last executing test programs: 49.713368729s ago: executing program 0 (id=3755): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$RDMA_USER_CM_CMD_CONNECT(r0, &(0x7f0000000700)={0x6, 0x118, 0xfa00, {{0x42d, 0x8, "55e12a986681d25a85f623ad88e3536274563b8baf9ba2ae4beca9bcfe1de83b889be15c0ce1b4b58b83fe5fb3241c9374dc0f84194da8008a9b5459c46746f20acd44dc76dab9c331c6b7720c44349bd44917d8dfe9b22c068ea018c7c992757aca3986281640192a18d7bab4dd59aa4ebe15302400736d27d7f3baeb4b7a0aefe940a24d97e60da362b7deeef197e8e19210f0412438c1bc71593331797a9b65df52294f3c25bfe2774e609bd1992740463290358320f7665c1de6f538fc755bf93abc2758d72fadf692469dc0d096f8be064dca7738c568b557eaa854b0ddb0de6e72b52787153088968f2dbeae274d9fc437a0043a8662b58f7ba9b6400e", 0x5d, 0x6, 0x6, 0x3, 0x8, 0xb2, 0x91, 0x1}}}, 0x120) (fail_nth: 3) 49.266796278s ago: executing program 0 (id=3757): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000080)=ANY=[], 0x38}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="01072be07000fcdbdf253400000008000300010000d2"], 0x1c}, 0x1, 0x0, 0x0, 0x2000004}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94) r5 = socket$kcm(0xa, 0x922000000003, 0x11) recvmsg$kcm(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000340)=""/4106, 0x5a8}], 0x10}, 0x0) getgroups(0x6, &(0x7f0000000140)=[0xffffffffffffffff, 0xee00, 0x0, 0xee00, 0x0, 0x0]) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0x3) getresgid(&(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)) splice(r2, &(0x7f0000000300)=0x8000, 0xffffffffffffffff, &(0x7f0000001380)=0x8, 0x2d6f, 0x5) r7 = socket$unix(0x1, 0x1, 0x0) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) r8 = socket(0x10, 0x3, 0x0) connect$netlink(r8, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) sendmsg$nl_route_sched(r8, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000040}, 0x0) 49.236313208s ago: executing program 0 (id=3759): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000140)=@framed={{}, [@printk={@p, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x5}, {}, {0x85, 0x0, 0x0, 0x73}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="880000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b03000000000000600012800b00010067656e6576650000500002800500080000000000040006000500090001000000050003000900"], 0x88}}, 0x0) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) syz_clone(0x1000, &(0x7f0000000200)="a634c5790163dfa2ebef48288b9015bb8f3449bafcc5f83ac90818b9b3063cd13855483af0", 0x25, &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)="0059b22ba897851aa65889113f44a8c1d92c9d64468787c15b7a73a5c4c95ed7affb1b87e40134") (async) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) (async) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0) r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) (async) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x0, 0x1}]}, &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4) 49.166240338s ago: executing program 0 (id=3760): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="002918d910d46be7099c66b02010b1f0b7c3dc1dabe625969fb0adc922385af53d57a1d35dd71c90d9dd649b53142dd3d4108b4c7db82e8475d5bb6fa2fa626cd92c7326ce1ba2f33b0aef2b2164e01d910058b51684696959ea7f5a607a6572d2640cf9312a07000000260e3651a0cbfd2c080990fb4c76e9e613a759863734a70d0600ec77e8ba76aacbb21e4b903aa4873a9951f269a9c0f87805a1a0cbdf6b8644a1de05a8d9dd9687d67c8af7f68cb59e60d1fbefb49b93d6b72cce4162edc4468a13987d94d428df36915621aeff6dc1358a7331fa69e05c417c2e1e6b8dc29c496c76d02dfc2d7b48616fb3f01b221f4f8f484a00090964922de8909a1f9f7ef655a12a68a56cb341a8fba4cd81cedec9cb518d13d2a2564427b63b037494748a24daa21fe1256df68d000b2778bf0437cc642cd83c5a1b34eeffdf93ecbd85bb340eeef68dd60101769c74f94d217264c171feea0305bfc87c36247d90b129a9973f00000001d99b195d2f75653a0193672783c6dbca5d1445110621d8095064f0a034f492cf5aa4767a772d6f4967722546bfd83d3202f76c20a9d7f40f9e7818d77129df7fd072804e0227ecaa03dddd303a318d6f7763ce011543587e6a306780ca2f37db7e8a5b64a5059ac91ff2110e40ea13d70e1504653ba9eebcf61b427797fb3fd79d2bb9aaa13c9729fe323c4ac222991981381e004684fb200b17d2f6ede181067662ad8a31f45b613869ca8fc5b1dbe62407a1f6dcb86a4c430210e9bcfca9b83283b87316c4d17f388e0bab0500000092a82e12f8e5348f11e7739033e9081bfc598746cf032fa55d0300470000000019ac65f89ca7d96da3ca2db52f8ec80462fddf42dbbca24b720000000000000000000000000000005214e7febdbc00"], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=") r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) statfs(&(0x7f0000000080)='./file0\x00', 0x0) r2 = openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) write$selinux_create(r2, &(0x7f00000002c0)=@access={'system_u:object_r:hald_mac_exec_t:s0', 0x20, '/usr/sbin/cups-browsed', 0x20, 0x2}, 0x51) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x8264, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_bp={0x0, 0x2}, 0x2018, 0x0, 0x200, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = epoll_create1(0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_TYPE={0x5, 0x2, 0x83}, @NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x84}}, 0x0) r5 = eventfd2(0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000b80)) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r5, &(0x7f0000000180)={0x20000005}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x2, &(0x7f0000000480)='\\', &(0x7f00000004c0)="d302", 0x1, 0x0, 0x9}, 0x50) socket$kcm(0x2, 0xa, 0x2) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000440), 0x10) ptrace(0x10, r6) vmsplice(r4, &(0x7f0000000280)=[{&(0x7f0000000d00)="8788448c5cadd230a2ce1b3f281963fbaedd820253c05e9582275d5a511248370619a6cc9d3658dd1fa80fe8d44a95718235bc36a5d28c26a8586e4d6b2392a44a442f001f14f2c871a7fc6c2d6680081f26e01fa67e1103a4e7542abba7f2e8a2130409c6965de4766db6dad0f844a0c7028e83e48f51fba7dc2825e0e5bc3cc085e63cfc71c00c5866553ca507e39638c5ae6ce2c40782e0dda7ee9d458fc43826ccf7ed9d17e1318e6a755f44ae413353684e39ddb49d06fdb6d49fa0afe6bbfad29b1bdbe74a9d3445083198bb04d23001a541c21c1966f415cb0a5e8f7a6251ca3b88f6cab998cbd8a466227facd2bd03d15b3ecc14f0b7948c3c3890dc480873f1f59577a86d832b3b553f716e112f42ccdf0ab052c55cc6c858e77348a42816e19a55edc936036f4748fa88971ead616a1cb29f7e9957612d24d637026eed71b32894782e20335081ba1407e24de0475b9cff6f659e7918f4394f3f2e0045585a3e3a7e5490b8d9b79ab145c621ce94ff5cc779da8cbd7af9ccffc2c97a38da60bc6b885d8ab820df0eb44c206a52ec52cf7a3601bc6a7e08d79c4e3f7e60b6704e15a0dc4f3324124aecdc9d76975532c82de985c0e1150ff24fe69f64a6f441d45c0ce3cff5fac7398f372c91f07fcd1f93cbab7440159e0b7090deb1d724e3855b85ed0efc8b5056177afc5d71af317e50c58874c67263564293c451abfdcd3664042f6c4fc1ae3a3cd511f2267f962273ff46080254b69015a9378244cff7eafea9b5531b022dabba038826573d303c65286a7ee7feb13e0ac44d52a9fe2bd2fe27b5659a10f07793ec368072632fe0220529503e1650aea99a8f6a916da3086e301233bab9400d9d4aee0b8348ab1a9dcf017bee132bc9e2e94be0c79b3136b4a598839ba54e44627045ff376e8033499231b6f8068c02a05996659a520b66c243a8a9b8d7ab6e58a46e655e7f5dee5f1945c4a35de0b93dd47eb07aa01bc9261260f277bbe60837f0ada2f329d8d02557b4c0f71bdaacf6ccf8b2772c7b3ee0a02412ca7cbba6ee06c9a35f4407a78cde66cab5eb2996e5dbb3222a689dcf9631f717de3bd1a80484c718b9f936abeb020b2c2324604eea23910cc5c19b720abd9c7a4e0b864e4b197c6784e910b9071810a969e60c8c3b3465d9f193c527061ec036578b65d3bdb7970a567b59699f13186dfa264d28076f343ef36358c458cb73ad7c796b901f17acbfad5e4caeb8c1f56ffa82112880e5ee162164e20007660604eb355b26517a08f94132b7e4d6333ef0e4c9ca247c64de3271ea9714ab77b2640679c0a00a83a676acf5ef0bd627e121c1ad10faae86a4b3bdb8be976db4aafe9e5af791ff04f64d4579fce342009e1e6d7188e5cb006be67c54e6445983e16ce1d7298ef916364b9ec9fbf675e15c8f91d25457f52e85295ad0921c48692d99efc836157282514a775d31cbb91bf2d82cee2e218fa4e96d0dfbce93b8cfd10127ea5df08617b4818c92e02e3eb532dd90ed16f6df2acb548c676e6c3ff4270c34b93d23063892d688221216ec8e9386a8bae1a8678208420723b1be6ece80682ea96189fe19625abe8a86ccc49ed47601320a813a579af08ea5494b576e141171272ecc2b090c465352a0472972e5ed039d7366eb9ecdb1f86c04b60c8b99d801d4405d11b2e45095a0cbba1ad5c8f17a57286a3b9aee38e450fe5e3be85b9cda02baad449d9128fb69d35b676e309811ca23da7b4be4bde876afb188db843ac4bcb6eb551000a254fd872fd68a3ada726dd9cae78f7bd19eaa30bd391d8a15663c41acfc6393e3a9b7bff2368e2ed1f7cf8173eaf133cbeb932657dd190e6a9412f665113c46dc97e6ccf4ea6c8fc81c019753bc7ec92bad07d0c1cf63c8fc594c9404fda8cd2b98930ffb4aa6bfddf85d5022ffba5abc3f26f2a848e3a571c27963e62c2e9bc23c3ecf9dc079fba38c8ef74bad8f26271b5afc9089601922818781559ab6bf1eda9f5f506368177ef87eb3690191e2fdda1979a666e9a83c796871311d82a8232c52d6a3c924f893ff4efd47cd45f1d8b4ee6523868d82456be6e74881e7599b9630feb71f3158551fec2a3b9233b3b38dde6adbc26d731bcd6df07555834426efa05b85e5c6cb68038ee132503442718dec1233a789ee4054330ee44d8e0628c68db507e51b3e4cc27637ef33a116519c674e2ca7e08ccc2bef618178e03e7845e87668587b387bdb1df7c1667d22c2317e2a2577ccd870a04590906af2c968f4a9fe46a22bf259ceada4893383d228fb2ab057657740afa52e73c3a45004d21970f1abc43abcd25ff19bf28a169ca8bd0ad1876d917b228dea7e7e626110b2bafc893b46bb3daa10987e607f650a4b86480b9e448a744c3835a1baa193676b1fec2f6635f97050f75b10d8b426c5b046de104472498d273c60d8fb6130a0b0623bba2ac25a038377756722a01bd8e841df7b56253442c97d4db956449f7a06062d25934da85a76b841d3dc1322353d93f45667117e9fcd3d43ecf2e53585d81258a62c08707b69987d9d4a7e3bc7ea78c5ebf1f040b8194f7d237c8dc5c912ba6fc2b59ad7789e964fcaddcc5d9e27eff599fe44dcb6fc3791084dd2661f77c0b8ae01afb1a64bde7a10781fe6c46713256738632d405896105aa0edc7667bdfba1de6e69348377e26a25eb4d81cf06540c7cec5d2a551e55656ad2fd0f2348e89febcf3fd5a9723253e3bfc2c8cbeba8bbd589e0fb897f7a49d7c084d91a3de9544554404676caa8857a175fc50a6911294774adb6b33ca5b413d074fe901ef167cd0be6dec19b634ab858a8757bc0a5fcb438adc7d850bf8ca02d95f3ab287a030dfbe3db23a4731b7bae7279c542080d48c7df5e5d4df2973f15fbc45628f69981f8c0a119e1c3b8bba38d70d39c6787b2cba8ab5e65080c51f31d8d75d1a767c0b224896d7067ab9b6b0407956f0244a85230df3460b87c51f6011838ec74a7b7fc51045b98a18c4598114d8ac63d2ec568b9ef2fb7fed5e5e07250e8bf5c82c4c54a27a03cfcdff8e41041803e22ee7c4c6725f7427e0a81a3ff35062d8dba91f4afd4d816edd18bd2a529323b2b9af7588cc6efaddb4b6a82ec6958167b9d16083906887459b2dd0ffda758ccd8eeda9cc85b30c9b1d4bfcf279ce6a1783bd59b207aecb24654ecb53a4f7a70bc19de96239907a0335b20ee69b3a12b8949a12ffc8868d1d8a584a68e4aac0fb933f75693389ea6fe9ec594e4f92bc404fe60a86ed46dd2ff0022718256d8c409fad0b6919324efef437ecead888707480a23e87be0e2d5bb7a2663b0ac0183d96cca14064111425bfd0fd552a477f8416b8982d7d84ab88df64d842954e16831db28dfd65dd83fc770ba98e06eceb050afff5c606088a781c37dd99ce108650e1ba1c8d0cbbc980f34a8d530b16d373a5e4819c3f10f5c4f1bd7478dd1a405772daedfc00f98513772aea2349c953dc60ba5e272f174c75ed2cd58ff22ea8a6cef1348ec4e8ff97a03b1a9766555547eb75d33c15bc32333d7b00d40e6934aadf52822b585893217b127d9c46d886310a7d90e6bdd0b4a04170af3b7359f59d76ec3821b8607d31ba066197f98789563fe88479d1a03373c78a61559ef624ced5c731e6f1201038712d0a7602265da2bd706c795532e883aa7ac274429593cf40c32d1a05431a2626ba7cc575bc47b96d758adef29f5946dc79b825f17f670059a2358e125263d5fbd1c39587f8dd801c3d3e980f03f9be873143819c40b2638137b97f7ced580b3e3c69b5712c2afdccecdc6424e4c14339a9facdcc6206f8be2b078f8f861c7d89111d86fc6ce28ad3f1a0fd41ba849ed7d0acfffcf62d25c9b646fc1a2b9639d34b33fb9d7d2471d31b46d608c7b8cc972e7d1eb06938832eb03b459c89e412db58baf32570421053ff9c8079d9c7713a383cd02f6a8a3fe080065c54b7ae6856ea9e76d0f4c1ae6ed66fc98a3fa6195f8b053b0d85551743e9b5092cde3b51bec47cdb24080da78b2e7a3894bc4576873c81ae6ea9321e3fa7d3a509d0361d35b9615daf544d276a53c3f6a19361a47f7022606f36b7daf8e2debd68dd0f423236c707b7aec0b6e6642923d4f08153d722eae90314397d2d27a657ca5d02eef5741c1c090cb53205bfbf788eaa4910ada47773758a69c0c96e2c4176380a801437ff25144ce61cb0565885133b0efce16153b3d413f0ff3c60ee05dbc4b7fba9815eb3ebe7fc3825be7d4d04a5a4b371b1e5020b24cd052befa95292d147ab172481883583ddde67b04d7b56924dd5cf50d0980e65c8b4ea41fb9d79feec3e9c255c869a8347ebfa3ea73674a12c9b952c7990a4789b90a0a26533b289d646557a226b9162cd418c1625cac65e1178ccbe998b4559b3ecf90e5ad29128dec08905d9c886f4da3c9cd08d9076bd70788de5f4d4b7a4f1c413a3747b561fc41caae0081ce8f98cf7c37c5cb05e9b50d7cd948c66fddc7c957e184a1a44e529f281e199ec0f60b6f6ee9aa0fc8ab3e1ad68b7e95fb19cdcf5f633dac4bba8d06fca2a6aed30bd43d736544c1fe1cf7ee6facc5df1a47b4c40bfe6e46bd776100acda5f7dbacb2930c3d7bf8fd09d4823e2dec02faf49e4a7d70de3ef93a5db0e2f0da66562e36219af10854cd375315815411f14eea3b7c9b096f3fdc02730fd6e7edd6cc05f0f09ba58a3e3c57fd9cc30f4824587dc7a810a2403bc1610bdb00e7c928160ec8e96eace6786dfb6a566d74d299d2d5cae5fbf1c85cc253aa71edd087b2befc876907eb968fd4ac589919f8c5d508321133bbbca32de2482525c7622c5bc4c878535f9b826cffbafc3824a7b01c15a13d10d0e07886888e99ec0f9b4a70b16e0a8308c4f950ded7895bb02f03900796427ef69dc140aacdc1d01766c91598b3ffc34749ba297b571d4d4fe0ed8ada24e8983bba1512b5fcf012b11dc1d3149f643233a4e809b95c59cae82db88efaefe530c134e3d3c25b0bc278b349080b07a9d0503d2f57cca3836d5d87674ddce098f7eb081e49cb0541d429b95436069ad1582df262f55217116ff1383ba1abe0f5ef2dfb938f19010ef946456efc10407900cecf1f8d406605bf4cb1cdcb333bdbce145e55390a3f42156d92f65bce56b2a94dab3e44b354a180403ea120c024c53c5348e63308d29896363e554c6f8b7afd2ef964d9a18474c1bbf3dbbc003c6409f40200b61e8991438e9eca1cae776f7e9de706434ce7a012b9ce34d6b60a22f77c171fcbe107b649e4b508cb16fc717f1bc72b51b7673e395efc5a9dcc3da5c3d6eabe35809a1c39f830e80973d3b0df5cb816c570504dc7e046a927d1f11bfab04bee034d9e854b4ccac6a59e5aa6db1e5bd5e05e753db92b2f9ca9baa8e39fc78317f4137574f33788f1557d9924702d40553d2a9a8428cef51645da81e6111814d7ceccc9281b3d962f164d5e73012da8f49199ee844d27324769f1ae8af771ad0d19c89d17e8af261823f96a5c75bf1cb322705e54c4697f83444609d34eb3bdea1b46266477672e156e25b01460e1de87238b066f5ca67f63adca37348b9f6e35263bad5f75a8841bf2cac925d2b5db7b6db188e0ffb761379df2795d6a706643c896f6588ee24180f3d23e732ae213a6f3773aa1d042aa8b11fe28302c3cbef40e9adc8d059b8a581f664591055e5956bdf07dd340e1a84dfeabb1e381bfd43e9f530a3d5c632bb75a96db7424bfa99ccddbd6fa357b4f5bce3be0d9", 0x1000}, {&(0x7f0000001d00)="9b7fad1f46541ff545355cb96b2ae881ad924c30c2c4d32512cc796532602a42520a3a1bad354590c92be53fb31ab6011d902a25941148f5242a06338e3436117cb7eda4b1fc01703b53709a7fdb34a004dabd4b0a74701773f4049261487ede667e27b2337d7ebeb589df1862014016b23d33589655b0a2d0c04e1aa0425c756ea1249a00b6a1147b73ed4338035abffc758d416cac27754f4f2da6973a310a1486acf49d4e91aebc05f4a422ab16afaaf71d387699cc84624117987ac772c946aec610d1d70f97f7fa9d79255e26a19796920e9d48f87747595bca4e85075e", 0xe0}, {&(0x7f00000003c0)="82c061dfacc5fb751a2f8168c6188b87f41cf72b98016d65b9d2f13bde757ed59220dfeb841b72caad60f464a43252e7eb58a5507a931173027c4215a6b72d2d686abaf4bc2e86", 0x47}], 0x3, 0xd) ptrace$setregs(0xd, r6, 0x0, &(0x7f00000003c0)) r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) close_range(r7, 0xffffffffffffffff, 0x0) ptrace$getregset(0x4204, r6, 0x201, &(0x7f0000000240)={&(0x7f0000000580)=""/254, 0xfe}) 48.952570048s ago: executing program 0 (id=3766): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x6d53, 0x10100, 0xfffffffe}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27}) bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r5, 0x215bd000) io_uring_enter(r2, 0x567, 0x60, 0x0, 0x0, 0x0) 48.247768106s ago: executing program 0 (id=3772): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000600459e850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='kfree\x00', r2, 0x0, 0x100000000000}, 0x18) ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0) sendmmsg$inet(r1, &(0x7f0000005b40)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="2400000000000000000000000700000044149301ffffffff000000000000000000000400000000001c000000000000000000000008"], 0x48}}], 0x1, 0xc080) r3 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800080000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="f1b963e9c5160c1835cfb6c3557dbfb0bebab8c66906d64e95746f22c89645eb11ffb57432966f7b8db6b7017ba3bb690a1085fa1ed911c85d811a736d281b4285d436add4ed9d7aa8110e82e288f67d47cf9c0c1b683ac4e4befdfc184f0b646e099c6c5ff114dd8e447909a94c1aab15767a71aeeaf795fb05a287f9238bb5f1bbfa09cce0a95440ad008bbfa430"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc29e, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) sendmsg$tipc(r3, &(0x7f0000000200)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x1}], 0x1, 0x0, 0x0, 0x4}, 0x4000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r6 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r8, &(0x7f0000004200)='t', 0x1) sendfile(r8, r7, 0x0, 0x3ffff) ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc020f509, &(0x7f0000000040)={r0, 0x6, 0xfffffffffffffffb, 0x4}) sendfile(r8, r7, 0x0, 0x7ffff000) fallocate(r6, 0x0, 0x0, 0x1001f0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000340)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) 48.201601507s ago: executing program 32 (id=3772): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000600459e850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='kfree\x00', r2, 0x0, 0x100000000000}, 0x18) ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0) sendmmsg$inet(r1, &(0x7f0000005b40)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="2400000000000000000000000700000044149301ffffffff000000000000000000000400000000001c000000000000000000000008"], 0x48}}], 0x1, 0xc080) r3 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r3, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800080000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="f1b963e9c5160c1835cfb6c3557dbfb0bebab8c66906d64e95746f22c89645eb11ffb57432966f7b8db6b7017ba3bb690a1085fa1ed911c85d811a736d281b4285d436add4ed9d7aa8110e82e288f67d47cf9c0c1b683ac4e4befdfc184f0b646e099c6c5ff114dd8e447909a94c1aab15767a71aeeaf795fb05a287f9238bb5f1bbfa09cce0a95440ad008bbfa430"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xc29e, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) sendmsg$tipc(r3, &(0x7f0000000200)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x1}], 0x1, 0x0, 0x0, 0x4}, 0x4000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r6 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0) r8 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0) write(r8, &(0x7f0000004200)='t', 0x1) sendfile(r8, r7, 0x0, 0x3ffff) ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc020f509, &(0x7f0000000040)={r0, 0x6, 0xfffffffffffffffb, 0x4}) sendfile(r8, r7, 0x0, 0x7ffff000) fallocate(r6, 0x0, 0x0, 0x1001f0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000340)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) 2.077036503s ago: executing program 4 (id=4741): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYRESOCT=0x0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffca, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=@newtaction={0x70, 0x30, 0x433, 0x0, 0x25dfdbfd, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0xe85e}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x57}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x2b93b01f, 0x100, 0x30000001, 0x9, 0x80000001}}]}, {0x4}, {0xc}, {0xc, 0x4, {0x2, 0x1}}}}]}]}, 0x70}}, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$packet(0x11, 0xa, 0x300) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) 1.913754213s ago: executing program 5 (id=4747): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_THP_DISABLE(0x19, 0x10000000000001) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x80000000000008, 0x0, 0x0) r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1, 0x3}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10) sendmsg$tipc(r1, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r2, 0x0, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000300)={0x42, 0x3}, 0x10) 1.816115332s ago: executing program 4 (id=4750): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYRES16, @ANYRES32=0x0, @ANYBLOB="7e5307c3666d96fd33758e73844b0aa53d7ee501063b51b698ca849a3d1f97758d78f3cfe496a010c14bb30ba5dd516b3142c12b3f415d540a919bfa376f88e4352a293a7e6db917dc7bca261b90d2748f1d908dc98969ffe2d3b1342a5cd67a5dc3f1531b2cb6e029d3563f757f7ced17aafdeb5300e066dfc0217c702289ad422b4c74ea1b1359325b21396b719a96493aa1289bf75c9d56bb74481956544e6f2910ac661907a43177e4e1d421b2934bf6ec8d84162babdbd8a44bb600696576f4949a3aafc65dd8869a83cb635a54160cf6453c353a25d23786c4d0250fa6d3635724cbdfb3636268542413e6f8707983", @ANYRESOCT=0x0, @ANYRES32=0xffffffffffffffff, @ANYRESOCT], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) socket$kcm(0xa, 0x1, 0x106) close(r3) r4 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10) r6 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x6000, 0x5, &(0x7f0000000080)={0x0, 0x0, 0xfffd, 0x0, 0x7995}, 0x8, 0x0, 0x4, 0x48000000, 0x0, 0x0, 0x0}) 1.769979002s ago: executing program 4 (id=4752): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000fe, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') bpf$PROG_LOAD(0x5, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[], [{@dont_measure}]}}) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r1) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="08010000", @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000080001000000000014000480050003000000000005000300000000000800020001000000d00008800c00078008000600000000002400078008000500000000000800060000000000080005000000000008000600000000003c0007800c000580"], 0x108}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r7, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0x2}, 'port0\x00', 0x72, 0x11cfa, 0x100, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810dc}) close_range(r4, 0xffffffffffffffff, 0x0) 1.769260792s ago: executing program 1 (id=4753): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffff"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085000000010000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1000004, &(0x7f0000000d80)=ANY=[@ANYBLOB='shortname=lower,iocharset=iso8859-1,fmask=00000000000000000000066,uni_xlate=1,uni_xlate=0,fmask=00000000000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00', @ANYBLOB="1a961083c216e398b3852441fbacd14539194e81e2ec74ea00af4757fd632db5866c80f5b55492be6ad393d28d63023cd2e764a6bb41fa00d6c103356045fc3ade2c93339a56afb89b72a46f475c860a952e02dbf9c947a7cb75e89843f6d981fe7eed0ef37d5ab46550aa22", @ANYRES64], 0x6, 0x2bb, &(0x7f0000001240)="$eJzs3U9rI2UcB/DfpMkkKpgcPInggB48Ldu9ekmRXRB7cslBPWhxtyBNEFoo+AdjT169ePDgKxAEX4gX34HgVfBmhcLITGaapI1pIk3rls/n0l+feb4zv5k+tNNDn370yujgSRb7J1/+Fp1OEo1+9OM0iV40ovZ1zOl/GwDAs+w0z+PPfGKdXBIRnc21BQBs0Io//188r36+kbYAgA16/N777+zs7j58N8s68Wj0zfGg+M2++Dg5vrMfn8Qwnsb96MZZRPmi0IrybaEoH+V5Pm5mhV68PhofD4rk6MNfqvPv/BFR5rejG71y6Pxto8y/vftwO5uYyY+LPp6vrt8v8g+iGy+dh+fyDxbkY5DGG6/N9H8vuvHrx/FpDONJ2cQ0/9V2lr2Vf/fXFx8U7RX5ZHw8aJfzpvKtG/7SAAAAAAAAAAAAAAAAAAAAAABwh92r9s5pR7l/TzFU7b+zdVZ80oqs1pvfn2eST+oTze4PlOf5OI8f6v117mdZllcTp/lmvNyM5u3cNQAAAAAAAAAAAAAAAAAAAPy/HH32+cHecPj08FqKejeAZkT8/Tjiv56nPzPyaiyf3K6uuTccNqpyfk5zdiS26jlJxNI2ipu4psdyVfHcpZ6r4sef1j1h5+o5rcXXus6iXl0He8niZ9iOeqRTLZLv04jpnDRWvFb6b4fyWGf5pQsPdde+9/SFshgvmRPJssbe/H3y5KqR5OJdpOVTXRhvVcVM/MLaWGk9R2cSv/y9IrFbBwAAAAAAAAAAAAAAAAAAbNT0r38XHDxZGm3k7Y21BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avr//9coxlV4hclpHB41bvkeAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuPv+CQAA///WoVye") renameat2(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file7\x00', 0x0) 1.741334512s ago: executing program 1 (id=4754): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x6d53, 0x10100, 0xfffffffe}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x59, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x42) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) io_uring_enter(r0, 0x567, 0x60, 0x0, 0x0, 0x0) 1.707924742s ago: executing program 1 (id=4755): openat$bsg(0xffffffffffffff9c, &(0x7f0000000ec0), 0x20400, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone3(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, 0x0, 0x8000) 1.668393072s ago: executing program 1 (id=4756): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) creat(&(0x7f0000000040)='./file0\x00', 0x180) pipe2$9p(0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004"], 0x15) r2 = dup(0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 1.667475722s ago: executing program 1 (id=4757): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x6, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88, 0xfffffffffffffffc}], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) read(0xffffffffffffffff, &(0x7f0000000040)=""/156, 0x9c) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffeca50000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='mm_page_alloc\x00', r2}, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = syz_io_uring_setup(0x6c7f, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f00000001c0)=0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x3) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r8, 0x0, &(0x7f0000000100)='4', 0x1}) io_uring_enter(r4, 0x7f5f, 0x0, 0x0, 0x0, 0x0) sendmsg$unix(r8, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x240000c0}, 0x48810) shutdown(r7, 0x1) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x11, @loopback, 0x0, 0x0, 'lblcr\x00', 0x3b, 0x0, 0x37}, 0x2c) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x96, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10) r10 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r11 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r10, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0) sendmsg$SMC_PNETID_DEL(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r10, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r12}, 0x10) 1.076478372s ago: executing program 5 (id=4762): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) creat(&(0x7f0000000040)='./file0\x00', 0x180) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfd', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 1.039556911s ago: executing program 5 (id=4763): bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) chmod(&(0x7f0000000180)='./file0\x00', 0x23f) r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x74, 0x74, 0x3, [@decl_tag={0xf, 0x0, 0x0, 0x11, 0x5, 0x7}, @struct={0x5, 0x5, 0x0, 0x4, 0x0, 0x5, [{0x9, 0x5, 0x1}, {0x6, 0x3, 0x101}, {0x10, 0x1}, {0x2, 0x2, 0x9}, {0x6, 0x3, 0x59}]}, @func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0xd, 0x2}, {0xd, 0x2}]}]}, {0x0, [0x61]}}, &(0x7f00000003c0)=""/188, 0x8f, 0xbc, 0x0, 0x6, 0x0, @void, @value}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xa, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000600)='contention_begin\x00', r3}, 0x18) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x482, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100146, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x6, [@typedef={0x4, 0x0, 0x0, 0x7}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x2}]}]}, {0x0, [0x0, 0x0, 0x0, 0xda]}}, 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYRESDEC=r3, @ANYRESDEC=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x2c, r7, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}]}, 0x2c}}, 0x4000000) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xb, 0xff, 0x2, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r8}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20) r9 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r9, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c) 914.956211ms ago: executing program 4 (id=4767): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) creat(&(0x7f0000000040)='./file0\x00', 0x180) pipe2$9p(0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004"], 0x15) r2 = dup(0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 871.558421ms ago: executing program 5 (id=4769): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000fe, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') bpf$PROG_LOAD(0x5, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[], [{@dont_measure}]}}) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r1) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="08010000", @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000080001000000000014000480050003000000000005000300000000000800020001000000d00008800c00078008000600000000002400078008000500000000000800060000000000080005000000000008000600000000003c0007800c000580"], 0x108}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r7, 0xc0a85320, &(0x7f00000005c0)={{0x80, 0x2}, 'port0\x00', 0x72, 0x11cfa, 0x100, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810dc}) close_range(r4, 0xffffffffffffffff, 0x0) 840.704891ms ago: executing program 4 (id=4770): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000540)=r0}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) write$tcp_mem(r2, 0x0, 0x0) 808.731961ms ago: executing program 1 (id=4772): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000fe, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') bpf$PROG_LOAD(0x5, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[], [{@dont_measure}]}}) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r1) sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="08010000", @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000080001000000000014000480050003000000000005000300000000000800020001000000d00008800c00078008000600000000002400078008000500000000000800060000000000080005000000000008000600000000003c0007800c000580"], 0x108}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r7 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCSETS(r7, 0x40045431, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f6873720000000058000000160a0101000b000000000000010000000900020073797a32000000000900010073797a30000000002c000380180003801400010076657468305f746f5f687372000000000800024000440000080001"], 0xf8}, 0x1, 0x0, 0x0, 0xc000}, 0x40) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r9, 0x40505330, &(0x7f00000000c0)={0x800000, 0x0, 0x0, 0x0, 0x0, 0x55a}) close_range(r4, 0xffffffffffffffff, 0x0) 804.082451ms ago: executing program 3 (id=4773): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) creat(&(0x7f0000000040)='./file0\x00', 0x180) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 786.427601ms ago: executing program 4 (id=4774): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_THP_DISABLE(0x19, 0x10000000000001) bpf$PROG_LOAD(0x5, 0x0, 0x0) setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x80000000000008, 0x0, 0x0) r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x1, 0x3}, 0x10) r1 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10) sendmsg$tipc(r1, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$TIPC_NL_NET_SET(r2, 0x0, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000300)={0x42, 0x3}, 0x10) 738.285871ms ago: executing program 3 (id=4776): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) creat(&(0x7f0000000040)='./file0\x00', 0x180) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004"], 0x15) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 702.724941ms ago: executing program 3 (id=4778): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44000000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b00)=@newtaction={0x110, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0xfc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x20, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x5, 0x0, 0x7, 0x1, {}, {0x0, 0x0, 0x0, 0x0, 0x9}, 0xfffffffe}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x3}}]}, {0x4}, {0xc}, {0xc}}}, @m_bpf={0x44, 0x3, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x6, 0x5, 0x300, 0x175, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x110}}, 0x0) 680.865281ms ago: executing program 3 (id=4779): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x6d53, 0x10100, 0xfffffffe}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x59, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x42) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) io_uring_enter(r0, 0x567, 0x60, 0x0, 0x0, 0x0) 656.695671ms ago: executing program 3 (id=4780): bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, 0x0) setresgid(0x0, r1, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) setgroups(0x0, 0x0) socket(0x2, 0x2, 0x1) socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x4, 0x10100000}}]}}]}, 0x58}}, 0x44080) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r6, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10) (fail_nth: 3) 621.877651ms ago: executing program 3 (id=4782): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000980)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x6, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88, 0xfffffffffffffffc}], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) read(0xffffffffffffffff, &(0x7f0000000040)=""/156, 0x9c) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffeca50000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='mm_page_alloc\x00', r2}, 0x10) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = syz_io_uring_setup(0x6c7f, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f00000001c0)=0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x3) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r8, 0x0, &(0x7f0000000100)='4', 0x1}) io_uring_enter(r4, 0x7f5f, 0x0, 0x0, 0x0, 0x0) sendmsg$unix(r8, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x240000c0}, 0x48810) shutdown(r7, 0x1) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x11, @loopback, 0x0, 0x0, 'lblcr\x00', 0x3b, 0x0, 0x37}, 0x2c) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x96, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r9}, 0x10) r10 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r11 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r10, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0) sendmsg$SMC_PNETID_DEL(r11, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r10, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r12 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r12}, 0x10) 481.45661ms ago: executing program 2 (id=4784): r0 = socket$nl_audit(0x10, 0x3, 0x9) r1 = getpgid(0xffffffffffffffff) sendmsg$AUDIT_SET(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x3c, 0x3e9, 0x200, 0x70bd25, 0x25dfdbfc, {0x51, 0x1, 0x1, r1, 0x1ff, 0x7, 0xbe3, 0x3, 0x0, 0xf, 0x6}, ["", "", "", "", "", "", ""]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000001) socket$inet6_udp(0xa, 0x2, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x33, &(0x7f00000001c0)={0x1, &(0x7f0000f07000)=[{0x6}]}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) symlinkat(0x0, 0xffffffffffffff9c, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x3}, 0x140, 0x1, 0x3, 0x5, 0x0, 0x8, 0x5d, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) mknod$loop(0x0, 0x6000, 0x0) write$binfmt_elf64(r5, &(0x7f0000000980)=ANY=[@ANYBLOB="7f454c4600000006010000000000000003003e000000000003000000000000004000000000000000980100000000000002000000000038000200000002000000000000600300000008000000000000000d00000000000000ed08000000000000f0ffffffffffffff0000000000000000080000000000000003000000cff5ffff800300000000000001000000000000000500000000000000ff"], 0x5b0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r7 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_DISALLOCATE(r7, 0x5608) 436.16632ms ago: executing program 2 (id=4785): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f0000000540)=r0}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0) write$tcp_mem(r2, 0x0, 0x0) 392.89205ms ago: executing program 2 (id=4786): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) creat(&(0x7f0000000040)='./file0\x00', 0x180) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r4 = dup(r3) write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) 392.14514ms ago: executing program 2 (id=4787): r0 = inotify_init() r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) r3 = dup3(r1, r2, 0x80000) fcntl$getown(0xffffffffffffffff, 0x9) fremovexattr(r3, &(0x7f0000000380)=ANY=[@ANYBLOB="0000000000000000000000292502153658a61f3e38ad1068eb6ff2ea8172235a60fbafd72ecd2631edb738130b8a44699ddbdbae3564c9f190b425c89ce0acf14ec9feec7065"]) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) inotify_add_watch(r0, &(0x7f0000000240)='./file0\x00', 0x8c7) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000340), &(0x7f0000000980)='./file1\x00', 0x280809a, &(0x7f0000000f40)=ANY=[], 0xd, 0x2b2, &(0x7f00000006c0)="$eJzs3U9rY1UUAPDz0jR9OosUcaMIPtCFqzJ166ZRRhC7UiKoCw3ODEgSBqYQmArGruYTuPR7+BHcuPEbDLgV3E0XlSfvX/7ga402VXR+v9Xh3nfuPXm3TbLJeZ+/Mh3ffZDE2dMnkaZJdI7iKM6T2I9ONL6JbgAA/x/neR6/5mWY5JUNM7udGy0MALgx1ef/X/rgBwD+4z78+JP3B8fHdz7IsjRe6j+eDZOImD6eDav5wf34MiZxL25HPy4i8oUqfve94zvRzQr78fp0PhsWmdPPfqzXH/wSUeYfRj/22/MPs8pK/nw23I3nI4vB/d2m1H682J7/Zkt+DHvxxmsr9R9EP376Ih7EJO5GkbvM//owy97Jv3361afFNkV+0onhXnldKfcFCQAAAAAAAAAAAAAAAAAAAACA7TrIsqRq31P27ymG6v47Oxfl/EHW2F/vz1PlJ81CVX+gvOmWM8/ju6a/zu0sy/L6wmV+N17uerAAAAAAAAAAAAAAAAAAAAAAFE4ePbk1mkzuPTx5dDq+dtB0A2h+1v931zlaGXk1TsejncsX3Nt8r9VuA0WtV14c3W5s6ba0B2eLkeeKera+xV4sRj6KKmgOZqt7vfB2tejpeJTVU81NHo+SP9srbQ7u+9WpXly3sLz8k7jI1880XZS6ntXb0t3o3Wqd+i3P883Weevn6ozqkaRssbHZ7rt10PoCiyAtziJd/OMXUz9cvuClbxk7137TAQAAAAAAAAAAAAAAAAAAWi1/9NsyeXZlaufGigIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf9jy+f9NkEbE+sgfgnmdfNU1ddCLhyf/8ksEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgGfB7AAAA//8rlFqg") r6 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x130) r7 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x51) write$9p(r6, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e6f1e4e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c0670600"/512, 0x200) sendfile(r6, r7, 0x0, 0xe065) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r8}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 293.11162ms ago: executing program 2 (id=4788): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) creat(&(0x7f0000000040)='./file0\x00', 0x180) pipe2$9p(0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r0 = dup(0xffffffffffffffff) write$P9_RLERRORu(r0, &(0x7f0000000540)=ANY=[], 0x53) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) 267.43868ms ago: executing program 2 (id=4789): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES16, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) open(0x0, 0x2060ff, 0x100) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) process_mrelease(0xffffffffffffffff, 0x1000000) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) syz_usb_connect(0x6, 0x2d, &(0x7f00000000c0)=ANY=[], 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x109100, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x7000000) 17.96809ms ago: executing program 5 (id=4790): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44000000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000000, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000b00)=@newtaction={0x110, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0xfc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x20, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x5, 0x0, 0x7, 0x1, {}, {0x0, 0x0, 0x0, 0x0, 0x9}, 0xfffffffe}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x3}}]}, {0x4}, {0xc}, {0xc}}}, @m_bpf={0x44, 0x3, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x6, 0x5, 0x300, 0x175, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x110}}, 0x0) 0s ago: executing program 5 (id=4791): r0 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', 0x0}) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000300)={'vxcan1\x00', 0x0}) r4 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r4, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r4, &(0x7f0000000200)={&(0x7f0000000340)={0x1d, r3, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r2, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0) sendmsg$can_bcm(r4, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r1, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0) kernel console output (not intermixed with test programs): sercopy+0x1a/0x20 [ 171.508394][T15095] _copy_to_user+0x20/0xa0 [ 171.508418][T15095] simple_read_from_buffer+0xa0/0x110 [ 171.508453][T15095] proc_fail_nth_read+0xf9/0x140 [ 171.508489][T15095] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 171.508582][T15095] vfs_read+0x19b/0x6f0 [ 171.508611][T15095] ? __rcu_read_unlock+0x4e/0x70 [ 171.508638][T15095] ? __fget_files+0x17c/0x1c0 [ 171.508680][T15095] ksys_read+0xe8/0x1b0 [ 171.508764][T15095] __x64_sys_read+0x42/0x50 [ 171.508790][T15095] x64_sys_call+0x2874/0x2dc0 [ 171.508816][T15095] do_syscall_64+0xc9/0x1c0 [ 171.508923][T15095] ? clear_bhb_loop+0x55/0xb0 [ 171.508971][T15095] ? clear_bhb_loop+0x55/0xb0 [ 171.509066][T15095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.509093][T15095] RIP: 0033:0x7f3a36cbbb7c [ 171.509107][T15095] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 171.509127][T15095] RSP: 002b:00007f3a35321030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 171.509146][T15095] RAX: ffffffffffffffda RBX: 00007f3a36ed5fa0 RCX: 00007f3a36cbbb7c [ 171.509158][T15095] RDX: 000000000000000f RSI: 00007f3a353210a0 RDI: 0000000000000004 [ 171.509169][T15095] RBP: 00007f3a35321090 R08: 0000000000000000 R09: 0000000000000000 [ 171.509182][T15095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 171.509274][T15095] R13: 0000000000000000 R14: 00007f3a36ed5fa0 R15: 00007fffd8116fd8 [ 171.509294][T15095] [ 171.705840][T15097] FAULT_INJECTION: forcing a failure. [ 171.705840][T15097] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 171.719178][T15097] CPU: 0 UID: 0 PID: 15097 Comm: syz.3.3756 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 171.719243][T15097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 171.719258][T15097] Call Trace: [ 171.719267][T15097] [ 171.719276][T15097] dump_stack_lvl+0xf2/0x150 [ 171.719309][T15097] dump_stack+0x15/0x1a [ 171.719335][T15097] should_fail_ex+0x24a/0x260 [ 171.719380][T15097] should_fail+0xb/0x10 [ 171.719413][T15097] should_fail_usercopy+0x1a/0x20 [ 171.719459][T15097] _copy_from_user+0x1c/0xa0 [ 171.719481][T15097] kstrtouint_from_user+0x76/0xe0 [ 171.719595][T15097] ? 