last executing test programs: 3.108900512s ago: executing program 1 (id=5749): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @multicast2}, 0x10) sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0x192}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x1}}], 0x3, 0x0) 2.361204922s ago: executing program 1 (id=5752): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000000), 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vxcan0\x00'}) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000080)={'team0\x00', 0x0}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb6f68000) connect$unix(0xffffffffffffffff, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='9p_protocol_dump\x00', r6}, 0x10) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r9 = dup(r8) mount$9p_fd(0x20000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r9}}) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@getchain={0x3c, 0x11, 0x1, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r3, {0x8, 0xfff2}, {}, {0xfff6}}, [{0x8, 0xb, 0x2}, {0xffffffffffffffc3, 0xb, 0x1000000}, {0x8, 0xb, 0x4}]}, 0x76}}, 0x0) 1.816520952s ago: executing program 3 (id=5756): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x2, [@var, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {0x1}, {}, {}]}, @fwd, @volatile, @volatile, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}]}}, 0x0, 0x96, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x4, 0x1}]}}, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000300000018200000", @ANYRES32, @ANYBLOB="000000000000000095000000000000009500000000000000666dbfd749fad14dc542df5018a718fe43afc322f6d506e0decb7df2c5f9274be0acea3fd222fa6e3f08e6b471a21170efab39cc5e00edf0893f494ae5f94d1b53c3501be6b5b69b7a7f3b0a2dde8e3b4cd9c938edadec6e4c3bac100ff58643b306390acb5fd2ac770083a1cc110187bf40b06f0ea6b411daa23cc5332c80514373002c420bf70d59b4a125db5ddb43a4f3cc417e72c9265e1ec8"], 0x0, 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 1.349153855s ago: executing program 3 (id=5757): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) fadvise64(r0, 0x2, 0x8, 0x2) 1.307550629s ago: executing program 3 (id=5759): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) socket$can_bcm(0x1d, 0x2, 0x2) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000010651fbe347b2c2b00000c00018008000100", @ANYRES32=r4], 0x20}}, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x3, 0x5, 0x9, 0x10, 0x1, 0x0, '\x00', r4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000100001000000000000000000000000c967342af74f5b62000000000000000000070000000900010073797a300000000050000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021140011800a00010071756f746100000004000280140000001000010000000000000000000084000a"], 0x98}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x2077, 0x101301) ioctl$USBDEVFS_FREE_STREAMS(r7, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"]) ioctl$USBDEVFS_IOCTL(r7, 0x8004551a, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r8, &(0x7f0000000540), 0x84) mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r8, 0x0) accept4$unix(r8, &(0x7f0000000280)=@abs, &(0x7f0000000000)=0x6e, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x48) r9 = socket$netlink(0x10, 0x3, 0x0) signalfd(r9, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) 916.514305ms ago: executing program 1 (id=5767): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0xa, 0x2, 0x9, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86dd", 0x12}], 0x1) 702.568965ms ago: executing program 3 (id=5773): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8401) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/13], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) ioctl$USBDEVFS_BULK(r1, 0x5523, 0x0) ioctl$USBDEVFS_FORBID_SUSPEND(r1, 0x5521) bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="09020000000000000f000480001e680f46de6a6f00ce80a815f9caa3b9c3368c9ed3a274e521a4f66e7b16c711f430b8a0f43fc602dcac1aaa3135f386dbf48769aa37cb6015d6cb00c7f1f983b42a854978eba0224b3bd99545ce79b78ec71f0cfb5d0302bf50657c4970efc2742e08d892d9bd0721cfee077542af85d4e2b56f88b5e66e4dad70bb2849cbce18bd63b1e2ea53d316704e08a7183e54a6460073920068378b16e48bfd4e98b6930a60d7f4407b51c6ea073b98ef143f796c79863f4bc80671560d162ca4234c6636e16058ea77fba43e012fd9361bb4aa9a540323cb000000", @ANYRES32, @ANYBLOB="1000"/18, @ANYRES32=r2, @ANYRESDEC, @ANYBLOB='\x00'/17], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES8, @ANYRESOCT=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffe01) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703360000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}, {&(0x7f00000008c0)="9817989dd529f29aa6aaf32d84f999cf37e875ed059c8555ef589ee089604205bff4aa559bb2b584c6966f6cda6526ae732f05cdf5c5a6617896f69bd805197af52caf3b6ab4da4aa37973068109a7fe6b37554f476a72f4fc6e7fd152cb38e3dd08c18e344a5821dda852b0a3e0ee5f9eb841bf7d7138b642bf6dd20d5b0254b065a5f753ebb571f137ba90ddb19b7d2addebc29365c271abf49528f1230b97541b97fe12885fc4113831edca4c63", 0xaf}, {&(0x7f0000000bc0)="2ea679f9812a1fbabf1d71e7c41161457e0b1b92186f9bb29a894f6def5cbedc4e1a913d8f0e73df7672adcd32a2e8249a7abd98a19d9e1a74221573f93443270aab38fd81d88e450d5808b722e7baa1d943d1b61bd36e3f52e924afab7113904ec7d18a9162a89403e9924bcce7149c5966980bf0e48c4f7b25bab988b7aad05fc6fbfad2235f6415a8a17f074dc8c1e6c6a0fc668a4e453e5b8b2cd003757e6e7699d9118c301d2e7a6b6374142c8aa0649626d4e1f5cbee28e74b95dc9ca03e4e2c07eccd06fe4c481f1ef6b57193e9fa6071b0feb81e6b887c3f90f5da8c5a2c60fd2281d2070e8691a4a2eae2", 0xef}], 0x3, 0x0, 0x0, 0x1f00c00e}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x2, 0x7ffc0802}]}) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xd, 0x4, 0x2, 0x4, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) brk(0x20ffc004) 620.781592ms ago: executing program 1 (id=5774): ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0) r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x1c) connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 439.072409ms ago: executing program 4 (id=5777): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x6c, 0x6c, 0x2, [@func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {0x1}, {}, {}]}, @fwd, @volatile, @volatile, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}]}}, 0x0, 0x86, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x4, 0x1}]}}, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000300000018200000", @ANYRES32, @ANYBLOB="000000000000000095000000000000009500000000000000666dbfd749fad14dc542df5018a718fe43afc322f6d506e0decb7df2c5f9274be0acea3fd222fa6e3f08e6b471a21170efab39cc5e00edf0893f494ae5f94d1b53c3"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 438.454289ms ago: executing program 0 (id=5778): bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6000) io_setup(0x200, &(0x7f0000000140)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b00000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'bridge0\x00'}) r3 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8931, &(0x7f0000000580)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc50xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) close(r2) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r3, &(0x7f0000000500)=[{{&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='p'], 0x70}}], 0x1, 0x2000c044) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000240)=ANY=[], 0xfffffecc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r7, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10) splice(r0, 0x0, r2, 0x0, 0x7151, 0x0) 318.89191ms ago: executing program 2 (id=5785): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0xa, 0x2, 0x9, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86dd", 0x12}], 0x1) 257.643456ms ago: executing program 2 (id=5786): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000010651fbe347b2c2b00000c00018008000100", @ANYRES32=r4], 0x20}}, 0x0) r5 = socket$l2tp6(0xa, 0x2, 0x73) r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'hsr0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFDSTADDR(r5, 0x8918, &(0x7f0000000280)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x18, r7}) r8 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000000)={'batadv0\x00', 0x0}) r10 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r9}}, 0x24}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000380)={'ip_vti0\x00', &(0x7f00000002c0)={'syztnl2\x00', 0x0, 0x8, 0x80, 0x5, 0x8, {{0xc, 0x4, 0x1, 0x33, 0x30, 0x67, 0x0, 0x0, 0x0, 0x0, @rand_addr=0x64010100, @empty, {[@lsrr={0x83, 0xb, 0xa1, [@remote, @rand_addr=0x64010102]}, @timestamp={0x44, 0xc, 0xe5, 0x0, 0x1, [0x1ffc00, 0x8]}, @ra={0x94, 0x4}]}}}}}) r12 = socket$nl_route(0x10, 0x3, 0x0) r13 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r12, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000b80)=@newqdisc={0x100, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r14, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@TCA_STAB={0xdc, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x8, 0x2, 0x7fff, 0x2, 0x5, 0xd, 0x1}}, {0x6, 0x2, [0x6f2e]}}, {{0x1c, 0x1, {0xff, 0x1, 0xff81, 0x7, 0x1, 0x5, 0x73a8, 0x9}}, {0x16, 0x2, [0x2, 0x7, 0x0, 0xc2b8, 0x7, 0x81, 0xff, 0x4, 0x3838]}}, {{0x1c, 0x1, {0x6, 0x3, 0x1, 0x6, 0x1, 0x5, 0xd2c6, 0x1}}, {0x6, 0x2, [0x3]}}, {{0x1c, 0x1, {0x1, 0x9, 0x5, 0x2, 0x0, 0x1ff, 0x8, 0xa}}, {0x18, 0x2, [0x2, 0xfffe, 0x4, 0x40, 0x9, 0x7f, 0xf, 0x5, 0xc0, 0x81]}}, {{0x1c, 0x1, {0x0, 0x0, 0x7, 0x8, 0x0, 0xffff7fff, 0x80000001, 0x4}}, {0xc, 0x2, [0x2, 0x6, 0x849e, 0x5]}}]}]}, 0x100}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000440)={'sit0\x00', &(0x7f00000003c0)={'tunl0\x00', 0x0, 0x8000, 0x7810, 0x6, 0x3be, {{0xd, 0x4, 0x2, 0x8, 0x34, 0x65, 0x0, 0xc2, 0x29, 0x0, @local, @empty, {[@timestamp={0x44, 0x8, 0xec, 0x0, 0x4, [0x4]}, @lsrr={0x83, 0x17, 0xa6, [@multicast1, @multicast1, @remote, @rand_addr=0x64010100, @remote]}]}}}}}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={0xffffffffffffffff, 0xe0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4, &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x62, &(0x7f0000000580)=[{}], 0x8, 0x10, &(0x7f00000005c0), &(0x7f0000000600), 0x8, 0xd4, 0x8, 0x8, &(0x7f0000000640)}}, 0x10) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000940)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000006c0)={&(0x7f0000000840)={0xe4, r1, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r16}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0xc000}, 0x24000001) 249.979087ms ago: executing program 4 (id=5787): creat(&(0x7f00000000c0)='./bus\x00', 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000016000000000000000018110000", @ANYRES32=r0, @ANYRESDEC], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) creat(&(0x7f0000000100)='./bus\x00', 0x0) syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x10a008, &(0x7f0000001fc0)=ANY=[], 0x5, 0x120f, &(0x7f0000002dc0)="$eJzs3E+LW1UYB+C3cdpOp84fa622Cz3oxtWlMwtXggwyBZmAUjtCKwi3zh0Nc01CbhiIiNWVWz+HuHQniF9gNv0M7mbjsgvxiklqmzatDDgT6TzP5r7knF/OOSRcuOGcHLz9/Re7O1W2k/ejcepUNLoR6V6KFI2479XN0fXmrc31ZnPjekrX1m+svpVSWnrtl4+/+vH1X/vnP/pp6eezsb/yycHva7/tX9q/fPDnjc9bVWpVqd3ppzzd7nT6+e2ySNutajdL6YOyyKsitdpV0Zto3yk73e4g5e3txYVur6iqlLcHabcYpH4n9XuDlH+Wt9opy7K0uBA80el/77L1w726riPq+nScibqu63OxEOfj+ViMpfgmIl6IC/FiXIyX4lK8HK/E5WGv45g+AAAAAAAAAAAAAAAAAAAAnBxPO/+/HCvO/wMAAAAAAAAAAAAAAAAAAMAx+PDmrc31ZnPjekrzEeV3e1t7W6PrqH19J1pRRhFXYzn+iOHp/5FRfe295sbVNLQS35Z3xvk7e1vPTeZXh38nMM7PDdvu51dH+TSZPxsLD+fXYjkuTh9/bWp+Pt5846F8Fstx99PoRBnbw7Ef5L9eTend95uP5K8M+wEAAMCzIEv/mPr8nmVPah/lD/H7wCPP13NxZW62ayeiGny5m5dl0Zss5h975b8uzowncIRDzKxoHNE7N+J/ssATWpwbf2cPGf/7Njf7yT9W3L3w1D4zvClxbB586LOeCQAAAAAAAAAAAIdxxDsN52LKzrJ3ZrNUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mIHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMFQAA//8xCcTh") r1 = open(&(0x7f00000005c0)='./bus\x00', 0x24842, 0x0) pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x8ec00}], 0x12, 0x300400, 0x0, 0x3) 196.155391ms ago: executing program 2 (id=5788): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @multicast2}, 0x10) sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0xee0000b0}, {{0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000001100)="15b26f226e2966667482d50903b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5d07d691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6bea1764fbde5500fa30c5f2459cff4d7f123ab94cfd5762d586ec7a28abc2f8c9e608f8f964b96ecb0883d60d444f317834a3d734cb304051a60d1a084a84da8f9a23a1b9d4951c0a81985c63ae193f40e9deb358b2f08553324fd6086be9e70e5061568abefebcda50e70f4dab2e4dc0cf6d85aced044d7005326922886194895267165f7f592036ebe11dcf1cad98f5cda766eaea90fb4cb5e793525126c7594f8599055192d63a81d3cd26aadd50983f1c3f1d4655c1b5f59e80f733e3abc4792b760729fd26298ef15141cf76cc4", 0x192}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea", 0x4ff}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="a6", 0x1}], 0x1}}], 0x3, 0x0) 181.519513ms ago: executing program 2 (id=5789): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10) r1 = open(&(0x7f0000000080)='./bus\x00', 0x143c62, 0x0) mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,') r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) recvfrom(r1, &(0x7f0000000b00)=""/4096, 0x1000, 0x20, &(0x7f00000000c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x3, 0x2, 0x3, {0xa, 0x4e23, 0x50000, @local, 0xbbad}}}, 0x80) writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000040)="4f3bfde51b257f", 0x7}], 0x1) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) ioctl$SNAPSHOT_ATOMIC_RESTORE(r3, 0x3304) 168.515184ms ago: executing program 4 (id=5790): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8401) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/13], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0) ioctl$USBDEVFS_BULK(r1, 0x5523, 0x0) ioctl$USBDEVFS_FORBID_SUSPEND(r1, 0x5521) bpf$MAP_CREATE(0x0, &(0x7f0000000cc0)=ANY=[@ANYBLOB="09020000000000000f000480001e680f46de6a6f00ce80a815f9caa3b9c3368c9ed3a274e521a4f66e7b16c711f430b8a0f43fc602dcac1aaa3135f386dbf48769aa37cb6015d6cb00c7f1f983b42a854978eba0224b3bd99545ce79b78ec71f0cfb5d0302bf50657c4970efc2742e08d892d9bd0721cfee077542af85d4e2b56f88b5e66e4dad70bb2849cbce18bd63b1e2ea53d316704e08a7183e54a6460073920068378b16e48bfd4e98b6930a60d7f4407b51c6ea073b98ef143f796c79863f4bc80671560d162ca4234c6636e16058ea77fba43e012fd9361bb4aa9a540323cb000000", @ANYRES32, @ANYBLOB="1000"/18, @ANYRES32=r2, @ANYRESDEC, @ANYBLOB='\x00'/17], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES8, @ANYRESOCT=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfffffffffffffe01) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703360000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}, {&(0x7f00000008c0)="9817989dd529f29aa6aaf32d84f999cf37e875ed059c8555ef589ee089604205bff4aa559bb2b584c6966f6cda6526ae732f05cdf5c5a6617896f69bd805197af52caf3b6ab4da4aa37973068109a7fe6b37554f476a72f4fc6e7fd152cb38e3dd08c18e344a5821dda852b0a3e0ee5f9eb841bf7d7138b642bf6dd20d5b0254b065a5f753ebb571f137ba90ddb19b7d2addebc29365c271abf49528f1230b97541b97fe12885fc4113831edca4c63", 0xaf}, {&(0x7f0000000bc0)="2ea679f9812a1fbabf1d71e7c41161457e0b1b92186f9bb29a894f6def5cbedc4e1a913d8f0e73df7672adcd32a2e8249a7abd98a19d9e1a74221573f93443270aab38fd81d88e450d5808b722e7baa1d943d1b61bd36e3f52e924afab7113904ec7d18a9162a89403e9924bcce7149c5966980bf0e48c4f7b25bab988b7aad05fc6fbfad2235f6415a8a17f074dc8c1e6c6a0fc668a4e453e5b8b2cd003757e6e7699d9118c301d2e7a6b6374142c8aa0649626d4e1f5cbee28e74b95dc9ca03e4e2c07eccd06fe4c481f1ef6b57193e9fa6071b0feb81e6b887c3f90f5da8c5a2c60fd2281d2070e8691a4a2eae2", 0xef}], 0x3, 0x0, 0x0, 0x1f00c00e}, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f00000001c0)=[{0x200000000006, 0x0, 0x2, 0x7ffc0802}]}) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0xd, 0x4, 0x2, 0x4, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) brk(0x20ffc004) 168.040994ms ago: executing program 0 (id=5791): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$TOKEN_CREATE(0x24, &(0x7f0000000440)={0x0, r1}, 0x8) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2800001, 0xc3072, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) 150.294976ms ago: executing program 0 (id=5792): bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x6c, 0x6c, 0x2, [@func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {0x1}, {}, {}]}, @fwd, @volatile, @volatile, @volatile={0x0, 0x0, 0x0, 0x9, 0x2}]}}, 0x0, 0x86, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0x4, 0x1}]}}, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000300000018200000", @ANYRES32, @ANYBLOB="000000000000000095000000000000009500000000000000666dbfd749fad14dc542df5018a718fe43afc322f6d506e0decb7df2c5f9274be0acea3fd222fa6e3f08e6b471a21170efab39cc5e00edf0893f494ae5f94d1b53c3"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 138.008837ms ago: executing program 0 (id=5793): syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x1809049, 0x0, 0xff, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) r2 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0x1}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0) 123.950908ms ago: executing program 0 (id=5794): syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT") r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000080b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x1f, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff000000e8ff000003424203"], 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e", 0x13f) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000001600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000040002850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r7) sendmsg$NLBL_CIPSOV4_C_ADD(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="74010000", @ANYRES16=r8, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000003c01088054000780080006006e000000080005"], 0x17c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) getpid() recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r10, 0x0, 0x5}, 0x18) sendfile(r2, r3, 0x0, 0xe066) 99.46884ms ago: executing program 2 (id=5795): r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='sys_enter\x00'}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x6, 0x0, &(0x7f0000000100)="e0b9547ed387", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x2000000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) futex(&(0x7f000000cffc)=0x1, 0x6, 0xfffffff2, 0x0, 0x0, 0x0) 72.795213ms ago: executing program 0 (id=5796): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r1 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x3}, {}, {0x1c}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5}]}]}]}}]}, 0x44}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) listen(r0, 0x0) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) socket$nl_route(0x10, 0x3, 0x0) add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r5}, 0x38) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r6}, 0x10) r7 = inotify_init() inotify_add_watch(r7, &(0x7f0000000080)='.