last executing test programs: 2.532158702s ago: executing program 4 (id=1561): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000001200), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fedbdf2501000000000000000b0000000014001462726f6164636e225ae7e26173742d6c"], 0x30}, 0x1, 0x0, 0x0, 0x4000851}, 0x880) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e0000008500000007000000"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x54, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x48480, 0x0) getsockname$packet(0xffffffffffffffff, 0x0, 0x0) preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) socket$inet_tcp(0x2, 0x1, 0x0) connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800002000000000fb120ea9b1794b8200000000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000090000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r9 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSKBSENT(r9, 0x4b49, &(0x7f00000001c0)={0x0, "1e0a9ef1b1aeacf74a337453ae6e30382e05a4a217e2fbee5e4e4a4c7036d03d219c42b051d6c54bf5c75140ded26fb5fc4c3f5268409930693b305b4aebbb0c7426312e5b56d39b88c6636f440d6b9188995a9f6933a2f88cc8fdd4f5c13c3121cd95dcbadde86702a428487028eca161abfd6122ef54da3b04b49d09c9bbdc91cd4f8fa4e77a49aedcdc84a3d53741c76f98279f2f9111b4a574c76c12e5f12b6e0dfe78f91f4d76c1bec142a52d820f5473a5981ef1bd6e69a18d48cd4e24bf401b96610111f2fc6411e2d6b6251216f5a239be518896769455d482a780c9c4c47b400b45e6b11cd9ccf79a15bf7cc1cd31f04741303d9ecf7e55be5598dea868d33fe294caa0cbb6c80d6c5e06a832b17f9a8092d8f521c94f1efaee9cd51cf614dbc8e0c34a45f03b94888cd423f6d59f78594808cf240fdc5fc8e319781782e10537c62150f4fed49fb759453150405aab2c66576b165367db08d3ae4d75f201e1a86723fe3bbc9c48392e24d0f9d92b812d973663e628fcbbf0d12c7a2630a5b9cd16d1048fbcb5f578b681feae52f559ed3744cb2f4fba41c523def9876117baab5a33e687269e9440a5ee07ecb0c0ca6445ed81348c69f7de4b5ba51f8e24719e27411a750e9ba69c1961b53514f6343f81b0077c305602b01d3d0d14cc589c2f1a64280b2ab124c38665637474c0ddb9fd01fafbc0b2b00f0a1ff2"}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r8}, 0x10) r10 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r10}, &(0x7f0000000000)) r11 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0) readv(r11, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) 2.0698054s ago: executing program 2 (id=1568): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)="d8000000180081064e81f782db4cb904021d0800fe02fe02e8fe50a10a000700250000000c600e41b0000900ac00080325000000160015000a00ff150048035c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x0) 1.939216959s ago: executing program 2 (id=1571): r0 = epoll_create1(0x0) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_tracing={0x1a, 0xf, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@jmp={0x5, 0x1, 0x1, 0xb, 0x5, 0xfffffffffffffcf0, 0x4}, @map_fd={0x18, 0x1}, @printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @alu={0x7, 0x0, 0x6, 0x5, 0x3, 0x30, 0xfffffffffffffff0}]}, &(0x7f0000000200)='GPL\x00', 0x200, 0x2, &(0x7f0000000400)=""/2, 0x1f00, 0x8, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000440)={0x3, 0x8, 0xa01, 0xffffff7f}, 0x10, 0x1de40, 0xffffffffffffffff, 0x0, &(0x7f0000000480)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1], 0x0, 0x10, 0xff, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x14, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000010000000000000000000400791202000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f00000000c0)={0x5000001a}) preadv(r2, &(0x7f0000000040)=[{&(0x7f0000000100)=""/115, 0x73}], 0x1, 0x80000001, 0x80000000) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xbc) syz_emit_ethernet(0x32, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @local, @private=0xa010101}, {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 1.558084667s ago: executing program 2 (id=1578): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000079111800000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e0c01d50bc3347475750472719cc516fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cd93263ff755d611c4cca1684b14708f6a83366aa430ad2d700b186da622d6fba700000000000000000000000002000000000000f2badf98"], &(0x7f00000001c0)='syzkaller\x00', 0x2, 0xd1, &(0x7f0000000000)=""/209, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7538e475dd6317ce6203c23c00fe80000000010000875a65969ff50be800040000000000001e04"], 