0xffffffff81000000 [ 171.719611][T15097] ? selinux_file_permission+0x22a/0x360 [ 171.719656][T15097] proc_fail_nth_write+0x4f/0x150 [ 171.719692][T15097] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 171.719728][T15097] vfs_write+0x27d/0x920 [ 171.719785][T15097] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 171.719839][T15097] ? __fget_files+0x17c/0x1c0 [ 171.719897][T15097] ksys_write+0xe8/0x1b0 [ 171.719982][T15097] __x64_sys_write+0x42/0x50 [ 171.720139][T15097] x64_sys_call+0x287e/0x2dc0 [ 171.720173][T15097] do_syscall_64+0xc9/0x1c0 [ 171.720236][T15097] ? clear_bhb_loop+0x55/0xb0 [ 171.720269][T15097] ? clear_bhb_loop+0x55/0xb0 [ 171.720302][T15097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.720334][T15097] RIP: 0033:0x7fd799d9bc1f [ 171.720398][T15097] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 171.720416][T15097] RSP: 002b:00007fd798407030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 171.720443][T15097] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd799d9bc1f [ 171.720458][T15097] RDX: 0000000000000001 RSI: 00007fd7984070a0 RDI: 0000000000000004 [ 171.720472][T15097] RBP: 00007fd798407090 R08: 0000000000000000 R09: 0000000000000000 [ 171.720486][T15097] R10: 0000400000000600 R11: 0000000000000293 R12: 0000000000000001 [ 171.720500][T15097] R13: 0000000000000000 R14: 00007fd799fb5fa0 R15: 00007ffc691a2328 [ 171.720520][T15097] [ 171.969587][ T29] audit: type=1400 audit(1741206031.531:13895): avc: denied { write } for pid=15102 comm="syz.0.3759" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 171.994364][ T29] audit: type=1400 audit(1741206031.531:13896): avc: denied { ioctl } for pid=15102 comm="syz.0.3759" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1 [ 172.025220][T15101] loop3: detected capacity change from 0 to 2048 [ 172.087729][T15108] loop0: detected capacity change from 0 to 8192 [ 172.217946][T12955] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 172.225692][T12955] FAT-fs (loop0): Filesystem has been set read-only [ 172.247765][ T29] audit: type=1400 audit(1741206031.751:13897): avc: denied { block_suspend } for pid=15107 comm="syz.0.3760" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 172.269577][ T29] audit: type=1326 audit(1741206031.761:13898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15107 comm="syz.0.3760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a36cbd169 code=0x7ffc0000 [ 172.293413][ T29] audit: type=1326 audit(1741206031.761:13899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15107 comm="syz.0.3760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a36cbd169 code=0x7ffc0000 [ 172.317202][ T29] audit: type=1326 audit(1741206031.761:13900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15107 comm="syz.0.3760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f3a36cbd169 code=0x7ffc0000 [ 172.340756][ T29] audit: type=1326 audit(1741206031.761:13901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15107 comm="syz.0.3760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a36cbd169 code=0x7ffc0000 [ 172.369349][T12955] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 172.396615][T15114] loop2: detected capacity change from 0 to 256 [ 172.441880][T15126] bridge0: entered promiscuous mode [ 172.448374][T15126] bridge0: port 3(macsec0) entered blocking state [ 172.454894][T15126] bridge0: port 3(macsec0) entered disabled state [ 172.461478][T15126] macsec0: entered allmulticast mode [ 172.466778][T15126] bridge0: entered allmulticast mode [ 172.480189][T15125] loop3: detected capacity change from 0 to 2048 [ 172.531851][T15126] macsec0: left allmulticast mode [ 172.537045][T15126] bridge0: left allmulticast mode [ 172.547417][T15126] bridge0: left promiscuous mode [ 172.724323][T15125] ext4 filesystem being mounted at /120/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 173.083993][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.145318][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.252714][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.257986][T15163] loop2: detected capacity change from 0 to 2048 [ 173.273658][T15165] 9pnet_fd: Insufficient options for proto=fd [ 173.325080][ T6547] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:11: bg 0: block 345: padding at end of block bitmap is not set [ 173.351866][ T6547] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 173.364638][ T6547] EXT4-fs (loop3): This should not happen!! Data will be lost [ 173.364638][ T6547] [ 173.377934][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.417817][ T6547] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 173.430731][ T6547] EXT4-fs (loop3): This should not happen!! Data will be lost [ 173.430731][ T6547] [ 173.440438][ T6547] EXT4-fs (loop3): Total free blocks count 0 [ 173.446438][ T6547] EXT4-fs (loop3): Free/Dirty block details [ 173.452370][ T6547] EXT4-fs (loop3): free_blocks=0 [ 173.457325][ T6547] EXT4-fs (loop3): dirty_blocks=2048 [ 173.462670][ T6547] EXT4-fs (loop3): Block reservation details [ 173.468695][ T6547] EXT4-fs (loop3): i_reserved_data_blocks=128 [ 173.478285][T15150] chnl_net:caif_netlink_parms(): no params data found [ 173.579296][ T11] bridge_slave_1: left allmulticast mode [ 173.584993][ T11] bridge_slave_1: left promiscuous mode [ 173.590719][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.630828][ T11] bridge_slave_0: left allmulticast mode [ 173.636522][ T11] bridge_slave_0: left promiscuous mode [ 173.642406][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.774899][T15197] loop3: detected capacity change from 0 to 8192 [ 173.800157][T15197] syz.3.3787: attempt to access beyond end of device [ 173.800157][T15197] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 173.825376][T15197] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1) [ 173.833378][T15197] FAT-fs (loop3): Filesystem has been set read-only [ 173.857331][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 173.882631][T15197] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1) [ 173.891241][T15197] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1) [ 173.891440][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 173.917416][ T11] bond0 (unregistering): Released all slaves [ 173.960144][ T11] hsr_slave_0: left promiscuous mode [ 173.966631][ T11] hsr_slave_1: left promiscuous mode [ 173.972592][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.980198][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 173.987824][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.995452][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 174.006670][ T11] veth1_macvtap: left promiscuous mode [ 174.012270][ T11] veth0_macvtap: left promiscuous mode [ 174.017816][ T11] veth1_vlan: left promiscuous mode [ 174.026093][ T11] veth0_vlan: left promiscuous mode [ 174.069395][T15231] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 174.095909][ T11] team0 (unregistering): Port device team_slave_0 removed [ 174.144235][T15150] bridge0: port 1(bridge_slave_0) entered blocking state [ 174.151534][T15150] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.158808][T15150] bridge_slave_0: entered allmulticast mode [ 174.175161][T15150] bridge_slave_0: entered promiscuous mode [ 174.181858][T15150] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.189060][T15150] bridge0: port 2(bridge_slave_1) entered disabled state [ 174.196346][T15150] bridge_slave_1: entered allmulticast mode [ 174.203847][T15150] bridge_slave_1: entered promiscuous mode [ 174.246742][T15150] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 174.275139][T15150] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 174.292576][T15244] loop4: detected capacity change from 0 to 512 [ 174.317241][T15244] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.3799: bg 0: block 418: padding at end of block bitmap is not set [ 174.353822][T15150] team0: Port device team_slave_0 added [ 174.369916][T15244] EXT4-fs (loop4): Remounting filesystem read-only [ 174.376747][T15244] EXT4-fs (loop4): 1 truncate cleaned up [ 174.383349][T15150] team0: Port device team_slave_1 added [ 174.390101][T15244] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 174.425764][T15150] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 174.432880][T15150] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.445995][T15266] __nla_validate_parse: 2 callbacks suppressed [ 174.446036][T15266] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3803'. [ 174.458873][T15150] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 174.490076][T15150] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 174.497064][T15150] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 174.523069][T15150] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 174.632708][T15150] hsr_slave_0: entered promiscuous mode [ 174.639182][T15150] hsr_slave_1: entered promiscuous mode [ 174.647284][T15282] 9pnet_fd: Insufficient options for proto=fd [ 174.650736][T15150] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 174.668637][T15150] Cannot create hsr debugfs directory [ 174.677877][ T11] IPVS: stop unused estimator thread 0... [ 174.739786][T15284] Restarting kernel threads ... done. [ 174.861999][T15150] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 174.875362][T15150] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 174.900824][T15150] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 174.926375][T15150] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 174.936794][T15315] loop4: detected capacity change from 0 to 8192 [ 174.957830][T15315] syz.4.3817: attempt to access beyond end of device [ 174.957830][T15315] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 174.980792][T15315] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 174.980854][T15150] bridge0: port 2(bridge_slave_1) entered blocking state [ 174.988661][T15315] FAT-fs (loop4): Filesystem has been set read-only [ 174.995719][T15150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 174.995905][T15150] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.004313][T15315] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 175.009575][T15150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.048605][T15315] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 175.058640][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 175.075820][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 175.143944][T15150] 8021q: adding VLAN 0 to HW filter on device bond0 [ 175.161221][T15150] 8021q: adding VLAN 0 to HW filter on device team0 [ 175.178593][ T7186] bridge0: port 1(bridge_slave_0) entered blocking state [ 175.185766][ T7186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 175.197648][T15309] netlink: 112 bytes leftover after parsing attributes in process `syz.3.3815'. [ 175.220290][T15150] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 175.230721][T15150] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 175.244314][ T7186] bridge0: port 2(bridge_slave_1) entered blocking state [ 175.251520][ T7186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 175.284707][ T8] IPVS: starting estimator thread 0... [ 175.291969][T15341] smc: net device bond0 applied user defined pnetid SYZ0 [ 175.308571][T15341] smc: net device bond0 erased user defined pnetid SYZ0 [ 175.335595][T15150] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 175.379186][T15342] IPVS: using max 2304 ests per chain, 115200 per kthread [ 175.433348][T15360] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3823'. [ 175.442498][T15360] netlink: 'syz.1.3823': attribute type 5 has an invalid length. [ 175.450389][T15360] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3823'. [ 175.583032][T15150] veth0_vlan: entered promiscuous mode [ 175.597655][T15150] veth1_vlan: entered promiscuous mode [ 175.618039][T15150] veth0_macvtap: entered promiscuous mode [ 175.625590][T15150] veth1_macvtap: entered promiscuous mode [ 175.637863][T15150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 175.648506][T15150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.658413][T15150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 175.668928][T15150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.678761][T15150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 175.689235][T15150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.699222][T15150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 175.709798][T15150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.727001][T15150] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 175.741634][T15150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 175.752353][T15150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.762307][T15150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 175.772876][T15150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.782728][T15150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 175.793325][T15150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.803193][T15150] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 175.813745][T15150] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 175.824734][T15150] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 175.833720][T15150] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.842489][T15150] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.851292][T15150] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.860028][T15150] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.974032][T15415] loop5: detected capacity change from 0 to 2048 [ 176.002265][T15415] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 176.016327][ T29] kauditd_printk_skb: 315 callbacks suppressed [ 176.016340][ T29] audit: type=1326 audit(1741206035.591:14217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15328 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 176.046982][ T29] audit: type=1326 audit(1741206035.621:14218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15328 comm="syz.4.3821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 176.254656][T15447] loop1: detected capacity change from 0 to 2048 [ 176.331352][ T29] audit: type=1400 audit(1741206035.871:14219): avc: denied { read } for pid=15451 comm="syz.4.3833" lport=17 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 176.448390][ T29] audit: type=1400 audit(1741206036.011:14220): avc: denied { read } for pid=15446 comm="syz.1.3831" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 176.518172][T15467] loop1: detected capacity change from 0 to 512 [ 176.526134][T15467] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3836: bg 0: block 418: padding at end of block bitmap is not set [ 176.541972][T15467] EXT4-fs (loop1): Remounting filesystem read-only [ 176.548694][T15467] EXT4-fs (loop1): 1 truncate cleaned up [ 176.555249][T15467] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 176.574913][ T29] audit: type=1326 audit(1741206036.141:14221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.3.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 176.598632][ T29] audit: type=1326 audit(1741206036.141:14222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.3.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 176.621659][T15472] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 176.629473][ T29] audit: type=1326 audit(1741206036.171:14223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.3.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 176.654432][ T29] audit: type=1326 audit(1741206036.171:14224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.3.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 176.678145][ T29] audit: type=1326 audit(1741206036.171:14225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.3.