\x00', 0xfe) r8 = inotify_init() dup3(r8, r7, 0x0) 57.943164ms ago: executing program 4 (id=5797): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0xa, 0x2, 0x9, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000a40)="2e9b3d0007e03dd65193dfb6c575963f86dd", 0x12}], 0x1) 0s ago: executing program 4 (id=5798): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000900), 0x103, r0}, 0x38) (async) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) (async) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000080)=0x100000001, 0x4) (async) connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x4000000, @ipv4={'\x00', '\xff\xff', @remote}, 0x401}, 0x1c) (async) setsockopt$inet6_tcp_int(r2, 0x6, 0x19, &(0x7f0000000000)=0x728, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000300)=0x2, 0x54) (async) fcntl$setstatus(r2, 0x4, 0x42000) sendmmsg$inet6(r2, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000001600)="db02fec25f5a8a76dbe2bb39b45e486c8cc477fad2345fbed359e4577ce1fcf93def36fa0db7a254a771615ca10f33612b2ecf49c17c8d83fc0e1386fbcf8478ab33dae171a85dfc7734834b8f065ddfa4830025f61d3c509772d282485da1fea2ff8f32600a9c3b9d973da02df0408e371f91fc2ecc14bb0ae106547526a2011dd9169d691d9f960c8e2b79e339928a8c5614aa5ceee3e198931ddeebae9bc0fef21d6f75841dbe498166bdb39711b4b3ad9227bbb026e1a7d137cf455cec48d64d6042dd412ac67a2a5681e587cfc60c9a217830c80ade6ec24900934fd56787769caeb1634ba4d8a6227ff19255a046db5944fa66804821c5e883bc42527c0cd45decdd2de49d736f0d1a0789615f7c2f01b47fbff7cf9fde5f3dcf585c4aba8ead30b0718496354a644ebd28852ac37507c15c4393814e9d3772d18d2c0c10e1e0db916cfa18f83a59169a9f2be8043761e2b8d677d835f712906d68d2ec317e5d02a05e7b1139c74b46f28d05f84eb5ce2ddc23c7552fa085b6b269bb93c5369b496b2bc789284a11dc4a3a077852548bd2a993321288d7b06652dbcd36847bc3c7d4242bd409c3234649af8721836f5df78b21660362be669b39d97a670edb44a0b663ef02b21d564c22f8ccbd4948455ec009b52f74918002db3863385fc86d74b08462250659e28501cc4887eecc06cd0912e1cab4b80c58ed730d4d31433ad1bba79d14133b85bb6860f4d1d6bd21f8257d471720cda92f3cbc6297792178e86d2b8e08f7f3a56ba7cedf56346fca091ac390ece4fd36ba0426e6db2c2a2265dac1fb8ba3c1179c9c5cb1255bf6335e226a9f476890983bb6355206ea03f9c03c424c53bbf131c7eeb6d45fb0a8783037001c4f6a1d1ec828ef8742e885afdce47f776ec691fd27c5e5cae7c2957f5dc5f9aec4983bd10daccfb3b3ab2d35fd7a0690aa470c223f6dafbb71ba85a0bae41174c346db456ba3eaae2a2012a2be02285c049b9f5f948c7968b187a0d7726cca1ef9e4b971cb72c5fae99760e5ae7c609fc2be9f0a643b6dc3ef8f7472c9629465fab92437ce339d8d477a0b3b7c5127d02a4b1b75bfefff27c0fbc36bf682e28844e64b0bca1855a9ca1f37fffe394f43c242774e8fb60b826e319b9aa9b0770afcca41f339bb7d3667cdd01e7c6d66686993067c274d5ac72cb7856f1dcc5b0a1c508c44d3deeed9bdf9b9e2108b070813b776aa9fc41794cf36ecb779803412eb311a2e001f4a008eee5dd928a1bb97529ace6cdcf0ae194bb8ef460c1f7700c50cfe03ceb4f1f1dbc9a27010c9c011a7fef2526bacd7b7b8ea0c0fedd3f2dfc5a2599c90a8409bedef178741195f22ad8a922238f9a8e3fcdfef407ee1ca7d8ca5205511fe480d2ee822e9439e33544744f695bc067a3d4c3d23328f41af7228996e065d4008a4476a533b46ee8e686fbddc6a817ebbbe11b6d703c69db82b33e9b2b6af996a66359c3f63215971e53b623c972ec3e413f2136595c007ef7fb754c37929c71944e2369f0f4b2d129d1155adc6f50603052533d49d288f4e301d219f5e699a5aa8f870f1572ac46a6f1e58d548ad34d2bfaf7a1ab1088dd31e28e061a5e65c27af0ef0aed425a50e3c0adfd786d5cfffa034feb967f3ec32a87b4fd0897003d78a4675da5521ce1b03a386249a9f2b65174dd1fc00937a69077a37972d08a0ffdea2bbe4cd4c3020459ab6d3208a477da04c956848be4135af8ccba95a4b2780ebcb828fcb24fd5838431ea2481bf6c92fcfc3677faf3d4df7ec831504418bb92de97a7320ad96d159b934bcae740cfb7a5ecd0b0e20576251af4b02480d6c2ce5df23599606eefabdc6d248464328011cedd674b2cfeb786bcaf4d4070af3beceaa52f9131220a7b23d575e27b5978a09d457a86872df920d57358d7bf992934b7f306e50ef5060797b38975e4e69c21ba3bcdbe8d90d4cae556963a06002dd9ddfe67a19eb58d195609f2ef05bf2de95e0a98b57849cb00a074bd210415206666e051d35d459549b3b81cbf8d7caca0341cce4f7227cd8385330cbf7788d04231006b40d8c9a837cbff0e237f22035cf148f735e4d81420b76b5e4d440d5470c8ea96f90ea7ad887495b37854bfa41cba3bbc89cea9cfe1e45412271fc0de8a4f9723478496f4ef4f6ded580b119437218f68960f39f7597fc13d04d57b4a8e96a76554d27807a0fdc416e3b41b64f29c5ce64d777d06b8762e72859458b36300410bfb750033fc0afc089900d85310a0bcd858955c292cf4bab5ebb68bd3bd2742892ef57004802ca34a00ef9b451a502573435eda77b93632dee46f7b9cff8b7e31ffd414af28710920192644516d0b1447c3a20dbd789e9231958b87537c1cb7fb9d684973ac260b411c81745572b9a42a345c5238a71bddae035933272c37433230ebc8cecf6902978782b4b4db39d2bb7bc9a5fb8ab5d2095c99319cf44bfc36398045bbe4dea4e3bbaa33f767c0b4711627c1c2354d71ae4a888228487417e11ea6a069fa2a569dbc29c62243675f573c7f3b377c82c8d0cde21b0f8e62dfdc3d69113e5104ecf345b94d455f47ed2bf148e5c2f06db859cba62c2a11bab559988d5d008afa5042f43500ebb05f46b906ff49dfa2c43c4c4cb1bc7b21a847eee331f271c4c03085ad2c863389a9f8036b347b951f74ecd7cad7b269a30c95bed3a24e8644166ac74316ff9d5bdce2b96efe9b9b5bc7ce5990c852213c023aa588e5ac88d14e0484bceef427f0b1874e82bb517a491f7ed300b5bab90d75c09929295269d05aa54392f9e554d167f4f1bfc1b093a4260f4cad97b09e82d9a1844a3146cf5194b8b10f1bb71aeb0ee4b1ae835b466c598bd5f7d0da9a6e481287de5bcd1b75ed5a312bc735326c65325753367433ef3d270615350a085343c2903ff62762f36b90ec4fffe567f0d75a05c1058d41f5cc533a37430dce1e39eed63a98f67e47862120ae8b4a48e45d774f18425d3ee4ef0c7752b5039b3b47728", 0x861}], 0x1}}], 0x1, 0x24000055) (async) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_BIND_MAP(0x23, &(0x7f0000000040)={r1, r3}, 0xc) (async) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r4}, 0x10) (async) pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@uname={'uname', 0x3d, '\xd0\xae\xde\xc1\xaa \xff\xd8\x1d\x1b\xf8\x93)!|\xb0X\xa3\x96\xed\xa2\xab@\xa2m\x93\xdd\b<\x00t\xdc\xabl\xab!\xae\x16\xc4\xcd\xf9{\xdc5_;A\xd2{eC\x014\\\xb3\xc4\xce\xc3yS2-\x01\xbe\xaarW\x96O\xd3\x0f\xe2\xd7/\x17\x1d\xa7.8\x9f8-\xea<\x8d\x91\x90j\xea\xd5\xd5\xae\xcc\xc0\x97\xef\x10\x92\xea\x98|+\x00\x00\x00\x00\x00\x00\x00\x00'}}]}}) kernel console output (not intermixed with test programs): ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17475 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 335.467190][ T29] audit: type=1326 audit(1726981232.975:33608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17475 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 335.490892][ T29] audit: type=1326 audit(1726981232.975:33609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17475 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 335.514509][ T29] audit: type=1326 audit(1726981232.975:33610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17475 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 335.538159][ T29] audit: type=1326 audit(1726981232.975:33611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17475 comm="syz.1.4713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 335.658748][T17486] loop3: detected capacity change from 0 to 8192 [ 335.714961][T17481] lo speed is unknown, defaulting to 1000 [ 335.721167][T17481] gre0 speed is unknown, defaulting to 1000 [ 335.741907][T17488] loop1: detected capacity change from 0 to 8192 [ 335.753212][T17490] netlink: 200 bytes leftover after parsing attributes in process `syz.3.4719'. [ 335.799891][T17496] loop2: detected capacity change from 0 to 128 [ 335.808143][T17496] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 335.820726][T17496] ext4 filesystem being mounted at /169/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 335.855405][T17501] loop3: detected capacity change from 0 to 128 [ 335.876069][T15043] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 336.145004][T17520] lo speed is unknown, defaulting to 1000 [ 336.151202][T17520] gre0 speed is unknown, defaulting to 1000 [ 336.445226][T17544] lo speed is unknown, defaulting to 1000 [ 336.451960][T17544] gre0 speed is unknown, defaulting to 1000 [ 336.594821][T17545] lo speed is unknown, defaulting to 1000 [ 336.601368][T17545] gre0 speed is unknown, defaulting to 1000 [ 336.816458][T17543] loop0: detected capacity change from 0 to 164 [ 336.943676][T17543] SELinux: policydb string SE Linu does not match my string SE Linux [ 336.965362][T17543] SELinux: failed to load policy [ 337.387608][T17571] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4742'. [ 337.724687][T17573] lo speed is unknown, defaulting to 1000 [ 337.731513][T17573] gre0 speed is unknown, defaulting to 1000 [ 338.205248][T17579] 9pnet_fd: p9_fd_create_tcp (17579): problem connecting socket to 127.0.0.1 [ 338.367525][T17592] lo speed is unknown, defaulting to 1000 [ 338.375612][T17592] gre0 speed is unknown, defaulting to 1000 [ 338.507903][T17590] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4747'. [ 338.717082][T17617] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4761'. [ 338.807428][T17619] lo speed is unknown, defaulting to 1000 [ 338.813955][T17619] gre0 speed is unknown, defaulting to 1000 [ 339.031633][T17616] loop3: detected capacity change from 0 to 8192 [ 339.165544][T17629] usb usb1: usbfs: process 17629 (syz.2.4767) did not claim interface 0 before use [ 339.213371][T17632] Cannot find set identified by id 0 to match [ 339.312215][T17634] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4770'. [ 339.496157][T17654] loop3: detected capacity change from 0 to 8192 [ 339.528652][T17663] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4779'. [ 339.560142][T17667] Cannot find set identified by id 0 to match [ 339.768045][T17679] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4786'. [ 340.000803][T17689] lo speed is unknown, defaulting to 1000 [ 340.007255][T17689] gre0 speed is unknown, defaulting to 1000 [ 340.333209][ T29] kauditd_printk_skb: 207 callbacks suppressed [ 340.333228][ T29] audit: type=1326 audit(1726981238.005:33819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17692 comm="syz.4.4790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 340.364090][ T29] audit: type=1326 audit(1726981238.005:33820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17692 comm="syz.4.4790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 340.387801][ T29] audit: type=1326 audit(1726981238.005:33821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17692 comm="syz.4.4790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 340.411596][ T29] audit: type=1326 audit(1726981238.005:33822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17692 comm="syz.4.4790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 340.435198][ T29] audit: type=1326 audit(1726981238.005:33823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17692 comm="syz.4.4790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 340.458866][ T29] audit: type=1326 audit(1726981238.005:33824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17692 comm="syz.4.4790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 340.482521][ T29] audit: type=1326 audit(1726981238.005:33825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17692 comm="syz.4.4790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 340.506181][ T29] audit: type=1326 audit(1726981238.005:33826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17692 comm="syz.4.4790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 340.529986][ T29] audit: type=1326 audit(1726981238.005:33827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17692 comm="syz.4.4790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 340.574070][ T29] audit: type=1326 audit(1726981238.035:33828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17692 comm="syz.4.4790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 340.623120][T17703] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4792'. [ 340.650796][T17710] Cannot find set identified by id 0 to match [ 340.738231][T17724] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4797'. [ 340.894310][T17728] lo speed is unknown, defaulting to 1000 [ 340.900553][T17728] gre0 speed is unknown, defaulting to 1000 [ 340.995599][T17737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4801'. [ 341.050501][T17757] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4809'. [ 341.113107][T17763] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4812'. [ 341.275320][T17769] lo speed is unknown, defaulting to 1000 [ 341.281894][T17769] gre0 speed is unknown, defaulting to 1000 [ 341.623092][T17775] loop1: detected capacity change from 0 to 8192 [ 341.756688][T17804] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4825'. [ 341.761604][T17806] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4826'. [ 341.950278][T17813] loop2: detected capacity change from 0 to 8192 [ 342.024890][T17816] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4824'. [ 342.321584][T17834] loop4: detected capacity change from 0 to 128 [ 342.331232][T17834] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 342.343759][T17834] ext4 filesystem being mounted at /563/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 342.366764][ T9322] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 342.405711][T17841] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4838'. [ 342.647417][T17855] Cannot find set identified by id 0 to match [ 342.840830][T17861] lo speed is unknown, defaulting to 1000 [ 342.847343][T17861] gre0 speed is unknown, defaulting to 1000 [ 342.933361][T17863] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4844'. [ 343.177760][T17869] loop2: detected capacity change from 0 to 128 [ 343.196833][T17869] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 343.209226][T17869] ext4 filesystem being mounted at /190/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 343.250214][T15043] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 343.307757][T17879] loop2: detected capacity change from 0 to 128 [ 343.592089][T17896] loop3: detected capacity change from 0 to 128 [ 343.789625][T17905] lo speed is unknown, defaulting to 1000 [ 343.796139][T17905] gre0 speed is unknown, defaulting to 1000 [ 344.126773][T17916] loop0: detected capacity change from 0 to 164 [ 344.136651][T17916] SELinux: policydb string SE Linu does not match my string SE Linux [ 344.146083][T17916] SELinux: failed to load policy [ 344.265983][T17919] FAULT_INJECTION: forcing a failure. [ 344.265983][T17919] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 344.279463][T17919] CPU: 0 UID: 0 PID: 17919 Comm: syz.2.4864 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 