0xfe1b) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x800000, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="840200000000000018100000", @ANYRES32, @ANYBLOB="0000000000000000950000000000000045"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)) 1.522090747s ago: executing program 2 (id=1579): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15) r1 = dup(0xffffffffffffffff) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0) r2 = socket(0xa, 0x2400000001, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) connect$phonet_pipe(r1, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x34, r6, 0x1, 0x0, 0x0, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0) 1.320555856s ago: executing program 4 (id=1582): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0a00000004000000f17127098b45a789aa00eeffa80b273836b43a21c9f9383da594d644b536ff8ba527b33cb377661ea4b26908f24f81e48c926acba2d727a019099badd92add832810ca9ef540c87e669cb77564c3962929ce38e203e8038fbe1c85f9e5e400ddf5dc807769bec516f04d031b400ae4c143cf5fd43e4b45652c803ad82166dc86bd43bfad127547317c2f1c363ee8d72e4f68b1b0d06fc45d5baebc5f3904041c88819aab", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) bpf$MAP_CREATE(0x0, 0x0, 0xa3) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[@ANYBLOB="00694ba7e2ae8959c3a1a1006a809454d1b9e49ca9bcfc4fc4988c654d24bf47f27cf5182a66907790f63da0382e7e8b6fa7bc01215b438ad0a0c54300383d371f98a51969e94000800000d1a09c066c83c90eb1659f642d9740b323fc7da8f03a2e547ee2dd62af8c0b51da0e3b75a1ccf23bb04d83fa977502819dcc5fbe622c4c35880cfe115f8743ddf5255ed6532d8ce9391e704bb6c64bf7bd3c353b218ccf99b00749bc4d22cdc096d92b7e3f7731bfbfc5af583df7f136a59dade8dafa14bcefad343a259d07d5b6e7152b1031acbba628c1f5310e53cd87b92c6be007f8aa026ce147dfd51281dba68af9b738f0a097f69b277ef9a9bd369a107367e5ed6f27bd9ef071148bc60b4845accf826763066baf9b092754602e7fe53fbd347a39262850be890a0300863518f5cd8e1d6d388c66123eac43a65f0b3a585c80576666c4ee5d579c349d415741bd3de7fd5af2fa9b50f63bbd192fa1ee4eb9d2eb2b4afffa5dd5a32f292bffcecbcc18071375b13aa12b581b2b23e80fb7a1eca9816df0137b589441fca8b569993caed53c6d9deae218"], 0x1, 0x253, &(0x7f00000004c0)="$eJzs3c9LVFEUAOCjM/5qMxJBEEEDEbQaVGhvRIEkFckQRkhjjiGOCAlCLdRWQas2LVu6M4JatKv/IWjTJtpEy9y1CF/ok3HMMTVyJpzv27zDu+fcd++V956zmDt3T89MT8zOTa6ufo3u7rbIDt5fS5K26I32yERqKQCAo+RHksT3JNXssQAAjeH9DwCtZ6/3f0d6uNHgYQEAh+jvP/8/H333uVQevLCP1KSrGn4aO/gYAYB/a2T09tW19+d6huLNs4iZJ/PF+WJ6TNsvTsZUVKIcfZGLnxFJVRpfGRq+3Jdf1xNRnFncrF+cL2a21/dHLnojbl3bWd+fT22v74hjtfUDkYsT9a8/ULe+M86frakvRC4+3IvZqMTE+r8kNfUL/fn8pevDv9V3beTFcqapfx8AAAAAAAAAAAAAAAAAAAAAAI6mQr6qt97+PYXCbu1p/f73B9ran+fpRn02TmXjcXNnDwAAAAAAAAAAAAAAAAAAAP+HuYePpkuVSvlBNRi/OXV8+5m9grY6TZnN/g/ST8sE6wtziJc4ExGHPYvXK+WPy2N3Rpq/mA0M6q/qq6YPbPwPOe0RsRGcfDFYervw5dvOnFiquZez6X1bqqTHztqHRb7BDycAAAAAAAAAAAAAAAAAAGgxW18D3i0jaeyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAJtn7//8BBZ/XMSk/a2S7JaePLps4TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDW9isAAP//e+Wozg==") execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) 1.088537035s ago: executing program 1 (id=1588): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0) add_key$user(&(0x7f0000000000), &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffa) r1 = bpf$TOKEN_CREATE(0x24, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x7, 0x4, &(0x7f0000000340)=ANY=[@ANYRES8=r1], &(0x7f0000001b80)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x71, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x57, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x44080) io_setup(0x3ff, &(0x7f0000000500)=0x0) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) io_submit(r3, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r4, &(0x7f00000001c0)="891abdb65755365fd9ec3104f827b7f0d374", 0x12, 0x200000000004}]) r5 = socket$inet6(0xa, 0x2, 0x6) r6 = socket$key(0xf, 0x3, 0x2) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) dup3(r6, r5, 0x0) r7 = bpf$PROG_LOAD(0x5, 0x0, 0x2c) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10) r8 = gettid() r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0xc, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) read(0xffffffffffffffff, &(0x7f00000009c0)=""/215, 0xd7) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r9, 0x4040534e, &(0x7f0000000080)={0x335}) r10 = epoll_create(0x5) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r11}, 0x10) epoll_pwait2(r10, &(0x7f0000000140)=[{}], 0x1, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='ext4_fc_replay\x00'}, 0x18) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r9, 