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 176.701858][ T29] audit: type=1326 audit(1741206036.171:14226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15471 comm="syz.3.3838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 176.739600][T15249] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 176.743064][T15474] loop1: detected capacity change from 0 to 256 [ 176.850562][T15481] loop2: detected capacity change from 0 to 2048 [ 176.876877][ T28] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 176.889679][ T28] EXT4-fs (loop5): This should not happen!! Data will be lost [ 176.889679][ T28] [ 176.934992][ T28] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 176.947865][ T28] EXT4-fs (loop5): This should not happen!! Data will be lost [ 176.947865][ T28] [ 176.957638][ T28] EXT4-fs (loop5): Total free blocks count 0 [ 176.963674][ T28] EXT4-fs (loop5): Free/Dirty block details [ 176.969609][ T28] EXT4-fs (loop5): free_blocks=0 [ 176.974568][ T28] EXT4-fs (loop5): dirty_blocks=2048 [ 176.980010][ T28] EXT4-fs (loop5): Block reservation details [ 176.986018][ T28] EXT4-fs (loop5): i_reserved_data_blocks=128 [ 176.994432][T15489] netlink: 'syz.3.3845': attribute type 21 has an invalid length. [ 177.002353][T15489] netlink: 'syz.3.3845': attribute type 20 has an invalid length. [ 177.010224][T15489] IPv6: NLM_F_CREATE should be specified when creating new route [ 177.086114][T15495] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3846'. [ 177.249411][T15509] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 177.293992][T15518] team0: No ports can be present during mode change [ 177.301355][T15518] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3854'. [ 177.315827][T15518] team0 (unregistering): Port device team_slave_0 removed [ 177.316922][T15522] loop2: detected capacity change from 0 to 2048 [ 177.352139][T15526] FAULT_INJECTION: forcing a failure. [ 177.352139][T15526] name failslab, interval 1, probability 0, space 0, times 0 [ 177.364890][T15526] CPU: 0 UID: 0 PID: 15526 Comm: syz.4.3858 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 177.365035][T15526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 177.365052][T15526] Call Trace: [ 177.365061][T15526] [ 177.365071][T15526] dump_stack_lvl+0xf2/0x150 [ 177.365131][T15526] dump_stack+0x15/0x1a [ 177.365158][T15526] should_fail_ex+0x24a/0x260 [ 177.365249][T15526] ? usbdev_open+0x4d/0x480 [ 177.365284][T15526] should_failslab+0x8f/0xb0 [ 177.365321][T15526] __kmalloc_cache_noprof+0x4e/0x320 [ 177.365353][T15526] usbdev_open+0x4d/0x480 [ 177.365391][T15526] ? __pfx_exact_match+0x10/0x10 [ 177.365434][T15526] chrdev_open+0x2f9/0x370 [ 177.365471][T15526] ? __pfx_chrdev_open+0x10/0x10 [ 177.365525][T15526] do_dentry_open+0x621/0xa20 [ 177.365562][T15526] vfs_open+0x38/0x1e0 [ 177.365597][T15526] path_openat+0x1ae0/0x1fc0 [ 177.365671][T15526] ? _raw_spin_lock_irqsave+0x3c/0xb0 [ 177.365696][T15526] ? _raw_spin_unlock_irqrestore+0x2b/0x60 [ 177.365729][T15526] ? cgroup_rstat_updated+0x9f/0x570 [ 177.365771][T15526] do_filp_open+0x107/0x230 [ 177.365856][T15526] do_sys_openat2+0xab/0x120 [ 177.365892][T15526] __x64_sys_openat+0xf3/0x120 [ 177.365918][T15526] x64_sys_call+0x2b30/0x2dc0 [ 177.366024][T15526] do_syscall_64+0xc9/0x1c0 [ 177.366061][T15526] ? clear_bhb_loop+0x55/0xb0 [ 177.366093][T15526] ? clear_bhb_loop+0x55/0xb0 [ 177.366125][T15526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.366194][T15526] RIP: 0033:0x7efee9f0bad0 [ 177.366219][T15526] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 177.366241][T15526] RSP: 002b:00007efee8576b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 177.366263][T15526] RAX: ffffffffffffffda RBX: 000000000000a401 RCX: 00007efee9f0bad0 [ 177.366278][T15526] RDX: 000000000000a401 RSI: 00007efee8576c10 RDI: 00000000ffffff9c [ 177.366292][T15526] RBP: 00007efee8576c10 R08: 0000000000000000 R09: 0000000000000000 [ 177.366307][T15526] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 177.366319][T15526] R13: 0000000000000000 R14: 00007efeea125fa0 R15: 00007fff78c3ec68 [ 177.366341][T15526] [ 177.368998][T15527] netlink: 'syz.3.3854': attribute type 1 has an invalid length. [ 177.652619][T15543] loop4: detected capacity change from 0 to 256 [ 177.694582][T15545] loop3: detected capacity change from 0 to 2048 [ 177.814651][T15556] loop2: detected capacity change from 0 to 2048 [ 177.821459][T15556] EXT4-fs: Ignoring removed bh option [ 177.922639][T15556] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 177.955799][T15556] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 177.968194][T15556] EXT4-fs (loop2): This should not happen!! Data will be lost [ 177.968194][T15556] [ 177.977889][T15556] EXT4-fs (loop2): Total free blocks count 0 [ 177.984108][T15556] EXT4-fs (loop2): Free/Dirty block details [ 177.990067][T15556] EXT4-fs (loop2): free_blocks=2415919104 [ 177.995823][T15556] EXT4-fs (loop2): dirty_blocks=32 [ 178.001005][T15556] EXT4-fs (loop2): Block reservation details [ 178.007019][T15556] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 178.050959][T15575] loop1: detected capacity change from 0 to 256 [ 178.060692][T15574] loop5: detected capacity change from 0 to 256 [ 178.187528][T15584] loop1: detected capacity change from 0 to 2048 [ 178.199928][T15589] smc: net device bond0 applied user defined pnetid SYZ0 [ 178.207395][T15589] smc: net device bond0 erased user defined pnetid SYZ0 [ 178.215788][ T3375] IPVS: starting estimator thread 0... [ 178.277551][T15588] loop5: detected capacity change from 0 to 256 [ 178.301020][T15599] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3880'. [ 178.310218][T15599] tipc: Started in network mode [ 178.315170][T15599] tipc: Node identity 7, cluster identity 5 [ 178.317913][T15590] IPVS: using max 1968 ests per chain, 98400 per kthread [ 178.321181][T15599] tipc: Node number set to 7 [ 178.351357][T15584] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=810 sclass=netlink_route_socket pid=15584 comm=syz.1.3877 [ 178.407243][T15605] loop1: detected capacity change from 0 to 2048 [ 178.517989][T15614] loop5: detected capacity change from 0 to 256 [ 178.574131][T15617] loop5: detected capacity change from 0 to 128 [ 178.649525][T15621] Cannot find del_set index 4 as target [ 178.699185][T15624] loop1: detected capacity change from 0 to 256 [ 178.774686][T15630] loop1: detected capacity change from 0 to 2048 [ 179.024195][T15644] loop1: detected capacity change from 0 to 256 [ 179.155929][T15647] loop4: detected capacity change from 0 to 8192 [ 179.227403][T15654] bridge0: entered promiscuous mode [ 179.234066][T15654] bridge0: port 3(macsec1) entered blocking state [ 179.240560][T15654] bridge0: port 3(macsec1) entered disabled state [ 179.247135][T15654] macsec1: entered allmulticast mode [ 179.252564][T15654] bridge0: entered allmulticast mode [ 179.299477][T15654] macsec1: left allmulticast mode [ 179.304598][T15654] bridge0: left allmulticast mode [ 179.310332][T15654] bridge0: left promiscuous mode [ 179.590293][T15647] syz.4.3901: attempt to access beyond end of device [ 179.590293][T15647] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 179.637769][T15647] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 179.645723][T15647] FAT-fs (loop4): Filesystem has been set read-only [ 179.656812][T15647] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 179.665625][T15647] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 179.778800][T15673] loop2: detected capacity change from 0 to 256 [ 179.871590][T15680] loop4: detected capacity change from 0 to 2048 [ 180.001956][T15696] netlink: 96 bytes leftover after parsing attributes in process `syz.2.3915'. [ 180.011254][T15696] netlink: 'syz.2.3915': attribute type 5 has an invalid length. [ 180.019209][T15696] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3915'. [ 180.057545][T15699] loop5: detected capacity change from 0 to 256 [ 180.301012][T15720] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 180.459614][T15731] 9pnet: Could not find request transport: fd0x0000000000000007 [ 180.495438][T15733] bridge0: entered promiscuous mode [ 180.502504][T15733] bridge0: port 3(macsec1) entered blocking state [ 180.508993][T15733] bridge0: port 3(macsec1) entered disabled state [ 180.515635][T15733] macsec1: entered allmulticast mode [ 180.520963][T15733] bridge0: entered allmulticast mode [ 180.583048][T15733] macsec1: left allmulticast mode [ 180.588135][T15733] bridge0: left allmulticast mode [ 180.598495][T15733] bridge0: left promiscuous mode [ 180.746710][T15739] loop4: detected capacity change from 0 to 256 [ 180.996632][T15743] smc: net device bond0 applied user defined pnetid SYZ0 [ 181.213239][T15743] smc: net device bond0 erased user defined pnetid SYZ0 [ 181.243945][T15750] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3940'. [ 181.317445][ T29] kauditd_printk_skb: 355 callbacks suppressed [ 181.317460][ T29] audit: type=1326 audit(1741206040.881:14582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15760 comm="syz.5.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62591d169 code=0x7ffc0000 [ 181.358106][ T29] audit: type=1326 audit(1741206040.911:14583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15760 comm="syz.5.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62591d169 code=0x7ffc0000 [ 181.381875][ T29] audit: type=1326 audit(1741206040.911:14584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15760 comm="syz.5.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62591d169 code=0x7ffc0000 [ 181.390524][T15761] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 181.405469][ T29] audit: type=1326 audit(1741206040.911:14585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15760 comm="syz.5.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62591d169 code=0x7ffc0000 [ 181.437693][ T29] audit: type=1326 audit(1741206040.911:14586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15760 comm="syz.5.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62591d169 code=0x7ffc0000 [ 181.461797][ T29] audit: type=1326 audit(1741206040.911:14587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15760 comm="syz.5.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62591d169 code=0x7ffc0000 [ 181.485603][ T29] audit: type=1326 audit(1741206040.911:14588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15760 comm="syz.5.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fa62591d169 code=0x7ffc0000 [ 181.509264][ T29] audit: type=1326 audit(1741206040.911:14589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15760 comm="syz.5.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62591d169 code=0x7ffc0000 [ 181.533555][ T29] audit: type=1326 audit(1741206040.911:14590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15760 comm="syz.5.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa62591d169 code=0x7ffc0000 [ 181.557255][ T29] audit: type=1326 audit(1741206040.911:14591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15760 comm="syz.5.3944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62591d169 code=0x7ffc0000 [ 181.658316][T15771] loop4: detected capacity change from 0 to 256 [ 181.727631][T15774] loop4: detected capacity change from 0 to 256 [ 181.832327][T15781] bridge0: entered promiscuous mode [ 181.838959][T15781] bridge0: port 3(macsec0) entered blocking state [ 181.845502][T15781] bridge0: port 3(macsec0) entered disabled state [ 181.852099][T15781] macsec0: entered allmulticast mode [ 181.857490][T15781] bridge0: entered allmulticast mode [ 181.864471][T15781] macsec0: left allmulticast mode [ 181.869599][T15781] bridge0: left allmulticast mode [ 181.875457][T15781] bridge0: left promiscuous mode [ 181.974353][T15786] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3954'. [ 182.268630][T15800] loop5: detected capacity change from 0 to 256 [ 182.328627][T15810] loop5: detected capacity change from 0 to 256 [ 182.355254][T15812] loop4: detected capacity change from 0 to 256 [ 182.390734][T15816] netlink: 'syz.5.3966': attribute type 39 has an invalid length. [ 182.569128][T15836] loop4: detected capacity change from 0 to 256 [ 182.601355][T15837] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3971'. [ 182.731664][T15856] smc: net device bond0 applied user defined pnetid SYZ0 [ 182.741262][T15856] smc: net device bond0 erased user defined pnetid SYZ0 [ 182.788732][T15862] 9pnet_fd: Insufficient options for proto=fd [ 182.841911][T15866] netlink: 'syz.4.3986': attribute type 39 has an invalid length. [ 182.979706][T15876] smc: net device bond0 applied user defined pnetid SYZ0 [ 182.988089][T15876] smc: net device bond0 erased user defined pnetid SYZ0 [ 183.211098][T15908] netlink: 'syz.2.3998': attribute type 39 has an invalid length. [ 183.259490][T15919] x_tables: duplicate underflow at hook 2 [ 183.294555][T15924] loop2: detected capacity change from 0 to 2048 [ 183.321990][T15924] ext4 filesystem being mounted at /244/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 183.532921][T15952] loop1: detected capacity change from 0 to 512 [ 183.548009][T15952] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4002: bg 0: block 418: padding at end of block bitmap is not set [ 183.562857][T15952] EXT4-fs (loop1): Remounting filesystem read-only [ 183.569782][T15952] EXT4-fs (loop1): 1 truncate cleaned up [ 183.577377][T15952] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 183.620220][T15934] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 183.798049][T15990] loop4: detected capacity change from 0 to 2048 [ 183.916298][T16026] loop1: detected capacity change from 0 to 256 [ 184.087852][T16039] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 184.148417][ T392] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 184.161188][ T392] EXT4-fs (loop2): This should not happen!! Data will be lost [ 184.161188][ T392] [ 184.168710][T16049] loop1: detected capacity change from 0 to 2048 [ 184.180748][T16047] 9pnet_fd: Insufficient options for proto=fd [ 184.192862][T16047] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4023'. [ 184.202279][T16047] netlink: 'syz.5.4023': attribute type 5 has an invalid length. [ 184.210081][T16047] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4023'. [ 184.218002][ T392] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 184.231941][ T392] EXT4-fs (loop2): This should not happen!! Data will be lost [ 184.231941][ T392] [ 184.241636][ T392] EXT4-fs (loop2): Total free blocks count 0 [ 184.247700][ T392] EXT4-fs (loop2): Free/Dirty block details [ 184.253652][ T392] EXT4-fs (loop2): free_blocks=0 [ 184.258610][ T392] EXT4-fs (loop2): dirty_blocks=2048 [ 184.264013][ T392] EXT4-fs (loop2): Block reservation details [ 184.270048][ T392] EXT4-fs (loop2): i_reserved_data_blocks=128 [ 184.277399][T16052] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 184.312769][T16049] ext4 filesystem being mounted at /433/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 184.393160][T16062] loop2: detected capacity change from 0 to 2048 [ 184.405710][T16058] loop5: detected capacity change from 0 to 8192 [ 184.409417][T16062] EXT4-fs: Ignoring removed bh option [ 184.424698][T16058] syz.5.4028: attempt to access beyond end of device [ 184.424698][T16058] loop5: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 184.441190][T16058] FAT-fs (loop5): error, invalid access to FAT (entry 0x0000e1b1) [ 184.449140][T16058] FAT-fs (loop5): Filesystem has been set read-only [ 184.458022][T16058] FAT-fs (loop5): error, invalid access to FAT (entry 0x0000e1b1) [ 184.466715][T16058] FAT-fs (loop5): error, invalid access to FAT (entry 0x0000e1b1) [ 184.599200][T16062] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 184.637133][T16062] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 184.649682][T16062] EXT4-fs (loop2): This should not happen!! Data will be lost [ 184.649682][T16062] [ 184.659412][T16062] EXT4-fs (loop2): Total free blocks count 0 [ 184.665479][T16062] EXT4-fs (loop2): Free/Dirty block details [ 184.671538][T16062] EXT4-fs (loop2): free_blocks=2415919104 [ 184.677285][T16062] EXT4-fs (loop2): dirty_blocks=32 [ 184.683019][T16062] EXT4-fs (loop2): Block reservation details [ 184.689105][T16062] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 184.795465][T16092] loop2: detected capacity change from 0 to 2048 [ 184.804045][T16092] EXT4-fs: Ignoring removed bh option [ 184.831844][ T2964] IPVS: starting estimator thread 0... [ 184.839031][T16095] smc: net device bond0 applied user defined pnetid SYZ0 [ 184.846388][T16095] smc: net device bond0 erased user defined pnetid SYZ0 [ 184.854784][T16097] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4040'. [ 184.864065][T16097] netlink: 'syz.3.4040': attribute type 5 has an invalid length. [ 184.872032][T16097] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4040'. [ 184.882802][T16092] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 184.909721][T16092] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 184.922107][T16092] EXT4-fs (loop2): This should not happen!! Data will be lost [ 184.922107][T16092] [ 184.931936][T16092] EXT4-fs (loop2): Total free blocks count 0 [ 184.938053][T16092] EXT4-fs (loop2): Free/Dirty block details [ 184.938975][T16096] IPVS: using max 2160 ests per chain, 108000 per kthread [ 184.944020][T16092] EXT4-fs (loop2): free_blocks=2415919104 [ 184.956924][T16092] EXT4-fs (loop2): dirty_blocks=32 [ 184.962079][T16092] EXT4-fs (loop2): Block reservation details [ 184.968132][T16092] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 185.013776][ T11] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:0: bg 0: block 345: padding at end of block bitmap is not set [ 185.032824][ T11] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 185.045645][ T11] EXT4-fs (loop1): This should not happen!! Data will be lost [ 185.045645][ T11] [ 185.097287][ T6544] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 185.110264][ T6544] EXT4-fs (loop1): This should not happen!! Data will be lost [ 185.110264][ T6544] [ 185.120670][ T6544] EXT4-fs (loop1): Total free blocks count 0 [ 185.126667][ T6544] EXT4-fs (loop1): Free/Dirty block details [ 185.132684][ T6544] EXT4-fs (loop1): free_blocks=0 [ 185.137630][ T6544] EXT4-fs (loop1): dirty_blocks=2048 [ 185.143029][ T6544] EXT4-fs (loop1): Block reservation details [ 185.149252][ T6544] EXT4-fs (loop1): i_reserved_data_blocks=128 [ 185.212486][T16106] loop2: detected capacity change from 0 to 256 [ 185.365195][T16122] loop4: detected capacity change from 0 to 128 [ 185.398172][T16126] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4051'. [ 185.410135][T16126] netlink: 'syz.1.4051': attribute type 5 has an invalid length. [ 185.417934][T16126] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4051'. [ 185.440236][T16129] Cannot find del_set index 4 as target [ 185.666751][T16146] loop5: detected capacity change from 0 to 256 [ 185.841140][T16162] smc: net device bond0 applied user defined pnetid SYZ0 [ 185.848470][T16162] smc: net device bond0 erased user defined pnetid SYZ0 [ 185.855703][T16163] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4069'. [ 185.865834][T16163] netlink: 'syz.5.4069': attribute type 5 has an invalid length. [ 185.873637][T16163] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4069'. [ 186.292555][T16175] loop1: detected capacity change from 0 to 512 [ 186.305109][T16175] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4075: bg 0: block 418: padding at end of block bitmap is not set [ 186.319784][T16173] loop4: detected capacity change from 0 to 8192 [ 186.321960][T16175] EXT4-fs (loop1): Remounting filesystem read-only [ 186.334072][T16175] EXT4-fs (loop1): 1 truncate cleaned up [ 186.335478][T16173] syz.4.4074: attempt to access beyond end of device [ 186.335478][T16173] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 186.340585][T16175] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 186.365936][T16173] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 186.373946][T16173] FAT-fs (loop4): Filesystem has been set read-only [ 186.391893][T16173] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 186.406103][T16173] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 186.428444][T16179] loop1: detected capacity change from 0 to 2048 [ 186.453391][T16179] ext4 filesystem being mounted at /441/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 186.603635][ T29] kauditd_printk_skb: 626 callbacks suppressed [ 186.603659][ T29] audit: type=1326 audit(1741206046.171:15218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16158 comm="syz.3.