344.291407][T17919] Tainted: [W]=WARN [ 344.295346][T17919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 344.305413][T17919] Call Trace: [ 344.308695][T17919] [ 344.311632][T17919] dump_stack_lvl+0xf2/0x150 [ 344.316241][T17919] dump_stack+0x15/0x20 [ 344.320434][T17919] should_fail_ex+0x223/0x230 [ 344.325149][T17919] should_fail_alloc_page+0xfd/0x110 [ 344.330560][T17919] __alloc_pages_noprof+0x109/0x360 [ 344.335816][T17919] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 344.341235][T17919] vma_alloc_folio_noprof+0x1a0/0x2f0 [ 344.346693][T17919] handle_mm_fault+0xdbe/0x2a80 [ 344.351567][T17919] exc_page_fault+0x3b9/0x650 [ 344.356270][T17919] asm_exc_page_fault+0x26/0x30 [ 344.361228][T17919] RIP: 0033:0x7fd1df70931b [ 344.365729][T17919] Code: 00 00 00 48 8d 3d 6d 28 19 00 48 89 c1 31 c0 e8 8b 5b ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d a1 28 19 00 48 89 34 24 48 8b 14 24 48 8b [ 344.385439][T17919] RSP: 002b:00007fd1de4affb0 EFLAGS: 00010202 [ 344.391541][T17919] RAX: 0000000000000000 RBX: 00007fd1df9f5f80 RCX: 0000000000000000 [ 344.399551][T17919] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000380 [ 344.407530][T17919] RBP: 00007fd1de4b1090 R08: 0000000000000000 R09: 0000000000000000 [ 344.415572][T17919] R10: 0000000020000380 R11: 0000000000000000 R12: 0000000000000001 [ 344.423551][T17919] R13: 0000000000000001 R14: 00007fd1df9f5f80 R15: 00007ffe3768dde8 [ 344.431615][T17919] [ 344.434797][T17919] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 344.533942][T17933] loop2: detected capacity change from 0 to 128 [ 344.542310][T17933] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 344.555390][T17933] ext4 filesystem being mounted at /198/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 344.578753][T15043] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 344.788953][T17947] lo speed is unknown, defaulting to 1000 [ 344.795372][T17947] gre0 speed is unknown, defaulting to 1000 [ 345.391678][T17973] lo speed is unknown, defaulting to 1000 [ 345.398284][T17973] gre0 speed is unknown, defaulting to 1000 [ 345.733671][ T29] kauditd_printk_skb: 301 callbacks suppressed [ 345.733688][ T29] audit: type=1326 audit(1726981243.405:34130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17979 comm="syz.1.4884" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5ade78def9 code=0x0 [ 345.781018][T17984] loop0: detected capacity change from 0 to 164 [ 345.802791][T17984] SELinux: policydb string SE Linu does not match my string SE Linux [ 345.811419][T17984] SELinux: failed to load policy [ 345.829142][ T29] audit: type=1326 audit(1726981243.495:34131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17986 comm="syz.4.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 345.853048][ T29] audit: type=1326 audit(1726981243.495:34132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17986 comm="syz.4.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 345.877000][ T29] audit: type=1326 audit(1726981243.495:34133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17986 comm="syz.4.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 345.901052][ T29] audit: type=1326 audit(1726981243.495:34134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17986 comm="syz.4.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 345.924945][ T29] audit: type=1326 audit(1726981243.495:34135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17986 comm="syz.4.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 345.948566][ T29] audit: type=1326 audit(1726981243.495:34136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17986 comm="syz.4.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 345.954929][T17978] lo speed is unknown, defaulting to 1000 [ 345.972189][ T29] audit: type=1326 audit(1726981243.495:34137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17986 comm="syz.4.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 345.978366][T17978] gre0 speed is unknown, defaulting to 1000 [ 346.001634][ T29] audit: type=1326 audit(1726981243.495:34138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17986 comm="syz.4.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 346.031224][ T29] audit: type=1326 audit(1726981243.495:34139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17986 comm="syz.4.4886" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 346.646047][T18018] loop0: detected capacity change from 0 to 512 [ 346.654329][T18018] EXT4-fs: Ignoring removed oldalloc option [ 346.660369][T18018] EXT4-fs: Ignoring removed i_version option [ 346.666684][T18018] EXT4-fs: Ignoring removed nobh option [ 346.674285][T18018] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 346.691916][T18018] EXT4-fs (loop0): too many log groups per flexible block group [ 346.699815][T18018] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 346.706880][T18018] EXT4-fs (loop0): mount failed [ 346.874396][T18035] 9pnet_fd: p9_fd_create_tcp (18035): problem connecting socket to 127.0.0.1 [ 346.906180][T18037] __nla_validate_parse: 2 callbacks suppressed [ 346.906199][T18037] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4902'. [ 347.029537][T18042] lo speed is unknown, defaulting to 1000 [ 347.035827][T18042] gre0 speed is unknown, defaulting to 1000 [ 347.364493][T18046] lo speed is unknown, defaulting to 1000 [ 347.370634][T18046] gre0 speed is unknown, defaulting to 1000 [ 347.535903][T18057] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4908'. [ 347.631774][T18076] FAULT_INJECTION: forcing a failure. [ 347.631774][T18076] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 347.644946][T18076] CPU: 0 UID: 0 PID: 18076 Comm: syz.2.4913 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 347.656971][T18076] Tainted: [W]=WARN [ 347.660906][T18076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 347.671074][T18076] Call Trace: [ 347.674375][T18076] [ 347.677339][T18076] dump_stack_lvl+0xf2/0x150 [ 347.681975][T18076] dump_stack+0x15/0x20 [ 347.686178][T18076] should_fail_ex+0x223/0x230 [ 347.690946][T18076] should_fail+0xb/0x10 [ 347.695137][T18076] should_fail_usercopy+0x1a/0x20 [ 347.700285][T18076] _copy_from_user+0x1e/0xd0 [ 347.705048][T18076] __se_sys_memfd_create+0x26b/0x5c0 [ 347.710367][T18076] __x64_sys_memfd_create+0x31/0x40 [ 347.715598][T18076] x64_sys_call+0x2891/0x2d60 [ 347.720362][T18076] do_syscall_64+0xc9/0x1c0 [ 347.724960][T18076] ? clear_bhb_loop+0x55/0xb0 [ 347.729704][T18076] ? clear_bhb_loop+0x55/0xb0 [ 347.734402][T18076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.740323][T18076] RIP: 0033:0x7fd1df83def9 [ 347.744748][T18076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.764450][T18076] RSP: 002b:00007fd1de4b0e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 347.772917][T18076] RAX: ffffffffffffffda RBX: 000000000000064e RCX: 00007fd1df83def9 [ 347.780914][T18076] RDX: 00007fd1de4b0ef0 RSI: 0000000000000000 RDI: 00007fd1df8b1369 [ 347.788951][T18076] RBP: 0000000020001400 R08: 00007fd1de4b0bb7 R09: 00007fd1de4b0e40 [ 347.797024][T18076] R10: 000000000000000a R11: 0000000000000202 R12: 00000000200005c0 [ 347.805002][T18076] R13: 00007fd1de4b0ef0 R14: 00007fd1de4b0eb0 R15: 00000000200003c0 [ 347.813077][T18076] [ 347.947242][T18088] loop2: detected capacity change from 0 to 512 [ 347.969517][T18088] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 348.002364][T18092] loop0: detected capacity change from 0 to 128 [ 348.022961][T15043] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.071176][T18099] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4921'. [ 348.118880][T18102] tmpfs: Unknown parameter 'mp1844674407370955161500000000000000000000005' [ 348.144076][T18104] nfs: Unknown parameter '´ ' [ 348.189052][T18116] netlink: 'syz.1.4927': attribute type 29 has an invalid length. [ 348.204638][T18116] netlink: 'syz.1.4927': attribute type 29 has an invalid length. [ 348.220927][T18118] Cannot find set identified by id 0 to match [ 348.224210][T18120] loop0: detected capacity change from 0 to 128 [ 348.277677][T18131] FAULT_INJECTION: forcing a failure. [ 348.277677][T18131] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 348.291052][T18131] CPU: 0 UID: 0 PID: 18131 Comm: syz.2.4932 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 348.303082][T18131] Tainted: [W]=WARN [ 348.306919][T18131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 348.317070][T18131] Call Trace: [ 348.320387][T18131] [ 348.323410][T18131] dump_stack_lvl+0xf2/0x150 [ 348.328029][T18131] dump_stack+0x15/0x20 [ 348.332204][T18131] should_fail_ex+0x223/0x230 [ 348.336899][T18131] should_fail+0xb/0x10 [ 348.341071][T18131] should_fail_usercopy+0x1a/0x20 [ 348.346240][T18131] _copy_to_user+0x1e/0xa0 [ 348.350705][T18131] simple_read_from_buffer+0xa0/0x110 [ 348.356120][T18131] proc_fail_nth_read+0xf9/0x140 [ 348.361075][T18131] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 348.366674][T18131] vfs_read+0x195/0x720 [ 348.370925][T18131] ? __rcu_read_unlock+0x4e/0x70 [ 348.375938][T18131] ? __fget_files+0x1d4/0x210 [ 348.380710][T18131] ksys_read+0xeb/0x1b0 [ 348.384885][T18131] __x64_sys_read+0x42/0x50 [ 348.389741][T18131] x64_sys_call+0x27d3/0x2d60 [ 348.394498][T18131] do_syscall_64+0xc9/0x1c0 [ 348.399021][T18131] ? clear_bhb_loop+0x55/0xb0 [ 348.403760][T18131] ? clear_bhb_loop+0x55/0xb0 [ 348.408446][T18131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.414445][T18131] RIP: 0033:0x7fd1df83c93c [ 348.418868][T18131] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 348.438631][T18131] RSP: 002b:00007fd1de4b1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 348.447075][T18131] RAX: ffffffffffffffda RBX: 00007fd1df9f5f80 RCX: 00007fd1df83c93c [ 348.455056][T18131] RDX: 000000000000000f RSI: 00007fd1de4b10a0 RDI: 0000000000000004 [ 348.463136][T18131] RBP: 00007fd1de4b1090 R08: 0000000000000000 R09: 0000000000000000 [ 348.471139][T18131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 348.479195][T18131] R13: 0000000000000000 R14: 00007fd1df9f5f80 R15: 00007ffe3768dde8 [ 348.487183][T18131] [ 348.554053][T18141] FAULT_INJECTION: forcing a failure. [ 348.554053][T18141] name failslab, interval 1, probability 0, space 0, times 0 [ 348.566813][T18141] CPU: 0 UID: 0 PID: 18141 Comm: syz.3.4938 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 348.578816][T18141] Tainted: [W]=WARN [ 348.582668][T18141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 348.592807][T18141] Call Trace: [ 348.596105][T18141] [ 348.599068][T18141] dump_stack_lvl+0xf2/0x150 [ 348.603694][T18141] dump_stack+0x15/0x20 [ 348.607923][T18141] should_fail_ex+0x223/0x230 [ 348.612691][T18141] ? alloc_fs_context+0x44/0x4e0 [ 348.617690][T18141] should_failslab+0x8f/0xb0 [ 348.622319][T18141] __kmalloc_cache_noprof+0x4b/0x2a0 [ 348.627703][T18141] alloc_fs_context+0x44/0x4e0 [ 348.632527][T18141] fs_context_for_reconfigure+0x46/0x60 [ 348.638263][T18141] path_mount+0x8a2/0xb30 [ 348.642875][T18141] __se_sys_mount+0x27c/0x2d0 [ 348.647650][T18141] __x64_sys_mount+0x67/0x80 [ 348.652260][T18141] x64_sys_call+0x203e/0x2d60 [ 348.656996][T18141] do_syscall_64+0xc9/0x1c0 [ 348.661673][T18141] ? clear_bhb_loop+0x55/0xb0 [ 348.666361][T18141] ? clear_bhb_loop+0x55/0xb0 [ 348.671059][T18141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.677088][T18141] RIP: 0033:0x7f225015def9 [ 348.681720][T18141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.701462][T18141] RSP: 002b:00007f224edd1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 348.709959][T18141] RAX: ffffffffffffffda RBX: 00007f2250315f80 RCX: 00007f225015def9 [ 348.717937][T18141] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000000 [ 348.726001][T18141] RBP: 00007f224edd1090 R08: 00000000200003c0 R09: 0000000000000000 [ 348.734005][T18141] R10: 0000000001000020 R11: 0000000000000246 R12: 0000000000000001 [ 348.742048][T18141] R13: 0000000000000000 R14: 00007f2250315f80 R15: 00007ffdb6076c18 [ 348.750037][T18141] [ 348.781004][T18146] loop4: detected capacity change from 0 to 128 [ 348.789336][T18148] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4940'. [ 348.833619][T18151] lo speed is unknown, defaulting to 1000 [ 348.839729][T18151] gre0 speed is unknown, defaulting to 1000 [ 348.980195][T18172] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4944'. [ 348.997868][T18174] FAULT_INJECTION: forcing a failure. [ 348.997868][T18174] name failslab, interval 1, probability 0, space 0, times 0 [ 349.010832][T18174] CPU: 1 UID: 0 PID: 18174 Comm: syz.0.4946 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 349.022951][T18174] Tainted: [W]=WARN [ 349.026784][T18174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 349.036928][T18174] Call Trace: [ 349.040206][T18174] [ 349.043235][T18174] dump_stack_lvl+0xf2/0x150 [ 349.047901][T18174] dump_stack+0x15/0x20 [ 349.052126][T18174] should_fail_ex+0x223/0x230 [ 349.056868][T18174] ? vm_area_dup+0x2c/0x130 [ 349.061388][T18174] should_failslab+0x8f/0xb0 [ 349.066030][T18174] kmem_cache_alloc_noprof+0x4c/0x290 [ 349.071454][T18174] vm_area_dup+0x2c/0x130 [ 349.075991][T18174] __split_vma+0xf7/0x6a0 [ 349.080364][T18174] vma_modify+0x217/0xcd0 [ 349.084778][T18174] vma_modify_policy+0xec/0x120 [ 349.089674][T18174] mbind_range+0x1d8/0x490 [ 349.094242][T18174] __se_sys_mbind+0x915/0x1160 [ 349.099086][T18174] __x64_sys_mbind+0x78/0x90 [ 349.103737][T18174] x64_sys_call+0x2b4d/0x2d60 [ 349.108492][T18174] do_syscall_64+0xc9/0x1c0 [ 349.113080][T18174] ? clear_bhb_loop+0x55/0xb0 [ 349.117796][T18174] ? clear_bhb_loop+0x55/0xb0 [ 349.122503][T18174] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.128482][T18174] RIP: 0033:0x7f8a23dadef9 [ 349.132977][T18174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.152772][T18174] RSP: 002b:00007f8a22a27038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 349.161227][T18174] RAX: ffffffffffffffda RBX: 00007f8a23f65f80 RCX: 00007f8a23dadef9 [ 349.169215][T18174] RDX: 0000000000000002 RSI: 0000000000004000 RDI: 0000000020ffc000 [ 349.177227][T18174] RBP: 00007f8a22a27090 R08: 0000000000000002 R09: 0000000000000000 [ 349.185272][T18174] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 349.193268][T18174] R13: 0000000000000000 R14: 00007f8a23f65f80 R15: 00007ffcb3a408f8 [ 349.201307][T18174] [ 349.526051][T18195] netlink: 56 bytes leftover after parsing attributes in process `syz.2.4953'. [ 349.575822][T18199] lo speed is unknown, defaulting to 1000 [ 349.582089][T18199] gre0 speed is unknown, defaulting to 1000 [ 349.870591][T18204] lo speed is unknown, defaulting to 1000 [ 349.876718][T18204] gre0 speed is unknown, defaulting to 1000 [ 349.901127][T18209] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18209 comm=syz.1.4958 [ 350.289415][T18222] loop1: detected capacity change from 0 to 1024 [ 350.471487][T18222] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 350.564475][T18228] lo speed is unknown, defaulting to 1000 [ 350.570794][T18228] gre0 speed is unknown, defaulting to 1000 [ 350.873459][T16463] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 351.120816][T18233] FAULT_INJECTION: forcing a failure. [ 351.120816][T18233] name failslab, interval 1, probability 0, space 0, times 0 [ 351.133548][T18233] CPU: 1 UID: 0 PID: 18233 Comm: syz.1.4962 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 351.145497][T18233] Tainted: [W]=WARN [ 351.149322][T18233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 351.159393][T18233] Call Trace: [ 351.162691][T18233] [ 351.165629][T18233] dump_stack_lvl+0xf2/0x150 [ 351.170241][T18233] dump_stack+0x15/0x20 [ 351.174479][T18233] should_fail_ex+0x223/0x230 [ 351.179264][T18233] ? vm_area_dup+0x98/0x130 [ 351.183881][T18233] should_failslab+0x8f/0xb0 [ 351.188516][T18233] kmem_cache_alloc_noprof+0x4c/0x290 [ 351.194097][T18233] vm_area_dup+0x98/0x130 [ 351.198467][T18233] __split_vma+0xf7/0x6a0 [ 351.202900][T18233] vms_gather_munmap_vmas+0x175/0x7a0 [ 351.208401][T18233] ? mntput+0x49/0x70 [ 351.212400][T18233] do_vmi_align_munmap+0x1a9/0x390 [ 351.217664][T18233] do_vmi_munmap+0x1eb/0x230 [ 351.222279][T18233] do_munmap+0x8b/0xc0 [ 351.226406][T18233] __se_sys_mremap+0x955/0xec0 [ 351.231203][T18233] ? finish_task_switch+0xb5/0x2b0 [ 351.236348][T18233] ? __schedule+0x735/0x940 [ 351.240896][T18233] __x64_sys_mremap+0x67/0x80 [ 351.245673][T18233] x64_sys_call+0x2747/0x2d60 [ 351.250380][T18233] do_syscall_64+0xc9/0x1c0 [ 351.255191][T18233] ? clear_bhb_loop+0x55/0xb0 [ 351.259892][T18233] ? clear_bhb_loop+0x55/0xb0 [ 351.264587][T18233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.270537][T18233] RIP: 0033:0x7f5ade78def9 [ 351.275011][T18233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 351.294693][T18233] RSP: 002b:00007f5add3c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 351.303219][T18233] RAX: ffffffffffffffda RBX: 00007f5ade946130 RCX: 00007f5ade78def9 [ 351.311200][T18233] RDX: 0000000000003000 RSI: 0000000000004000 RDI: 0000000020ac3000 [ 351.319238][T18233] RBP: 00007f5add3c5090 R08: 0000000020b6a000 R09: 0000000000000000 [ 351.327248][T18233] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 351.335278][T18233] R13: 0000000000000000 R14: 00007f5ade946130 R15: 00007ffd6678a998 [ 351.343465][T18233] [ 351.435357][T18235] loop4: detected capacity change from 0 to 512 [ 351.474131][T18235] loop4: detected capacity change from 0 to 512 [ 351.591950][ T29] kauditd_printk_skb: 373 callbacks suppressed [ 351.591971][ T29] audit: type=1326 audit(1726981249.255:34513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18244 comm="syz.4.