0xc05c5340, &(0x7f0000000040)) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r9, 0x80045300, 0x0) setrlimit(0x40000000000008, &(0x7f0000000000)) tkill(r8, 0x7) 982.025755ms ago: executing program 4 (id=1590): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000100)={0x0, "956df9d0bc20a7227d44faceaf81848a386633b9054587c3e42f16d37bf8ffd81568cc7218449c85bab6a84738b222a74f98686ef50c412514db84ba43587814", 0x2e}, 0x48, 0xfffffffffffffff8) ioctl$SG_SET_FORCE_PACK_ID(0xffffffffffffffff, 0x227b, 0x0) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000640)={'gre0\x00', &(0x7f00000005c0)={'syztnl1\x00', r2, 0x8, 0x10, 0x7, 0x8, {{0x6, 0x4, 0x1, 0x3c, 0x18, 0x65, 0x0, 0x0, 0x2f, 0x0, @private=0xa010101, @remote, {[@timestamp_addr={0x44, 0x4, 0xab, 0x1, 0xf}]}}}}}) bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x17, 0x9, &(0x7f0000000b40)=ANY=[@ANYBLOB="180000000400000000004f94a80fdf6b02ec7c26ec2a38990000f400181100000f6899f7ef870f92ea064ff24906d2053a88e47d2815ede50e3b0217ddbd513aefa2d220e4c37d152bb801e3bf7cf6a76ee5ef8da4d1c2c73011319cd5fb1bf8b8446a85e359197d3ce03ea1f4e38721e08e751be6ef7af90051c85f37cedba13952598b4c696a57d705ec84ff79141e908754603a40177e2bd57c8e38d784af9323cc796c33411c88537167323dabfee008ebb361c0d30c6891d2ad8c92816d8d6150f321c2811523", @ANYRES32, @ANYBLOB], &(0x7f0000000500)='syzkaller\x00', 0xd92, 0x0, &(0x7f0000000540), 0x0, 0x62, '\x00', r5, @fallback=0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000680)={0x0, 0x5, 0x5, 0x5}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, &(0x7f0000000a00)=[r3, r0], &(0x7f0000000a40)=[{0x0, 0x5, 0x0, 0x8}, {0x4, 0x2, 0x4, 0x3}], 0x10, 0x9, @void, @value}, 0x94) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r4) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, r2}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="0500000004000000990000000b00000000000000", @ANYRES32, @ANYBLOB="00000000000000180000000080000000e2000023cfc34e1d18846f06ca175a691e3f3e48d154ce1f5a467e0627046ed734385240ee6636d6e0d30bae4a036ffc7bce2fc50c07323306a5f44f689147035742b2b4ef9321ce80c0f6086991b83f581f1759636b2770d1cea99d88d35aacbe540d6f89ab5a08afdfcba968ea868e06344c899961b4a17390d06de513200c7001a63eb29d8c8bd6e46c5b3550d4ba0f144a3c88fe6104fa4bb93c4996a5e159b7bfec47a64081d660713d71a181086163c35d5853ae5ad114761454e622af8d5c52aa0ce77d5450a9ae3057ca802addb0d0739caa82fbf4e309f052fc3fba14fdba53ec18809559472dc6ddd92770d5556c00f6d277b9016ff7b01921c56170749ec89dfb649b3f08bae37f0dec025559066e908e000000000000000000", @ANYRES32, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000d40000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000bc000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000009000038008000240000000007c00038014000100626f6e64300000000000000000000000140001006970766c616e31000000000000000000140001006970766c616e300000000000000000001400010073697430000000000000fbffffffffffffff0100776c616e300000000000000000000000140001006772653000000000000000000000040008000140000000005c000000180a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003"], 0x4b0}, 0x1, 0x0, 0x0, 0x40844}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) syz_emit_ethernet(0xfdef, &(0x7f0000000080)=ANY=[], 0x0) 962.744644ms ago: executing program 4 (id=1593): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000040)={'ip_vti0\x00', 0x0, 0x7827, 0x7f00, 0x25b, 0x7f, {{0x18, 0x4, 0x2, 0x1, 0x60, 0x66, 0x0, 0x0, 0x2f, 0x0, @loopback, @private=0xa010101, {[@end, @noop, @end, @noop, @generic={0x88, 0xc, "7d6d1b67632a576fd232"}, @end, @rr={0x7, 0x17, 0xb0, [@rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x27}, @rand_addr=0x64010101, @broadcast, @remote]}, @cipso={0x86, 0x24, 0x3, [{0x7, 0xc, "3986ce7fa7c9cc64ac00"}, {0x2, 0xb, "8899b141af9820dcd3"}, {0x0, 0x7, "ab27a208fd"}]}]}}}}}) mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'interleave', '=relative'}}}]}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='GPL\x00', 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) creat(&(0x7f0000000040)='./file0\x00', 0x0) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x9, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x2, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0xd, 0x4, 0x4, 0x7, 0x0, r5, 0x0, '\x00', 0x0, r3, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@version_u}, {@cache_mmap}]}}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r8, 0x0, 0x4}, 0x18) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x737, 