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 186.633792][ T29] audit: type=1326 audit(1741206046.171:15219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16158 comm="syz.3.4068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 186.718050][T16206] loop5: detected capacity change from 0 to 2048 [ 186.731337][ T29] audit: type=1326 audit(1741206046.231:15220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16200 comm="syz.2.4086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcab18d169 code=0x7ffc0000 [ 186.755026][ T29] audit: type=1326 audit(1741206046.231:15221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16200 comm="syz.2.4086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcab18d169 code=0x7ffc0000 [ 186.755070][ T29] audit: type=1326 audit(1741206046.241:15222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16200 comm="syz.2.4086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7fbcab18d169 code=0x7ffc0000 [ 186.755106][ T29] audit: type=1326 audit(1741206046.241:15223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16200 comm="syz.2.4086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcab18d169 code=0x7ffc0000 [ 186.755247][ T29] audit: type=1326 audit(1741206046.241:15224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16200 comm="syz.2.4086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbcab18d169 code=0x7ffc0000 [ 186.755351][ T29] audit: type=1326 audit(1741206046.241:15225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16200 comm="syz.2.4086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcab18d169 code=0x7ffc0000 [ 186.755392][ T29] audit: type=1326 audit(1741206046.241:15226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16200 comm="syz.2.4086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fbcab18d169 code=0x7ffc0000 [ 186.755507][ T29] audit: type=1326 audit(1741206046.241:15227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16200 comm="syz.2.4086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcab18d169 code=0x7ffc0000 [ 186.891305][T16218] 9pnet_fd: Insufficient options for proto=fd [ 187.085863][T16239] Cannot find del_set index 4 as target [ 187.144978][T16249] loop5: detected capacity change from 0 to 256 [ 187.161697][T16244] netlink: 'syz.3.4096': attribute type 39 has an invalid length. [ 187.296143][ T7186] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:15: bg 0: block 345: padding at end of block bitmap is not set [ 187.328732][ T7186] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 187.341594][ T7186] EXT4-fs (loop1): This should not happen!! Data will be lost [ 187.341594][ T7186] [ 187.352943][T16279] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4101'. [ 187.374259][ T7186] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 187.387181][ T7186] EXT4-fs (loop1): This should not happen!! Data will be lost [ 187.387181][ T7186] [ 187.396939][ T7186] EXT4-fs (loop1): Total free blocks count 0 [ 187.402928][T16279] netlink: 'syz.4.4101': attribute type 5 has an invalid length. [ 187.403061][ T7186] EXT4-fs (loop1): Free/Dirty block details [ 187.410802][T16279] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4101'. [ 187.416704][ T7186] EXT4-fs (loop1): free_blocks=0 [ 187.416722][ T7186] EXT4-fs (loop1): dirty_blocks=2048 [ 187.436313][ T7186] EXT4-fs (loop1): Block reservation details [ 187.442353][ T7186] EXT4-fs (loop1): i_reserved_data_blocks=128 [ 187.605494][T16303] loop1: detected capacity change from 0 to 2048 [ 187.706306][T16324] Cannot find del_set index 4 as target [ 187.788330][T16334] smc: net device bond0 applied user defined pnetid SYZ0 [ 187.795800][T16334] smc: net device bond0 erased user defined pnetid SYZ0 [ 187.864377][T16341] loop3: detected capacity change from 0 to 2048 [ 187.901290][T16341] ext4 filesystem being mounted at /196/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 188.010782][T16365] loop1: detected capacity change from 0 to 8192 [ 188.022522][T16365] syz.1.4116: attempt to access beyond end of device [ 188.022522][T16365] loop1: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 188.131373][T16365] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1) [ 188.139400][T16365] FAT-fs (loop1): Filesystem has been set read-only [ 188.164342][T16381] loop2: detected capacity change from 0 to 256 [ 188.171558][T16365] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1) [ 188.181329][T16365] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1) [ 188.301467][T16388] loop1: detected capacity change from 0 to 512 [ 188.342929][T16388] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4120: bg 0: block 418: padding at end of block bitmap is not set [ 188.373092][T16388] EXT4-fs (loop1): Remounting filesystem read-only [ 188.383267][T16388] EXT4-fs (loop1): 1 truncate cleaned up [ 188.397969][T16388] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 188.535415][T16409] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 188.651978][T16431] loop2: detected capacity change from 0 to 256 [ 188.715220][T16428] loop1: detected capacity change from 0 to 2048 [ 188.756512][ T6552] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:13: bg 0: block 345: padding at end of block bitmap is not set [ 188.780042][T16428] EXT4-fs mount: 65 callbacks suppressed [ 188.780061][T16428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.798024][ T6552] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 188.810752][ T6552] EXT4-fs (loop3): This should not happen!! Data will be lost [ 188.810752][ T6552] [ 188.843313][ T6552] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 188.856108][ T6552] EXT4-fs (loop3): This should not happen!! Data will be lost [ 188.856108][ T6552] [ 188.865842][ T6552] EXT4-fs (loop3): Total free blocks count 0 [ 188.872120][ T6552] EXT4-fs (loop3): Free/Dirty block details [ 188.878042][ T6552] EXT4-fs (loop3): free_blocks=0 [ 188.883032][ T6552] EXT4-fs (loop3): dirty_blocks=2048 [ 188.888445][ T6552] EXT4-fs (loop3): Block reservation details [ 188.894541][ T6552] EXT4-fs (loop3): i_reserved_data_blocks=128 [ 188.929910][T16440] loop5: detected capacity change from 0 to 256 [ 189.029180][T16455] smc: net device bond0 applied user defined pnetid SYZ0 [ 189.045592][T16455] smc: net device bond0 erased user defined pnetid SYZ0 [ 189.150832][T16463] netlink: 'syz.4.4143': attribute type 39 has an invalid length. [ 189.209977][ T8762] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.248053][T16478] loop4: detected capacity change from 0 to 256 [ 189.286033][T16483] loop3: detected capacity change from 0 to 2048 [ 189.307734][T16483] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 189.349663][T16484] netlink: 'syz.5.4151': attribute type 39 has an invalid length. [ 189.485358][T16505] loop5: detected capacity change from 0 to 2048 [ 189.503939][T16505] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 189.526467][T16506] netlink: 'syz.1.4160': attribute type 39 has an invalid length. [ 189.553661][T16501] loop4: detected capacity change from 0 to 256 [ 189.610434][T16512] loop1: detected capacity change from 0 to 2048 [ 189.639792][T16512] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 189.665228][T12626] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.777792][T15150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.811450][T16528] loop4: detected capacity change from 0 to 256 [ 189.882353][ T8762] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.903524][T16541] loop5: detected capacity change from 0 to 512 [ 189.916399][T16541] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4174: bg 0: block 418: padding at end of block bitmap is not set [ 189.938528][T16541] EXT4-fs (loop5): Remounting filesystem read-only [ 189.946741][T16539] netlink: 'syz.2.4172': attribute type 39 has an invalid length. [ 189.956089][T16541] EXT4-fs (loop5): 1 truncate cleaned up [ 189.962663][T16541] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 189.975282][T16541] SELinux: (dev loop5, type ext4) getxattr errno 5 [ 189.982847][T16541] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.991834][T16544] loop4: detected capacity change from 0 to 2048 [ 190.002302][T16544] EXT4-fs: Ignoring removed bh option [ 190.056619][T16544] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.074233][T16556] 9pnet_fd: Insufficient options for proto=fd [ 190.096624][T16544] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 190.129806][T16544] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 190.142161][T16544] EXT4-fs (loop4): This should not happen!! Data will be lost [ 190.142161][T16544] [ 190.152179][T16544] EXT4-fs (loop4): Total free blocks count 0 [ 190.158227][T16544] EXT4-fs (loop4): Free/Dirty block details [ 190.161451][T16561] smc: net device bond0 applied user defined pnetid SYZ0 [ 190.164273][T16544] EXT4-fs (loop4): free_blocks=2415919104 [ 190.172134][T16561] smc: net device bond0 erased user defined pnetid SYZ0 [ 190.176930][T16544] EXT4-fs (loop4): dirty_blocks=32 [ 190.176948][T16544] EXT4-fs (loop4): Block reservation details [ 190.195141][T16544] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 190.198405][T16567] loop5: detected capacity change from 0 to 256 [ 190.252586][T11971] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.278152][T16572] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 190.360866][T16577] netlink: 'syz.2.4187': attribute type 39 has an invalid length. [ 190.411806][T16585] loop2: detected capacity change from 0 to 2048 [ 190.425438][T16587] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 190.442596][T16588] smc: net device bond0 applied user defined pnetid SYZ0 [ 190.451005][T16588] smc: net device bond0 erased user defined pnetid SYZ0 [ 190.462192][T16585] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 190.635959][T16599] loop3: detected capacity change from 0 to 256 [ 191.331777][T16618] x_tables: duplicate underflow at hook 2 [ 191.415017][T11571] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.460743][T16620] netlink: 'syz.3.4201': attribute type 39 has an invalid length. [ 191.518355][T16638] loop3: detected capacity change from 0 to 256 [ 191.533020][T16633] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 191.584272][T16647] loop5: detected capacity change from 0 to 256 [ 191.594584][T16651] 9pnet_fd: Insufficient options for proto=fd [ 191.650042][T16654] loop2: detected capacity change from 0 to 256 [ 191.721895][T16666] 9pnet_fd: Insufficient options for proto=fd [ 191.800589][ T29] kauditd_printk_skb: 668 callbacks suppressed [ 191.800626][ T29] audit: type=1326 audit(1741206051.371:15896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16674 comm="syz.3.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 191.834777][ T29] audit: type=1326 audit(1741206051.371:15897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16674 comm="syz.3.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 191.858420][ T29] audit: type=1326 audit(1741206051.371:15898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16674 comm="syz.3.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 191.882115][ T29] audit: type=1326 audit(1741206051.371:15899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16674 comm="syz.3.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 191.905818][ T29] audit: type=1326 audit(1741206051.371:15900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16674 comm="syz.3.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 191.912947][T16684] loop3: detected capacity change from 0 to 512 [ 191.929489][ T29] audit: type=1326 audit(1741206051.371:15901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16674 comm="syz.3.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 191.929529][ T29] audit: type=1326 audit(1741206051.371:15902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16674 comm="syz.3.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 191.980244][T16684] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4219: bg 0: block 418: padding at end of block bitmap is not set [ 191.982867][ T29] audit: type=1326 audit(1741206051.371:15903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16674 comm="syz.3.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 191.982897][ T29] audit: type=1326 audit(1741206051.371:15904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16674 comm="syz.3.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 191.982923][ T29] audit: type=1326 audit(1741206051.371:15905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16674 comm="syz.3.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 192.022207][T16684] EXT4-fs (loop3): Remounting filesystem read-only [ 192.075724][T16684] EXT4-fs (loop3): 1 truncate cleaned up [ 192.083322][T16684] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 192.095452][T16684] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 192.206720][T16719] loop2: detected capacity change from 0 to 256 [ 192.230460][T16720] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 192.254601][T16684] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 192.337076][T16728] loop3: detected capacity change from 0 to 256 [ 192.364892][T16730] 9pnet_fd: Insufficient options for proto=fd [ 192.514480][T16742] bridge0: entered promiscuous mode [ 192.521227][T16742] bridge0: port 3(macsec1) entered blocking state [ 192.527720][T16742] bridge0: port 3(macsec1) entered disabled state [ 192.534419][T16742] macsec1: entered allmulticast mode [ 192.539738][T16742] bridge0: entered allmulticast mode [ 192.581139][T16742] macsec1: left allmulticast mode [ 192.586310][T16742] bridge0: left allmulticast mode [ 192.592162][T16742] bridge0: left promiscuous mode [ 192.942862][T16756] smc: net device bond0 applied user defined pnetid SYZ0 [ 192.952858][T16756] smc: net device bond0 erased user defined pnetid SYZ0 [ 193.113204][T16759] loop1: detected capacity change from 0 to 256 [ 193.232071][T16766] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4236'. [ 193.241187][T16766] netlink: 'syz.1.4236': attribute type 5 has an invalid length. [ 193.249092][T16766] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4236'. [ 193.262005][T16767] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4238'. [ 193.278588][T16767] netlink: 'syz.4.4238': attribute type 5 has an invalid length. [ 193.286470][T16767] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4238'. [ 193.305134][T16769] loop2: detected capacity change from 0 to 2048 [ 193.330881][T16769] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 193.490017][T11571] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 193.555970][T16779] loop2: detected capacity change from 0 to 256 [ 193.726102][T16784] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 193.754666][T16786] loop5: detected capacity change from 0 to 128 [ 193.837946][T16797] Cannot find del_set index 4 as target [ 193.880792][T16799] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 194.006566][T16809] 9pnet_fd: Insufficient options for proto=fd [ 194.102923][T16821] smc: net device bond0 applied user defined pnetid SYZ0 [ 194.114944][T16821] smc: net device bond0 erased user defined pnetid SYZ0 [ 194.161747][T16827] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 194.211490][T16835] 9pnet_fd: Insufficient options for proto=fd [ 194.320853][T16840] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4268'. [ 194.329969][T16840] netlink: 'syz.4.4268': attribute type 5 has an invalid length. [ 194.337782][T16840] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4268'. [ 194.451617][T16851] loop3: detected capacity change from 0 to 256 [ 194.540616][T16860] loop3: detected capacity change from 0 to 256 [ 194.659777][T16872] loop5: detected capacity change from 0 to 2048 [ 194.671229][T16872] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 194.741833][T16878] loop3: detected capacity change from 0 to 128 [ 194.813055][T16881] Cannot find del_set index 4 as target [ 194.894044][T15150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 194.921577][T16889] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4286'. [ 194.938916][T16889] netlink: 'syz.2.4286': attribute type 5 has an invalid length. [ 194.946814][T16889] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4286'. [ 194.996775][T16894] netlink: 'syz.5.4291': attribute type 39 has an invalid length. [ 195.129221][T16916] loop4: detected capacity change from 0 to 256 [ 195.140927][T16917] smc: net device bond0 applied user defined pnetid SYZ0 [ 195.152024][T16917] smc: net device bond0 erased user defined pnetid SYZ0 [ 195.453784][T16933] bridge0: entered promiscuous mode [ 195.460847][T16933] bridge0: port 3(macsec0) entered blocking state [ 195.467306][T16933] bridge0: port 3(macsec0) entered disabled state [ 195.474020][T16933] macsec0: entered allmulticast mode [ 195.479460][T16933] bridge0: entered allmulticast mode [ 195.534192][T16933] macsec0: left allmulticast mode [ 195.539596][T16933] bridge0: left allmulticast mode [ 195.546216][T16933] bridge0: left promiscuous mode [ 196.026181][T16953] loop3: detected capacity change from 0 to 256 [ 196.195061][T16955] loop4: detected capacity change from 0 to 256 [ 196.302562][T16977] smc: net device bond0 applied user defined pnetid SYZ0 [ 196.309913][T16977] smc: net device bond0 erased user defined pnetid SYZ0 [ 196.319318][T16978] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4321'. [ 196.332815][T16978] netlink: 'syz.1.4321': attribute type 5 has an invalid length. [ 196.340732][T16978] netlink: 44 bytes leftover after parsing attributes in process `syz.1.4321'. [ 196.384547][T16986] loop4: detected capacity change from 0 to 512 [ 196.393223][T16986] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4329: bg 0: block 418: padding at end of block bitmap is not set [ 196.408106][T16986] EXT4-fs (loop4): Remounting filesystem read-only [ 196.415152][T16986] EXT4-fs (loop4): 1 truncate cleaned up [ 196.421414][T16986] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 196.436235][T16986] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 196.444781][T16986] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.481816][T16992] loop4: detected capacity change from 0 to 256 [ 196.612095][T17012] loop4: detected capacity change from 0 to 2048 [ 196.642776][T17012] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 196.655399][T17023] x_tables: duplicate underflow at hook 2 [ 196.832019][T11971] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 196.909909][T17062] loop4: detected capacity change from 0 to 2048 [ 196.930405][T17062] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 196.943805][T17062] ext4 filesystem being mounted at /309/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 197.066646][ T29] kauditd_printk_skb: 844 callbacks suppressed [ 197.066748][ T29] audit: type=1326 audit(1741206056.631:16750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16967 comm="syz.2.4322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcab18d169 code=0x7ffc0000 [ 197.102304][ T29] audit: type=1326 audit(1741206056.671:16751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16967 comm="syz.2.4322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcab18d169 code=0x7ffc0000 [ 197.145253][ T29] audit: type=1326 audit(1741206056.711:16752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17092 comm="syz.3.4337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 197.228065][ T29] audit: type=1326 audit(1741206056.741:16753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17092 comm="syz.3.4337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 197.251987][ T29] audit: type=1326 audit(1741206056.741:16754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17092 comm="syz.3.4337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd799d9d169 code=0x7ffc0000 [ 197.367111][ T29] audit: type=1326 audit(1741206056.841:16755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16989 comm="syz.5.