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 351.621888][ T29] audit: type=1326 audit(1726981249.255:34514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18244 comm="syz.4.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 351.645667][ T29] audit: type=1326 audit(1726981249.255:34515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18244 comm="syz.4.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 351.669618][ T29] audit: type=1326 audit(1726981249.255:34516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18244 comm="syz.4.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 351.693497][ T29] audit: type=1326 audit(1726981249.255:34517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18244 comm="syz.4.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 351.717285][ T29] audit: type=1326 audit(1726981249.255:34518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18244 comm="syz.4.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 351.741391][ T29] audit: type=1326 audit(1726981249.255:34519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18244 comm="syz.4.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 351.765413][ T29] audit: type=1326 audit(1726981249.255:34520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18244 comm="syz.4.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 351.789213][ T29] audit: type=1326 audit(1726981249.255:34521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18244 comm="syz.4.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 351.812910][ T29] audit: type=1326 audit(1726981249.255:34522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18244 comm="syz.4.4966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcff0b8def9 code=0x7ffc0000 [ 351.842014][T18242] FAULT_INJECTION: forcing a failure. [ 351.842014][T18242] name failslab, interval 1, probability 0, space 0, times 0 [ 351.854717][T18242] CPU: 0 UID: 0 PID: 18242 Comm: syz.2.4965 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 351.866637][T18242] Tainted: [W]=WARN [ 351.870444][T18242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 351.880567][T18242] Call Trace: [ 351.883861][T18242] [ 351.886829][T18242] dump_stack_lvl+0xf2/0x150 [ 351.891515][T18242] dump_stack+0x15/0x20 [ 351.895758][T18242] should_fail_ex+0x223/0x230 [ 351.900517][T18242] ? __alloc_skb+0x10b/0x310 [ 351.905149][T18242] should_failslab+0x8f/0xb0 [ 351.909778][T18242] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 351.915728][T18242] __alloc_skb+0x10b/0x310 [ 351.920190][T18242] netlink_alloc_large_skb+0xad/0xe0 [ 351.925564][T18242] netlink_sendmsg+0x3b4/0x6e0 [ 351.930438][T18242] ? __pfx_netlink_sendmsg+0x10/0x10 [ 351.935801][T18242] __sock_sendmsg+0x140/0x180 [ 351.940572][T18242] ____sys_sendmsg+0x312/0x410 [ 351.945450][T18242] __sys_sendmsg+0x1dd/0x270 [ 351.950171][T18242] __x64_sys_sendmsg+0x46/0x50 [ 351.954981][T18242] x64_sys_call+0x2689/0x2d60 [ 351.959694][T18242] do_syscall_64+0xc9/0x1c0 [ 351.964286][T18242] ? clear_bhb_loop+0x55/0xb0 [ 351.968991][T18242] ? clear_bhb_loop+0x55/0xb0 [ 351.973802][T18242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.979825][T18242] RIP: 0033:0x7fd1df83def9 [ 351.984309][T18242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 352.003956][T18242] RSP: 002b:00007fd1de4b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 352.012475][T18242] RAX: ffffffffffffffda RBX: 00007fd1df9f5f80 RCX: 00007fd1df83def9 [ 352.020475][T18242] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000006 [ 352.029075][T18242] RBP: 00007fd1de4b1090 R08: 0000000000000000 R09: 0000000000000000 [ 352.037063][T18242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 352.045056][T18242] R13: 0000000000000000 R14: 00007fd1df9f5f80 R15: 00007ffe3768dde8 [ 352.053562][T18242] [ 352.068644][T18255] netlink: 'syz.1.4970': attribute type 3 has an invalid length. [ 352.349812][T18283] lo speed is unknown, defaulting to 1000 [ 352.356088][T18283] gre0 speed is unknown, defaulting to 1000 [ 352.602598][T18287] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4977'. [ 352.740951][T18290] loop4: detected capacity change from 0 to 512 [ 352.747862][T18290] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 352.780425][T18290] EXT4-fs (loop4): 1 truncate cleaned up [ 352.786670][T18290] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.814093][T18290] xt_hashlimit: invalid rate [ 352.827018][T18290] netlink: 'syz.4.4980': attribute type 4 has an invalid length. [ 353.023428][T18310] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb [ 353.057171][T18314] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4990'. [ 353.057282][T18316] SELinux: Context #! ./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa [ 353.323506][T18325] loop3: detected capacity change from 0 to 2048 [ 353.480642][T18325] loop3: p1 < > p4 [ 353.486470][T18325] loop3: p4 size 8388608 extends beyond EOD, truncated [ 353.699650][ T9322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.288279][T18344] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4995'. [ 354.532012][T18349] lo speed is unknown, defaulting to 1000 [ 354.538312][T18349] gre0 speed is unknown, defaulting to 1000 [ 355.314755][T18362] loop3: detected capacity change from 0 to 764 [ 355.341599][T18362] rock: directory entry would overflow storage [ 355.347794][T18362] rock: sig=0x4654, size=5, remaining=4 [ 355.381387][T18362] syz.3.5004[18362] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 355.382114][T18362] syz.3.5004[18362] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 355.548138][T18374] lo speed is unknown, defaulting to 1000 [ 355.566113][T18374] gre0 speed is unknown, defaulting to 1000 [ 355.865353][T18377] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5008'. [ 355.912192][T18387] 9pnet_fd: p9_fd_create_tcp (18387): problem connecting socket to 127.0.0.1 [ 355.946348][T18390] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5012'. [ 356.097685][T18400] loop1: detected capacity change from 0 to 512 [ 356.106314][T18400] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.5016: invalid block [ 356.118632][T18400] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.5016: invalid indirect mapped block 4294967295 (level 1) [ 356.133109][T18400] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.5016: invalid indirect mapped block 4294967295 (level 1) [ 356.152324][T18400] EXT4-fs (loop1): 2 truncates cleaned up [ 356.158544][T18400] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 356.208755][T16463] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.253359][T18412] loop1: detected capacity change from 0 to 512 [ 356.270300][T18412] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 356.349542][T18412] EXT4-fs (loop1): 1 truncate cleaned up [ 356.355656][T18412] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.384715][T16463] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.495474][T18421] lo speed is unknown, defaulting to 1000 [ 356.501817][T18421] gre0 speed is unknown, defaulting to 1000 [ 356.551729][T18428] loop3: detected capacity change from 0 to 512 [ 356.561967][T18425] lo speed is unknown, defaulting to 1000 [ 356.562953][T18428] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 356.630532][T18428] EXT4-fs (loop3): 1 truncate cleaned up [ 356.638378][T18428] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.659227][T18425] gre0 speed is unknown, defaulting to 1000 [ 356.679912][T18428] FAULT_INJECTION: forcing a failure. [ 356.679912][T18428] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 356.693101][T18428] CPU: 1 UID: 0 PID: 18428 Comm: syz.3.5026 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 356.705127][T18428] Tainted: [W]=WARN [ 356.708955][T18428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 356.719116][T18428] Call Trace: [ 356.722429][T18428] [ 356.725406][T18428] dump_stack_lvl+0xf2/0x150 [ 356.730046][T18428] dump_stack+0x15/0x20 [ 356.734230][T18428] should_fail_ex+0x223/0x230 [ 356.738949][T18428] should_fail+0xb/0x10 [ 356.743282][T18428] should_fail_usercopy+0x1a/0x20 [ 356.748341][T18428] _copy_from_user+0x1e/0xd0 [ 356.753049][T18428] ____sys_sendmsg+0x1a4/0x410 [ 356.758084][T18428] __sys_sendmmsg+0x25d/0x500 [ 356.762820][T18428] ? trace_sys_enter+0x65/0xa0 [ 356.767618][T18428] __x64_sys_sendmmsg+0x57/0x70 [ 356.772523][T18428] x64_sys_call+0xa49/0x2d60 [ 356.777186][T18428] do_syscall_64+0xc9/0x1c0 [ 356.781775][T18428] ? clear_bhb_loop+0x55/0xb0 [ 356.786521][T18428] ? clear_bhb_loop+0x55/0xb0 [ 356.791274][T18428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.797204][T18428] RIP: 0033:0x7f225015def9 [ 356.801751][T18428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 356.821552][T18428] RSP: 002b:00007f224edd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 356.830031][T18428] RAX: ffffffffffffffda RBX: 00007f2250315f80 RCX: 00007f225015def9 [ 356.838068][T18428] RDX: 0000000000000001 RSI: 0000000020000640 RDI: 0000000000000004 [ 356.846070][T18428] RBP: 00007f224edd1090 R08: 0000000000000000 R09: 0000000000000000 [ 356.854128][T18428] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001 [ 356.862205][T18428] R13: 0000000000000000 R14: 00007f2250315f80 R15: 00007ffdb6076c18 [ 356.870278][T18428] [ 356.989192][T15136] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.285088][T18439] lo speed is unknown, defaulting to 1000 [ 357.291630][T18439] gre0 speed is unknown, defaulting to 1000 [ 357.377943][T18420] 9pnet_fd: p9_fd_create_tcp (18420): problem connecting socket to 127.0.0.1 [ 357.690148][ T29] kauditd_printk_skb: 223 callbacks suppressed [ 357.690166][ T29] audit: type=1326 audit(1726981255.355:34746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18443 comm="syz.4.5030" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcff0b8def9 code=0x0 [ 357.786011][ T29] audit: type=1326 audit(1726981255.455:34747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.5032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 357.809780][ T29] audit: type=1326 audit(1726981255.455:34748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.5032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 357.833415][ T29] audit: type=1326 audit(1726981255.455:34749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.5032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 357.857216][ T29] audit: type=1326 audit(1726981255.455:34750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.5032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 357.972118][ T29] audit: type=1326 audit(1726981255.525:34751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.5032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 357.995940][ T29] audit: type=1326 audit(1726981255.525:34752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.5032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 358.019831][ T29] audit: type=1326 audit(1726981255.525:34753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18448 comm="syz.1.5032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 358.043524][ T29] audit: type=1326 audit(1726981255.635:34754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18457 comm="syz.3.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 358.067374][ T29] audit: type=1326 audit(1726981255.635:34755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18457 comm="syz.3.5035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 358.194807][T18469] loop1: detected capacity change from 0 to 256 [ 358.220516][T18469] vfat: Bad value for 'shortname' [ 358.488426][T18482] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5041'. [ 358.633773][T18486] loop0: detected capacity change from 0 to 128 [ 358.714210][T18483] loop1: detected capacity change from 0 to 128 [ 359.004811][T18497] loop3: detected capacity change from 0 to 164 [ 359.032819][T18497] SELinux: policydb string SE Linu does not match my string SE Linux [ 359.043763][T18497] SELinux: failed to load policy [ 359.056235][T18495] loop0: detected capacity change from 0 to 8192 [ 359.141642][T18495] tmpfs: Bad value for 'mpol' [ 359.153528][T18500] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5047'. [ 359.211505][T18461] syz.1.5036 (18461) used greatest stack depth: 7160 bytes left [ 359.269667][T18508] loop0: detected capacity change from 0 to 256 [ 359.276525][T18508] vfat: Unknown parameter 'uni_xlat' [ 359.314694][T18515] 9pnet_fd: p9_fd_create_tcp (18515): problem connecting socket to 127.0.0.1 [ 359.348656][T18517] loop1: detected capacity change from 0 to 512 [ 359.365679][T18517] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 359.393182][T18517] EXT4-fs (loop1): 1 truncate cleaned up [ 359.402801][T18517] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.404590][T18523] loop0: detected capacity change from 0 to 128 [ 359.430532][T18517] gadgetfs: Unknown parameter '/' [ 359.649732][T16463] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.957823][T18535] lo speed is unknown, defaulting to 1000 [ 359.963990][T18535] gre0 speed is unknown, defaulting to 1000 [ 361.281052][T18546] tipc: Enabling of bearer rejected, failed to enable media [ 361.300505][T18546] ªªªªªª: renamed from syzkaller0 [ 361.349932][T18544] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb [ 361.513968][T18564] loop2: detected capacity change from 0 to 128 [ 361.559478][T18566] ALSA: seq fatal error: cannot create timer (-22) [ 361.665561][T18571] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5064'. [ 361.684119][T18572] loop4: detected capacity change from 0 to 164 [ 361.709758][T18572] SELinux: policydb string SE Linu does not match my string SE Linux [ 361.734894][T18572] SELinux: failed to load policy [ 362.100623][T18590] lo speed is unknown, defaulting to 1000 [ 362.106909][T18590] gre0 speed is unknown, defaulting to 1000 [ 362.554137][T18610] loop4: detected capacity change from 0 to 128 [ 362.675885][T18622] Cannot find set identified by id 0 to match [ 362.704675][T18620] netlink: 108 bytes leftover after parsing attributes in process `syz.4.5086'. [ 362.801522][ T29] kauditd_printk_skb: 231 callbacks suppressed [ 362.801542][ T29] audit: type=1326 audit(1726981260.465:34987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18625 comm="syz.2.5089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 362.831488][ T29] audit: type=1326 audit(1726981260.465:34988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18625 comm="syz.2.5089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 362.855315][ T29] audit: type=1326 audit(1726981260.465:34989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18625 comm="syz.2.5089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 362.879065][ T29] audit: type=1326 audit(1726981260.465:34990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18625 comm="syz.2.5089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 362.902806][ T29] audit: type=1326 audit(1726981260.465:34991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18625 comm="syz.2.5089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 362.926597][ T29] audit: type=1326 audit(1726981260.465:34992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18625 comm="syz.2.5089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 362.950373][ T29] audit: type=1326 audit(1726981260.475:34993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18625 comm="syz.2.5089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 362.968589][T18630] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5089'. [ 362.973966][ T29] audit: type=1326 audit(1726981260.475:34994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18625 comm="syz.2.5089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 