0x1ff}, 0x118280, 0x0, 0xfffffffe, 0x0, 0x3, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r10 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r10, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r10, 0x5437, 0x2) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pipe2(0x0, 0x0) ioperm(0x28000000000001, 0x8, 0x8000000000000001) r11 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='\x00', 0x88100) close(r11) 831.581424ms ago: executing program 1 (id=1595): openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0xfffffffffffffffd}, 0x25) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000004000000000000000000008500000036000000850000002a00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r6, r5, 0x25, 0x0, @val=@tracing}, 0x40) syz_emit_ethernet(0x112e, &(0x7f0000002080)=ANY=[], 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r10, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x54, r10, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r1, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0) 693.840023ms ago: executing program 3 (id=1598): syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT") r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) io_setup(0x1, &(0x7f0000000200)=0x0) io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000}]) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'bond_slave_1\x00', 0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000010, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002380)=@newtaction={0x88c, 0x30, 0xffff, 0x0, 0xfffffffe, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x205, 0x0, 0x0, 0x40, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x40000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x1, 0x0, 0x100, 0x3, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x20000, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x7ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f9ffbe5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x20000, 0x0, 0x0, 0x20001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbf3e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xdbcc, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x10000005, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x9d69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffff01, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x100000, 0x0, 0x7fff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0xe]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x5}, {0x6, 0x2, 0xfffc, 0x0, 0x0, 0xff}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x10) bind$packet(r2, &(0x7f0000000300)={0x11, 0x6, r3, 0x1, 0x1, 0x6, @remote}, 0x14) close(r2) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10) r9 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000200)=ANY=[@ANYBLOB="3801000010001307000000000000000000080000000000000000001d00000001fe88000000000000000000000000000100000000000062000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa0000000000000000000000000000000033000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000a0002002400000000000000480001006469676573745f6e756c6c00"/240], 0x138}, 0x1, 0x0, 0x0, 0x2800}, 0x0) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) r11 = syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=0x0) syz_io_uring_setup(0x470b, &(0x7f0000000340)={0x0, 0x22000000, 0x800, 0x40000000, 0x0, 0x0, r11}, &(0x7f00000003c0)=0x0, &(0x7f0000000300)) syz_io_uring_submit(r13, r12, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r11, 0x48e9, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='workqueue_queue_work\x00', r10}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r14 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$IPT_SO_SET_REPLACE(r14, 0x0, 0x40, &(0x7f00000003c0)=@nat={'nat\x00', 0x670, 0x2, 0x328, 0x140, 0xa8, 0xfeffffff, 0x140, 0x1e8, 0x290, 0x290, 0xffffffff, 0x290, 0x290, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x6800, {0x0, @multicast2, @rand_addr, @port, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x0, 0x7}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xa8}}, {{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @local}}}}, {{@ip={@multicast2, @multicast1, 0x0, 0x0, 'veth1_virt_wifi\x00', 'pim6reg0\x00'}, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @initdev={0xac, 0x1e, 0xfd, 0x0}, @multicast2, @port, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x388) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000000)) 