4092] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 45.663942][ T3545] udevd[3545]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 45.725078][ T4163] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.732332][ T4163] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.740418][ T4163] bridge_slave_0: entered allmulticast mode [ 45.746832][ T4163] bridge_slave_0: entered promiscuous mode [ 45.755979][ T4163] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.763134][ T4163] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.779844][ T4163] bridge_slave_1: entered allmulticast mode [ 45.786981][ T4163] bridge_slave_1: entered promiscuous mode [ 45.809644][ T4163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.825305][ T40] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.845879][ T4163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.869269][ T4092] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.902463][ T4163] team0: Port device team_slave_0 added [ 45.924784][ T4092] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.932695][ T4163] team0: Port device team_slave_1 added [ 45.950226][ T1820] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.957330][ T1820] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.965782][ T1820] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.972861][ T1820] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.987335][ T4163] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.994317][ T4163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.020255][ T4163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.031637][ T4163] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.038651][ T4163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.064731][ T4163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.105942][ T4163] hsr_slave_0: entered promiscuous mode [ 46.111946][ T4163] hsr_slave_1: entered promiscuous mode [ 46.117948][ T4163] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.126281][ T4163] Cannot create hsr debugfs directory [ 46.166001][ T4092] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 46.176528][ T4092] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 46.192428][ T4213] chnl_net:caif_netlink_parms(): no params data found [ 46.271168][ T4163] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.287152][ T4213] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.294629][ T4213] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.301907][ T4213] bridge_slave_0: entered allmulticast mode [ 46.308316][ T4213] bridge_slave_0: entered promiscuous mode [ 46.315369][ T4213] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.322489][ T4213] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.331302][ T4213] bridge_slave_1: entered allmulticast mode [ 46.337828][ T4213] bridge_slave_1: entered promiscuous mode [ 46.359426][ T4213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 46.372048][ T4163] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.385006][ T4213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 46.399016][ T4092] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 46.406971][ T4270] Invalid ELF header magic: != ELF [ 46.431815][ T4213] team0: Port device team_slave_0 added [ 46.440329][ T4213] team0: Port device team_slave_1 added [ 46.456758][ T4213] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 46.463865][ T4213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.489839][ T4213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 46.508308][ T4213] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 46.515419][ T4213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 46.541482][ T4213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 46.572216][ T4163] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.600566][ T4213] hsr_slave_0: entered promiscuous mode [ 46.606733][ T4213] hsr_slave_1: entered promiscuous mode [ 46.613059][ T4213] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 46.620753][ T4213] Cannot create hsr debugfs directory [ 46.637228][ T4163] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.649052][ T4092] veth0_vlan: entered promiscuous mode [ 46.657267][ T4092] veth1_vlan: entered promiscuous mode [ 46.703303][ T4092] veth0_macvtap: entered promiscuous mode [ 46.721599][ T4092] veth1_macvtap: entered promiscuous mode [ 46.728048][ T4163] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 46.737098][ T4163] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 46.745822][ T4163] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 46.754745][ T4163] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 46.769373][ T4092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.780002][ T4092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.789869][ T4092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.800387][ T4092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.810254][ T4092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.820758][ T4092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.830638][ T4092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.841058][ T4092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.851992][ T4092] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.865020][ T4092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.875590][ T4092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.885537][ T4092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.895969][ T4092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.905789][ T4092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.916302][ T4092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.926180][ T4092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.936702][ T4092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.947459][ T4092] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.959598][ T4092] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.968360][ T4092] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.977179][ T4092] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.986078][ T4092] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.036251][ T4163] 8021q: adding VLAN 0 to HW filter on device bond0 [ 47.058406][ T4163] 8021q: adding VLAN 0 to HW filter on device team0 [ 47.068746][ T173] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.075960][ T173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.089632][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.096813][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.116218][ T4163] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 47.126766][ T4163] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 47.189163][ T4163] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 47.196327][ T4289] syz.3.167[4289] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 47.196440][ T4289] syz.3.167[4289] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 47.207828][ T4289] syz.3.167[4289] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 47.269186][ T4163] veth0_vlan: entered promiscuous mode [ 47.290109][ T4163] veth1_vlan: entered promiscuous mode [ 47.309837][ T4163] veth0_macvtap: entered promiscuous mode [ 47.317572][ T4163] veth1_macvtap: entered promiscuous mode [ 47.329242][ T4163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.339748][ T4163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.349597][ T4163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.360034][ T4163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.369983][ T4163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.380585][ T4163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.390496][ T4163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.400969][ T4163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.410825][ T4163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 47.421250][ T4163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.432349][ T4163] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 47.443896][ T4163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.454428][ T4163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.464322][ T4163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.474778][ T4163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.484781][ T4163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.495229][ T4163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.505085][ T4163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.515513][ T4163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.525327][ T4163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 47.535770][ T4163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 47.546696][ T4163] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 47.557860][ T40] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.573207][ T4163] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.582080][ T4163] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.590831][ T4163] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.599563][ T4163] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 47.642969][ T40] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.672225][ T4314] netlink: 100 bytes leftover after parsing attributes in process `syz.2.164'. [ 47.686233][ T40] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 47.700332][ T4316] Invalid ELF header magic: != ELF [ 47.722420][ T3545] udevd[3545]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 47.754343][ T40] bridge_slave_1: left allmulticast mode [ 47.760218][ T40] bridge_slave_1: left promiscuous mode [ 47.765903][ T40] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.774032][ T40] bridge_slave_0: left allmulticast mode [ 47.779730][ T40] bridge_slave_0: left promiscuous mode [ 47.785384][ T40] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.793511][ T40] bridge_slave_1: left allmulticast mode [ 47.799299][ T40] bridge_slave_1: left promiscuous mode [ 47.804969][ T40] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.813355][ T40] bridge_slave_0: left allmulticast mode [ 47.819136][ T40] bridge_slave_0: left promiscuous mode [ 47.824901][ T40] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.030237][ T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 48.041213][ T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 48.051885][ T40] bond0 (unregistering): Released all slaves [ 48.061522][ T40] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 48.071912][ T40] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 48.082684][ T40] bond0 (unregistering): Released all slaves [ 48.122637][ T40] hsr_slave_0: left promiscuous mode [ 48.129011][ T40] hsr_slave_1: left promiscuous mode [ 48.134918][ T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 48.142441][ T40] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 48.152513][ T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 48.160301][ T40] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 48.185037][ T40] hsr_slave_0: left promiscuous mode [ 48.193317][ T40] hsr_slave_1: left promiscuous mode [ 48.203764][ T40] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 48.211374][ T40] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 48.219411][ T40] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 48.226846][ T40] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 48.242555][ T40] veth1_macvtap: left promiscuous mode [ 48.248094][ T40] veth0_macvtap: left promiscuous mode [ 48.253865][ T40] veth1_vlan: left promiscuous mode [ 48.259166][ T40] veth0_vlan: left promiscuous mode [ 48.281485][ T40] veth1_macvtap: left promiscuous mode [ 48.287099][ T40] veth0_macvtap: left promiscuous mode [ 48.292874][ T40] veth1_vlan: left promiscuous mode [ 48.298246][ T40] veth0_vlan: left promiscuous mode [ 48.331707][ T4338] syz.1.169[4338] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 48.331867][ T4338] syz.1.169[4338] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 48.343356][ T4338] syz.1.169[4338] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 48.448425][ T40] team0 (unregistering): Port device team_slave_1 removed [ 48.471720][ T40] team0 (unregistering): Port device team_slave_0 removed [ 48.531857][ T40] team0 (unregistering): Port device team_slave_1 removed [ 48.542004][ T40] team0 (unregistering): Port device team_slave_0 removed [ 48.568134][ T29] kauditd_printk_skb: 58 callbacks suppressed [ 48.568149][ T29] audit: type=1400 audit(1729623800.680:745): avc: denied { ioctl } for pid=4347 comm="syz.3.173" path="socket:[8634]" dev="sockfs" ino=8634 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 48.586749][ T4348] netlink: 24 bytes leftover after parsing attributes in process `syz.3.173'. [ 48.673405][ T4356] netlink: 100 bytes leftover after parsing attributes in process `syz.2.176'. [ 48.817868][ T4213] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 48.827159][ T4213] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 48.836385][ T4213] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 48.845591][ T4213] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 48.852637][ T4374] syz.3.177[4374] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 48.852721][ T4374] syz.3.177[4374] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 48.864111][ T4374] syz.3.177[4374] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 48.869927][ T4384] Zero length message leads to an empty skb [ 48.939522][ T4213] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.953644][ T4213] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.967804][ T173] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.974976][ T173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.997185][ T173] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.004380][ T173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.076583][ T4213] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.127167][ T29] audit: type=1326 audit(1729623801.240:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4408 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ee0cdff9 code=0x7ffc0000 [ 49.141611][ T4213] veth0_vlan: entered promiscuous mode [ 49.150143][ T29] audit: type=1326 audit(1729623801.240:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4408 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ee0cdff9 code=0x7ffc0000 [ 49.160119][ T4213] veth1_vlan: entered promiscuous mode [ 49.179150][ T29] audit: type=1326 audit(1729623801.300:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4408 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f30ee0cdff9 code=0x7ffc0000 [ 49.206688][ T29] audit: type=1326 audit(1729623801.300:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4408 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ee0cdff9 code=0x7ffc0000 [ 49.229510][ T29] audit: type=1326 audit(1729623801.300:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4408 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ee0cdff9 code=0x7ffc0000 [ 49.252459][ T29] audit: type=1326 audit(1729623801.310:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4408 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30ee0cdff9 code=0x7ffc0000 [ 49.275405][ T29] audit: type=1326 audit(1729623801.310:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4408 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ee0cdff9 code=0x7ffc0000 [ 49.278646][ T4213] veth0_macvtap: entered promiscuous mode [ 49.298248][ T29] audit: type=1326 audit(1729623801.310:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4408 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f30ee0cdff9 code=0x7ffc0000 [ 49.306104][ T4213] veth1_macvtap: entered promiscuous mode [ 49.326622][ T29] audit: type=1326 audit(1729623801.360:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4408 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f30ee0cdff9 code=0x7ffc0000 [ 49.351201][ T4213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.365902][ T4213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.375819][ T4213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.386563][ T4213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.396477][ T4213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.406987][ T4213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.416827][ T4213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.427331][ T4213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.440528][ T4213] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.452598][ T4213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.463525][ T4213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.470120][ T4421] Invalid ELF header magic: != ELF [ 49.473536][ T4213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.489260][ T4213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.489278][ T4213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.510507][ T4213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.510522][ T4213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.530986][ T4213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.532993][ T4213] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.589833][ T4213] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.598818][ T4213] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.607790][ T4213] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.616557][ T4213] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.682404][ T4439] netlink: 100 bytes leftover after parsing attributes in process `syz.2.190'. [ 49.812014][ T4453] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 49.844324][ T4451] syz.3.194[4451] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 49.856877][ T4459] netlink: 'syz.4.197': attribute type 39 has an invalid length. [ 49.876929][ T4459] veth1_macvtap: left promiscuous mode [ 49.940562][ T4475] FAULT_INJECTION: forcing a failure. [ 49.940562][ T4475] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 49.953753][ T4475] CPU: 0 UID: 0 PID: 4475 Comm: syz.4.199 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 49.964354][ T4475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 49.974460][ T4475] Call Trace: [ 49.977748][ T4475] [ 49.980689][ T4475] dump_stack_lvl+0xf2/0x150 [ 49.985364][ T4475] dump_stack+0x15/0x20 [ 49.989539][ T4475] should_fail_ex+0x223/0x230 [ 49.994321][ T4475] should_fail+0xb/0x10 [ 49.998508][ T4475] should_fail_usercopy+0x1a/0x20 [ 50.003574][ T4475] _copy_from_user+0x1e/0xd0 [ 50.008182][ T4475] move_addr_to_kernel+0x82/0x120 [ 50.013259][ T4475] __sys_sendto+0x15c/0x260 [ 50.017803][ T4475] __x64_sys_sendto+0x78/0x90 [ 50.022564][ T4475] x64_sys_call+0x2959/0x2d60 [ 50.027334][ T4475] do_syscall_64+0xc9/0x1c0 [ 50.031860][ T4475] ? clear_bhb_loop+0x55/0xb0 [ 50.036630][ T4475] ? clear_bhb_loop+0x55/0xb0 [ 50.041337][ T4475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.047264][ T4475] RIP: 0033:0x7fc41bebdff9 [ 50.051690][ T4475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.071305][ T4475] RSP: 002b:00007fc41ab31038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 50.079705][ T4475] RAX: ffffffffffffffda RBX: 00007fc41c075f80 RCX: 00007fc41bebdff9 [ 50.087675][ T4475] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 50.095630][ T4475] RBP: 00007fc41ab31090 R08: 00000000200003c0 R09: 0000000000000014 [ 50.103594][ T4475] R10: 000000000000c000 R11: 0000000000000246 R12: 0000000000000001 [ 50.111573][ T4475] R13: 0000000000000000 R14: 00007fc41c075f80 R15: 00007fff4e501278 [ 50.119537][ T4475] [ 50.357934][ T4507] netlink: 20 bytes leftover after parsing attributes in process `syz.4.208'. [ 50.398954][ T4509] netlink: 20 bytes leftover after parsing attributes in process `syz.4.209'. [ 50.421489][ T4509] FAULT_INJECTION: forcing a failure. [ 50.421489][ T4509] name failslab, interval 1, probability 0, space 0, times 1 [ 50.434208][ T4509] CPU: 0 UID: 0 PID: 4509 Comm: syz.4.209 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 50.444804][ T4509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 50.444817][ T4509] Call Trace: [ 50.444823][ T4509] [ 50.444831][ T4509] dump_stack_lvl+0xf2/0x150 [ 50.465742][ T4509] dump_stack+0x15/0x20 [ 50.469943][ T4509] should_fail_ex+0x223/0x230 [ 50.474700][ T4509] ? audit_log_start+0x34c/0x6b0 [ 50.479681][ T4509] should_failslab+0x8f/0xb0 [ 50.484290][ T4509] kmem_cache_alloc_noprof+0x4c/0x290 [ 50.489686][ T4509] audit_log_start+0x34c/0x6b0 [ 50.494577][ T4509] audit_seccomp+0x4b/0x130 [ 50.499100][ T4509] __seccomp_filter+0x6fa/0x1180 [ 50.504153][ T4509] ? proc_fail_nth_write+0x12a/0x150 [ 50.509502][ T4509] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 50.515137][ T4509] ? vfs_write+0x580/0x910 [ 50.519560][ T4509] __secure_computing+0x9f/0x1c0 [ 50.524560][ T4509] syscall_trace_enter+0xd1/0x1f0 [ 50.529593][ T4509] do_syscall_64+0xaa/0x1c0 [ 50.534116][ T4509] ? clear_bhb_loop+0x55/0xb0 [ 50.538793][ T4509] ? clear_bhb_loop+0x55/0xb0 [ 50.543575][ T4509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.549475][ T4509] RIP: 0033:0x7fc41bebdff9 [ 50.553897][ T4509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.573501][ T4509] RSP: 002b:00007fc41ab31038 EFLAGS: 00000246 ORIG_RAX: 0000000000000114 [ 50.581916][ T4509] RAX: ffffffffffffffda RBX: 00007fc41c075f80 RCX: 00007fc41bebdff9 [ 50.590032][ T4509] RDX: fffffffffffffc01 RSI: 0000000000000007 RDI: 0000000000000004 [ 50.598066][ T4509] RBP: 00007fc41ab31090 R08: 0000000000000000 R09: 0000000000000000 [ 50.606030][ T4509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 50.614073][ T4509] R13: 0000000000000000 R14: 00007fc41c075f80 R15: 00007fff4e501278 [ 50.622045][ T4509] [ 50.673888][ T4518] netlink: 20 bytes leftover after parsing attributes in process `syz.3.214'. [ 50.835131][ T4537] FAULT_INJECTION: forcing a failure. [ 50.835131][ T4537] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 50.848440][ T4537] CPU: 0 UID: 0 PID: 4537 Comm: syz.3.220 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 50.859053][ T4537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 50.869180][ T4537] Call Trace: [ 50.872445][ T4537] [ 50.875361][ T4537] dump_stack_lvl+0xf2/0x150 [ 50.879944][ T4537] dump_stack+0x15/0x20 [ 50.884111][ T4537] should_fail_ex+0x223/0x230 [ 50.888837][ T4537] should_fail+0xb/0x10 [ 50.893031][ T4537] should_fail_usercopy+0x1a/0x20 [ 50.898054][ T4537] _copy_from_user+0x1e/0xd0 [ 50.902629][ T4537] __sys_bpf+0x14e/0x7a0 [ 50.906884][ T4537] __x64_sys_bpf+0x43/0x50 [ 50.911315][ T4537] x64_sys_call+0x2625/0x2d60 [ 50.915987][ T4537] do_syscall_64+0xc9/0x1c0 [ 50.920551][ T4537] ? clear_bhb_loop+0x55/0xb0 [ 50.925322][ T4537] ? clear_bhb_loop+0x55/0xb0 [ 50.930024][ T4537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 50.935919][ T4537] RIP: 0033:0x7fe12e66dff9 [ 50.940404][ T4537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 50.960037][ T4537] RSP: 002b:00007fe12d2e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 50.968469][ T4537] RAX: ffffffffffffffda RBX: 00007fe12e825f80 RCX: 00007fe12e66dff9 [ 50.976442][ T4537] RDX: 0000000000000048 RSI: 0000000020000200 RDI: 0000000000000000 [ 50.984406][ T4537] RBP: 00007fe12d2e1090 R08: 0000000000000000 R09: 0000000000000000 [ 50.992423][ T4537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.000464][ T4537] R13: 0000000000000000 R14: 00007fe12e825f80 R15: 00007ffdbcf9eba8 [ 51.008557][ T4537] [ 51.073687][ T4546] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7) [ 51.080269][ T4546] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 51.087898][ T4546] vhci_hcd vhci_hcd.0: Device attached [ 51.110106][ T4548] vhci_hcd: connection closed [ 51.114973][ T1820] vhci_hcd: stop threads [ 51.124154][ T1820] vhci_hcd: release socket [ 51.128632][ T1820] vhci_hcd: disconnect device [ 51.142586][ T4556] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 51.257253][ T4576] FAULT_INJECTION: forcing a failure. [ 51.257253][ T4576] name failslab, interval 1, probability 0, space 0, times 0 [ 51.270182][ T4576] CPU: 1 UID: 0 PID: 4576 Comm: syz.4.230 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 51.280841][ T4576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 51.290967][ T4576] Call Trace: [ 51.294379][ T4576] [ 51.297316][ T4576] dump_stack_lvl+0xf2/0x150 [ 51.301925][ T4576] dump_stack+0x15/0x20 [ 51.306170][ T4576] should_fail_ex+0x223/0x230 [ 51.311093][ T4576] ? getname_flags+0x81/0x3b0 [ 51.315835][ T4576] should_failslab+0x8f/0xb0 [ 51.320444][ T4576] kmem_cache_alloc_noprof+0x4c/0x290 [ 51.325842][ T4576] getname_flags+0x81/0x3b0 [ 51.330400][ T4576] user_path_at+0x26/0x110 [ 51.334897][ T4576] __se_sys_utime+0xc6/0x1c0 [ 51.339581][ T4576] __x64_sys_utime+0x31/0x40 [ 51.344197][ T4576] x64_sys_call+0x15fa/0x2d60 [ 51.348897][ T4576] do_syscall_64+0xc9/0x1c0 [ 51.353414][ T4576] ? clear_bhb_loop+0x55/0xb0 [ 51.358109][ T4576] ? clear_bhb_loop+0x55/0xb0 [ 51.362808][ T4576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 51.368718][ T4576] RIP: 0033:0x7fc41bebdff9 [ 51.373229][ T4576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 51.392935][ T4576] RSP: 002b:00007fc41ab31038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084 [ 51.401401][ T4576] RAX: ffffffffffffffda RBX: 00007fc41c075f80 RCX: 00007fc41bebdff9 [ 51.409398][ T4576] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 51.417420][ T4576] RBP: 00007fc41ab31090 R08: 0000000000000000 R09: 0000000000000000 [ 51.425388][ T4576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 51.433351][ T4576] R13: 0000000000000000 R14: 00007fc41c075f80 R15: 00007fff4e501278 [ 51.441356][ T4576] [ 51.700779][ T4612] netlink: 100 bytes leftover after parsing attributes in process `syz.0.237'. [ 51.775890][ T4620] netlink: 20 bytes leftover after parsing attributes in process `syz.0.241'. [ 51.887685][ T4627] Invalid ELF header magic: != ELF [ 52.023345][ T4640] 9pnet: Could not find request transport: f [ 52.077994][ T4649] FAULT_INJECTION: forcing a failure. [ 52.077994][ T4649] name failslab, interval 1, probability 0, space 0, times 0 [ 52.090722][ T4649] CPU: 0 UID: 0 PID: 4649 Comm: syz.2.254 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 52.101315][ T4649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 52.111410][ T4649] Call Trace: [ 52.114713][ T4649] [ 52.117704][ T4649] dump_stack_lvl+0xf2/0x150 [ 52.122356][ T4649] dump_stack+0x15/0x20 [ 52.126493][ T4649] should_fail_ex+0x223/0x230 [ 52.131185][ T4649] ? __se_sys_mount+0xf7/0x2d0 [ 52.135940][ T4649] should_failslab+0x8f/0xb0 [ 52.140550][ T4649] __kmalloc_cache_noprof+0x4b/0x2a0 [ 52.145854][ T4649] __se_sys_mount+0xf7/0x2d0 [ 52.150452][ T4649] ? fput+0x14e/0x190 [ 52.154499][ T4649] ? ksys_write+0x17a/0x1b0 [ 52.159084][ T4649] __x64_sys_mount+0x67/0x80 [ 52.163738][ T4649] x64_sys_call+0x203e/0x2d60 [ 52.168404][ T4649] do_syscall_64+0xc9/0x1c0 [ 52.172976][ T4649] ? clear_bhb_loop+0x55/0xb0 [ 52.177780][ T4649] ? clear_bhb_loop+0x55/0xb0 [ 52.182478][ T4649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 52.188426][ T4649] RIP: 0033:0x7f2c5a7cdff9 [ 52.192959][ T4649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 52.212640][ T4649] RSP: 002b:00007f2c59441038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 52.221082][ T4649] RAX: ffffffffffffffda RBX: 00007f2c5a985f80 RCX: 00007f2c5a7cdff9 [ 52.229100][ T4649] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000000 [ 52.237087][ T4649] RBP: 00007f2c59441090 R08: 00000000200049c0 R09: 0000000000000000 [ 52.245086][ T4649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 52.253068][ T4649] R13: 0000000000000000 R14: 00007f2c5a985f80 R15: 00007ffedc0b30f8 [ 52.261041][ T4649] [ 52.286212][ T4655] Invalid ELF header magic: != ELF [ 52.332530][ T4659] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 52.528562][ T4682] bpf_get_probe_write_proto: 8 callbacks suppressed [ 52.528579][ T4682] syz.4.259[4682] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.535389][ T4682] syz.4.259[4682] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.546933][ T4682] syz.4.259[4682] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 52.789652][ T4711] netlink: 100 bytes leftover after parsing attributes in process `syz.0.266'. [ 52.846894][ T4713] syzkaller0: entered promiscuous mode [ 52.852494][ T4713] syzkaller0: entered allmulticast mode [ 52.912912][ T4721] FAULT_INJECTION: forcing a failure. [ 52.912912][ T4721] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 52.926101][ T4721] CPU: 0 UID: 0 PID: 4721 Comm: syz.0.271 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 52.936707][ T4721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 52.946785][ T4721] Call Trace: [ 52.950096][ T4721] [ 52.953168][ T4721] dump_stack_lvl+0xf2/0x150 [ 52.957766][ T4721] dump_stack+0x15/0x20 [ 52.961909][ T4721] should_fail_ex+0x223/0x230 [ 52.966586][ T4721] should_fail+0xb/0x10 [ 52.970847][ T4721] should_fail_usercopy+0x1a/0x20 [ 52.975933][ T4721] _copy_from_user+0x1e/0xd0 [ 52.980565][ T4721] do_ipv6_setsockopt+0x1ef/0x2250 [ 52.985756][ T4721] ? __rcu_read_unlock+0x4e/0x70 [ 52.990713][ T4721] ? avc_has_perm_noaudit+0x1cc/0x210 [ 52.996178][ T4721] ? selinux_netlbl_socket_setsockopt+0xe5/0x2d0 [ 53.002710][ T4721] ipv6_setsockopt+0x57/0x130 [ 53.007413][ T4721] udpv6_setsockopt+0x95/0xb0 [ 53.012145][ T4721] sock_common_setsockopt+0x64/0x80 [ 53.017486][ T4721] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 53.023420][ T4721] __sys_setsockopt+0x1cc/0x240 [ 53.028313][ T4721] __x64_sys_setsockopt+0x66/0x80 [ 53.033429][ T4721] x64_sys_call+0x278d/0x2d60 [ 53.038099][ T4721] do_syscall_64+0xc9/0x1c0 [ 53.042588][ T4721] ? clear_bhb_loop+0x55/0xb0 [ 53.047259][ T4721] ? clear_bhb_loop+0x55/0xb0 [ 53.051937][ T4721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.057904][ T4721] RIP: 0033:0x7f6bad7fdff9 [ 53.062317][ T4721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.082064][ T4721] RSP: 002b:00007f6bac477038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 53.090486][ T4721] RAX: ffffffffffffffda RBX: 00007f6bad9b5f80 RCX: 00007f6bad7fdff9 [ 53.098455][ T4721] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 53.106534][ T4721] RBP: 00007f6bac477090 R08: 0000000000000420 R09: 0000000000000000 [ 53.114566][ T4721] R10: 0000000020000600 R11: 0000000000000246 R12: 0000000000000001 [ 53.122587][ T4721] R13: 0000000000000000 R14: 00007f6bad9b5f80 R15: 00007fff7ef672e8 [ 53.130583][ T4721] [ 53.285801][ T4738] netlink: 100 bytes leftover after parsing attributes in process `syz.4.278'. [ 53.334184][ T3515] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 53.345660][ T3515] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz0 [ 53.487676][ T4775] netlink: 100 bytes leftover after parsing attributes in process `syz.4.291'. [ 53.504501][ T4776] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4776 comm=syz.1.288 [ 53.592322][ T4802] netlink: 8 bytes leftover after parsing attributes in process `syz.4.296'. [ 53.744408][ T3515] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 53.752307][ T3515] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 53.795860][ T4813] syzkaller0: entered promiscuous mode [ 53.801379][ T4813] syzkaller0: entered allmulticast mode [ 53.948617][ T4820] Invalid ELF header magic: != ELF [ 53.967373][ T4822] netlink: 100 bytes leftover after parsing attributes in process `syz.3.303'. [ 53.988457][ T29] kauditd_printk_skb: 482 callbacks suppressed [ 53.988470][ T29] audit: type=1400 audit(1729623806.110:1235): avc: denied { name_bind } for pid=4823 comm="syz.3.304" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 54.016562][ T29] audit: type=1400 audit(1729623806.110:1236): avc: denied { node_bind } for pid=4823 comm="syz.3.304" saddr=::1 src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 54.051863][ T4830] netlink: 8 bytes leftover after parsing attributes in process `syz.0.307'. [ 54.125116][ T29] audit: type=1400 audit(1729623806.240:1237): avc: denied { bind } for pid=4841 comm="syz.3.313" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 54.125587][ T4842] netlink: 4 bytes leftover after parsing attributes in process `syz.3.313'. [ 54.269817][ T29] audit: type=1326 audit(1729623806.390:1238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4845 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c5a7cdff9 code=0x7ffc0000 [ 54.292877][ T29] audit: type=1326 audit(1729623806.390:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4845 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c5a7cdff9 code=0x7ffc0000 [ 54.293855][ T29] audit: type=1326 audit(1729623806.420:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4845 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2c5a7ccadf code=0x7ffc0000 [ 54.338854][ T29] audit: type=1326 audit(1729623806.420:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4845 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c5a7cdff9 code=0x7ffc0000 [ 54.362035][ T29] audit: type=1326 audit(1729623806.420:1242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4845 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c5a7cdff9 code=0x7ffc0000 [ 54.523925][ T29] audit: type=1400 audit(1729623806.640:1243): avc: denied { write } for pid=4849 comm="syz.2.316" name="kcm" dev="proc" ino=4026533461 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1 [ 54.561325][ T29] audit: type=1400 audit(1729623806.680:1244): avc: denied { listen } for pid=4857 comm="syz.2.318" lport=58563 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 54.724720][ T4874] syzkaller0: entered promiscuous mode [ 54.730342][ T4874] syzkaller0: entered allmulticast mode [ 54.851380][ T4877] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4877 comm=syz.2.325 [ 55.020164][ T4888] FAULT_INJECTION: forcing a failure. [ 55.020164][ T4888] name failslab, interval 1, probability 0, space 0, times 0 [ 55.032883][ T4888] CPU: 0 UID: 0 PID: 4888 Comm: syz.3.330 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 55.043492][ T4888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 55.053557][ T4888] Call Trace: [ 55.056826][ T4888] [ 55.059745][ T4888] dump_stack_lvl+0xf2/0x150 [ 55.064399][ T4888] dump_stack+0x15/0x20 [ 55.068588][ T4888] should_fail_ex+0x223/0x230 [ 55.073323][ T4888] ? __alloc_skb+0x10b/0x310 [ 55.077933][ T4888] should_failslab+0x8f/0xb0 [ 55.082539][ T4888] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 55.088960][ T4888] __alloc_skb+0x10b/0x310 [ 55.093417][ T4888] audit_log_start+0x368/0x6b0 [ 55.098181][ T4888] audit_seccomp+0x4b/0x130 [ 55.102720][ T4888] __seccomp_filter+0x6fa/0x1180 [ 55.107666][ T4888] ? proc_fail_nth_write+0x12a/0x150 [ 55.112945][ T4888] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 55.118602][ T4888] ? vfs_write+0x580/0x910 [ 55.123037][ T4888] ? __fget_files+0x1d4/0x210 [ 55.127783][ T4888] __secure_computing+0x9f/0x1c0 [ 55.132711][ T4888] syscall_trace_enter+0xd1/0x1f0 [ 55.137724][ T4888] ? fpregs_assert_state_consistent+0x83/0xa0 [ 55.143856][ T4888] do_syscall_64+0xaa/0x1c0 [ 55.148371][ T4888] ? clear_bhb_loop+0x55/0xb0 [ 55.153140][ T4888] ? clear_bhb_loop+0x55/0xb0 [ 55.157838][ T4888] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 55.163783][ T4888] RIP: 0033:0x7fe12e66dff9 [ 55.168201][ T4888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 55.187810][ T4888] RSP: 002b:00007fe12d2e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 55.196267][ T4888] RAX: ffffffffffffffda RBX: 00007fe12e825f80 RCX: 00007fe12e66dff9 [ 55.204297][ T4888] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 55.212264][ T4888] RBP: 00007fe12d2e1090 R08: 0000000000000000 R09: 0000000000000000 [ 55.220286][ T4888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 55.228274][ T4888] R13: 0000000000000000 R14: 00007fe12e825f80 R15: 00007ffdbcf9eba8 [ 55.236267][ T4888] [ 55.295884][ T4900] Invalid ELF header magic: != ELF [ 55.697981][ T4915] __nla_validate_parse: 5 callbacks suppressed [ 55.697994][ T4915] netlink: 100 bytes leftover after parsing attributes in process `syz.2.340'. [ 55.728875][ T4917] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 55.807179][ T4932] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4932 comm=syz.0.343 [ 55.837868][ T4937] netlink: 36 bytes leftover after parsing attributes in process `syz.0.344'. [ 55.846830][ T4937] netlink: 12 bytes leftover after parsing attributes in process `syz.0.344'. [ 55.910179][ T4953] Invalid ELF header magic: != ELF [ 56.055395][ T4960] syz.0.348[4960] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.055435][ T4960] syz.0.348[4960] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.066989][ T4960] syz.0.348[4960] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 56.205459][ T4966] netlink: 'syz.1.351': attribute type 1 has an invalid length. [ 56.224924][ T4966] netlink: 4 bytes leftover after parsing attributes in process `syz.1.351'. [ 56.579820][ T4974] FAULT_INJECTION: forcing a failure. [ 56.579820][ T4974] name failslab, interval 1, probability 0, space 0, times 0 [ 56.592557][ T4974] CPU: 0 UID: 0 PID: 4974 Comm: syz.2.354 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 56.603188][ T4974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 56.613259][ T4974] Call Trace: [ 56.616544][ T4974] [ 56.619477][ T4974] dump_stack_lvl+0xf2/0x150 [ 56.624108][ T4974] dump_stack+0x15/0x20 [ 56.628367][ T4974] should_fail_ex+0x223/0x230 [ 56.633068][ T4974] ? __se_sys_mount+0xf7/0x2d0 [ 56.637929][ T4974] should_failslab+0x8f/0xb0 [ 56.642534][ T4974] __kmalloc_cache_noprof+0x4b/0x2a0 [ 56.647868][ T4974] __se_sys_mount+0xf7/0x2d0 [ 56.652577][ T4974] ? fput+0x14e/0x190 [ 56.656550][ T4974] ? ksys_write+0x17a/0x1b0 [ 56.661090][ T4974] __x64_sys_mount+0x67/0x80 [ 56.665724][ T4974] x64_sys_call+0x203e/0x2d60 [ 56.670404][ T4974] do_syscall_64+0xc9/0x1c0 [ 56.674937][ T4974] ? clear_bhb_loop+0x55/0xb0 [ 56.679621][ T4974] ? clear_bhb_loop+0x55/0xb0 [ 56.684325][ T4974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 56.690262][ T4974] RIP: 0033:0x7f2c5a7cdff9 [ 56.694708][ T4974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 56.714308][ T4974] RSP: 002b:00007f2c59441038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 56.722712][ T4974] RAX: ffffffffffffffda RBX: 00007f2c5a985f80 RCX: 00007f2c5a7cdff9 [ 56.730690][ T4974] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000000 [ 56.738652][ T4974] RBP: 00007f2c59441090 R08: 00000000200049c0 R09: 0000000000000000 [ 56.746668][ T4974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 56.754623][ T4974] R13: 0000000000000000 R14: 00007f2c5a985f80 R15: 00007ffedc0b30f8 [ 56.762598][ T4974] [ 56.818587][ T4983] Invalid ELF header magic: != ELF [ 56.891995][ T4993] netlink: 12 bytes leftover after parsing attributes in process `syz.0.363'. [ 56.900938][ T4993] netlink: 12 bytes leftover after parsing attributes in process `syz.0.363'. [ 56.986118][ T5003] netlink: 'syz.0.367': attribute type 1 has an invalid length. [ 56.993850][ T5003] netlink: 4 bytes leftover after parsing attributes in process `syz.0.367'. [ 57.052784][ T5013] Invalid ELF header magic: != ELF [ 57.112475][ T5014] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5014 comm=syz.0.370 [ 57.148794][ T5025] netlink: 12 bytes leftover after parsing attributes in process `syz.1.377'. [ 57.154300][ T5027] netlink: 100 bytes leftover after parsing attributes in process `syz.2.378'. [ 57.157687][ T5025] netlink: 12 bytes leftover after parsing attributes in process `syz.1.377'. [ 57.175752][ T5019] syz.3.371[5019] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 57.175949][ T5019] syz.3.371[5019] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 57.187355][ T5019] syz.3.371[5019] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 57.214294][ T3515] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 57.238112][ T3515] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz0] on syz0 [ 57.282597][ T5040] Invalid ELF header magic: != ELF [ 57.383867][ T5047] FAULT_INJECTION: forcing a failure. [ 57.383867][ T5047] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 57.397041][ T5047] CPU: 1 UID: 0 PID: 5047 Comm: +}[@ Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 57.407209][ T5047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 57.417336][ T5047] Call Trace: [ 57.420607][ T5047] [ 57.423523][ T5047] dump_stack_lvl+0xf2/0x150 [ 57.428106][ T5047] dump_stack+0x15/0x20 [ 57.432245][ T5047] should_fail_ex+0x223/0x230 [ 57.436924][ T5047] should_fail+0xb/0x10 [ 57.441185][ T5047] should_fail_usercopy+0x1a/0x20 [ 57.446266][ T5047] _copy_from_user+0x1e/0xd0 [ 57.450954][ T5047] memdup_user+0x64/0xc0 [ 57.455195][ T5047] strndup_user+0x68/0xa0 [ 57.459543][ T5047] perf_uprobe_init+0x49/0x140 [ 57.464479][ T5047] perf_uprobe_event_init+0xe2/0x140 [ 57.469763][ T5047] perf_try_init_event+0xcb/0x4f0 [ 57.474904][ T5047] ? perf_event_alloc+0xabf/0x1750 [ 57.480045][ T5047] perf_event_alloc+0xaca/0x1750 [ 57.485013][ T5047] __se_sys_perf_event_open+0x5e8/0x21f0 [ 57.490645][ T5047] ? proc_fail_nth_write+0x12a/0x150 [ 57.495956][ T5047] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 57.501674][ T5047] ? __fget_files+0x1d4/0x210 [ 57.506351][ T5047] __x64_sys_perf_event_open+0x67/0x80 [ 57.511804][ T5047] x64_sys_call+0x18d7/0x2d60 [ 57.516476][ T5047] do_syscall_64+0xc9/0x1c0 [ 57.521041][ T5047] ? clear_bhb_loop+0x55/0xb0 [ 57.525718][ T5047] ? clear_bhb_loop+0x55/0xb0 [ 57.530452][ T5047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 57.536350][ T5047] RIP: 0033:0x7f2c5a7cdff9 [ 57.540772][ T5047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 57.560504][ T5047] RSP: 002b:00007f2c59441038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 57.568995][ T5047] RAX: ffffffffffffffda RBX: 00007f2c5a985f80 RCX: 00007f2c5a7cdff9 [ 57.576997][ T5047] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000400 [ 57.585008][ T5047] RBP: 00007f2c59441090 R08: 0000000000000000 R09: 0000000000000000 [ 57.592967][ T5047] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 57.600926][ T5047] R13: 0000000000000000 R14: 00007f2c5a985f80 R15: 00007ffedc0b30f8 [ 57.608890][ T5047] [ 57.694100][ T35] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 57.703313][ T35] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz0 [ 57.883192][ T3347] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 57.893271][ T3347] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz0] on syz0 [ 57.922887][ T5073] FAULT_INJECTION: forcing a failure. [ 57.922887][ T5073] name failslab, interval 1, probability 0, space 0, times 0 [ 57.935592][ T5073] CPU: 0 UID: 0 PID: 5073 Comm: syz.2.399 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 57.946239][ T5073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 57.956410][ T5073] Call Trace: [ 57.959706][ T5073] [ 57.962629][ T5073] dump_stack_lvl+0xf2/0x150 [ 57.967282][ T5073] dump_stack+0x15/0x20 [ 57.971472][ T5073] should_fail_ex+0x223/0x230 [ 57.976173][ T5073] ? sidtab_sid2str_get+0xb8/0x140 [ 57.981312][ T5073] should_failslab+0x8f/0xb0 [ 57.985896][ T5073] __kmalloc_node_track_caller_noprof+0xa6/0x380 [ 57.992224][ T5073] ? vsnprintf+0xdd8/0xe30 [ 57.996640][ T5073] kmemdup_noprof+0x2a/0x60 [ 58.001142][ T5073] sidtab_sid2str_get+0xb8/0x140 [ 58.006073][ T5073] security_sid_to_context_core+0x1eb/0x2f0 [ 58.011990][ T5073] security_sid_to_context+0x27/0x30 [ 58.017299][ T5073] selinux_secid_to_secctx+0x22/0x30 [ 58.022579][ T5073] security_secid_to_secctx+0x48/0x90 [ 58.028025][ T5073] audit_log_task_context+0x8c/0x1b0 [ 58.033491][ T5073] audit_log_task+0xfb/0x180 [ 58.038078][ T5073] audit_seccomp+0x68/0x130 [ 58.042897][ T5073] __seccomp_filter+0x6fa/0x1180 [ 58.047832][ T5073] ? proc_fail_nth_write+0x12a/0x150 [ 58.053121][ T5073] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 58.058764][ T5073] ? vfs_write+0x580/0x910 [ 58.063181][ T5073] ? __fget_files+0x1d4/0x210 [ 58.067895][ T5073] __secure_computing+0x9f/0x1c0 [ 58.072895][ T5073] syscall_trace_enter+0xd1/0x1f0 [ 58.077920][ T5073] ? fpregs_assert_state_consistent+0x83/0xa0 [ 58.083993][ T5073] do_syscall_64+0xaa/0x1c0 [ 58.088504][ T5073] ? clear_bhb_loop+0x55/0xb0 [ 58.093185][ T5073] ? clear_bhb_loop+0x55/0xb0 [ 58.097920][ T5073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.103817][ T5073] RIP: 0033:0x7f2c5a7cdff9 [ 58.108237][ T5073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 58.128258][ T5073] RSP: 002b:00007f2c59441038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c0 [ 58.136717][ T5073] RAX: ffffffffffffffda RBX: 00007f2c5a985f80 RCX: 00007f2c5a7cdff9 [ 58.144701][ T5073] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff [ 58.152700][ T5073] RBP: 00007f2c59441090 R08: 0000000000000000 R09: 0000000000000000 [ 58.160666][ T5073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.168730][ T5073] R13: 0000000000000000 R14: 00007f2c5a985f80 R15: 00007ffedc0b30f8 [ 58.176722][ T5073] [ 58.316319][ T5105] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5105 comm=syz.0.409 [ 58.350094][ T3335] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 58.358063][ T3335] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz0] on syz0 [ 58.383571][ T5111] FAULT_INJECTION: forcing a failure. [ 58.383571][ T5111] name failslab, interval 1, probability 0, space 0, times 0 [ 58.396277][ T5111] CPU: 0 UID: 0 PID: 5111 Comm: syz.2.415 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 58.406884][ T5111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 58.416934][ T5111] Call Trace: [ 58.420196][ T5111] [ 58.423121][ T5111] dump_stack_lvl+0xf2/0x150 [ 58.427701][ T5111] dump_stack+0x15/0x20 [ 58.431929][ T5111] should_fail_ex+0x223/0x230 [ 58.436615][ T5111] ? audit_log_start+0x34c/0x6b0 [ 58.441542][ T5111] should_failslab+0x8f/0xb0 [ 58.446117][ T5111] kmem_cache_alloc_noprof+0x4c/0x290 [ 58.451499][ T5111] audit_log_start+0x34c/0x6b0 [ 58.456270][ T5111] ? hrtimer_start_range_ns+0x53d/0x580 [ 58.461822][ T5111] audit_seccomp+0x4b/0x130 [ 58.466317][ T5111] __seccomp_filter+0x6fa/0x1180 [ 58.471264][ T5111] ? __cgroup_account_cputime+0x8b/0xb0 [ 58.476893][ T5111] ? arch_scale_cpu_capacity+0x15/0x70 [ 58.482401][ T5111] ? update_curr_dl_se+0x5e/0x220 [ 58.487412][ T5111] ? update_curr+0x13f/0x370 [ 58.491990][ T5111] __secure_computing+0x9f/0x1c0 [ 58.496917][ T5111] syscall_trace_enter+0xd1/0x1f0 [ 58.501950][ T5111] ? fpregs_assert_state_consistent+0x83/0xa0 [ 58.508064][ T5111] do_syscall_64+0xaa/0x1c0 [ 58.512551][ T5111] ? clear_bhb_loop+0x55/0xb0 [ 58.517311][ T5111] ? clear_bhb_loop+0x55/0xb0 [ 58.522014][ T5111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.527959][ T5111] RIP: 0033:0x7f2c5a7cca3c [ 58.532396][ T5111] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 58.552601][ T5111] RSP: 002b:00007f2c59441030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 58.561069][ T5111] RAX: ffffffffffffffda RBX: 00007f2c5a985f80 RCX: 00007f2c5a7cca3c [ 58.569075][ T5111] RDX: 000000000000000f RSI: 00007f2c594410a0 RDI: 0000000000000004 [ 58.577102][ T5111] RBP: 00007f2c59441090 R08: 0000000000000000 R09: 0000000000000000 [ 58.585079][ T5111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 58.593053][ T5111] R13: 0000000000000000 R14: 00007f2c5a985f80 R15: 00007ffedc0b30f8 [ 58.601036][ T5111] [ 58.605068][ T5109] syz.1.410[5109] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 58.605121][ T5109] syz.1.410[5109] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 58.616515][ T5109] syz.1.410[5109] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 58.663164][ T5120] FAULT_INJECTION: forcing a failure. [ 58.663164][ T5120] name failslab, interval 1, probability 0, space 0, times 0 [ 58.687066][ T5120] CPU: 0 UID: 0 PID: 5120 Comm: syz.2.419 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 58.697724][ T5120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 58.707770][ T5120] Call Trace: [ 58.711039][ T5120] [ 58.713959][ T5120] dump_stack_lvl+0xf2/0x150 [ 58.718550][ T5120] dump_stack+0x15/0x20 [ 58.722693][ T5120] should_fail_ex+0x223/0x230 [ 58.727365][ T5120] ? sidtab_sid2str_get+0xb8/0x140 [ 58.732469][ T5120] should_failslab+0x8f/0xb0 [ 58.737073][ T5120] __kmalloc_node_track_caller_noprof+0xa6/0x380 [ 58.743436][ T5120] ? vsnprintf+0xdd8/0xe30 [ 58.747859][ T5120] kmemdup_noprof+0x2a/0x60 [ 58.752419][ T5120] sidtab_sid2str_get+0xb8/0x140 [ 58.757435][ T5120] security_sid_to_context_core+0x1eb/0x2f0 [ 58.763330][ T5120] security_sid_to_context+0x27/0x30 [ 58.768626][ T5120] selinux_secid_to_secctx+0x22/0x30 [ 58.773902][ T5120] security_secid_to_secctx+0x48/0x90 [ 58.779302][ T5120] audit_log_task_context+0x8c/0x1b0 [ 58.784592][ T5120] audit_log_task+0xfb/0x180 [ 58.789187][ T5120] audit_seccomp+0x68/0x130 [ 58.793716][ T5120] __seccomp_filter+0x6fa/0x1180 [ 58.798652][ T5120] __secure_computing+0x9f/0x1c0 [ 58.803583][ T5120] syscall_trace_enter+0xd1/0x1f0 [ 58.808735][ T5120] do_syscall_64+0xaa/0x1c0 [ 58.813231][ T5120] ? clear_bhb_loop+0x55/0xb0 [ 58.817921][ T5120] ? clear_bhb_loop+0x55/0xb0 [ 58.822709][ T5120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 58.828661][ T5120] RIP: 0033:0x7f2c5a7cca3c [ 58.833064][ T5120] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 58.852701][ T5120] RSP: 002b:00007f2c59441030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 58.861134][ T5120] RAX: ffffffffffffffda RBX: 00007f2c5a985f80 RCX: 00007f2c5a7cca3c [ 58.869095][ T5120] RDX: 000000000000000f RSI: 00007f2c594410a0 RDI: 0000000000000005 [ 58.877059][ T5120] RBP: 00007f2c59441090 R08: 0000000000000000 R09: 0000000000000000 [ 58.885022][ T5120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 58.892995][ T5120] R13: 0000000000000000 R14: 00007f2c5a985f80 R15: 00007ffedc0b30f8 [ 58.900969][ T5120] [ 58.937072][ T5127] syz.2.422 uses obsolete (PF_INET,SOCK_PACKET) [ 59.047331][ T5142] Invalid ELF header magic: != ELF [ 59.068011][ T29] kauditd_printk_skb: 501 callbacks suppressed [ 59.068034][ T29] audit: type=1400 audit(1729623811.180:1740): avc: denied { write } for pid=5143 comm="syz.2.428" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 59.151258][ T5152] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=5123 sclass=netlink_tcpdiag_socket pid=5152 comm=syz.0.432 [ 59.153725][ T29] audit: type=1400 audit(1729623811.270:1741): avc: denied { create } for pid=5151 comm="syz.0.432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 59.184434][ T29] audit: type=1400 audit(1729623811.270:1742): avc: denied { write } for pid=5151 comm="syz.0.432" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 59.213012][ T29] audit: type=1400 audit(1729623811.330:1743): avc: denied { mounton } for pid=5155 comm="syz.3.433" path="/proc/222/task" dev="proc" ino=11822 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 59.213754][ T5156] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks [ 59.288774][ T29] audit: type=1326 audit(1729623811.410:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5162 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c5a7cdff9 