363.006338][ T29] audit: type=1326 audit(1726981260.475:34995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18625 comm="syz.2.5089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 363.030132][ T29] audit: type=1326 audit(1726981260.475:34996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18625 comm="syz.2.5089" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 363.217517][T18649] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5090'. [ 363.266606][T18653] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5093'. [ 363.317052][T18657] loop2: detected capacity change from 0 to 128 [ 363.405466][T18664] loop2: detected capacity change from 0 to 128 [ 363.620399][T18678] lo: entered allmulticast mode [ 363.712195][T18684] lo speed is unknown, defaulting to 1000 [ 363.719043][T18684] gre0 speed is unknown, defaulting to 1000 [ 363.890940][T18677] lo: left allmulticast mode [ 364.090473][T18698] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5105'. [ 364.115471][T18679] lo speed is unknown, defaulting to 1000 [ 364.127715][T18679] gre0 speed is unknown, defaulting to 1000 [ 364.244340][T18679] chnl_net:caif_netlink_parms(): no params data found [ 364.298696][T18679] bridge0: port 1(bridge_slave_0) entered blocking state [ 364.306035][T18679] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.313375][T18679] bridge_slave_0: entered allmulticast mode [ 364.451153][T18679] bridge_slave_0: entered promiscuous mode [ 364.458640][T18679] bridge0: port 2(bridge_slave_1) entered blocking state [ 364.465758][T18679] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.475527][T18679] bridge_slave_1: entered allmulticast mode [ 364.483000][T18679] bridge_slave_1: entered promiscuous mode [ 364.537233][T18679] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 364.553423][T18679] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 364.640194][T18679] team0: Port device team_slave_0 added [ 364.647859][T18679] team0: Port device team_slave_1 added [ 364.686017][T18679] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 364.693094][T18679] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.719628][T18679] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 364.731309][T18679] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 364.738418][T18679] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 364.764706][T18679] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 364.790865][T18679] hsr_slave_0: entered promiscuous mode [ 364.796969][T18679] hsr_slave_1: entered promiscuous mode [ 364.803026][T18679] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 364.811074][T18679] Cannot create hsr debugfs directory [ 364.864350][T18679] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.910584][T18679] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 364.971854][T18679] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.002510][T18740] loop2: detected capacity change from 0 to 164 [ 365.012751][T18740] SELinux: policydb string SE Linu does not match my string SE Linux [ 365.021268][T18740] SELinux: failed to load policy [ 365.031796][T18679] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 365.063403][T18742] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5121'. [ 365.103060][T18679] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 365.111848][T18679] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 365.121113][T18679] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 365.129826][T18679] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 365.144618][T18679] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.151718][T18679] bridge0: port 2(bridge_slave_1) entered forwarding state [ 365.159158][T18679] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.166243][T18679] bridge0: port 1(bridge_slave_0) entered forwarding state [ 365.181454][ T7508] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.189607][ T7508] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.218511][T18679] 8021q: adding VLAN 0 to HW filter on device bond0 [ 365.231142][T18679] 8021q: adding VLAN 0 to HW filter on device team0 [ 365.241490][ T7486] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.248593][ T7486] bridge0: port 1(bridge_slave_0) entered forwarding state [ 365.259734][ T7486] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.266814][ T7486] bridge0: port 2(bridge_slave_1) entered forwarding state [ 365.335038][T18679] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 365.458388][T18679] veth0_vlan: entered promiscuous mode [ 365.461313][T18767] loop3: detected capacity change from 0 to 128 [ 365.477285][T18679] veth1_vlan: entered promiscuous mode [ 365.490405][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x1 [ 365.497875][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.505453][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.511222][T18679] veth0_macvtap: entered promiscuous mode [ 365.513004][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.522758][T18679] veth1_macvtap: entered promiscuous mode [ 365.526061][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.539417][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.541207][T18679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.546812][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.546841][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.557315][T18679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.557329][T18679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.557343][T18679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.557355][T18679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.564738][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.572155][T18679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.582060][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.592476][T18679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.602332][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.612727][T18679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.612750][T18679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.620198][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.629935][T18679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.634739][T18679] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 365.637358][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.653535][T18679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.655200][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.665000][T18679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.677340][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.682872][T18679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.682912][T18679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.682926][T18679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.682942][T18679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.682956][T18679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.692856][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x2 [ 365.700057][T18679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.707432][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.707458][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.707558][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.717918][T18679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 365.725313][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.735137][T18679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.750319][T18679] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 365.753247][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.768971][T18679] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.773584][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.783403][T18679] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.793905][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.801368][T18679] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.811204][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.818614][T18679] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 365.826015][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.826041][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.826066][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.826091][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.826115][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.826148][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.826216][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.826237][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.992576][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 365.999995][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 366.007509][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 366.014974][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 366.022466][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 366.029884][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 366.037271][ T990] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 366.048935][ T990] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz0] on syz0 [ 366.130444][T18776] loop2: detected capacity change from 0 to 8192 [ 366.133038][ T7503] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 366.163366][ T7503] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 366.178939][ T7503] bond0 (unregistering): Released all slaves [ 366.205496][T18786] loop3: detected capacity change from 0 to 128 [ 366.265169][ T7503] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 366.272694][ T7503] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 366.285212][ T7503] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 366.292863][ T7503] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 366.444655][T18789] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5131'. [ 366.474355][T18806] loop0: detected capacity change from 0 to 128 [ 366.764282][T18824] loop2: detected capacity change from 0 to 8192 [ 366.847243][T18827] lo speed is unknown, defaulting to 1000 [ 366.853504][T18827] gre0 speed is unknown, defaulting to 1000 [ 367.025844][T18833] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5142'. [ 367.211936][T18842] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5145'. [ 367.467187][T18859] loop0: detected capacity change from 0 to 8192 [ 367.521239][T18865] 9pnet_virtio: no channels available for device 127.0.0.1 [ 367.737097][T18888] lo speed is unknown, defaulting to 1000 [ 367.754453][T18888] gre0 speed is unknown, defaulting to 1000 [ 368.481621][ T29] kauditd_printk_skb: 316 callbacks suppressed [ 368.481636][ T29] audit: type=1326 audit(1726981266.135:35313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.2.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 368.511508][ T29] audit: type=1326 audit(1726981266.135:35314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.2.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 368.535146][ T29] audit: type=1326 audit(1726981266.135:35315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.2.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 368.558889][ T29] audit: type=1326 audit(1726981266.135:35316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.2.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd1df83c890 code=0x7ffc0000 [ 368.582590][ T29] audit: type=1326 audit(1726981266.135:35317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.2.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd1df83c890 code=0x7ffc0000 [ 368.606231][ T29] audit: type=1326 audit(1726981266.135:35318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.2.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 368.629931][ T29] audit: type=1326 audit(1726981266.135:35319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.2.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 368.653884][ T29] audit: type=1326 audit(1726981266.135:35320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.2.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 368.677686][ T29] audit: type=1326 audit(1726981266.135:35321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.2.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 368.701806][ T29] audit: type=1326 audit(1726981266.135:35322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18902 comm="syz.2.5166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd1df83df33 code=0x7ffc0000 [ 368.739390][T18910] lo speed is unknown, defaulting to 1000 [ 368.745641][T18910] gre0 speed is unknown, defaulting to 1000 [ 369.600452][T18912] lo speed is unknown, defaulting to 1000 [ 369.606624][T18912] gre0 speed is unknown, defaulting to 1000 [ 369.664877][T18906] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5165'. [ 370.069305][T18957] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5186'. [ 370.207096][T18962] loop0: detected capacity change from 0 to 8192 [ 370.725171][T18982] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5196'. [ 370.907932][T18990] lo speed is unknown, defaulting to 1000 [ 370.914307][T18990] gre0 speed is unknown, defaulting to 1000 [ 371.116239][T19001] loop2: detected capacity change from 0 to 128 [ 371.364908][T19034] loop3: detected capacity change from 0 to 8192 [ 371.525088][T19053] loop3: detected capacity change from 0 to 8192 [ 371.764087][T19063] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5227'. [ 371.814900][T19071] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5228'. [ 371.832086][T19090] loop2: detected capacity change from 0 to 128 [ 371.834848][T19092] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5235'. [ 371.901065][T19098] Cannot find set identified by id 0 to match [ 371.984427][T19110] loop1: detected capacity change from 0 to 4096 [ 372.002057][T19107] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5241'. [ 372.015233][T19110] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 372.028085][T19121] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5244'. [ 372.037151][T19121] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5244'. [ 372.049587][T19123] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5245'. [ 372.135271][T16463] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 372.252303][T19145] FAULT_INJECTION: forcing a failure. [ 372.252303][T19145] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 372.265702][T19145] CPU: 1 UID: 0 PID: 19145 Comm: syz.4.5253 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 372.270903][T19143] loop2: detected capacity change from 0 to 8192 [ 372.278367][T19145] Tainted: [W]=WARN [ 372.288595][T19145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 372.298699][T19145] Call Trace: [ 372.302055][T19145] [ 372.304998][T19145] dump_stack_lvl+0xf2/0x150 [ 372.309643][T19145] dump_stack+0x15/0x20 [ 372.313854][T19145] should_fail_ex+0x223/0x230 [ 372.318622][T19145] should_fail_alloc_page+0xfd/0x110 [ 372.323985][T19145] __alloc_pages_noprof+0x109/0x360 [ 372.329220][T19145] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 372.334624][T19145] alloc_pages_noprof+0xe1/0x100 [ 372.339702][T19145] __pud_alloc+0x4b/0x3e0 [ 372.344177][T19145] handle_mm_fault+0x18d1/0x2a80 [ 372.349134][T19145] ? mt_find+0x72a/0x890 [ 372.353470][T19145] ? check_vma_flags+0x218/0x340 [ 372.358486][T19145] __get_user_pages+0xf2c/0x2670 [ 372.363473][T19145] get_user_pages_remote+0x1df/0x790 [ 372.368881][T19145] get_arg_page+0x189/0x380 [ 372.373424][T19145] copy_string_kernel+0x119/0x280 [ 372.378531][T19145] do_execveat_common+0x656/0x800 [ 372.383568][T19145] __x64_sys_execve+0x5a/0x70 [ 372.388373][T19145] x64_sys_call+0x1277/0x2d60 [ 372.393062][T19145] do_syscall_64+0xc9/0x1c0 [ 372.397569][T19145] ? clear_bhb_loop+0x55/0xb0 [ 372.402294][T19145] ? clear_bhb_loop+0x55/0xb0 [ 372.407007][T19145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.412939][T19145] RIP: 0033:0x7f576210def9 [ 372.417369][T19145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 372.437044][T19145] RSP: 002b:00007f5760d87038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 372.445465][T19145] RAX: ffffffffffffffda RBX: 00007f57622c5f80 RCX: 00007f576210def9 [ 372.453448][T19145] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000 [ 372.461430][T19145] RBP: 00007f5760d87090 R08: 0000000000000000 R09: 0000000000000000 [ 372.469404][T19145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 372.477501][T19145] R13: 0000000000000000 R14: 00007f57622c5f80 R15: 00007ffe42868128 [ 372.485496][T19145] [ 372.521019][T19158] bridge_slave_1: left allmulticast mode [ 372.526862][T19158] bridge_slave_1: left promiscuous mode [ 