687.448763ms ago: executing program 2 (id=1600): syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket$packet(0x11, 0x2, 0x300) syz_usb_connect(0x6, 0x429, &(0x7f0000000f80)={{0x12, 0x1, 0x310, 0x16, 0x72, 0x69, 0xff, 0x4855, 0x90, 0xb6ed, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x417, 0x3, 0xbb, 0x5, 0x30, 0x9, [{{0x9, 0x4, 0x30, 0x80, 0x0, 0xe7, 0x3a, 0xaf, 0xff, [@hid_hid={0x9, 0x21, 0x9, 0x6, 0x1, {0x22, 0xe06}}]}}, {{0x9, 0x4, 0x50, 0x5, 0x6, 0xff, 0xff, 0xff, 0xba, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x1}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x9, 0x4e8, 0x8}, {0x6, 0x24, 0x1a, 0x8, 0x1b}, [@network_terminal={0x7, 0x24, 0xa, 0x3, 0x2, 0x8, 0x3}, @mbim={0xc, 0x24, 0x1b, 0x2f1, 0x7c, 0x0, 0x8, 0x8, 0x1}, @mdlm={0x15, 0x24, 0x12, 0x6}, @mbim={0xc, 0x24, 0x1b, 0x86, 0x8, 0x80, 0x6, 0x10}]}, @cdc_ecm={{0x5}, {0x5, 0x24, 0x0, 0x4f91}, {0xd, 0x24, 0xf, 0x1, 0xfffffff8, 0x9, 0x4, 0x2}, [@network_terminal={0x7, 0x24, 0xa, 0x5, 0x2, 0x3, 0xc}, @dmm={0x7, 0x24, 0x14, 0x8, 0x2}, @mbim_extended={0x8, 0x24, 0x1c, 0x0, 0xed, 0x6}]}], [{{0x9, 0x5, 0xb, 0x10, 0x40, 0x0, 0x1, 0x2, [@generic={0x4d, 0xe7f6db7a86884efe, "defc3243b723e1a5f74f286c298988a5417da9613c8354c68c7b4fb24bd280194017e137e2fa002c37e25f2dae21f92fb5ea2a55df97a37f64ba91e9e556bb41a30c2e48d799c47d689d63"}, @generic={0x18, 0xb, "060ea51a93fba45d1ce54c19ee60a1562285cf153e6e"}]}}, {{0x9, 0x5, 0xb, 0x1, 0x8, 0x7, 0x10, 0x5, [@generic={0x49, 0x30, "624481a89b00c9a39a6159c985bc2b0976e0b6ba9494b0cc341717fe08347b6d55945027270d7cdc7326f0113a57550e0c252720dde20e00431905d75f180d7f2a0a705968f9fd"}, @generic={0xed, 0x30, "739db7a7348d43ee522e93812bf9a4ded992ae3163d79a788d50bb90c4347873c33be58a0d16f2e8630435232228dad50358e11d25a978c0fe8e997a4000f69a32fcf67482d8aade07fbfe03f672021a0b6fa4b09c1f0bb228f72b33b15556b2e924a26081949eadd27eb201ce2e74532855bdfc0a4fe3e16a663e412dc066105dfa7a284deca9210fc6a9386becce74851529e5533baca78d890b9134dc7bb40ef40c4debd87c25f8ce6b5f97793d8fd3ba9abddf904902834cc56e41a89c9291682d55b44a7544e58f3b7d07eebac250ebb28d8c347c8389991d789f38251f0f74f9f10792cf982855f9"}]}}, {{0x9, 0x5, 0x6, 0x0, 0x8, 0x7, 0x4, 0x2}}, {{0x9, 0x5, 0x9, 0x1, 0x10, 0x1, 0xd, 0x5, [@generic={0x55, 0x31, "dd30bee3ecfd1228b3fb8c1268d1caa40c7ada3b5806a20983076a99c18cd61eae6b68611011c2763d9bef9cb9dcc6958d7c0f47c213516d0a5cb61a63559a524862b0a37933ba2f4d0706c3105e8e699ae9f0"}, @generic={0xe1, 0xc, "75d55225871d38a0f49e5541c78b1da6a7bac0eef1628a9cae3daaf77740b814c8783225f1815e934b145ea6ec2767e2c601b462d16920feee0ac074c1bb591a5e798bdfdb24d307db3e4b54e3aeb94b98c707fad013013c63cd325e16d6cad26c498a6fcfa101f1251519ba439b2c771b5395efa02a90ba7b320ee354fa7178de6de7fa81d01a178f3d388c4e55184521677db34274998bf8115c802e6143dae623bac907349dfc10f43482d583e9babbb30c9d2fd4eaafe8ee5c577b22b1bf529e7653317e91ee77f3003a304c725a982d42b8d0c38d45fb0f42759a10b6"}]}}, {{0x9, 0x5, 0xf, 0x0, 0x10, 0x88, 0x9, 0xc, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x10, 0xfff}]}}, {{0x9, 0x5, 0x0, 0x0, 0x0, 0x1, 0xff, 0x7}}]}}, {{0x9, 0x4, 0xb1, 0x1, 0x1, 0xff, 0x4, 0x4c, 0xc0, [@generic={0x55, 0x7, "02f39954215bc530fcc2dbfe7a998300c0575c37d5a10b35e9cd08eee815cb49b71677001cc440b5fdd6cce2a793ad7c0c281280346004bc8997523d332d391504498df67246eb2aac35fd0195924a9f61e875"}], [{{0x9, 0x5, 0x53532d475e9143d6, 0x10, 0x460, 0x5, 0x6, 0x7f}}]}}]}}]}}, &(0x7f0000000940)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x110, 0x7f, 0x3, 0x9, 0xff, 0x9}, 0x17e, &(0x7f00000004c0)={0x5, 0xf, 0x17e, 0x3, [@ext_cap={0x7, 0x10, 0x2, 0x14, 0x2, 0x3, 0xe}, @generic={0x98, 0x10, 0x7, "86bee4bb58ad3cf7b163752e61ccb4327f53336d1bbb8448eea99697f5d6e6250233481b95910101a28985f5096c28a988597560d9f9681d1ffc977527e8c3026c296d46220cb02815a1f7f2318149b9bfc6167bc4c44d4759254565a7bd68f2d3d0ee08d791b4d6aac6eb05f4a94d7b3a3fb5d4500079ce8a86fa735b8f2984b86af55a64cbba3633145ff07eb45bf0c5a6838bc5"}, @generic={0xda, 0x10, 0xa, "3ec9c0ec16c22311fbf8fcd467925187ac37a1703d5fdd381814740c9c8585267348f2881246ecdf1257c19113930e34c48fc9cf5c16266657efc95b68f86d95c6f05dcc9a085bec118a1a7a511d13e943f1eda44a10ef609b122359436792454787145bed76432e020419dff797065e61477b6e0a5870fe99442b67fb1136d10a0676f3cdbab5440a228e9943bf2cd48e5a9918fb586e0580a3d14f4fae73f02b44b4700978b7b5cce46a7126925782871ce270d3509cf12b47219e09d377350a6870aa74110e72c7b7e79c7b810b96a37f44f14e6a72"}]}, 0x8, [{0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x1404}}, {0xd, &(0x7f0000000300)=@string={0xd, 