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62591d169 code=0x7fc00000 [ 197.390784][ T29] audit: type=1326 audit(1741206056.841:16756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16989 comm="syz.5.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fa62591d169 code=0x7fc00000 [ 197.414524][ T29] audit: type=1326 audit(1741206056.841:16757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16989 comm="syz.5.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62591d169 code=0x7fc00000 [ 197.438420][ T29] audit: type=1326 audit(1741206056.841:16758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16989 comm="syz.5.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62591d169 code=0x7fc00000 [ 197.441149][T17125] loop2: detected capacity change from 0 to 256 [ 197.462346][ T29] audit: type=1326 audit(1741206056.841:16759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16989 comm="syz.5.4330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa62591d169 code=0x7fc00000 [ 197.640188][T17122] loop3: detected capacity change from 0 to 256 [ 197.662381][T17148] loop1: detected capacity change from 0 to 2048 [ 197.696010][T17148] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 197.719327][T17154] loop3: detected capacity change from 0 to 512 [ 197.727726][T17154] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4350: bg 0: block 418: padding at end of block bitmap is not set [ 197.744121][T17154] EXT4-fs (loop3): Remounting filesystem read-only [ 197.750886][T17154] EXT4-fs (loop3): 1 truncate cleaned up [ 197.770594][T17154] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 197.783459][T17154] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 197.798508][T17154] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.807698][ T7731] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:18: bg 0: block 345: padding at end of block bitmap is not set [ 197.823153][ T7731] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 197.835851][ T7731] EXT4-fs (loop4): This should not happen!! Data will be lost [ 197.835851][ T7731] [ 197.877474][ T28] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 197.890358][ T28] EXT4-fs (loop4): This should not happen!! Data will be lost [ 197.890358][ T28] [ 197.900095][ T28] EXT4-fs (loop4): Total free blocks count 0 [ 197.906230][ T28] EXT4-fs (loop4): Free/Dirty block details [ 197.912247][ T28] EXT4-fs (loop4): free_blocks=0 [ 197.917211][ T28] EXT4-fs (loop4): dirty_blocks=2048 [ 197.922660][ T28] EXT4-fs (loop4): Block reservation details [ 197.962722][ T8762] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.994704][T17162] smc: net device bond0 applied user defined pnetid SYZ0 [ 197.995331][T17161] loop1: detected capacity change from 0 to 2048 [ 198.002306][T17162] smc: net device bond0 erased user defined pnetid SYZ0 [ 198.035261][T17165] loop4: detected capacity change from 0 to 256 [ 198.045876][T17161] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.098971][T17168] loop5: detected capacity change from 0 to 2048 [ 198.121414][T17168] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.186869][T17175] loop4: detected capacity change from 0 to 256 [ 198.269565][ T8762] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.314284][T17183] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 198.397685][T15150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.444802][T17195] loop2: detected capacity change from 0 to 2048 [ 198.451744][T17195] EXT4-fs: Ignoring removed bh option [ 198.463964][T17195] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.501913][T17197] loop5: detected capacity change from 0 to 256 [ 198.544819][T17202] loop5: detected capacity change from 0 to 256 [ 198.544969][T17203] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 198.582440][T17203] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 198.594820][T17203] EXT4-fs (loop2): This should not happen!! Data will be lost [ 198.594820][T17203] [ 198.604561][T17203] EXT4-fs (loop2): Total free blocks count 0 [ 198.610614][T17203] EXT4-fs (loop2): Free/Dirty block details [ 198.616530][T17203] EXT4-fs (loop2): free_blocks=2415919104 [ 198.622305][T17203] EXT4-fs (loop2): dirty_blocks=32 [ 198.627522][T17203] EXT4-fs (loop2): Block reservation details [ 198.633570][T17203] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 198.706937][T17210] loop5: detected capacity change from 0 to 2048 [ 198.721863][T17210] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.891389][T15150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.910679][T17223] smc: net device bond0 applied user defined pnetid SYZ0 [ 198.918230][T17223] smc: net device bond0 erased user defined pnetid SYZ0 [ 198.930628][T17225] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 199.170339][T17240] smc: net device bond0 applied user defined pnetid SYZ0 [ 199.177644][T17240] smc: net device bond0 erased user defined pnetid SYZ0 [ 199.281165][T11571] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.304981][T17242] loop2: detected capacity change from 0 to 128 [ 199.367194][T17243] Cannot find del_set index 4 as target [ 199.737367][T17249] loop3: detected capacity change from 0 to 256 [ 200.183362][T17263] loop4: detected capacity change from 0 to 512 [ 200.320885][T17263] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4389: bg 0: block 418: padding at end of block bitmap is not set [ 200.335778][T17263] EXT4-fs (loop4): Remounting filesystem read-only [ 200.343194][T17263] EXT4-fs (loop4): 1 truncate cleaned up [ 200.359650][T17263] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 200.377039][T17263] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 200.384436][T17263] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 200.465371][T17277] loop2: detected capacity change from 0 to 256 [ 200.572519][T17289] loop1: detected capacity change from 0 to 256 [ 200.572535][T17288] smc: net device bond0 applied user defined pnetid SYZ0 [ 200.572683][T17288] smc: net device bond0 erased user defined pnetid SYZ0 [ 200.672487][T17291] loop3: detected capacity change from 0 to 2048 [ 200.694070][T17291] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 200.943393][T17309] loop1: detected capacity change from 0 to 256 [ 200.953441][T17313] loop5: detected capacity change from 0 to 128 [ 200.966594][T12626] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.052863][T17318] loop1: detected capacity change from 0 to 2048 [ 201.071405][T17319] Cannot find del_set index 4 as target [ 201.091360][T17318] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.612257][ T8762] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.865231][T17347] loop2: detected capacity change from 0 to 256 [ 201.933063][T17351] bridge0: entered promiscuous mode [ 201.940479][T17351] bridge0: port 3(macsec0) entered blocking state [ 201.946981][T17351] bridge0: port 3(macsec0) entered disabled state [ 201.953534][T17351] macsec0: entered allmulticast mode [ 201.958911][T17351] bridge0: entered allmulticast mode [ 201.999574][T17351] macsec0: left allmulticast mode [ 202.004701][T17351] bridge0: left allmulticast mode [ 202.010272][T17351] bridge0: left promiscuous mode [ 202.112968][T17355] smc: net device bond0 applied user defined pnetid SYZ0 [ 202.158168][ T29] kauditd_printk_skb: 508 callbacks suppressed [ 202.158182][ T29] audit: type=1326 audit(1741206061.711:17268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17357 comm="syz.4.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 202.188152][ T29] audit: type=1326 audit(1741206061.711:17269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17357 comm="syz.4.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 202.211758][ T29] audit: type=1326 audit(1741206061.721:17270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17357 comm="syz.4.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 202.235388][ T29] audit: type=1326 audit(1741206061.721:17271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17357 comm="syz.4.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 202.259044][ T29] audit: type=1326 audit(1741206061.721:17272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17357 comm="syz.4.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 202.282670][ T29] audit: type=1326 audit(1741206061.721:17273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17357 comm="syz.4.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 202.306359][ T29] audit: type=1326 audit(1741206061.721:17274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17357 comm="syz.4.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 202.314772][T17359] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 202.330150][ T29] audit: type=1326 audit(1741206061.721:17275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17357 comm="syz.4.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 202.345187][T17355] smc: net device bond0 erased user defined pnetid SYZ0 [ 202.362290][ T29] audit: type=1326 audit(1741206061.721:17276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17357 comm="syz.4.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 202.392913][ T29] audit: type=1326 audit(1741206061.721:17277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17357 comm="syz.4.4426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee9f0d169 code=0x7ffc0000 [ 202.629808][T17368] loop4: detected capacity change from 0 to 512 [ 202.642636][T17368] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4431: bg 0: block 418: padding at end of block bitmap is not set [ 202.687896][T17368] EXT4-fs (loop4): Remounting filesystem read-only [ 202.694805][T17368] EXT4-fs (loop4): 1 truncate cleaned up [ 202.701108][T17368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 202.728504][T17368] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 202.747397][T17368] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 202.835468][T17397] x_tables: duplicate underflow at hook 2 [ 202.874374][T17398] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4439'. [ 202.895677][T17391] loop5: detected capacity change from 0 to 256 [ 203.010685][T17402] loop5: detected capacity change from 0 to 256 [ 203.293942][T17409] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 203.424595][T17434] loop5: detected capacity change from 0 to 2048 [ 203.496433][T17434] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 203.749567][T17513] smc: net device bond0 applied user defined pnetid SYZ0 [ 203.770915][T17508] loop4: detected capacity change from 0 to 512 [ 203.787842][T17513] smc: net device bond0 erased user defined pnetid SYZ0 [ 203.831318][T17508] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4449: bg 0: block 418: padding at end of block bitmap is not set [ 203.887165][T17508] EXT4-fs (loop4): Remounting filesystem read-only [ 203.890191][T15150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.898144][T17508] EXT4-fs (loop4): 1 truncate cleaned up [ 203.921397][T17508] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 203.954479][T17486] loop3: detected capacity change from 0 to 256 [ 203.966191][T17508] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 203.972303][T17524] loop5: detected capacity change from 0 to 512 [ 203.975132][T17508] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.985835][T17522] loop1: detected capacity change from 0 to 256 [ 204.011404][T17524] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.4451: bg 0: block 418: padding at end of block bitmap is not set [ 204.030692][T17524] EXT4-fs (loop5): Remounting filesystem read-only [ 204.037286][T17524] EXT4-fs (loop5): 1 truncate cleaned up [ 204.056756][T17524] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.081182][T17524] SELinux: (dev loop5, type ext4) getxattr errno 5 [ 204.088090][T17524] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.113873][T17527] loop4: detected capacity change from 0 to 2048 [ 204.193327][T17527] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.301054][T17545] loop5: detected capacity change from 0 to 2048 [ 204.308797][T17545] EXT4-fs: Ignoring removed bh option [ 204.341109][T17545] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.624743][T17557] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 204.731745][T17557] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 204.744169][T17557] EXT4-fs (loop5): This should not happen!! Data will be lost [ 204.744169][T17557] [ 204.753872][T17557] EXT4-fs (loop5): Total free blocks count 0 [ 204.759929][T17557] EXT4-fs (loop5): Free/Dirty block details [ 204.765890][T17557] EXT4-fs (loop5): free_blocks=2415919104 [ 204.771708][T17557] EXT4-fs (loop5): dirty_blocks=32 [ 204.776855][T17557] EXT4-fs (loop5): Block reservation details [ 204.782951][T17557] EXT4-fs (loop5): i_reserved_data_blocks=2 [ 204.836090][T11971] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 204.878916][T17568] loop3: detected capacity change from 0 to 2048 [ 204.897992][T17568] EXT4-fs: Ignoring removed bh option [ 204.941224][T17568] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 204.943330][T17571] loop4: detected capacity change from 0 to 256 [ 205.036401][T17568] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 205.064362][T17568] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 205.076708][T17568] EXT4-fs (loop3): This should not happen!! Data will be lost [ 205.076708][T17568] [ 205.086438][T17568] EXT4-fs (loop3): Total free blocks count 0 [ 205.092497][T17568] EXT4-fs (loop3): Free/Dirty block details [ 205.098434][T17568] EXT4-fs (loop3): free_blocks=2415919104 [ 205.104212][T17568] EXT4-fs (loop3): dirty_blocks=32 [ 205.109370][T17568] EXT4-fs (loop3): Block reservation details [ 205.115432][T17568] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 205.150902][T15150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.197054][T12626] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.231010][T17596] smc: net device bond0 applied user defined pnetid SYZ0 [ 205.239121][T17596] smc: net device bond0 erased user defined pnetid SYZ0 [ 205.347121][T17622] x_tables: duplicate underflow at hook 2 [ 205.411310][T17631] loop4: detected capacity change from 0 to 2048 [ 205.424953][T17637] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4481'. [ 205.434279][T17627] loop5: detected capacity change from 0 to 2048 [ 205.443757][T17637] netlink: 'syz.3.4481': attribute type 5 has an invalid length. [ 205.451605][T17637] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4481'. [ 205.461844][T17631] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 205.492066][T17627] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 205.696288][T11971] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.764702][T15150] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.378508][T17722] loop1: detected capacity change from 0 to 256 [ 206.524068][T17736] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 206.651200][T17749] loop4: detected capacity change from 0 to 128 [ 206.660160][T17752] smc: net device bond0 applied user defined pnetid SYZ0 [ 206.698787][T17752] smc: net device bond0 erased user defined pnetid SYZ0 [ 206.728610][T17759] Cannot find del_set index 4 as target [ 206.888496][T17775] loop2: detected capacity change from 0 to 256 [ 206.957212][T17780] loop3: detected capacity change from 0 to 256 [ 207.386760][T17795] loop3: detected capacity change from 0 to 512 [ 207.400847][ T29] kauditd_printk_skb: 453 callbacks suppressed [ 207.400868][ T29] audit: type=1326 audit(1741206066.971:17731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17742 comm="syz.1.4498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 207.431605][ T29] audit: type=1326 audit(1741206067.001:17732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17742 comm="syz.1.4498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 207.457332][T17795] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4519: bg 0: block 418: padding at end of block bitmap is not set [ 207.522170][ T29] audit: type=1326 audit(1741206067.091:17733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17808 comm="syz.1.4525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 207.540477][T17795] EXT4-fs (loop3): Remounting filesystem read-only [ 207.552656][ T29] audit: type=1326 audit(1741206067.111:17734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17808 comm="syz.1.4525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 207.576380][ T29] audit: type=1326 audit(1741206067.111:17735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17808 comm="syz.1.4525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 207.577634][T17795] EXT4-fs (loop3): 1 truncate cleaned up [ 207.600015][ T29] audit: type=1326 audit(1741206067.111:17736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17808 comm="syz.1.4525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 207.605990][T17805] loop2: detected capacity change from 0 to 2048 [ 207.629221][ T29] audit: type=1326 audit(1741206067.131:17737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17808 comm="syz.1.4525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 207.629292][ T29] audit: type=1326 audit(1741206067.131:17738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17808 comm="syz.1.4525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 207.640588][T17795] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.706623][ T29] audit: type=1326 audit(1741206067.201:17739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17808 comm="syz.1.4525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 207.730853][ T29] audit: type=1326 audit(1741206067.201:17740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17808 comm="syz.1.4525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 207.755133][T17805] EXT4-fs: Ignoring removed bh option [ 207.762538][T17795] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 207.770924][T17810] smc: net device bond0 applied user defined pnetid SYZ0 [ 207.782550][T17810] smc: net device bond0 erased user defined pnetid SYZ0 [ 207.815030][T17816] loop4: detected capacity change from 0 to 256 [ 207.862659][T17805] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 207.940285][T17805] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 207.952652][T17805] EXT4-fs (loop2): This should