372.532635][T19158] bridge0: port 2(bridge_slave_1) entered disabled state [ 372.540626][T19158] bridge_slave_0: left allmulticast mode [ 372.546358][T19158] bridge_slave_0: left promiscuous mode [ 372.552245][T19158] bridge0: port 1(bridge_slave_0) entered disabled state [ 372.696849][T19163] loop4: detected capacity change from 0 to 8192 [ 372.731657][T19166] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 372.744405][T19168] loop3: detected capacity change from 0 to 128 [ 372.770098][T19170] loop3: detected capacity change from 0 to 164 [ 372.779563][T19170] SELinux: policydb string SE Linu does not match my string SE Linux [ 372.787952][T19170] SELinux: failed to load policy [ 372.973143][T19178] loop4: detected capacity change from 0 to 8192 [ 373.333367][T19198] loop1: detected capacity change from 0 to 128 [ 373.697054][T19215] loop1: detected capacity change from 0 to 8192 [ 373.736774][T19211] loop0: detected capacity change from 0 to 8192 [ 374.015236][T19222] Cannot find set identified by id 0 to match [ 374.073977][T19232] loop0: detected capacity change from 0 to 128 [ 374.113060][T19233] lo speed is unknown, defaulting to 1000 [ 374.119990][T19233] gre0 speed is unknown, defaulting to 1000 [ 374.436067][ T29] kauditd_printk_skb: 273 callbacks suppressed [ 374.436085][ T29] audit: type=1326 audit(1726981272.095:35594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19223 comm="syz.3.5283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 374.466010][ T29] audit: type=1326 audit(1726981272.095:35595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19223 comm="syz.3.5283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 374.489680][ T29] audit: type=1326 audit(1726981272.095:35596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19223 comm="syz.3.5283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 374.513456][ T29] audit: type=1326 audit(1726981272.095:35597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19223 comm="syz.3.5283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 374.537053][ T29] audit: type=1326 audit(1726981272.095:35598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19223 comm="syz.3.5283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 374.560773][ T29] audit: type=1326 audit(1726981272.095:35599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19223 comm="syz.3.5283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 374.584366][ T29] audit: type=1326 audit(1726981272.095:35600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19223 comm="syz.3.5283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 374.608163][ T29] audit: type=1326 audit(1726981272.095:35601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19223 comm="syz.3.5283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 374.631903][ T29] audit: type=1326 audit(1726981272.095:35602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19223 comm="syz.3.5283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 374.638263][T19252] FAULT_INJECTION: forcing a failure. [ 374.638263][T19252] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 374.655549][ T29] audit: type=1326 audit(1726981272.095:35603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19223 comm="syz.3.5283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 374.668691][T19252] CPU: 0 UID: 0 PID: 19252 Comm: syz.3.5291 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 374.704410][T19252] Tainted: [W]=WARN [ 374.708241][T19252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 374.718314][T19252] Call Trace: [ 374.721595][T19252] [ 374.724565][T19252] dump_stack_lvl+0xf2/0x150 [ 374.729179][T19252] dump_stack+0x15/0x20 [ 374.733354][T19252] should_fail_ex+0x223/0x230 [ 374.738168][T19252] should_fail+0xb/0x10 [ 374.742401][T19252] should_fail_usercopy+0x1a/0x20 [ 374.747551][T19252] _copy_to_user+0x1e/0xa0 [ 374.752062][T19252] simple_read_from_buffer+0xa0/0x110 [ 374.757483][T19252] proc_fail_nth_read+0xf9/0x140 [ 374.762441][T19252] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 374.768091][T19252] vfs_read+0x195/0x720 [ 374.772263][T19252] ? __rcu_read_unlock+0x4e/0x70 [ 374.777233][T19252] ? __fget_files+0x1d4/0x210 [ 374.781973][T19252] ksys_read+0xeb/0x1b0 [ 374.786214][T19252] __x64_sys_read+0x42/0x50 [ 374.790780][T19252] x64_sys_call+0x27d3/0x2d60 [ 374.795471][T19252] do_syscall_64+0xc9/0x1c0 [ 374.800008][T19252] ? clear_bhb_loop+0x55/0xb0 [ 374.804716][T19252] ? clear_bhb_loop+0x55/0xb0 [ 374.809465][T19252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.815405][T19252] RIP: 0033:0x7f225015c93c [ 374.819864][T19252] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 374.839494][T19252] RSP: 002b:00007f224edd1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 374.847922][T19252] RAX: ffffffffffffffda RBX: 00007f2250315f80 RCX: 00007f225015c93c [ 374.856095][T19252] RDX: 000000000000000f RSI: 00007f224edd10a0 RDI: 0000000000000007 [ 374.864079][T19252] RBP: 00007f224edd1090 R08: 0000000000000000 R09: 0000000000000000 [ 374.872148][T19252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 374.880196][T19252] R13: 0000000000000000 R14: 00007f2250315f80 R15: 00007ffdb6076c18 [ 374.888256][T19252] [ 374.972881][T19255] loop3: detected capacity change from 0 to 8192 [ 375.159816][T19274] lo speed is unknown, defaulting to 1000 [ 375.166140][T19274] gre0 speed is unknown, defaulting to 1000 [ 375.556146][T19284] loop2: detected capacity change from 0 to 8192 [ 375.695448][T19285] lo speed is unknown, defaulting to 1000 [ 375.701700][T19285] gre0 speed is unknown, defaulting to 1000 [ 375.840918][T19293] loop4: detected capacity change from 0 to 128 [ 376.192032][T19314] __nla_validate_parse: 6 callbacks suppressed [ 376.192054][T19314] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5309'. [ 376.626363][T19336] loop4: detected capacity change from 0 to 128 [ 376.791113][T19347] loop4: detected capacity change from 0 to 8192 [ 376.912942][T19368] loop0: detected capacity change from 0 to 128 [ 377.044382][T19381] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 377.051035][T19381] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 377.058680][T19381] vhci_hcd vhci_hcd.0: Device attached [ 377.076505][T19381] RDS: rds_bind could not find a transport for fe80::3c, load rds_tcp or rds_rdma? [ 377.088594][T19382] vhci_hcd: connection closed [ 377.089084][ T7467] vhci_hcd: stop threads [ 377.098116][ T7467] vhci_hcd: release socket [ 377.102652][ T7467] vhci_hcd: disconnect device [ 377.184783][T19391] loop4: detected capacity change from 0 to 8192 [ 377.386435][T19406] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5346'. [ 377.406570][T19406] team0 (unregistering): Port device team_slave_0 removed [ 377.418531][T19406] team0 (unregistering): Port device team_slave_1 removed [ 377.432412][T19407] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5340'. [ 377.696522][T19411] loop3: detected capacity change from 0 to 128 [ 377.906745][T19427] loop3: detected capacity change from 0 to 8192 [ 378.006130][T19448] loop0: detected capacity change from 0 to 128 [ 378.144092][T19470] netlink: 'syz.1.5367': attribute type 3 has an invalid length. [ 378.186953][T19466] loop2: detected capacity change from 0 to 8192 [ 378.209849][T19446] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5362'. [ 378.271395][T19479] loop4: detected capacity change from 0 to 128 [ 378.357307][T19485] loop0: detected capacity change from 0 to 764 [ 378.381043][T19485] rock: directory entry would overflow storage [ 378.387927][T19485] rock: sig=0x4654, size=5, remaining=4 [ 378.407392][T19485] syz.0.5374[19485] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 378.407512][T19485] syz.0.5374[19485] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 378.520889][T19497] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5371'. [ 378.810804][T19510] loop4: detected capacity change from 0 to 128 [ 379.139964][T19517] lo speed is unknown, defaulting to 1000 [ 379.146353][T19517] gre0 speed is unknown, defaulting to 1000 [ 379.264434][T19524] Cannot find set identified by id 0 to match [ 379.369802][T19531] loop2: detected capacity change from 0 to 128 [ 379.442196][ T29] kauditd_printk_skb: 261 callbacks suppressed [ 379.442216][ T29] audit: type=1326 audit(1726981277.115:35865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19536 comm="syz.3.5390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 379.515967][ T29] audit: type=1326 audit(1726981277.115:35866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19536 comm="syz.3.5390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 379.539763][ T29] audit: type=1326 audit(1726981277.145:35867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19536 comm="syz.3.5390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 379.563390][ T29] audit: type=1326 audit(1726981277.145:35868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19536 comm="syz.3.5390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 379.587038][ T29] audit: type=1326 audit(1726981277.145:35869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19536 comm="syz.3.5390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 379.610709][ T29] audit: type=1326 audit(1726981277.155:35870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19536 comm="syz.3.5390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 379.634450][ T29] audit: type=1326 audit(1726981277.155:35871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19536 comm="syz.3.5390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 379.658191][ T29] audit: type=1326 audit(1726981277.155:35872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19536 comm="syz.3.5390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 379.688047][ T29] audit: type=1326 audit(1726981277.215:35873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19536 comm="syz.3.5390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 379.711766][ T29] audit: type=1326 audit(1726981277.215:35874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19536 comm="syz.3.5390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 379.743076][T19548] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5391'. [ 379.911260][T19558] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 379.984604][T19561] lo speed is unknown, defaulting to 1000 [ 380.017752][T19561] gre0 speed is unknown, defaulting to 1000 [ 380.324910][T19574] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5399'. [ 380.449865][T19586] loop2: detected capacity change from 0 to 128 [ 380.920013][T19614] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5413'. [ 380.981454][T19619] lo speed is unknown, defaulting to 1000 [ 380.987832][T19619] gre0 speed is unknown, defaulting to 1000 [ 381.494055][T19629] loop4: detected capacity change from 0 to 8192 [ 381.634587][T19634] loop2: detected capacity change from 0 to 128 [ 382.017190][T19650] lo speed is unknown, defaulting to 1000 [ 382.023400][T19650] gre0 speed is unknown, defaulting to 1000 [ 382.199717][T19662] loop0: detected capacity change from 0 to 8192 [ 382.302639][T19670] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 382.812484][T19687] loop4: detected capacity change from 0 to 128 [ 383.051871][T19699] loop0: detected capacity change from 0 to 8192 [ 383.293504][T19711] lo speed is unknown, defaulting to 1000 [ 383.300003][T19711] gre0 speed is unknown, defaulting to 1000 [ 383.689601][T19704] lo speed is unknown, defaulting to 1000 [ 383.695808][T19704] gre0 speed is unknown, defaulting to 1000 [ 384.070761][T19720] loop2: detected capacity change from 0 to 8192 [ 384.280018][T19733] lo speed is unknown, defaulting to 1000 [ 384.286751][T19733] gre0 speed is unknown, defaulting to 1000 [ 384.613955][T19740] loop3: detected capacity change from 0 to 764 [ 384.629226][T19740] rock: directory entry would overflow storage [ 384.635444][T19740] rock: sig=0x4654, size=5, remaining=4 [ 384.645363][T19740] syz.3.5452[19740] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 384.645483][T19740] syz.3.5452[19740] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 384.667929][T19738] loop2: detected capacity change from 0 to 8192 [ 384.788517][T19751] Cannot find set identified by id 0 to match [ 384.983558][T19764] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5461'. [ 385.053056][T19768] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5455'. [ 385.088894][ T29] kauditd_printk_skb: 114 callbacks suppressed [ 385.088915][ T29] audit: type=1107 audit(1726981282.745:35989): pid=19763 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¯ÿ' [ 385.281420][T19773] loop0: detected capacity change from 0 to 512 [ 385.295416][T19771] loop4: detected capacity change from 0 to 8192 [ 385.304047][T19773] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 385.337488][T19773] EXT4-fs (loop0): invalid journal inode [ 385.357134][T19773] EXT4-fs (loop0): can't get journal size [ 385.386159][T19773] EXT4-fs (loop0): 1 truncate cleaned up [ 385.393676][T19773] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 385.411818][ T29] audit: type=1400 audit(1726981283.085:35990): avc: denied { link } for pid=19772 comm="syz.0.5465" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 385.455797][ T29] audit: type=1400 audit(1726981283.085:35991): avc: denied { rename } for pid=19772 comm="syz.0.5465" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 385.467529][T19779] 9pnet_fd: Insufficient options for proto=fd [ 385.702802][T19792] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 385.886701][ T29] audit: type=1326 audit(1726981283.555:35992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19800 comm="syz.1.5473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 385.911578][ T29] audit: type=1326 audit(1726981283.555:35993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19800 comm="syz.1.5473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 385.935252][ T29] audit: type=1326 audit(1726981283.555:35994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19800 comm="syz.1.5473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 385.958906][ T29] audit: type=1326 audit(1726981283.555:35995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19800 comm="syz.1.5473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 385.982744][ T29] audit: type=1326 audit(1726981283.555:35996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19800 comm="syz.1.5473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 386.006452][ T29] audit: type=1326 audit(1726981283.555:35997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19800 comm="syz.1.5473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 386.030037][ T29] audit: type=1326 audit(1726981283.555:35998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19800 comm="syz.1.5473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ade78def9 code=0x7ffc0000 [ 386.375867][T13427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.954632][T19814] loop1: detected capacity change from 0 to 128 [ 387.032775][T19822] loop3: detected capacity change from 0 to 512 [ 387.088028][T19834] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 387.100274][T19822] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 387.113296][T19822] ext4 filesystem being mounted at /299/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 387.148206][T19822] FAULT_INJECTION: forcing a failure. [ 387.148206][T19822] name failslab, interval 1, probability 0, space 0, times 0 [ 387.161047][T19822] CPU: 1 UID: 0 PID: 19822 Comm: syz.3.5479 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 387.172976][T19822] Tainted: [W]=WARN [ 387.176793][T19822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 387.186874][T19822] Call Trace: [ 387.190179][T19822] [ 387.193120][T19822] dump_stack_lvl+0xf2/0x150 [ 387.197752][T19822] dump_stack+0x15/0x20 [ 387.201930][T19822] should_fail_ex+0x223/0x230 [ 387.206696][T19822] ? security_inode_alloc+0x32/0x100 [ 387.212039][T19822] should_failslab+0x8f/0xb0 [ 387.216685][T19822] kmem_cache_alloc_noprof+0x4c/0x290 [ 387.222093][T19822] security_inode_alloc+0x32/0x100 [ 387.227295][T19822] inode_init_always+0x439/0x480 [ 387.232269][T19822] ? __pfx_ext4_alloc_inode+0x10/0x10 [ 387.237734][T19822] alloc_inode+0x7d/0x160 [ 387.242260][T19822] new_inode+0x1e/0x100 [ 387.246465][T19822] __ext4_new_inode+0x13f/0x2230 [ 387.251472][T19822] ? ext4_journal_check_start+0xf3/0x180 [ 387.257210][T19822] ext4_ext_migrate+0x3d8/0x9a0 [ 387.262150][T19822] ? avc_has_extended_perms+0x60b/0x820 [ 387.267731][T19822] ? mnt_get_write_access_file+0x111/0x230 [ 