0x3, "692255811e0717f1cea74a"}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x80a}}, {0x71, &(0x7f00000003c0)=@string={0x71, 0x3, "f3cdb6687563ad084cad2df8d3bca0cab93a0bd2bab819d274c7c181a90cc373e46e49afcf24b07653fcdd443af9817fb9915d170245a5d8e2ada30055d92c974d03ee7431dc8dbca92d9a6355dd3a239a5f72aafea7e10fdd62c6b3d5b88cd9b68291ada1364ec71357a45f991bd3"}}, {0x4, &(0x7f00000006c0)=@lang_id={0x4, 0x3, 0x418}}, {0xe1, &(0x7f0000000700)=ANY=[@ANYBLOB="e1039971344cdecd716e242bfe9157cf298aa6a48873cc5df16a5810d00c4d8df8619f31cd64acb48481a9481904245502c56fc6bd85c98b66c595d17fa9e4d507d9f34427c7cef66fb85b2184a43940a6a3a1558ea84a2e23f88513373544e93ce8c3dde12dc9f7040000001377e27cc882773969000409998b9a927571636386feafdf822f7a862537ed661d7223ec5bd31fd4a620af8799096ead5ba6e4f7c10c7444749881ee77498f343461cd5c0ef28d3c93188afafa4d4418478b5ed4cf5d9b17995abaa4e7cd81184d65b091e8ac"]}, {0xa0, &(0x7f0000000800)=ANY=[@ANYBLOB="a0034de738f9d43f9924e6aad0c97988d7e6b485d68ae923fe28e384698495033cd233e773078c5a6a45c0857993ccdf5d145f368f0282b73a3356e799f9e7bdcaeecabc264cd2517d66d33debc5fca88cba7637cfffd3c75b02481543a60f7fb51d20dbafc008fc63c4f06ce963c66a8855c9d3aff228e20680bb14adf9c58d418e5a8af4964909484b5f2fb57e932537eb85a9e9505fe7053c16e07dd00000"]}, {0x4, &(0x7f00000008c0)=@lang_id={0x4, 0x3, 0xa2823ba7f262ab30}}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x4000003}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10) 667.172573ms ago: executing program 0 (id=1601): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x2, 0x0, 0x7ffc17fb}]}) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000004c0)='kmem_cache_free\x00', r1}, 0x10) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000740)) 653.731643ms ago: executing program 1 (id=1602): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000079111800000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e0c01d50bc3347475750472719cc516fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cd93263ff755d611c4cca1684b14708f6a83366aa430ad2d700b186da622d6fba700000000000000000000000002000000000000f2badf9815c500"], &(0x7f00000001c0)='syzkaller\x00', 0x2, 0xd1, &(0x7f0000000000)=""/209, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7538e475dd6317ce6203c23c00fe80000000010000875a65969ff50be800040000000000001e04"], 0xfe1b) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x800000, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="840200000000000018100000", @ANYRES32, @ANYBLOB="0000000000000000950000000000000045"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'}) socketpair(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f1, &(0x7f0000000080)) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x89f2, &(0x7f0000000080)) 605.608613ms ago: executing program 1 (id=1603): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) writev(r0, &(0x7f0000000280)=[{&(0x7f0000000080)="abcc548f3888c082c9f55f8e3fc3f1b13c8e324142c35e", 0x17}], 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x6) r3 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x90, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x60, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3dc], [0x0, 0x4]}, [@TCA_MQPRIO_SHAPER={0x6}]}}}]}, 0x90}, 0x1, 0x0, 0x0, 0x80}, 0x0) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0) write$P9_RREADDIR(r7, &(0x7f0000000140)={0xb, 0x29, 0x2, {0x5}}, 0xb) sendfile(r7, r7, &(0x7f00000002c0), 0x7f03) r8 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r6) sendmsg$NLBL_CIPSOV4_C_ADD(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000840)=ANY=[@ANYBLOB="a8010000", @ANYRES16=r8, @ANYBLOB="01000000000000000000010000000800020001000000080001000100000034000480050003000000000005000300000000000500030000000000050003000000000005000300000000000500030000000000500108"], 0x1a8}}, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000380100001800400030008"], 0x44}}, 0x0) preadv(r5, &(0x7f0000000240)=[{&(0x7f0000019e00)=""/102399, 0x1902b}], 0x1, 0x5, 0x100000) 605.088313ms ago: executing program 0 (id=1604): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82) r3 = dup(r2) ioctl$SIOCX25SCALLUSERDATA(r3, 0x89e5, &(0x7f0000000280)={0x6d, "6c5f5f98e21d6acf6f6514b463a05655b31bc758bdaf3dc9c1d088db9dede636ee10e2874d5a3afb43ceae184e89268b86ef9218452d5c94253e754eac37ac8a5e1dc1123359f20b1634cebc7be75760e169fbaa360d7ad990a98c31a0829579a5e3157de1a4ccefa296725a6f9ebdc91bb1760ff0e0a90e59718bdc1fcd3674"}) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x1a, &(0x7f0000000200)={0x1, 