code=0x7ffc0000 [ 59.312293][ T29] audit: type=1326 audit(1729623811.410:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5162 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c5a7cdff9 code=0x7ffc0000 [ 59.341243][ T5170] Invalid ELF header magic: != ELF [ 59.348998][ T29] audit: type=1326 audit(1729623811.410:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5162 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f2c5a7cdff9 code=0x7ffc0000 [ 59.373031][ T29] audit: type=1326 audit(1729623811.410:1747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5162 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c5a7cdff9 code=0x7ffc0000 [ 59.396487][ T29] audit: type=1326 audit(1729623811.410:1748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5162 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c5a7cdff9 code=0x7ffc0000 [ 59.419901][ T29] audit: type=1326 audit(1729623811.410:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5162 comm="syz.2.437" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c5a7cdff9 code=0x7ffc0000 [ 59.552683][ T5180] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5180 comm=syz.2.442 [ 59.591327][ T5189] syz.1.443[5189] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 59.591411][ T5189] syz.1.443[5189] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 59.602817][ T5189] syz.1.443[5189] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 59.644475][ T5200] Invalid ELF header magic: != ELF [ 59.674692][ T3515] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 59.682662][ T3515] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz0] on syz0 [ 59.850319][ T5216] EXT4-fs warning (device sda1): ext4_resize_fs:2019: can't read last block, resize aborted [ 59.982093][ T3515] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 59.992763][ T3515] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz0] on syz0 [ 60.176669][ T3347] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 60.184821][ T3347] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz0 [ 60.349808][ T3515] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 60.357847][ T3515] hid-generic 0000:0000:0000.000A: hidraw0: HID v0.00 Device [syz0] on syz0 [ 60.489984][ T5327] FAULT_INJECTION: forcing a failure. [ 60.489984][ T5327] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 60.503260][ T5327] CPU: 1 UID: 0 PID: 5327 Comm: syz.0.510 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 60.513905][ T5327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 60.524018][ T5327] Call Trace: [ 60.527323][ T5327] [ 60.527675][ T5328] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5328 comm=syz.3.503 [ 60.530248][ T5327] dump_stack_lvl+0xf2/0x150 [ 60.547264][ T5327] dump_stack+0x15/0x20 [ 60.551507][ T5327] should_fail_ex+0x223/0x230 [ 60.556247][ T5327] should_fail+0xb/0x10 [ 60.560452][ T5327] should_fail_usercopy+0x1a/0x20 [ 60.565579][ T5327] _copy_from_iter+0xd3/0xd20 [ 60.570278][ T5327] ? kmalloc_reserve+0x16e/0x190 [ 60.575239][ T5327] ? __build_skb_around+0x196/0x1f0 [ 60.580423][ T5327] ? __alloc_skb+0x21f/0x310 [ 60.585055][ T5327] ? __virt_addr_valid+0x1ed/0x250 [ 60.590206][ T5327] ? __check_object_size+0x364/0x520 [ 60.595481][ T5327] netlink_sendmsg+0x460/0x6e0 [ 60.600276][ T5327] ? __pfx_netlink_sendmsg+0x10/0x10 [ 60.605543][ T5327] __sock_sendmsg+0x140/0x180 [ 60.610316][ T5327] ____sys_sendmsg+0x312/0x410 [ 60.615085][ T5327] __sys_sendmsg+0x1d9/0x270 [ 60.619695][ T5327] __x64_sys_sendmsg+0x46/0x50 [ 60.624512][ T5327] x64_sys_call+0x2689/0x2d60 [ 60.629708][ T5327] do_syscall_64+0xc9/0x1c0 [ 60.634206][ T5327] ? clear_bhb_loop+0x55/0xb0 [ 60.638974][ T5327] ? clear_bhb_loop+0x55/0xb0 [ 60.643663][ T5327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 60.649653][ T5327] RIP: 0033:0x7f6bad7fdff9 [ 60.654064][ T5327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 60.673714][ T5327] RSP: 002b:00007f6bac477038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 60.682175][ T5327] RAX: ffffffffffffffda RBX: 00007f6bad9b5f80 RCX: 00007f6bad7fdff9 [ 60.690144][ T5327] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000006 [ 60.698109][ T5327] RBP: 00007f6bac477090 R08: 0000000000000000 R09: 0000000000000000 [ 60.706072][ T5327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 60.714032][ T5327] R13: 0000000000000000 R14: 00007f6bad9b5f80 R15: 00007fff7ef672e8 [ 60.722002][ T5327] [ 60.740463][ T5331] __nla_validate_parse: 12 callbacks suppressed [ 60.740477][ T5331] netlink: 100 bytes leftover after parsing attributes in process `syz.0.511'. [ 60.779375][ T5329] syz.1.506[5329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 60.779436][ T5329] syz.1.506[5329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 60.790772][ T5329] syz.1.506[5329] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 60.802181][ T5333] wireguard0: entered promiscuous mode [ 60.819001][ T5333] wireguard0: entered allmulticast mode [ 60.848520][ T4283] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 60.856319][ T4283] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz0] on syz0 [ 60.929478][ T5347] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 60.943288][ T5347] batman_adv: batadv0: Adding interface: dummy0 [ 60.949860][ T5347] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.975507][ T5347] batman_adv: batadv0: Interface activated: dummy0 [ 60.987608][ T5347] batadv0: mtu less than device minimum [ 60.993661][ T5347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 61.004528][ T5347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 61.015346][ T5347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 61.026089][ T5347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 61.036803][ T5347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 61.047443][ T5347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 61.058008][ T5347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 61.068803][ T5347] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 61.109480][ T5357] netlink: 100 bytes leftover after parsing attributes in process `syz.4.523'. [ 61.130577][ T4283] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 61.138761][ T4283] hid-generic 0000:0000:0000.000C: hidraw0: HID v0.00 Device [syz0] on syz0 [ 61.305369][ T5384] FAULT_INJECTION: forcing a failure. [ 61.305369][ T5384] name failslab, interval 1, probability 0, space 0, times 0 [ 61.308698][ T5386] netlink: 100 bytes leftover after parsing attributes in process `syz.2.535'. [ 61.318103][ T5384] CPU: 1 UID: 0 PID: 5384 Comm: syz.1.534 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 61.337532][ T5384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 61.347704][ T5384] Call Trace: [ 61.351083][ T5384] [ 61.354017][ T5384] dump_stack_lvl+0xf2/0x150 [ 61.358712][ T5384] dump_stack+0x15/0x20 [ 61.362872][ T5384] should_fail_ex+0x223/0x230 [ 61.367585][ T5384] ? proc_alloc_inode+0x34/0x90 [ 61.372457][ T5384] should_failslab+0x8f/0xb0 [ 61.377060][ T5384] kmem_cache_alloc_lru_noprof+0x51/0x2a0 [ 61.382858][ T5384] proc_alloc_inode+0x34/0x90 [ 61.387629][ T5384] ? __pfx_proc_alloc_inode+0x10/0x10 [ 61.393038][ T5384] alloc_inode+0x3c/0x160 [ 61.397398][ T5384] new_inode+0x1e/0x100 [ 61.401618][ T5384] proc_pid_make_inode+0x1d/0xd0 [ 61.406568][ T5384] proc_map_files_instantiate+0x74/0x120 [ 61.412299][ T5384] proc_fill_cache+0x1b9/0x230 [ 61.417166][ T5384] ? __pfx_proc_map_files_instantiate+0x10/0x10 [ 61.423466][ T5384] proc_map_files_readdir+0x522/0x690 [ 61.428877][ T5384] iterate_dir+0x11d/0x310 [ 61.433303][ T5384] __se_sys_getdents64+0x88/0x1a0 [ 61.438400][ T5384] ? __pfx_filldir64+0x10/0x10 [ 61.443181][ T5384] __x64_sys_getdents64+0x43/0x50 [ 61.448271][ T5384] x64_sys_call+0x29b3/0x2d60 [ 61.452982][ T5384] do_syscall_64+0xc9/0x1c0 [ 61.457553][ T5384] ? clear_bhb_loop+0x55/0xb0 [ 61.462309][ T5384] ? clear_bhb_loop+0x55/0xb0 [ 61.467144][ T5384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 61.473067][ T5384] RIP: 0033:0x7f30ee0cdff9 [ 61.477511][ T5384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 61.497221][ T5384] RSP: 002b:00007f30ecd47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9 [ 61.505675][ T5384] RAX: ffffffffffffffda RBX: 00007f30ee285f80 RCX: 00007f30ee0cdff9 [ 61.513652][ T5384] RDX: 0000000000000ff6 RSI: 0000000020001fc0 RDI: 0000000000000006 [ 61.521637][ T5384] RBP: 00007f30ecd47090 R08: 0000000000000000 R09: 0000000000000000 [ 61.529596][ T5384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 61.537572][ T5384] R13: 0000000000000000 R14: 00007f30ee285f80 R15: 00007ffc54a92de8 [ 61.545536][ T5384] [ 61.611123][ T4283] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 61.629826][ T4283] hid-generic 0000:0000:0000.000D: hidraw0: HID v0.00 Device [syz0] on syz0 [ 61.682295][ T5404] Invalid ELF header magic: != ELF [ 61.753840][ T5412] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5412 comm=syz.3.543 [ 61.839412][ T5413] syz.2.545[5413] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 61.955253][ T5415] netlink: 100 bytes leftover after parsing attributes in process `syz.0.546'. [ 61.987334][ T5417] netlink: 100 bytes leftover after parsing attributes in process `syz.0.547'. [ 62.013134][ T5419] batman_adv: batadv0: Adding interface: dummy0 [ 62.019496][ T5419] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.045171][ T5419] batman_adv: batadv0: Interface activated: dummy0 [ 62.091970][ T5423] Driver unsupported XDP return value 0 on prog (id 296) dev N/A, expect packet loss! [ 62.165358][ T4141] udevd[4141]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory [ 62.216864][ T5440] netlink: 12 bytes leftover after parsing attributes in process `syz.4.557'. [ 62.225946][ T5440] IPv6: NLM_F_REPLACE set, but no existing node found! [ 62.557624][ T5458] Invalid ELF header magic: != ELF [ 62.580095][ T5460] FAULT_INJECTION: forcing a failure. [ 62.580095][ T5460] name failslab, interval 1, probability 0, space 0, times 0 [ 62.592860][ T5460] CPU: 0 UID: 0 PID: 5460 Comm: syz.1.565 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 62.603567][ T5460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 62.613644][ T5460] Call Trace: [ 62.616972][ T5460] [ 62.619903][ T5460] dump_stack_lvl+0xf2/0x150 [ 62.624531][ T5460] dump_stack+0x15/0x20 [ 62.628709][ T5460] should_fail_ex+0x223/0x230 [ 62.633404][ T5460] ? getname_flags+0x81/0x3b0 [ 62.638099][ T5460] should_failslab+0x8f/0xb0 [ 62.642719][ T5460] kmem_cache_alloc_noprof+0x4c/0x290 [ 62.648172][ T5460] ? vfs_write+0x580/0x910 [ 62.652640][ T5460] getname_flags+0x81/0x3b0 [ 62.657494][ T5460] user_path_at+0x26/0x110 [ 62.661920][ T5460] __se_sys_utime+0xc6/0x1c0 [ 62.666516][ T5460] __x64_sys_utime+0x31/0x40 [ 62.671101][ T5460] x64_sys_call+0x15fa/0x2d60 [ 62.675802][ T5460] do_syscall_64+0xc9/0x1c0 [ 62.680336][ T5460] ? clear_bhb_loop+0x55/0xb0 [ 62.685115][ T5460] ? clear_bhb_loop+0x55/0xb0 [ 62.689871][ T5460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 62.695766][ T5460] RIP: 0033:0x7f30ee0cdff9 [ 62.700174][ T5460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 62.719959][ T5460] RSP: 002b:00007f30ecd47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084 [ 62.728399][ T5460] RAX: ffffffffffffffda RBX: 00007f30ee285f80 RCX: 00007f30ee0cdff9 [ 62.737070][ T5460] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000200 [ 62.745050][ T5460] RBP: 00007f30ecd47090 R08: 0000000000000000 R09: 0000000000000000 [ 62.753115][ T5460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 62.761078][ T5460] R13: 0000000000000000 R14: 00007f30ee285f80 R15: 00007ffc54a92de8 [ 62.769132][ T5460] [ 62.796324][ T5456] batman_adv: batadv0: Adding interface: dummy0 [ 62.802693][ T5456] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.829092][ T5456] batman_adv: batadv0: Interface activated: dummy0 [ 62.892055][ T5473] batman_adv: batadv0: Adding interface: dummy0 [ 62.898400][ T5473] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 62.924858][ T5473] batman_adv: batadv0: Interface activated: dummy0 [ 63.006118][ T5482] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5482 comm=syz.1.573 [ 63.049070][ T5488] Invalid ELF header magic: != ELF [ 63.070618][ T5490] loop0: detected capacity change from 0 to 512 [ 63.078761][ T5490] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 63.101223][ T5490] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6 [ 63.194830][ T5497] tipc: Enabling of bearer rejected, failed to enable media [ 63.238846][ T5493] loop0: detected capacity change from 0 to 1024 [ 63.245646][ T5493] EXT4-fs: Ignoring removed nomblk_io_submit option [ 63.259870][ T5493] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 63.791274][ T5516] netlink: 100 bytes leftover after parsing attributes in process `syz.1.585'. [ 63.820774][ T5521] Invalid ELF header magic: != ELF [ 63.883253][ T5528] bpf_get_probe_write_proto: 5 callbacks suppressed [ 63.883263][ T5528] syz.3.590[5528] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 63.890331][ T5528] syz.3.590[5528] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 63.901695][ T5528] syz.3.590[5528] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 63.944474][ T4213] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.068202][ T29] kauditd_printk_skb: 407 callbacks suppressed [ 64.068216][ T29] audit: type=1326 audit(1729623816.180:2157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5527 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe12e66dff9 code=0x7ffc0000 [ 64.099591][ T29] audit: type=1326 audit(1729623816.190:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5527 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe12e66dff9 code=0x7ffc0000 [ 64.122965][ T29] audit: type=1326 audit(1729623816.190:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5527 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7fe12e66dff9 code=0x7ffc0000 [ 64.146343][ T29] audit: type=1326 audit(1729623816.190:2160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5527 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe12e66dff9 code=0x7ffc0000 [ 64.169640][ T29] audit: type=1326 audit(1729623816.220:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5527 comm="syz.3.590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe12e66dff9 code=0x7ffc0000 [ 64.192670][ T5545] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5545 comm=syz.4.596 [ 64.193337][ T29] audit: type=1326 audit(1729623816.250:2162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.4.596" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc41bebdff9 code=0x0 [ 64.228067][ T29] audit: type=1326 audit(1729623816.290:2163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.4.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 64.251464][ T29] audit: type=1326 audit(1729623816.290:2164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.4.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 64.274886][ T29] audit: type=1326 audit(1729623816.290:2165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.4.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 64.298427][ T29] audit: type=1326 audit(1729623816.290:2166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5543 comm="syz.4.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc41bebdff9 code=0x7ffc0000 [ 64.394906][ T5549] netlink: 100 bytes leftover after parsing attributes in process `syz.3.598'. [ 64.418480][ T5551] Invalid ELF header magic: != ELF [ 64.629217][ T5565] program syz.2.605 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 64.665292][ T5561] syz.3.602[5561] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.665390][ T5561] syz.3.602[5561] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.672911][ T5569] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 64.698356][ T5561] syz.3.602[5561] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 64.807851][ T5591] netlink: 100 bytes leftover after parsing attributes in process `syz.1.610'. [ 64.850240][ T5597] Invalid ELF header magic: != ELF [ 65.064615][ T5645] netlink: 100 bytes leftover after parsing attributes in process `syz.4.622'. [ 65.404431][ T5650] Invalid ELF header magic: != ELF [ 65.539797][ T5671] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5671 comm=syz.3.630 [ 65.560745][ T5676] syz.2.632[5676] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 65.560887][ T5676] syz.2.632[5676] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 65.573536][ T5676] syz.2.632[5676] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 65.795681][ T5711] loop0: detected capacity change from 0 to 512 [ 65.819626][ T5711] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 65.845188][ T5711] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6 [ 65.952361][ T5733] netlink: 100 bytes leftover after parsing attributes in process `syz.1.643'. [ 66.001478][ T5730] syz.0.634[5730] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.006970][ T5730] loop0: detected capacity change from 0 to 1024 [ 66.025066][ T5730] EXT4-fs: Ignoring removed nomblk_io_submit option [ 66.040816][ T5730] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.659481][ T4213] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.792903][ T5769] net_ratelimit: 61 callbacks suppressed [ 66.792914][ T5769] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a [ 66.906756][ T5779] netlink: 100 bytes leftover after parsing attributes in process `syz.0.662'. [ 67.031448][ T5799] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5799 comm=syz.1.668 [ 67.055910][ T5803] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a [ 67.580032][ T5822] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 67.593282][ T5822] batman_adv: batadv0: Adding interface: dummy0 [ 67.599802][ T5822] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 67.625140][ T5822] batman_adv: batadv0: Interface activated: dummy0 [ 67.643710][ T5824] netlink: 100 bytes leftover after parsing attributes in process `syz.2.680'. [ 67.733819][ T5829] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 67.786153][ T5841] Invalid ELF header magic: != ELF [ 67.843253][ T5850] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 67.908967][ T5859] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a [ 67.934323][ T5859] batman_adv: batadv0: Local translation table size (116) exceeds maximum packet size (-320); Ignoring new local tt entry: ba:00:00:40:00:00 [ 68.015204][ T5871] Invalid ELF header magic: != ELF [ 68.085468][ T5881] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5881 comm=syz.0.701 [ 68.620808][ T5886] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 68.694728][ T5891] FAULT_INJECTION: forcing a failure. [ 68.694728][ T5891] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 68.707881][ T5891] CPU: 0 UID: 0 PID: 5891 Comm: syz.2.707 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 68.718549][ T5891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 68.728912][ T5891] Call Trace: [ 68.732174][ T5891] [ 68.735092][ T5891] dump_stack_lvl+0xf2/0x150 [ 68.739754][ T5891] dump_stack+0x15/0x20 [ 68.743889][ T5891] should_fail_ex+0x223/0x230 [ 68.748585][ T5891] should_fail+0xb/0x10 [ 68.752733][ T5891] should_fail_usercopy+0x1a/0x20 [ 68.757790][ T5891] _copy_from_user+0x1e/0xd0 [ 68.762383][ T5891] copy_msghdr_from_user+0x54/0x2a0 [ 68.767613][ T5891] __sys_sendmsg+0x171/0x270 [ 68.772235][ T5891] __x64_sys_sendmsg+0x46/0x50 [ 68.776985][ T5891] x64_sys_call+0x2689/0x2d60 [ 68.781645][ T5891] do_syscall_64+0xc9/0x1c0 [ 68.786133][ T5891] ? clear_bhb_loop+0x55/0xb0 [ 68.790825][ T5891] ? clear_bhb_loop+0x55/0xb0 [ 68.795488][ T5891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.801369][ T5891] RIP: 0033:0x7f2c5a7cdff9 [ 68.805830][ T5891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.825516][ T5891] RSP: 002b:00007f2c59441038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.834021][ T5891] RAX: ffffffffffffffda RBX: 00007f2c5a985f80 RCX: 00007f2c5a7cdff9 [ 68.841975][ T5891] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 68.849931][ T5891] RBP: 00007f2c59441090 R08: 0000000000000000 R09: 0000000000000000 [ 68.857904][ T5891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.865918][ T5891] R13: 0000000000000000 R14: 00007f2c5a985f80 R15: 00007ffedc0b30f8 [ 68.873892][ T5891] [ 68.949365][ T5897] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 69.011656][ T5904] Invalid ELF header magic: != ELF [ 69.055620][ T5914] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 69.144420][ T5921] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5921 comm=syz.2.718 [ 69.243374][ T5922] bpf_get_probe_write_proto: 14 callbacks suppressed [ 69.243389][ T5922] syz.1.720[5922] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 69.250257][ T5922] syz.1.720[5922] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 69.261759][ T5922] syz.1.720[5922] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 69.718798][ T29] kauditd_printk_skb: 271 callbacks suppressed [ 69.718812][ T29] audit: type=1326 audit(1729623821.840:2438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5892 comm="syz.0.