387.273557][T19822] ext4_ioctl+0x103f/0x2dd0 [ 387.278202][T19822] ? ioctl_has_perm+0x286/0x2e0 [ 387.283168][T19822] ? do_vfs_ioctl+0x1160/0x1530 [ 387.288038][T19822] ? selinux_file_ioctl+0x2f7/0x380 [ 387.293304][T19822] ? __fget_files+0x1d4/0x210 [ 387.298000][T19822] ? __pfx_ext4_ioctl+0x10/0x10 [ 387.302932][T19822] __se_sys_ioctl+0xcd/0x140 [ 387.307565][T19822] __x64_sys_ioctl+0x43/0x50 [ 387.312169][T19822] x64_sys_call+0x15cc/0x2d60 [ 387.317003][T19822] do_syscall_64+0xc9/0x1c0 [ 387.321620][T19822] ? clear_bhb_loop+0x55/0xb0 [ 387.326305][T19822] ? clear_bhb_loop+0x55/0xb0 [ 387.331040][T19822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 387.337048][T19822] RIP: 0033:0x7f225015def9 [ 387.341472][T19822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 387.361110][T19822] RSP: 002b:00007f224edd1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 387.369531][T19822] RAX: ffffffffffffffda RBX: 00007f2250315f80 RCX: 00007f225015def9 [ 387.377552][T19822] RDX: 0000000000000000 RSI: 0000000000006609 RDI: 0000000000000006 [ 387.385549][T19822] RBP: 00007f224edd1090 R08: 0000000000000000 R09: 0000000000000000 [ 387.393527][T19822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 387.401592][T19822] R13: 0000000000000000 R14: 00007f2250315f80 R15: 00007ffdb6076c18 [ 387.409662][T19822] [ 387.418362][T19838] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5484'. [ 387.437057][T19838] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5484'. [ 387.461131][T15136] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 387.473496][T19847] FAULT_INJECTION: forcing a failure. [ 387.473496][T19847] name failslab, interval 1, probability 0, space 0, times 0 [ 387.486250][T19847] CPU: 0 UID: 0 PID: 19847 Comm: syz.1.5488 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 387.492563][T19838] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5484'. [ 387.498174][T19847] Tainted: [W]=WARN [ 387.498185][T19847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 387.521060][T19847] Call Trace: [ 387.524410][T19847] [ 387.527400][T19847] dump_stack_lvl+0xf2/0x150 [ 387.532033][T19847] dump_stack+0x15/0x20 [ 387.536193][T19847] should_fail_ex+0x223/0x230 [ 387.540972][T19847] ? bpf_test_init+0xc7/0x170 [ 387.545669][T19847] should_failslab+0x8f/0xb0 [ 387.550276][T19847] __kmalloc_noprof+0xa5/0x370 [ 387.555132][T19847] bpf_test_init+0xc7/0x170 [ 387.559653][T19847] bpf_prog_test_run_xdp+0x321/0x8b0 [ 387.564971][T19847] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 387.570875][T19847] bpf_prog_test_run+0x261/0x3d0 [ 387.575891][T19847] __sys_bpf+0x400/0x7a0 [ 387.580199][T19847] __x64_sys_bpf+0x43/0x50 [ 387.584662][T19847] x64_sys_call+0x2625/0x2d60 [ 387.589409][T19847] do_syscall_64+0xc9/0x1c0 [ 387.593955][T19847] ? clear_bhb_loop+0x55/0xb0 [ 387.598656][T19847] ? clear_bhb_loop+0x55/0xb0 [ 387.603340][T19847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 387.609288][T19847] RIP: 0033:0x7f5ade78def9 [ 387.613757][T19847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 387.633543][T19847] RSP: 002b:00007f5add407038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 387.642061][T19847] RAX: ffffffffffffffda RBX: 00007f5ade945f80 RCX: 00007f5ade78def9 [ 387.650181][T19847] RDX: 0000000000000050 RSI: 0000000020000600 RDI: 000000000000000a [ 387.658163][T19847] RBP: 00007f5add407090 R08: 0000000000000000 R09: 0000000000000000 [ 387.666319][T19847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 387.674307][T19847] R13: 0000000000000000 R14: 00007f5ade945f80 R15: 00007ffd6678a998 [ 387.682292][T19847] [ 387.735185][T19859] loop4: detected capacity change from 0 to 1024 [ 387.742244][T19857] FAULT_INJECTION: forcing a failure. [ 387.742244][T19857] name failslab, interval 1, probability 0, space 0, times 0 [ 387.754964][T19857] CPU: 0 UID: 0 PID: 19857 Comm: syz.3.5491 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 387.766913][T19857] Tainted: [W]=WARN [ 387.770731][T19857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 387.780911][T19857] Call Trace: [ 387.784198][T19857] [ 387.787146][T19857] dump_stack_lvl+0xf2/0x150 [ 387.791767][T19857] dump_stack+0x15/0x20 [ 387.796031][T19857] should_fail_ex+0x223/0x230 [ 387.800741][T19857] ? __inet_hash_connect+0x5f5/0x1170 [ 387.806165][T19857] should_failslab+0x8f/0xb0 [ 387.810849][T19857] kmem_cache_alloc_noprof+0x4c/0x290 [ 387.816274][T19857] ? __inet_hash_connect+0x1109/0x1170 [ 387.821873][T19857] __inet_hash_connect+0x5f5/0x1170 [ 387.827191][T19857] ? __pfx___inet6_check_established+0x10/0x10 [ 387.833438][T19857] ? secure_ipv6_port_ephemeral+0xa4/0x130 [ 387.839352][T19857] inet6_hash_connect+0x72/0x80 [ 387.844261][T19857] tcp_v6_connect+0x9b0/0xc60 [ 387.849025][T19857] __inet_stream_connect+0x162/0x790 [ 387.854342][T19857] ? _raw_spin_unlock_bh+0x36/0x40 [ 387.859476][T19857] ? release_sock+0x117/0x150 [ 387.864272][T19857] ? _raw_spin_unlock_bh+0x36/0x40 [ 387.869442][T19857] ? lock_sock_nested+0x10f/0x140 [ 387.874501][T19857] ? selinux_netlbl_socket_connect+0x113/0x130 [ 387.880718][T19857] inet_stream_connect+0x48/0x70 [ 387.885750][T19857] ? __pfx_inet_stream_connect+0x10/0x10 [ 387.891414][T19857] __sys_connect+0x19d/0x1b0 [ 387.896048][T19857] __x64_sys_connect+0x41/0x50 [ 387.900919][T19857] x64_sys_call+0x2220/0x2d60 [ 387.905637][T19857] do_syscall_64+0xc9/0x1c0 [ 387.910207][T19857] ? clear_bhb_loop+0x55/0xb0 [ 387.914945][T19857] ? clear_bhb_loop+0x55/0xb0 [ 387.919638][T19857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 387.925677][T19857] RIP: 0033:0x7f225015def9 [ 387.930102][T19857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 387.949751][T19857] RSP: 002b:00007f224edd1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 387.958171][T19857] RAX: ffffffffffffffda RBX: 00007f2250315f80 RCX: 00007f225015def9 [ 387.966151][T19857] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000006 [ 387.974130][T19857] RBP: 00007f224edd1090 R08: 0000000000000000 R09: 0000000000000000 [ 387.982159][T19857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 387.990197][T19857] R13: 0000000000000000 R14: 00007f2250315f80 R15: 00007ffdb6076c18 [ 387.998177][T19857] [ 388.032894][T19859] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 388.152478][T19872] loop0: detected capacity change from 0 to 8192 [ 388.174891][T18679] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.239090][T19888] loop4: detected capacity change from 0 to 128 [ 388.318173][T19903] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 388.328069][T19903] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 388.368640][T19914] loop1: detected capacity change from 0 to 128 [ 388.393070][T19912] loop0: detected capacity change from 0 to 8192 [ 389.496172][T19985] loop0: detected capacity change from 0 to 128 [ 389.966311][T19998] loop2: detected capacity change from 0 to 764 [ 389.973750][T19998] rock: directory entry would overflow storage [ 389.980183][T19998] rock: sig=0x4654, size=5, remaining=4 [ 389.990455][T19998] syz.2.5544[19998] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 389.990617][T19998] syz.2.5544[19998] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 390.064936][T20002] loop2: detected capacity change from 0 to 8192 [ 390.139642][T20004] loop2: detected capacity change from 0 to 8192 [ 390.180406][ T29] kauditd_printk_skb: 185 callbacks suppressed [ 390.180420][ T29] audit: type=1326 audit(1726981287.855:36184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20007 comm="syz.3.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 390.210476][ T29] audit: type=1326 audit(1726981287.855:36185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20007 comm="syz.3.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 390.234130][ T29] audit: type=1326 audit(1726981287.855:36186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20007 comm="syz.3.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 390.257942][ T29] audit: type=1326 audit(1726981287.865:36187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20007 comm="syz.3.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 390.281655][ T29] audit: type=1326 audit(1726981287.865:36188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20007 comm="syz.3.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 390.290898][T20011] lo speed is unknown, defaulting to 1000 [ 390.305262][ T29] audit: type=1326 audit(1726981287.865:36189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20007 comm="syz.3.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 390.311468][T20011] gre0 speed is unknown, defaulting to 1000 [ 390.334597][ T29] audit: type=1326 audit(1726981287.865:36190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20007 comm="syz.3.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 390.334631][ T29] audit: type=1326 audit(1726981287.865:36191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20007 comm="syz.3.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 390.334662][ T29] audit: type=1326 audit(1726981287.865:36192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20007 comm="syz.3.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 390.411448][ T29] audit: type=1326 audit(1726981287.865:36193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20007 comm="syz.3.5549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 390.456729][T20016] loop1: detected capacity change from 0 to 764 [ 390.465315][T20016] rock: directory entry would overflow storage [ 390.471551][T20016] rock: sig=0x4654, size=5, remaining=4 [ 390.600537][T20016] syz.1.5552[20016] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 390.600620][T20016] syz.1.5552[20016] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 390.618201][T20023] loop4: detected capacity change from 0 to 128 [ 390.647831][T20022] loop2: detected capacity change from 0 to 512 [ 390.684538][T20022] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 390.695440][T20022] EXT4-fs (loop2): invalid journal inode [ 390.701591][T20022] EXT4-fs (loop2): can't get journal size [ 390.728592][T20030] lo speed is unknown, defaulting to 1000 [ 390.735025][T20030] gre0 speed is unknown, defaulting to 1000 [ 390.926592][T20023] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5554'. [ 390.935815][T20023] netlink: 204 bytes leftover after parsing attributes in process `syz.4.5554'. [ 390.955426][T20022] EXT4-fs (loop2): 1 truncate cleaned up [ 390.998893][T20022] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 391.065027][T20023] netlink: 64 bytes leftover after parsing attributes in process `syz.4.5554'. [ 391.068766][T20032] loop1: detected capacity change from 0 to 8192 [ 391.086517][T20037] lo speed is unknown, defaulting to 1000 [ 391.092593][T20037] gre0 speed is unknown, defaulting to 1000 [ 391.143166][T20040] 9pnet_fd: Insufficient options for proto=fd [ 391.376192][T20050] loop4: detected capacity change from 0 to 128 [ 391.465002][T20061] loop0: detected capacity change from 0 to 128 [ 391.472234][T20061] msdos: Unknown parameter '017777777777777777777770x0000000000000000' [ 391.493354][T15043] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.493814][T20061] loop0: detected capacity change from 0 to 512 [ 391.558924][T20061] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 391.577009][T20066] loop4: detected capacity change from 0 to 8192 [ 391.621339][T20061] EXT4-fs (loop0): 1 orphan inode deleted [ 391.627255][T20061] EXT4-fs (loop0): 1 truncate cleaned up [ 391.642445][T20061] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 391.654111][T20073] loop4: detected capacity change from 0 to 128 [ 391.658982][T20075] FAULT_INJECTION: forcing a failure. [ 391.658982][T20075] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 391.665291][T20073] vfat: Unknown parameter 'ÿÿ18446744073709551615' [ 391.673862][T20075] CPU: 1 UID: 0 PID: 20075 Comm: syz.2.5572 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 391.692358][T20075] Tainted: [W]=WARN [ 391.696184][T20075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 391.706407][T20075] Call Trace: [ 391.709722][T20075] [ 391.712710][T20075] dump_stack_lvl+0xf2/0x150 [ 391.717339][T20075] dump_stack+0x15/0x20 [ 391.721573][T20075] should_fail_ex+0x223/0x230 [ 391.726288][T20075] should_fail+0xb/0x10 [ 391.730526][T20075] should_fail_usercopy+0x1a/0x20 [ 391.735664][T20075] _copy_from_user+0x1e/0xd0 [ 391.737811][T20076] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, [ 391.740353][T20075] copy_msghdr_from_user+0x54/0x2a0 [ 391.740397][T20075] __sys_sendmsg+0x171/0x270 [ 391.740444][T20075] __x64_sys_sendmsg+0x46/0x50 [ 391.748669][T20076] block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 391.753829][T20075] x64_sys_call+0x2689/0x2d60 [ 391.753865][T20075] do_syscall_64+0xc9/0x1c0 [ 391.760486][T20076] EXT4-fs (loop0): Remounting filesystem read-only [ 391.763199][T20075] ? clear_bhb_loop+0x55/0xb0 [ 391.792035][T20075] ? clear_bhb_loop+0x55/0xb0 [ 391.796755][T20075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.802764][T20075] RIP: 0033:0x7fd1df83def9 [ 391.807245][T20075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.827201][T20075] RSP: 002b:00007fd1de4b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 391.827229][T20075] RAX: ffffffffffffffda RBX: 00007fd1df9f5f80 RCX: 00007fd1df83def9 [ 391.827245][T20075] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 000000000000000a [ 391.851668][T20075] RBP: 00007fd1de4b1090 R08: 0000000000000000 R09: 0000000000000000 [ 391.859686][T20075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 391.867708][T20075] R13: 0000000000000000 R14: 00007fd1df9f5f80 R15: 00007ffe3768dde8 [ 391.875719][T20075] [ 392.090196][T13427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.290470][T20088] loop4: detected capacity change from 0 to 8192 [ 392.406863][T20103] loop3: detected capacity change from 0 to 128 [ 392.439611][T20107] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5581'. [ 392.582887][T20122] loop2: detected capacity change from 0 to 128 [ 393.297490][T20138] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5592'. [ 393.376865][T20135] loop1: detected capacity change from 0 to 8192 [ 393.473668][T20153] loop1: detected capacity change from 0 to 128 [ 393.622258][T20161] lo speed is unknown, defaulting to 1000 [ 393.628271][T20161] gre0 speed is unknown, defaulting to 1000 [ 393.737413][T20176] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5606'. [ 393.761869][T20178] loop2: detected capacity change from 0 to 512 [ 393.769349][T20178] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent [ 393.836194][T20180] loop2: detected capacity change from 0 to 8192 [ 394.432579][T20196] FAULT_INJECTION: forcing a failure. [ 394.432579][T20196] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 394.445721][T20196] CPU: 0 UID: 0 PID: 20196 Comm: syz.3.5615 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 394.457683][T20196] Tainted: [W]=WARN [ 394.461496][T20196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 394.471577][T20196] Call Trace: [ 394.474873][T20196] [ 394.477816][T20196] dump_stack_lvl+0xf2/0x150 [ 394.482441][T20196] dump_stack+0x15/0x20 [ 394.486645][T20196] should_fail_ex+0x223/0x230 [ 394.491347][T20196] should_fail+0xb/0x10 [ 394.495542][T20196] should_fail_usercopy+0x1a/0x20 [ 394.500605][T20196] _copy_from_user+0x1e/0xd0 [ 394.505248][T20196] do_sys_poll+0x16b/0xc10 [ 394.509784][T20196] ? avc_has_perm_noaudit+0x1cc/0x210 [ 394.515207][T20196] ? get_timespec64+0x111/0x140 [ 394.520085][T20196] ? set_user_sigmask+0x83/0x190 [ 394.525145][T20196] __se_sys_ppoll+0x1af/0x1f0 [ 394.529848][T20196] __x64_sys_ppoll+0x67/0x80 [ 394.534493][T20196] x64_sys_call+0xe71/0x2d60 [ 394.539162][T20196] do_syscall_64+0xc9/0x1c0 [ 394.543689][T20196] ? clear_bhb_loop+0x55/0xb0 [ 394.548425][T20196] ? clear_bhb_loop+0x55/0xb0 [ 394.553117][T20196] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.559036][T20196] RIP: 0033:0x7f225015def9 [ 394.563549][T20196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.583173][T20196] RSP: 002b:00007f224edd1038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 394.591650][T20196] RAX: ffffffffffffffda RBX: 00007f2250315f80 RCX: 00007f225015def9 [ 394.599718][T20196] RDX: 0000000020000080 RSI: 0000000000000001 RDI: 0000000020000240 [ 394.607725][T20196] RBP: 00007f224edd1090 R08: 0000000000000000 R09: 0000000000000000 [ 394.615703][T20196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 394.623787][T20196] R13: 0000000000000000 R14: 00007f2250315f80 R15: 00007ffdb6076c18 [ 394.631770][T20196] [ 