'netdevsim0\x00'}, 0x18) syz_emit_ethernet(0xbe, &(0x7f0000000240)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @multicast1, {[@cipso={0x86, 0x71, 0x0, [{0x0, 0xc, "e2ffb28c599d1681fb52"}, {0x0, 0x9, "789607671442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x5, 0x9, "e706d30bd224f8"}, {0x0, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x2, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "240011000300"/16}, {0x0, 0xc, "c8f46976e79e56c7a95e"}]}, @cipso={0x86, 0xc, 0x3, [{0x0, 0x6, "7f36c525"}]}]}}}}}}}, 0x0) 566.014683ms ago: executing program 4 (id=1605): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000140)='tasks\x00', 0x2, 0x0) r2 = syz_clone(0x0, &(0x7f00000008c0), 0x0, 0x0, 0x0, 0x0) pipe2(&(0x7f0000002440)={0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ptrace$peek(0x1, r2, &(0x7f00000002c0)) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r5}, 0x10) syz_clone(0x44044000, 0x0, 0x0, 0x0, 0x0, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x23, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x3, 0x2000000000000256, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="000000ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r7}, 0x10) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r8}, 0x10) r9 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r9, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) perf_event_open(0x0, r2, 0x0, 0xffffffffffffffff, 0x0) write$cgroup_pid(r1, &(0x7f0000000180)=r2, 0x12) 552.108242ms ago: executing program 0 (id=1606): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa79ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200008b0"], 0x0) 536.886353ms ago: executing program 3 (id=1607): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) fchdir(0xffffffffffffffff) sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="88000000", @ANYRES16=r0, @ANYBLOB="270e000000000000000004"], 0x88}, 0x1, 0x40030000000000}, 0x0) 472.407142ms ago: executing program 0 (id=1608): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3, 0x0, 0x5}, 0x18) socket$tipc(0x1e, 0x5, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000240)='+}[@\x00') r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d47b8b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb7b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4ff0000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a20f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78136a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4530900000000000000f184f239098bf32551c7cf454e2865974f6520112743f73c619c3cab5609e00178f7393e53462f31559220c026bbde09837bf1b3ffe748a3247c9569f0c5e99f4494f93e0fa1badca90c888616eca97bddabd8003fc12a084d4b11d841979e161b998ddda92f194c4ec7947b7b303be11e0962d429a2c542a28c4932e14c123dfe2b8ec47a11cce134fd6e42a9f4e00ab6de6b45"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x18) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x1, 0xf, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000000)=r8, 0x4) sendmsg$inet(r6, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) 407.688912ms ago: executing program 3 (id=1609): r0 = epoll_create1(0x0) r1 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000008c0)) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000000)) r2 = socket$inet6(0xa, 0x800000000000002, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000000600)=[{{0x0, 0x0, 0x0}}], 0x1, 0x400c414) 407.311832ms ago: executing program 0 (id=1610): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b703000008000040850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10) arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x2) 167.789621ms ago: executing program 3 (id=1611): r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) writev(r0, &(0x7f0000000500)=[{&(0x7f0000000280)='\f7', 0x2}], 0x1) write$cgroup_pid(r0, &(0x7f00000031c0), 0x12) (fail_nth: 2) 167.62178ms ago: executing program 0 (id=1612): r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') pread64(r1, &(0x7f0000001240)=""/102400, 0x200000, 0x0) fcntl$notify(r0, 0x402, 0x3d) 163.81707ms ago: executing program 1 (id=1613): openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0xfffffffffffffffd}, 0x25) r4 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x6, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180200000004000000000000000000008500000036000000850000002a00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r6, r5, 