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bad7fdff9 code=0x7ffc0000 [ 69.760171][ T29] audit: type=1326 audit(1729623821.840:2439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5892 comm="syz.0.708" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bad7fdff9 code=0x7ffc0000 [ 69.974998][ T29] audit: type=1400 audit(1729623822.090:2440): avc: denied { tracepoint } for pid=5933 comm="syz.4.725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1 [ 69.994744][ T29] audit: type=1400 audit(1729623822.090:2441): avc: denied { sqpoll } for pid=5933 comm="syz.4.725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 70.013986][ T29] audit: type=1400 audit(1729623822.090:2442): avc: denied { create } for pid=5933 comm="syz.4.725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 70.023529][ T5941] Invalid ELF header magic: != ELF [ 70.034242][ T29] audit: type=1400 audit(1729623822.090:2443): avc: denied { bind } for pid=5933 comm="syz.4.725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 70.078411][ T29] audit: type=1400 audit(1729623822.180:2444): avc: denied { setopt } for pid=5933 comm="syz.4.725" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 70.098479][ T29] audit: type=1400 audit(1729623822.190:2445): avc: denied { write } for pid=5933 comm="syz.4.725" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 70.196236][ T5948] FAULT_INJECTION: forcing a failure. [ 70.196236][ T5948] name failslab, interval 1, probability 0, space 0, times 0 [ 70.209002][ T5948] CPU: 0 UID: 0 PID: 5948 Comm: syz.1.728 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 70.219605][ T5948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 70.229657][ T5948] Call Trace: [ 70.232934][ T5948] [ 70.235855][ T5948] dump_stack_lvl+0xf2/0x150 [ 70.240495][ T5948] dump_stack+0x15/0x20 [ 70.244653][ T5948] should_fail_ex+0x223/0x230 [ 70.249379][ T5948] ? getname_flags+0x81/0x3b0 [ 70.254061][ T5948] should_failslab+0x8f/0xb0 [ 70.258664][ T5948] kmem_cache_alloc_noprof+0x4c/0x290 [ 70.264068][ T5948] getname_flags+0x81/0x3b0 [ 70.268585][ T5948] getname+0x17/0x20 [ 70.272492][ T5948] do_sys_openat2+0x67/0x120 [ 70.277071][ T5948] __x64_sys_open+0xe6/0x110 [ 70.281649][ T5948] x64_sys_call+0x1321/0x2d60 [ 70.286421][ T5948] do_syscall_64+0xc9/0x1c0 [ 70.290924][ T5948] ? clear_bhb_loop+0x55/0xb0 [ 70.295607][ T5948] ? clear_bhb_loop+0x55/0xb0 [ 70.300340][ T5948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.306249][ T5948] RIP: 0033:0x7f30ee0cdff9 [ 70.310655][ T5948] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.330385][ T5948] RSP: 002b:00007f30ecd26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 70.338875][ T5948] RAX: ffffffffffffffda RBX: 00007f30ee286058 RCX: 00007f30ee0cdff9 [ 70.347008][ T5948] RDX: 0000000000000000 RSI: 000000000014927e RDI: 0000000020000180 [ 70.354978][ T5948] RBP: 00007f30ecd26090 R08: 0000000000000000 R09: 0000000000000000 [ 70.363037][ T5948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 70.371023][ T5948] R13: 0000000000000000 R14: 00007f30ee286058 R15: 00007ffc54a92de8 [ 70.379045][ T5948] [ 70.493879][ T29] audit: type=1400 audit(1729623822.610:2446): avc: denied { create } for pid=5967 comm="syz.1.736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 70.514803][ T29] audit: type=1400 audit(1729623822.640:2447): avc: denied { bind } for pid=5967 comm="syz.1.736" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 70.678975][ T5983] FAULT_INJECTION: forcing a failure. [ 70.678975][ T5983] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 70.692111][ T5983] CPU: 0 UID: 0 PID: 5983 Comm: syz.2.740 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 70.702815][ T5983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 70.712872][ T5983] Call Trace: [ 70.716147][ T5983] [ 70.719077][ T5983] dump_stack_lvl+0xf2/0x150 [ 70.723720][ T5983] dump_stack+0x15/0x20 [ 70.727915][ T5983] should_fail_ex+0x223/0x230 [ 70.732669][ T5983] should_fail+0xb/0x10 [ 70.736849][ T5983] should_fail_usercopy+0x1a/0x20 [ 70.741944][ T5983] _copy_from_iter+0xd3/0xd20 [ 70.746688][ T5983] ? __alloc_pages_noprof+0x1bc/0x340 [ 70.752064][ T5983] copy_page_from_iter+0x14f/0x280 [ 70.757204][ T5983] pipe_write+0x444/0xd20 [ 70.761541][ T5983] vfs_write+0x76a/0x910 [ 70.765787][ T5983] ? __pfx_pipe_write+0x10/0x10 [ 70.770666][ T5983] ksys_write+0xeb/0x1b0 [ 70.774963][ T5983] __x64_sys_write+0x42/0x50 [ 70.779631][ T5983] x64_sys_call+0x27dd/0x2d60 [ 70.784319][ T5983] do_syscall_64+0xc9/0x1c0 [ 70.788869][ T5983] ? clear_bhb_loop+0x55/0xb0 [ 70.793547][ T5983] ? clear_bhb_loop+0x55/0xb0 [ 70.798235][ T5983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.804265][ T5983] RIP: 0033:0x7f2c5a7ccadf [ 70.808680][ T5983] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 70.828303][ T5983] RSP: 002b:00007f2c593fcd30 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 70.836710][ T5983] RAX: ffffffffffffffda RBX: 0000000000000029 RCX: 00007f2c5a7ccadf [ 70.844675][ T5983] RDX: 0000000000000029 RSI: 00007f2c593fcf30 RDI: 0000000000000002 [ 70.852667][ T5983] RBP: 00007f2c593fcf30 R08: 0000000000000000 R09: 0000000000000000 [ 70.860722][ T5983] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000029 [ 70.868687][ T5983] R13: 00007f2c5a95b620 R14: 0000000000000029 R15: 00007f2c5a95cc80 [ 70.876714][ T5983] [ 70.924699][ T5988] netlink: 100 bytes leftover after parsing attributes in process `syz.2.743'. [ 71.110892][ T6007] FAULT_INJECTION: forcing a failure. [ 71.110892][ T6007] name failslab, interval 1, probability 0, space 0, times 0 [ 71.123625][ T6007] CPU: 0 UID: 0 PID: 6007 Comm: syz.2.749 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 71.134223][ T6007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 71.144276][ T6007] Call Trace: [ 71.147555][ T6007] [ 71.150484][ T6007] dump_stack_lvl+0xf2/0x150 [ 71.155087][ T6007] dump_stack+0x15/0x20 [ 71.159231][ T6007] should_fail_ex+0x223/0x230 [ 71.164041][ T6007] ? __alloc_skb+0x10b/0x310 [ 71.168638][ T6007] should_failslab+0x8f/0xb0 [ 71.173216][ T6007] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 71.179026][ T6007] __alloc_skb+0x10b/0x310 [ 71.183471][ T6007] audit_log_start+0x368/0x6b0 [ 71.188232][ T6007] audit_seccomp+0x4b/0x130 [ 71.192798][ T6007] __seccomp_filter+0x6fa/0x1180 [ 71.197771][ T6007] ? proc_fail_nth_write+0x12a/0x150 [ 71.203056][ T6007] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 71.208768][ T6007] ? vfs_write+0x580/0x910 [ 71.213312][ T6007] ? __fget_files+0x1d4/0x210 [ 71.217994][ T6007] __secure_computing+0x9f/0x1c0 [ 71.222938][ T6007] syscall_trace_enter+0xd1/0x1f0 [ 71.227970][ T6007] ? fpregs_assert_state_consistent+0x83/0xa0 [ 71.234059][ T6007] do_syscall_64+0xaa/0x1c0 [ 71.238615][ T6007] ? clear_bhb_loop+0x55/0xb0 [ 71.243305][ T6007] ? clear_bhb_loop+0x55/0xb0 [ 71.247998][ T6007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.254003][ T6007] RIP: 0033:0x7f2c5a7cdff9 [ 71.258492][ T6007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.278217][ T6007] RSP: 002b:00007f2c59441038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e0 [ 71.286696][ T6007] RAX: ffffffffffffffda RBX: 00007f2c5a985f80 RCX: 00007f2c5a7cdff9 [ 71.294663][ T6007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 71.302763][ T6007] RBP: 00007f2c59441090 R08: 0000000000000000 R09: 0000000000000000 [ 71.310849][ T6007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 71.318813][ T6007] R13: 0000000000000000 R14: 00007f2c5a985f80 R15: 00007ffedc0b30f8 [ 71.326780][ T6007] [ 71.378730][ T6018] netlink: 100 bytes leftover after parsing attributes in process `syz.2.755'. [ 71.415765][ T6023] syz.2.757[6023] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 71.415863][ T6023] syz.2.757[6023] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 71.427718][ T6023] syz.2.757[6023] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 71.444119][ T6024] ================================================================== [ 71.463402][ T6024] BUG: KCSAN: data-race in __kernel_write_iter / set_task_ioprio [ 71.471130][ T6024] [ 71.473447][ T6024] write to 0xffff88810148ba38 of 8 bytes by task 6014 on cpu 0: [ 71.481071][ T6024] set_task_ioprio+0x240/0x260 [ 71.485834][ T6024] __se_sys_ioprio_set+0x246/0x580 [ 71.490948][ T6024] __x64_sys_ioprio_set+0x43/0x50 [ 71.495971][ T6024] x64_sys_call+0x2bcf/0x2d60 [ 71.500644][ T6024] do_syscall_64+0xc9/0x1c0 [ 71.505144][ T6024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.511046][ T6024] [ 71.513362][ T6024] read to 0xffff88810148ba38 of 8 bytes by task 6024 on cpu 1: [ 71.520899][ T6024] __kernel_write_iter+0xe8/0x4e0 [ 71.525933][ T6024] dump_user_range+0x3a7/0x550 [ 71.530701][ T6024] elf_core_dump+0x1b66/0x1c60 [ 71.535554][ T6024] do_coredump+0x1736/0x1ce0 [ 71.540144][ T6024] get_signal+0xdc0/0x1070 [ 71.544569][ T6024] arch_do_signal_or_restart+0x95/0x4b0 [ 71.550201][ T6024] irqentry_exit_to_user_mode+0x9a/0x130 [ 71.555863][ T6024] irqentry_exit+0x12/0x50 [ 71.560281][ T6024] asm_exc_page_fault+0x26/0x30 [ 71.565134][ T6024] [ 71.567455][ T6024] value changed: 0x0000000000000000 -> 0xffff88810121e170 [ 71.574562][ T6024] [ 71.576878][ T6024] Reported by Kernel Concurrency Sanitizer on: [ 71.583112][ T6024] CPU: 1 UID: 0 PID: 6024 Comm: syz.3.753 Not tainted 6.12.0-rc4-syzkaller-00045-gd12937763990 #0 [ 71.593694][ T6024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 71.603747][ T6024] ==================================================================