394.655025][T20200] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5617'. [ 394.762203][T20204] loop3: detected capacity change from 0 to 8192 [ 394.777039][T20214] loop2: detected capacity change from 0 to 128 [ 394.806102][T20215] loop1: detected capacity change from 0 to 164 [ 394.830630][T20215] SELinux: policydb string SE Linu does not match my string SE Linux [ 394.860058][T20218] lo speed is unknown, defaulting to 1000 [ 394.866607][T20218] gre0 speed is unknown, defaulting to 1000 [ 394.951619][T20215] SELinux: failed to load policy [ 395.300969][T20222] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5625'. [ 395.345686][T20233] netlink: 'syz.2.5627': attribute type 29 has an invalid length. [ 395.367620][T20231] netlink: 'syz.2.5627': attribute type 29 has an invalid length. [ 395.455681][ T29] kauditd_printk_skb: 197 callbacks suppressed [ 395.455712][ T29] audit: type=1107 audit(1726981293.125:36391): pid=20241 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='¯ÿ' [ 395.548030][T20250] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5634'. [ 395.625560][T20255] lo speed is unknown, defaulting to 1000 [ 395.632276][T20255] gre0 speed is unknown, defaulting to 1000 [ 395.856229][T20258] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5638'. [ 395.865319][T20258] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 395.872775][T20258] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 395.943164][T20254] loop3: detected capacity change from 0 to 8192 [ 395.950148][T20258] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 395.958259][T20258] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 396.173904][T20272] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5639'. [ 396.206223][T20276] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 396.387900][T20292] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5648'. [ 396.470357][T20293] lo speed is unknown, defaulting to 1000 [ 396.476488][T20293] gre0 speed is unknown, defaulting to 1000 [ 396.546983][T20295] lo speed is unknown, defaulting to 1000 [ 396.553207][T20295] gre0 speed is unknown, defaulting to 1000 [ 397.142269][T20308] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5649'. [ 397.282523][T20314] loop1: detected capacity change from 0 to 128 [ 397.438079][ T29] audit: type=1326 audit(1726981295.065:36392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20321 comm="syz.0.5653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a23dadef9 code=0x7ffc0000 [ 397.461993][ T29] audit: type=1326 audit(1726981295.065:36393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20321 comm="syz.0.5653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a23dadef9 code=0x7ffc0000 [ 397.485608][ T29] audit: type=1326 audit(1726981295.075:36394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20321 comm="syz.0.5653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f8a23dadef9 code=0x7ffc0000 [ 397.509419][ T29] audit: type=1326 audit(1726981295.075:36395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20321 comm="syz.0.5653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a23dadef9 code=0x7ffc0000 [ 397.533172][ T29] audit: type=1326 audit(1726981295.075:36396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20321 comm="syz.0.5653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a23dadef9 code=0x7ffc0000 [ 397.556859][ T29] audit: type=1326 audit(1726981295.075:36397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20321 comm="syz.0.5653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a23dadef9 code=0x7ffc0000 [ 397.580641][ T29] audit: type=1326 audit(1726981295.075:36398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20321 comm="syz.0.5653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a23dadef9 code=0x7ffc0000 [ 397.604255][ T29] audit: type=1326 audit(1726981295.075:36399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20321 comm="syz.0.5653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a23dadef9 code=0x7ffc0000 [ 397.627900][ T29] audit: type=1326 audit(1726981295.075:36400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20321 comm="syz.0.5653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8a23dadef9 code=0x7ffc0000 [ 397.687582][T20325] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5655'. [ 397.932065][T20333] loop3: detected capacity change from 0 to 8192 [ 397.960989][T20339] loop4: detected capacity change from 0 to 128 [ 398.063283][T20344] lo speed is unknown, defaulting to 1000 [ 398.069819][T20344] gre0 speed is unknown, defaulting to 1000 [ 398.497413][T20353] lo speed is unknown, defaulting to 1000 [ 398.503736][T20353] gre0 speed is unknown, defaulting to 1000 [ 398.817505][T20357] loop0: detected capacity change from 0 to 512 [ 398.825357][T20357] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 398.835596][T20357] EXT4-fs (loop0): invalid journal inode [ 398.848512][T20357] EXT4-fs (loop0): can't get journal size [ 398.861846][T20357] EXT4-fs (loop0): 1 truncate cleaned up [ 398.873054][T20357] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 398.996946][T13427] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.024973][T20376] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5671'. [ 399.160944][T20389] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5675'. [ 399.282593][T20396] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5679'. [ 399.327825][T20399] lo speed is unknown, defaulting to 1000 [ 399.336315][T20399] gre0 speed is unknown, defaulting to 1000 [ 399.461483][T20414] loop2: detected capacity change from 0 to 512 [ 399.473144][T20414] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 399.491707][T20414] EXT4-fs (loop2): invalid journal inode [ 399.493791][T20417] loop1: detected capacity change from 0 to 512 [ 399.503932][T20414] EXT4-fs (loop2): can't get journal size [ 399.510632][T20417] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 399.519531][T20416] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5685'. [ 399.530447][T20414] EXT4-fs (loop2): 1 truncate cleaned up [ 399.536565][T20414] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 399.537455][T20417] EXT4-fs (loop1): orphan cleanup on readonly fs [ 399.566601][T20417] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.5680: bg 0: block 248: padding at end of block bitmap is not set [ 399.587086][T20417] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.5680: Failed to acquire dquot type 1 [ 399.587814][T20422] loop0: detected capacity change from 0 to 128 [ 399.600676][T20417] EXT4-fs (loop1): 1 truncate cleaned up [ 399.623125][T20422] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5686'. [ 399.632182][T20422] netlink: 204 bytes leftover after parsing attributes in process `syz.0.5686'. [ 399.651590][T20417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 399.652419][T15043] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.710446][T20422] lo speed is unknown, defaulting to 1000 [ 399.721271][T20422] gre0 speed is unknown, defaulting to 1000 [ 399.996770][T20430] lo speed is unknown, defaulting to 1000 [ 400.003545][T20430] gre0 speed is unknown, defaulting to 1000 [ 400.198774][T16463] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 400.550347][ T29] kauditd_printk_skb: 135 callbacks suppressed [ 400.550443][ T29] audit: type=1326 audit(1726981298.225:36534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20441 comm="syz.2.5693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 400.552692][T20452] loop3: detected capacity change from 0 to 128 [ 400.557752][ T29] audit: type=1326 audit(1726981298.225:36535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20441 comm="syz.2.5693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 400.610225][ T29] audit: type=1326 audit(1726981298.225:36536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20441 comm="syz.2.5693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 400.633817][ T29] audit: type=1326 audit(1726981298.225:36537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20441 comm="syz.2.5693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 400.657433][ T29] audit: type=1326 audit(1726981298.225:36538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20441 comm="syz.2.5693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 400.681172][ T29] audit: type=1326 audit(1726981298.225:36539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20441 comm="syz.2.5693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 400.705260][ T29] audit: type=1326 audit(1726981298.255:36540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20441 comm="syz.2.5693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 400.728958][ T29] audit: type=1326 audit(1726981298.255:36541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20441 comm="syz.2.5693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 400.752639][ T29] audit: type=1326 audit(1726981298.255:36542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20441 comm="syz.2.5693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1df83def9 code=0x7ffc0000 [ 400.783521][T20461] loop4: detected capacity change from 0 to 764 [ 400.794876][T20463] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 400.807742][T20461] rock: directory entry would overflow storage [ 400.813964][T20461] rock: sig=0x4654, size=5, remaining=4 [ 400.827090][T20467] loop2: detected capacity change from 0 to 128 [ 400.836208][T20461] syz.4.5700[20461] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 400.854202][ T29] audit: type=1326 audit(1726981298.525:36543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20468 comm="syz.4.5704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f576210def9 code=0x7ffc0000 [ 400.980286][T20483] loop2: detected capacity change from 0 to 8192 [ 401.227207][T20493] lo speed is unknown, defaulting to 1000 [ 401.233689][T20493] gre0 speed is unknown, defaulting to 1000 [ 401.515007][T20501] __nla_validate_parse: 4 callbacks suppressed [ 401.515029][T20501] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5713'. [ 402.180430][T20516] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5721'. [ 402.189497][T20516] netlink: 204 bytes leftover after parsing attributes in process `syz.0.5721'. [ 402.198928][T20516] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5721'. [ 402.222245][T20516] lo speed is unknown, defaulting to 1000 [ 402.228389][T20516] gre0 speed is unknown, defaulting to 1000 [ 402.297902][T20525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5725'. [ 402.534928][T20540] lo speed is unknown, defaulting to 1000 [ 402.541542][T20540] gre0 speed is unknown, defaulting to 1000 [ 403.143878][T20568] loop1: detected capacity change from 0 to 128 [ 403.150757][T20568] vfat: Unknown parameter 'ÿÿ18446744073709551615' [ 403.151956][T20561] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5733'. [ 403.434253][T20588] loop1: detected capacity change from 0 to 512 [ 403.442889][T20588] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 403.453444][T20592] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5739'. [ 403.466678][T20588] EXT4-fs (loop1): invalid journal inode [ 403.473012][T20588] EXT4-fs (loop1): can't get journal size [ 403.482000][T20588] EXT4-fs (loop1): 1 truncate cleaned up [ 403.489664][T20588] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 403.782288][T16463] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.870916][T20605] lo speed is unknown, defaulting to 1000 [ 403.877282][T20605] gre0 speed is unknown, defaulting to 1000 [ 405.387400][T20628] syz.0.5755[20628] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 405.387458][T20628] syz.0.5755[20628] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 405.405841][T20620] lo speed is unknown, defaulting to 1000 [ 405.423485][T20619] lo speed is unknown, defaulting to 1000 [ 405.423691][T20620] gre0 speed is unknown, defaulting to 1000 [ 405.463872][T20619] gre0 speed is unknown, defaulting to 1000 [ 405.574690][ T29] kauditd_printk_skb: 99 callbacks suppressed [ 405.574710][ T29] audit: type=1326 audit(1726981303.215:36643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20634 comm="syz.3.5757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 405.604431][ T29] audit: type=1326 audit(1726981303.215:36644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20634 comm="syz.3.5757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 405.628054][ T29] audit: type=1326 audit(1726981303.215:36645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20634 comm="syz.3.5757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 405.651712][ T29] audit: type=1326 audit(1726981303.215:36646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20634 comm="syz.3.5757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 405.675411][ T29] audit: type=1326 audit(1726981303.235:36647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20634 comm="syz.3.5757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 405.699167][ T29] audit: type=1326 audit(1726981303.235:36648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20634 comm="syz.3.5757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 405.722826][ T29] audit: type=1326 audit(1726981303.235:36649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20634 comm="syz.3.5757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 405.746413][ T29] audit: type=1326 audit(1726981303.235:36650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20634 comm="syz.3.5757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 405.770237][ T29] audit: type=1326 audit(1726981303.235:36651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20634 comm="syz.3.5757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 405.793940][ T29] audit: type=1326 audit(1726981303.235:36652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20634 comm="syz.3.5757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f225015def9 code=0x7ffc0000 [ 405.885153][T20641] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5752'. [ 405.898581][T20647] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 406.081713][T20664] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5761'. [ 406.352705][T20675] program syz.4.5771 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 406.376152][T20675] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 406.387330][T20675] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5771'. [ 406.478769][T20684] loop3: detected capacity change from 0 to 128 [ 406.509792][T20686] loop4: detected capacity change from 0 to 128 [ 406.660765][T20708] __nla_validate_parse: 3 callbacks suppressed [ 406.660853][T20708] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5786'. [ 406.683782][T20711] loop4: detected capacity change from 0 to 8192 [ 406.774557][T20727] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5794'. [ 406.783676][T20727] netlink: 204 bytes leftover after parsing attributes in process `syz.0.5794'. [ 406.793487][T20727] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5794'. [ 406.892057][T20738] ================================================================== [ 406.900189][T20738] BUG: KCSAN: data-race in __sys_connect / fasync_insert_entry [ 406.907766][T20738] [ 406.910099][T20738] read-write to 0xffff88811f382e70 of 4 bytes by task 20740 on cpu 1: [ 406.918261][T20738] fasync_insert_entry+0x124/0x150 [ 406.923384][T20738] fasync_helper+0x5d/0xc0 [ 406.927814][T20738] sock_fasync+0x5a/0xc0 [ 406.932067][T20738] do_fcntl+0xb8d/0xd70 [ 406.936231][T20738] __se_sys_fcntl+0xbf/0x1b0 [ 406.940831][T20738] __x64_sys_fcntl+0x43/0x50 [ 406.945432][T20738] x64_sys_call+0x209e/0x2d60 [ 406.950123][T20738] do_syscall_64+0xc9/0x1c0 [ 406.954633][T20738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.960545][T20738] [ 406.962866][T20738] read to 0xffff88811f382e70 of 4 bytes by task 20738 on cpu 0: [ 406.970497][T20738] __sys_connect+0x18b/0x1b0 [ 406.975106][T20738] __x64_sys_connect+0x41/0x50 [ 406.979891][T20738] x64_sys_call+0x2220/0x2d60 [ 406.984577][T20738] do_syscall_64+0xc9/0x1c0 [ 406.989092][T20738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.995089][T20738] [ 406.997410][T20738] value changed: 0x00000002 -> 0x00042002 [ 407.003129][T20738] [ 407.005453][T20738] Reported by Kernel Concurrency Sanitizer on: [ 407.011637][T20738] CPU: 0 UID: 0 PID: 20738 Comm: syz.4.5798 Tainted: G W 6.11.0-syzkaller-07983-g7856a565416e #0 [ 407.023541][T20738] Tainted: [W]=WARN [ 407.027344][T20738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 407.037411][T20738] ==================================================================