not happen!! Data will be lost [ 207.952652][T17805] [ 207.962357][T17805] EXT4-fs (loop2): Total free blocks count 0 [ 207.968451][T17805] EXT4-fs (loop2): Free/Dirty block details [ 207.974471][T17805] EXT4-fs (loop2): free_blocks=2415919104 [ 207.980365][T17805] EXT4-fs (loop2): dirty_blocks=32 [ 207.985502][T17805] EXT4-fs (loop2): Block reservation details [ 207.991530][T17805] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 208.124048][T17841] loop4: detected capacity change from 0 to 256 [ 208.210803][T17845] loop2: detected capacity change from 0 to 2048 [ 208.236225][T17849] loop4: detected capacity change from 0 to 128 [ 208.481232][T17854] Cannot find del_set index 4 as target [ 208.654529][T17857] loop1: detected capacity change from 0 to 2048 [ 208.695756][T17863] loop2: detected capacity change from 0 to 2048 [ 208.702513][T17863] EXT4-fs: Ignoring removed bh option [ 208.792225][T17863] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 208.821243][T17863] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 208.833584][T17863] EXT4-fs (loop2): This should not happen!! Data will be lost [ 208.833584][T17863] [ 208.843289][T17863] EXT4-fs (loop2): Total free blocks count 0 [ 208.849398][T17863] EXT4-fs (loop2): Free/Dirty block details [ 208.855293][T17863] EXT4-fs (loop2): free_blocks=2415919104 [ 208.861080][T17863] EXT4-fs (loop2): dirty_blocks=32 [ 208.866256][T17863] EXT4-fs (loop2): Block reservation details [ 208.872272][T17863] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 209.003571][T17882] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0' [ 209.040536][T17885] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4544'. [ 209.049825][T17885] netlink: 'syz.2.4544': attribute type 5 has an invalid length. [ 209.057581][T17885] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4544'. [ 209.148423][T17895] loop3: detected capacity change from 0 to 128 [ 209.163328][T17899] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4556'. [ 209.277391][T17910] Cannot find del_set index 4 as target [ 210.006686][T17925] loop3: detected capacity change from 0 to 512 [ 210.016827][T17925] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4566: bg 0: block 418: padding at end of block bitmap is not set [ 210.063740][T17925] EXT4-fs (loop3): Remounting filesystem read-only [ 210.084311][T17925] EXT4-fs (loop3): 1 truncate cleaned up [ 210.090513][T17925] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 210.114623][T17932] loop4: detected capacity change from 0 to 2048 [ 210.121410][T17932] EXT4-fs: Ignoring removed bh option [ 210.392049][T17943] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4570'. [ 210.463192][T17943] netlink: 'syz.3.4570': attribute type 5 has an invalid length. [ 210.471051][T17943] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4570'. [ 210.603572][T17953] loop5: detected capacity change from 0 to 256 [ 210.653012][T17958] loop1: detected capacity change from 0 to 256 [ 210.673880][T17960] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 210.725877][T17965] loop5: detected capacity change from 0 to 2048 [ 210.733306][T17965] EXT4-fs: Ignoring removed bh option [ 210.735064][T17932] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 210.751368][T17932] EXT4-fs (loop4): This should not happen!! Data will be lost [ 210.751368][T17932] [ 210.761073][T17932] EXT4-fs (loop4): Total free blocks count 0 [ 210.767145][T17932] EXT4-fs (loop4): Free/Dirty block details [ 210.773156][T17932] EXT4-fs (loop4): free_blocks=2415919104 [ 210.778942][T17932] EXT4-fs (loop4): dirty_blocks=32 [ 210.784200][T17932] EXT4-fs (loop4): Block reservation details [ 210.790253][T17932] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 210.892650][T17969] loop1: detected capacity change from 0 to 256 [ 210.911178][T17975] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 210.942788][T17975] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 210.947881][T17976] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4582'. [ 210.955116][T17975] EXT4-fs (loop5): This should not happen!! Data will be lost [ 210.955116][T17975] [ 210.973891][T17975] EXT4-fs (loop5): Total free blocks count 0 [ 210.974306][T17976] netlink: 'syz.4.4582': attribute type 5 has an invalid length. [ 210.979945][T17975] EXT4-fs (loop5): Free/Dirty block details [ 210.979961][T17975] EXT4-fs (loop5): free_blocks=2415919104 [ 210.987750][T17976] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4582'. [ 210.993653][T17975] EXT4-fs (loop5): dirty_blocks=32 [ 211.013852][T17975] EXT4-fs (loop5): Block reservation details [ 211.019902][T17975] EXT4-fs (loop5): i_reserved_data_blocks=2 [ 211.054959][T17979] loop1: detected capacity change from 0 to 2048 [ 211.146672][T17984] 9pnet_fd: Insufficient options for proto=fd [ 211.195418][T17989] loop3: detected capacity change from 0 to 256 [ 211.273195][T17991] loop1: detected capacity change from 0 to 2048 [ 211.321711][T17996] loop3: detected capacity change from 0 to 256 [ 211.442022][T18002] loop3: detected capacity change from 0 to 2048 [ 211.529878][T18012] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4593'. [ 211.541347][T18012] netlink: 'syz.2.4593': attribute type 5 has an invalid length. [ 211.549150][T18012] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4593'. [ 211.558264][T18010] smc: net device bond0 applied user defined pnetid SYZ0 [ 211.566154][T18010] smc: net device bond0 erased user defined pnetid SYZ0 [ 211.654536][T18017] 9pnet_fd: Insufficient options for proto=fd [ 211.730497][T18023] loop3: detected capacity change from 0 to 2048 [ 211.771829][T18015] loop5: detected capacity change from 0 to 256 [ 211.775525][T18027] loop4: detected capacity change from 0 to 2048 [ 211.794071][T18027] EXT4-fs: Ignoring removed bh option [ 211.892755][T18034] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4601'. [ 211.902405][T18035] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 211.903769][T18034] netlink: 'syz.5.4601': attribute type 5 has an invalid length. [ 211.932930][T18027] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 211.945364][T18027] EXT4-fs (loop4): This should not happen!! Data will be lost [ 211.945364][T18027] [ 211.955051][T18027] EXT4-fs (loop4): Total free blocks count 0 [ 211.961068][T18027] EXT4-fs (loop4): Free/Dirty block details [ 211.967035][T18027] EXT4-fs (loop4): free_blocks=2415919104 [ 211.972865][T18027] EXT4-fs (loop4): dirty_blocks=32 [ 211.978271][T18027] EXT4-fs (loop4): Block reservation details [ 211.984385][T18027] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 211.994385][T18037] loop3: detected capacity change from 0 to 2048 [ 212.023357][T18037] ext4 filesystem being mounted at /297/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 212.053691][T18041] loop4: detected capacity change from 0 to 2048 [ 212.329365][T18056] 9pnet_fd: Insufficient options for proto=fd [ 212.464886][T18068] 9pnet_fd: Insufficient options for proto=fd [ 212.506171][T18070] loop2: detected capacity change from 0 to 2048 [ 212.513457][T18070] EXT4-fs: Ignoring removed bh option [ 212.564081][T18073] bridge0: entered promiscuous mode [ 212.571144][T18073] bridge0: port 3(macsec0) entered blocking state [ 212.577606][T18073] bridge0: port 3(macsec0) entered disabled state [ 212.584262][T18073] macsec0: entered allmulticast mode [ 212.589640][T18073] bridge0: entered allmulticast mode [ 212.619650][T18073] macsec0: left allmulticast mode [ 212.624735][T18073] bridge0: left allmulticast mode [ 212.631906][T18073] bridge0: left promiscuous mode [ 212.694839][T18076] loop4: detected capacity change from 0 to 2048 [ 212.791286][T18076] ext4 filesystem being mounted at /357/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 212.901522][T18070] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 212.943565][T18084] 9pnet_fd: Insufficient options for proto=fd [ 212.963118][T18070] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 19 with error 28 [ 212.975470][T18070] EXT4-fs (loop2): This should not happen!! Data will be lost [ 212.975470][T18070] [ 212.985243][T18070] EXT4-fs (loop2): Total free blocks count 0 [ 212.991303][T18070] EXT4-fs (loop2): Free/Dirty block details [ 212.992600][T18082] netlink: 'syz.5.4616': attribute type 5 has an invalid length. [ 212.997196][T18070] EXT4-fs (loop2): free_blocks=2415919104 [ 212.997216][T18070] EXT4-fs (loop2): dirty_blocks=32 [ 213.016022][T18070] EXT4-fs (loop2): Block reservation details [ 213.022119][T18070] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 213.061344][ T88] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:5: bg 0: block 345: padding at end of block bitmap is not set [ 213.091501][ T88] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 213.104286][ T88] EXT4-fs (loop3): This should not happen!! Data will be lost [ 213.104286][ T88] [ 213.116749][T18087] loop5: detected capacity change from 0 to 2048 [ 213.133717][T18087] ext4 filesystem being mounted at /168/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 213.248744][T18096] netlink: 'syz.2.4619': attribute type 5 has an invalid length. [ 213.263952][T18095] loop1: detected capacity change from 0 to 256 [ 213.304599][ T7186] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 213.317394][ T7186] EXT4-fs (loop3): This should not happen!! Data will be lost [ 213.317394][ T7186] [ 213.327112][ T7186] EXT4-fs (loop3): Total free blocks count 0 [ 213.333135][ T7186] EXT4-fs (loop3): Free/Dirty block details [ 213.339190][ T7186] EXT4-fs (loop3): free_blocks=0 [ 213.344145][ T7186] EXT4-fs (loop3): dirty_blocks=2048 [ 213.349524][ T7186] EXT4-fs (loop3): Block reservation details [ 213.355572][ T7186] EXT4-fs (loop3): i_reserved_data_blocks=128 [ 213.573924][ T6544] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm kworker/u8:10: bg 0: block 345: padding at end of block bitmap is not set [ 213.590140][ T6544] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 213.602973][ T6544] EXT4-fs (loop4): This should not happen!! Data will be lost [ 213.602973][ T6544] [ 213.615738][T18105] loop1: detected capacity change from 0 to 256 [ 213.664064][ T7186] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 213.677048][ T7186] EXT4-fs (loop4): This should not happen!! Data will be lost [ 213.677048][ T7186] [ 213.686871][ T7186] EXT4-fs (loop4): Total free blocks count 0 [ 213.692992][ T7186] EXT4-fs (loop4): Free/Dirty block details [ 213.698928][ T7186] EXT4-fs (loop4): free_blocks=0 [ 213.703970][ T7186] EXT4-fs (loop4): dirty_blocks=2048 [ 213.709310][ T7186] EXT4-fs (loop4): Block reservation details [ 213.715344][ T7186] EXT4-fs (loop4): i_reserved_data_blocks=128 [ 213.731410][T18111] 9pnet_fd: Insufficient options for proto=fd [ 213.755458][ T29] kauditd_printk_skb: 267 callbacks suppressed [ 213.755474][ T29] audit: type=1326 audit(1741206073.321:18008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18112 comm="syz.1.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 213.785475][ T29] audit: type=1326 audit(1741206073.321:18009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18112 comm="syz.1.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 213.821979][ T29] audit: type=1326 audit(1741206073.321:18010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18112 comm="syz.1.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 213.845659][ T29] audit: type=1326 audit(1741206073.321:18011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18112 comm="syz.1.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 213.869276][ T29] audit: type=1326 audit(1741206073.361:18012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18112 comm="syz.1.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 213.892890][ T29] audit: type=1326 audit(1741206073.361:18013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18112 comm="syz.1.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 213.916489][ T29] audit: type=1326 audit(1741206073.361:18014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18112 comm="syz.1.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 213.940242][ T29] audit: type=1326 audit(1741206073.361:18015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18112 comm="syz.1.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 213.963868][ T29] audit: type=1326 audit(1741206073.361:18016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18112 comm="syz.1.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 213.987564][ T29] audit: type=1326 audit(1741206073.361:18017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18112 comm="syz.1.4628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 214.027138][T18116] smc: net device bond0 applied user defined pnetid SYZ0 [ 214.042702][ T28] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 345: padding at end of block bitmap is not set [ 214.057605][T18116] smc: net device bond0 erased user defined pnetid SYZ0 [ 214.067812][ T28] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 214.080739][ T28] EXT4-fs (loop5): This should not happen!! Data will be lost [ 214.080739][ T28] [ 214.145764][T17464] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 214.158588][T17464] EXT4-fs (loop5): This should not happen!! Data will be lost [ 214.158588][T17464] [ 214.158730][T18124] loop2: detected capacity change from 0 to 2048 [ 214.168292][T17464] EXT4-fs (loop5): Total free blocks count 0 [ 214.180727][T17464] EXT4-fs (loop5): Free/Dirty block details [ 214.186663][T17464] EXT4-fs (loop5): free_blocks=0 [ 214.191710][T17464] EXT4-fs (loop5): dirty_blocks=2048 [ 214.197078][T17464] EXT4-fs (loop5): Block reservation details [ 214.203149][T17464] EXT4-fs (loop5): i_reserved_data_blocks=128 [ 214.318388][T18132] loop4: detected capacity change from 0 to 512 [ 214.335856][T18132] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4636: bg 0: block 418: padding at end of block bitmap is not set [ 214.350436][T18135] loop5: detected capacity change from 0 to 2048 [ 214.367311][T18132] EXT4-fs (loop4): Remounting filesystem read-only [ 214.374121][T18132] EXT4-fs (loop4): 1 truncate cleaned up [ 214.380506][T18132] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 214.390989][T18135] ext4 filesystem being mounted at /169/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 214.463980][T18145] loop2: detected capacity change from 0 to 128 [ 214.508015][T18143] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22 [ 214.545610][T18150] smc: net device bond0 applied user defined pnetid SYZ0 [ 214.553282][T18150] smc: net device bond0 erased user defined pnetid SYZ0 [ 214.611502][T18154] loop4: detected capacity change from 0 to 512 [ 214.643294][T18154] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.4641: bg 0: block 418: padding at end of block bitmap is not set [ 214.682400][T18154] EXT4-fs (loop4): Remounting filesystem read-only [ 214.691589][T18154] EXT4-fs (loop4): 1 truncate cleaned up [ 214.711305][T18154] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 214.726048][T18155] loop3: detected capacity change from 0 to 256 [ 214.834400][T18166] loop4: detected capacity change from 0 to 512 [ 214.847048][T18166] journal_path: Non-blockdev passed as './bus' [ 214.853369][T18166] EXT4-fs: error: could not find journal device path [ 214.933393][T18176] smc: net device bond0 applied user defined pnetid SYZ0 [ 214.942975][T18176] smc: net device bond0 erased user defined pnetid SYZ0 [ 214.955555][T18172] loop3: detected capacity change from 0 to 256 [ 215.175519][T18193] loop1: detected capacity change from 0 to 256 [ 215.188700][ T28] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 345: padding at end of block bitmap is not set [ 215.206577][ T28] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 215.219463][ T28] EXT4-fs (loop5): This should not happen!! Data will be lost [ 215.219463][ T28] [ 215.289108][ T6544] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 215.301894][ T6544] EXT4-fs (loop5): This should not happen!! Data will be lost [ 215.301894][ T6544] [ 215.311733][ T6544] EXT4-fs (loop5): Total free blocks count 0 [ 215.312743][T18203] FAULT_INJECTION: forcing a failure. [ 215.312743][T18203] name failslab, interval 1, probability 0, space 0, times 0 [ 215.317908][ T6544] EXT4-fs (loop5): Free/Dirty block details [ 215.317925][ T6544] EXT4-fs (loop5): free_blocks=0 [ 215.330616][T18203] CPU: 0 UID: 0 PID: 18203 Comm: syz.1.4666 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 215.330687][T18203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 215.330704][T18203] Call Trace: [ 215.330713][T18203] [ 215.330722][T18203] dump_stack_lvl+0xf2/0x150 [ 215.330758][T18203] dump_stack+0x15/0x1a [ 215.330786][T18203] should_fail_ex+0x24a/0x260 [ 215.330835][T18203] should_failslab+0x8f/0xb0 [ 215.330875][T18203] __kmalloc_node_noprof+0xad/0x410 [ 215.330904][T18203] ? __kvmalloc_node_noprof+0x72/0x170 [ 215.330944][T18203] __kvmalloc_node_noprof+0x72/0x170 [ 215.330981][T18203] xt_alloc_table_info+0x3d/0x80 [ 215.331081][T18203] do_ipt_set_ctl+0x66f/0x8b0 [ 215.331225][T18203] ? _raw_spin_unlock_bh+0x36/0x40 [ 215.331252][T18203] ? lock_sock_nested+0x10f/0x140 [ 215.331300][T18203] nf_setsockopt+0x195/0x1b0 [ 215.331344][T18203] ip_setsockopt+0xea/0x100 [ 215.331395][T18203] udp_setsockopt+0x95/0xb0 [ 215.331424][T18203] sock_common_setsockopt+0x64/0x80 [ 215.331474][T18203] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 215.331518][T18203] __sys_setsockopt+0x187/0x200 [ 215.331619][T18203] __x64_sys_setsockopt+0x66/0x80 [ 215.331741][T18203] x64_sys_call+0x282e/0x2dc0 [ 215.331776][T18203] do_syscall_64+0xc9/0x1c0 [ 215.331815][T18203] ? clear_bhb_loop+0x55/0xb0 [ 215.331915][T18203] ? clear_bhb_loop+0x55/0xb0 [ 215.331949][T18203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.332037][T18203] RIP: 0033:0x7fe958b3d169 [ 215.332057][T18203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.332082][T18203] RSP: 002b:00007fe9571a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 215.332106][T18203] RAX: ffffffffffffffda RBX: 00007fe958d55fa0 RCX: 00007fe958b3d169 [ 215.332123][T18203] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 215.332167][T18203] RBP: 00007fe9571a1090 R08: 0000000000000368 R09: 0000000000000000 [ 215.332182][T18203] R10: 0000400000000480 R11: 0000000000000246 R12: 0000000000000001 [ 215.332197][T18203] R13: 0000000000000000 R14: 00007fe958d55fa0 R15: 00007ffdd632d9e8 [ 215.332220][T18203] [ 215.515959][T18214] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1539 sclass=netlink_route_socket pid=18214 comm=syz.1.4672 [ 215.522570][ T6544] EXT4-fs (loop5): dirty_blocks=2048 [ 215.522589][ T6544] EXT4-fs (loop5): Block reservation details [ 215.522602][ T6544] EXT4-fs (loop5): i_reserved_data_blocks=128 [ 215.598239][T18214] loop1: detected capacity change from 0 to 1024 [ 215.631745][T18214] EXT4-fs: Ignoring removed nomblk_io_submit option [ 215.650991][T18220] loop3: detected capacity change from 0 to 2048 [ 215.652824][T18214] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 215.677827][T18214] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e055c01c, mo2=0002] [ 215.686590][T18220] ext4 filesystem being mounted at /319/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 215.688972][T18214] System zones: 0-1, 3-36 [ 215.733163][T18225] smc: net device bond0 applied user defined pnetid SYZ0 [ 215.751204][T18225] smc: net device bond0 erased user defined pnetid SYZ0 [ 215.906653][T18232] loop5: detected capacity change from 0 to 256 [ 215.989463][T18241] bridge0: entered promiscuous mode [ 215.996335][T18241] bridge0: port 3(macsec1) entered blocking state [ 216.002844][T18241] bridge0: port 3(macsec1) entered disabled state [ 216.009458][T18241] macsec1: entered allmulticast mode [ 216.014837][T18241] bridge0: entered allmulticast mode [ 216.109879][T18241] macsec1: left allmulticast mode [ 216.114985][T18241] bridge0: left allmulticast mode [ 216.122176][T18242] FAULT_INJECTION: forcing a failure. [ 216.122176][T18242] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 216.135290][T18242] CPU: 1 UID: 0 PID: 18242 Comm: syz.1.4680 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 216.135349][T18242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 216.135364][T18242] Call Trace: [ 216.135371][T18242] [ 216.135379][T18242] dump_stack_lvl+0xf2/0x150 [ 216.135412][T18242] dump_stack+0x15/0x1a [ 216.135508][T18242] should_fail_ex+0x24a/0x260 [ 216.135545][T18242] should_fail+0xb/0x10 [ 216.135686][T18242] should_fail_usercopy+0x1a/0x20 [ 216.135723][T18242] _copy_from_user+0x1c/0xa0 [ 216.135747][T18242] kstrtouint_from_user+0x76/0xe0 [ 216.135804][T18242] ? 0xffffffff81000000 [ 216.135821][T18242] ? selinux_file_permission+0x22a/0x360 [ 216.135858][T18242] proc_fail_nth_write+0x4f/0x150 [ 216.135893][T18242] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 216.135992][T18242] vfs_write+0x27d/0x920 [ 216.136041][T18242] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 216.136071][T18242] ? __fget_files+0x17c/0x1c0 [ 216.136113][T18242] ksys_write+0xe8/0x1b0 [ 216.136147][T18242] __x64_sys_write+0x42/0x50 [ 216.136253][T18242] x64_sys_call+0x287e/0x2dc0 [ 216.136282][T18242] do_syscall_64+0xc9/0x1c0 [ 216.136313][T18242] ? clear_bhb_loop+0x55/0xb0 [ 216.136406][T18242] ? clear_bhb_loop+0x55/0xb0 [ 216.136445][T18242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.136479][T18242] RIP: 0033:0x7fe958b3bc1f [ 216.136577][T18242] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 216.136596][T18242] RSP: 002b:00007fe9571a1030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 216.136682][T18242] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe958b3bc1f [ 216.136694][T18242] RDX: 0000000000000001 RSI: 00007fe9571a10a0 RDI: 0000000000000003 [ 216.136705][T18242] RBP: 00007fe9571a1090 R08: 0000000000000000 R09: 0000000000000000 [ 216.136717][T18242] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001 [ 216.136769][T18242] R13: 0000000000000001 R14: 00007fe958d55fa0 R15: 00007ffdd632d9e8 [ 216.136790][T18242] [ 216.137226][T18241] bridge0: left promiscuous mode [ 216.374636][T18245] loop5: detected capacity change from 0 to 2048 [ 216.487679][ T6544] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:10: bg 0: block 345: padding at end of block bitmap is not set [ 216.502727][ T6544] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 216.515562][ T6544] EXT4-fs (loop3): This should not happen!! Data will be lost [ 216.515562][ T6544] [ 216.995406][ T6544] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 217.008201][ T6544] EXT4-fs (loop3): This should not happen!! Data will be lost [ 217.008201][ T6544] [ 217.017908][ T6544] EXT4-fs (loop3): Total free blocks count 0 [ 217.023944][ T6544] EXT4-fs (loop3): Free/Dirty block details [ 217.030020][ T6544] EXT4-fs (loop3): free_blocks=0 [ 217.034981][ T6544] EXT4-fs (loop3): dirty_blocks=2048 [ 217.040321][ T6544] EXT4-fs (loop3): Block reservation details [ 217.046324][ T6544] EXT4-fs (loop3): i_reserved_data_blocks=128 [ 217.144787][T18270] loop3: detected capacity change from 0 to 256 [ 217.156747][T18268] loop5: detected capacity change from 0 to 2048 [ 217.347378][T18272] loop2: detected capacity change from 0 to 256 [ 217.464689][T18288] bridge0: entered promiscuous mode [ 217.471467][T18288] bridge0: port 3(macsec0) entered blocking state [ 217.477932][T18288] bridge0: port 3(macsec0) entered disabled state [ 217.484630][T18288] macsec0: entered allmulticast mode [ 217.489944][T18288] bridge0: entered allmulticast mode [ 217.496357][T18288] macsec0: left allmulticast mode [ 217.501438][T18288] bridge0: left allmulticast mode [ 217.507098][T18288] bridge0: left promiscuous mode [ 217.595722][T18291] 9pnet: Could not find request transport: fd0x0000000000000007 [ 217.881241][T18309] netlink: 'syz.5.4703': attribute type 4 has an invalid length. [ 217.889082][T18309] __nla_validate_parse: 5 callbacks suppressed [ 217.889097][T18309] netlink: 152 bytes leftover after parsing attributes in process `syz.5.4703'. [ 217.907522][T18309] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check. [ 217.925998][T18310] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4701'. [ 217.935255][T18310] netlink: 'syz.4.4701': attribute type 5 has an invalid length. [ 217.943074][T18310] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4701'. [ 218.047752][T18320] 9pnet: Could not find request transport: fd0x0000000000000007 [ 218.122065][T18334] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4711'. [ 218.131095][T18334] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4711'. [ 218.152877][T18333] loop2: detected capacity change from 0 to 512 [ 218.161843][T18333] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4714: bg 0: block 418: padding at end of block bitmap is not set [ 218.177572][T18333] EXT4-fs (loop2): Remounting filesystem read-only [ 218.193514][T18333] EXT4-fs (loop2): 1 truncate cleaned up [ 218.199698][T18333] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 218.203578][T18336] smc: net device bond0 applied user defined pnetid SYZ0 [ 218.214759][T18336] smc: net device bond0 erased user defined pnetid SYZ0 [ 218.288562][T18340] smc: net device bond0 applied user defined pnetid SYZ0 [ 218.303716][T18340] smc: net device bond0 erased user defined pnetid SYZ0 [ 218.349223][T18350] loop2: detected capacity change from 0 to 256 [ 218.461660][T18361] loop2: detected capacity change from 0 to 256 [ 218.496812][T18366] loop1: detected capacity change from 0 to 512 [ 218.506438][T18367] loop2: detected capacity change from 0 to 2048 [ 218.514236][T18366] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.4727: bg 0: block 418: padding at end of block bitmap is not set [ 218.530022][T18366] EXT4-fs (loop1): Remounting filesystem read-only [ 218.536654][T18366] EXT4-fs (loop1): 1 truncate cleaned up [ 218.542925][T18366] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 218.777766][T18382] loop4: detected capacity change from 0 to 256 [ 218.813658][T11571] EXT4-fs unmount: 56 callbacks suppressed [ 218.813676][T11571] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 218.916795][T18396] FAULT_INJECTION: forcing a failure. [ 218.916795][T18396] name failslab, interval 1, probability 0, space 0, times 0 [ 218.929676][T18396] CPU: 0 UID: 0 PID: 18396 Comm: syz.3.4738 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 218.929702][T18396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 218.929745][T18396] Call Trace: [ 218.929752][T18396] [ 218.929761][T18396] dump_stack_lvl+0xf2/0x150 [ 218.929793][T18396] dump_stack+0x15/0x1a [ 218.929855][T18396] should_fail_ex+0x24a/0x260 [ 218.929892][T18396] should_failslab+0x8f/0xb0 [ 218.929921][T18396] kmem_cache_alloc_noprof+0x52/0x320 [ 218.929943][T18396] ? getname_flags+0x81/0x3b0 [ 218.930039][T18396] ? bpf_trace_run2+0x123/0x1d0 [ 218.930068][T18396] getname_flags+0x81/0x3b0 [ 218.930102][T18396] getname+0x17/0x20 [ 218.930153][T18396] do_sys_openat2+0x67/0x120 [ 218.930179][T18396] __x64_sys_creat+0x66/0x90 [ 218.930206][T18396] x64_sys_call+0x1084/0x2dc0 [ 218.930310][T18396] do_syscall_64+0xc9/0x1c0 [ 218.930356][T18396] ? clear_bhb_loop+0x55/0xb0 [ 218.930389][T18396] ? clear_bhb_loop+0x55/0xb0 [ 218.930453][T18396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.930480][T18396] RIP: 0033:0x7fd799d9d169 [ 218.930552][T18396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.930570][T18396] RSP: 002b:00007fd798407038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 218.930589][T18396] RAX: ffffffffffffffda RBX: 00007fd799fb5fa0 RCX: 00007fd799d9d169 [ 218.930604][T18396] RDX: 0000000000000000 RSI: 00000000000000d4 RDI: 00004000000000c0 [ 218.930618][T18396] RBP: 00007fd798407090 R08: 0000000000000000 R09: 0000000000000000 [ 218.930714][T18396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 218.930726][T18396] R13: 0000000000000000 R14: 00007fd799fb5fa0 R15: 00007ffc691a2328 [ 218.930744][T18396] [ 219.160469][T18395] netlink: 'syz.5.4739': attribute type 39 has an invalid length. [ 219.274439][T18414] netlink: 96 bytes leftover after parsing attributes in process `syz.2.4744'. [ 219.289588][T18414] netlink: 'syz.2.4744': attribute type 5 has an invalid length. [ 219.297383][T18414] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4744'. [ 219.307311][T18416] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4746'. [ 219.316380][T18416] netlink: 'syz.3.4746': attribute type 5 has an invalid length. [ 219.324193][T18416] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4746'. [ 219.433046][T18429] loop1: detected capacity change from 0 to 256 [ 219.466858][T18432] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4752'. [ 219.476139][T18432] netlink: 'syz.4.4752': attribute type 5 has an invalid length. [ 219.510775][T18436] 9pnet_fd: Insufficient options for proto=fd [ 219.533653][ T29] kauditd_printk_skb: 509 callbacks suppressed [ 219.533671][ T29] audit: type=1326 audit(1741206079.101:18525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18437 comm="syz.1.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 219.563797][ T29] audit: type=1326 audit(1741206079.101:18526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18437 comm="syz.1.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 219.587542][ T29] audit: type=1326 audit(1741206079.101:18527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18437 comm="syz.1.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 219.611149][ T29] audit: type=1326 audit(1741206079.101:18528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18437 comm="syz.1.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 219.634816][ T29] audit: type=1326 audit(1741206079.101:18529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18437 comm="syz.1.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 219.658516][ T29] audit: type=1326 audit(1741206079.101:18530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18437 comm="syz.1.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 219.683460][ T29] audit: type=1326 audit(1741206079.201:18531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18437 comm="syz.1.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 219.707368][ T29] audit: type=1326 audit(1741206079.201:18532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18437 comm="syz.1.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 219.731165][ T29] audit: type=1326 audit(1741206079.211:18533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18437 comm="syz.1.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 219.754849][ T29] audit: type=1326 audit(1741206079.211:18534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18437 comm="syz.1.4757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe958b3d169 code=0x7ffc0000 [ 219.784001][T18439] smc: net device bond0 applied user defined pnetid SYZ0 [ 219.791482][T18439] smc: net device bond0 erased user defined pnetid SYZ0 [ 220.137125][T18449] 9pnet_fd: Insufficient options for proto=fd [ 220.146462][T18445] loop3: detected capacity change from 0 to 2048 [ 220.172801][T18445] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 220.311282][T18465] 9pnet_fd: Insufficient options for proto=fd [ 220.395101][T12626] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.430100][T18482] netlink: 'syz.5.4769': attribute type 5 has an invalid length. [ 220.438783][T18483] 9pnet_fd: Insufficient options for proto=fd [ 220.461029][T18484] netlink: 'syz.1.4772': attribute type 5 has an invalid length. [ 220.529320][T18489] smc: net device bond0 applied user defined pnetid SYZ0 [ 220.537761][T18489] smc: net device bond0 erased user defined pnetid SYZ0 [ 220.548598][T18495] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 220.592516][T18499] loop2: detected capacity change from 0 to 512 [ 220.611881][T18499] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.4781: bg 0: block 418: padding at end of block bitmap is not set [ 220.626496][T18499] EXT4-fs (loop2): Remounting filesystem read-only [ 220.633193][T18499] EXT4-fs (loop2): 1 truncate cleaned up [ 220.639501][T18499] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 220.652323][T18499] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 220.659987][T18499] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.674103][T18501] smc: net device bond0 applied user defined pnetid SYZ0 [ 220.684069][T18501] smc: net device bond0 erased user defined pnetid SYZ0 [ 220.783942][T18509] 9pnet_fd: Insufficient options for proto=fd [ 220.811522][T18511] loop2: detected capacity change from 0 to 256 [ 220.911401][T18514] 9pnet_fd: Insufficient options for proto=fd [ 221.204234][ C0] ================================================================== [ 221.212365][ C0] BUG: KCSAN: data-race in can_send / can_send [ 221.218557][ C0] [ 221.220898][ C0] read-write to 0xffff88811d4d5d10 of 8 bytes by interrupt on cpu 1: [ 221.228993][ C0] can_send+0x5a2/0x6d0 [ 221.233172][ C0] bcm_can_tx+0x314/0x420 [ 221.237531][ C0] bcm_tx_timeout_handler+0xea/0x280 [ 221.242847][ C0] __hrtimer_run_queues+0x20d/0x5e0 [ 221.248073][ C0] hrtimer_run_softirq+0xe4/0x2c0 [ 221.253125][ C0] handle_softirqs+0xbf/0x280 [ 221.257831][ C0] run_ksoftirqd+0x1c/0x30 [ 221.262292][ C0] smpboot_thread_fn+0x31c/0x4c0 [ 221.267264][ C0] kthread+0x4ae/0x520 [ 221.271361][ C0] ret_from_fork+0x4b/0x60 [ 221.275809][ C0] ret_from_fork_asm+0x1a/0x30 [ 221.280603][ C0] [ 221.282937][ C0] read-write to 0xffff88811d4d5d10 of 8 bytes by interrupt on cpu 0: [ 221.291020][ C0] can_send+0x5a2/0x6d0 [ 221.295194][ C0] bcm_can_tx+0x314/0x420 [ 221.299592][ C0] bcm_tx_timeout_handler+0xea/0x280 [ 221.304922][ C0] __hrtimer_run_queues+0x20d/0x5e0 [ 221.310152][ C0] hrtimer_run_softirq+0xe4/0x2c0 [ 221.315194][ C0] handle_softirqs+0xbf/0x280 [ 221.319882][ C0] do_softirq+0x5e/0x90 [ 221.324052][ C0] __local_bh_enable_ip+0x6e/0x70 [ 221.329092][ C0] _raw_spin_unlock_bh+0x36/0x40 [ 221.334036][ C0] release_sock+0x117/0x150 [ 221.338574][ C0] bcm_sendmsg+0x404/0x470 [ 221.342999][ C0] __sock_sendmsg+0x140/0x180 [ 221.347689][ C0] ____sys_sendmsg+0x326/0x4b0 [ 221.352472][ C0] __sys_sendmsg+0x19d/0x230 [ 221.357105][ C0] __x64_sys_sendmsg+0x46/0x50 [ 221.361971][ C0] x64_sys_call+0x2734/0x2dc0 [ 221.366660][ C0] do_syscall_64+0xc9/0x1c0 [ 221.371272][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.377178][ C0] [ 221.379501][ C0] value changed: 0x0000000000000039 -> 0x000000000000003a [ 221.386602][ C0] [ 221.388924][ C0] Reported by Kernel Concurrency Sanitizer on: [ 221.395071][ C0] CPU: 0 UID: 0 PID: 18520 Comm: syz.5.4791 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 221.405833][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 221.415896][ C0] ================================================================== [ 221.485416][ C0] ================================================================== [ 221.493558][ C0] BUG: KCSAN: data-race in can_receive / can_receive [ 221.500298][ C0] [ 221.502651][ C0] read-write to 0xffff88811d4d5d08 of 8 bytes by interrupt on cpu 1: [ 221.510740][ C0] can_receive+0x4e/0x1f0 [ 221.515078][ C0] canfd_rcv+0xe7/0x180 [ 221.519244][ C0] __netif_receive_skb+0x123/0x280 [ 221.524371][ C0] process_backlog+0x22e/0x440 [ 221.529149][ C0] __napi_poll+0x63/0x3c0 [ 221.533487][ C0] net_rx_action+0x3a1/0x7f0 [ 221.538090][ C0] handle_softirqs+0xbf/0x280 [ 221.542796][ C0] run_ksoftirqd+0x1c/0x30 [ 221.547224][ C0] smpboot_thread_fn+0x31c/0x4c0 [ 221.552173][ C0] kthread+0x4ae/0x520 [ 221.556254][ C0] ret_from_fork+0x4b/0x60 [ 221.560680][ C0] ret_from_fork_asm+0x1a/0x30 [ 221.565456][ C0] [ 221.567777][ C0] read-write to 0xffff88811d4d5d08 of 8 bytes by interrupt on cpu 0: [ 221.575842][ C0] can_receive+0x4e/0x1f0 [ 221.580179][ C0] canfd_rcv+0xe7/0x180 [ 221.584340][ C0] __netif_receive_skb+0x123/0x280 [ 221.589470][ C0] process_backlog+0x22e/0x440 [ 221.594248][ C0] __napi_poll+0x63/0x3c0 [ 221.598588][ C0] net_rx_action+0x3a1/0x7f0 [ 221.603287][ C0] handle_softirqs+0xbf/0x280 [ 221.607973][ C0] do_softirq+0x5e/0x90 [ 221.612142][ C0] __local_bh_enable_ip+0x6e/0x70 [ 221.617176][ C0] _raw_spin_unlock_bh+0x36/0x40 [ 221.622127][ C0] nsim_dev_trap_report_work+0x522/0x620 [ 221.627770][ C0] process_scheduled_works+0x4db/0xa20 [ 221.633235][ C0] worker_thread+0x51d/0x6f0 [ 221.637830][ C0] kthread+0x4ae/0x520 [ 221.641909][ C0] ret_from_fork+0x4b/0x60 [ 221.646337][ C0] ret_from_fork_asm+0x1a/0x30 [ 221.651118][ C0] [ 221.653438][ C0] value changed: 0x000000000000284d -> 0x000000000000284e [ 221.660541][ C0] [ 221.662862][ C0] Reported by Kernel Concurrency Sanitizer on: [ 221.669020][ C0] CPU: 0 UID: 0 PID: 6544 Comm: kworker/u8:10 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 221.679972][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 221.690035][ C0] Workqueue: events_unbound nsim_dev_trap_report_work [ 221.696813][ C0] ================================================================== [ 221.717835][ C1] ================================================================== [ 221.725971][ C1] BUG: KCSAN: data-race in can_receive / can_receive [ 221.732677][ C1] [ 221.735009][ C1] read-write to 0xffff88811d4d5d68 of 8 bytes by interrupt on cpu 0: [ 221.743091][ C1] can_receive+0x62/0x1f0 [ 221.747444][ C1] canfd_rcv+0xe7/0x180 [ 221.751618][ C1] __netif_receive_skb+0x123/0x280 [ 221.756759][ C1] process_backlog+0x22e/0x440 [ 221.761557][ C1] __napi_poll+0x63/0x3c0 [ 221.765915][ C1] net_rx_action+0x3a1/0x7f0 [ 221.770544][ C1] handle_softirqs+0xbf/0x280 [ 221.775247][ C1] run_ksoftirqd+0x1c/0x30 [ 221.779690][ C1] smpboot_thread_fn+0x31c/0x4c0 [ 221.784657][ C1] kthread+0x4ae/0x520 [ 221.788745][ C1] ret_from_fork+0x4b/0x60 [ 221.793187][ C1] ret_from_fork_asm+0x1a/0x30 [ 221.797986][ C1] [ 221.800320][ C1] read-write to 0xffff88811d4d5d68 of 8 bytes by interrupt on cpu 1: [ 221.808399][ C1] can_receive+0x62/0x1f0 [ 221.812768][ C1] canfd_rcv+0xe7/0x180 [ 221.816935][ C1] __netif_receive_skb+0x123/0x280 [ 221.822058][ C1] process_backlog+0x22e/0x440 [ 221.826832][ C1] __napi_poll+0x63/0x3c0 [ 221.831173][ C1] net_rx_action+0x3a1/0x7f0 [ 221.835776][ C1] handle_softirqs+0xbf/0x280 [ 221.840478][ C1] run_ksoftirqd+0x1c/0x30 [ 221.844902][ C1] smpboot_thread_fn+0x31c/0x4c0 [ 221.849855][ C1] kthread+0x4ae/0x520 [ 221.853936][ C1] ret_from_fork+0x4b/0x60 [ 221.858361][ C1] ret_from_fork_asm+0x1a/0x30 [ 221.863137][ C1] [ 221.865456][ C1] value changed: 0x00000000000003df -> 0x00000000000003e0 [ 221.872558][ C1] [ 221.874881][ C1] Reported by Kernel Concurrency Sanitizer on: [ 221.881035][ C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0 [ 221.891624][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 221.901684][ C1] ==================================================================