0x25, 0x0, @val=@tracing}, 0x40) syz_emit_ethernet(0x112e, &(0x7f0000002080)=ANY=[], 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000880)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_ENABLE(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r10, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0) sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x54, r10, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r1, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0) 54.25783ms ago: executing program 3 (id=1614): open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r1 = dup(r0) write$P9_RLERRORu(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20) write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffff"], 0x7c8) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003020000850000008600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10) pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x11, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r7 = socket(0x2c, 0x3, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r8, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r7}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r6, &(0x7f0000000140), &(0x7f0000000080)=@udp=r7}, 0x20) close_range(r5, 0xffffffffffffffff, 0x0) 28.7682ms ago: executing program 4 (id=1615): r0 = socket$kcm(0x29, 0x5, 0x0) sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=ANY=[], 0xf0}, 0x400d0) r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000003d) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0500000004000000080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000001e00"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r4) sendmsg$IEEE802154_LLSEC_DEL_KEY(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)={0x28, r5, 0x1, 0x0, 0x10403, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}]}, 0x28}}, 0x40094) r6 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) getresgid(&(0x7f0000003c00), &(0x7f0000003c40), &(0x7f0000003c80)) fcntl$notify(r6, 0x402, 0x8000003d) close_range(r1, r6, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r7}, &(0x7f0000000000), &(0x7f0000000200)}, 0x20) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000100)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f0000000140)=[0x0, 0x0], &(0x7f0000000180)=[0x0], 0x0, 0x56, &(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f0000000200), &(0x7f0000000240), 0x8, 0xb2, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10) r9 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=0xffffffffffffffff, 0x4) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x2d, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x80000001}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2256}, @exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xce}}, @btf_id={0x18, 0x6, 0x3, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x81}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_fd], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000680)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000006c0)={0x3, 0x5}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000700)=[0xffffffffffffffff], &(0x7f0000000740)=[{0x2, 0x4, 0xf}, {0x1, 0x1, 0x4, 0xa}], 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000008c0)=@bpf_ext={0x1c, 0xe, &(0x7f0000000000)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ldst={0x3, 0x2, 0x3, 0x5, 0x4, 0x50, 0x4}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x10}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @cb_func={0x18, 0xa, 0x4, 0x0, 0x8}, @generic={0x88, 0xa, 0x6, 0xfd2a, 0x7fffffff}], &(0x7f0000000080)='GPL\x00', 0x3cb, 0x7, &(0x7f00000000c0)=""/7, 0x100, 0x4, '\x00', r8, 0x0, r9, 0x8, &(0x7f0000000480)={0x1, 0x2}, 0x8, 0x10, &(0x7f00000004c0)={0x0, 0xf, 0x5a, 0x7}, 0x10, 0x11b10, r10, 0x3, &(0x7f0000000840)=[0x1], &(0x7f0000000880)=[{0x2, 0x4, 0x2, 0x5}, {0x5, 0x4, 0x6}, {0x3, 0x2, 0xc, 0x4}], 0x10, 0xfffeffff, @void, @value}, 0x94) 28.46401ms ago: executing program 1 (id=1616): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82) r3 = dup(r2) ioctl$SIOCX25SCALLUSERDATA(r3, 0x89e5, &(0x7f0000000280)={0x6d, "6c5f5f98e21d6acf6f6514b463a05655b31bc758bdaf3dc9c1d088db9dede636ee10e2874d5a3afb43ceae184e89268b86ef9218452d5c94253e754eac37ac8a5e1dc1123359f20b1634cebc7be75760e169fbaa360d7ad990a98c31a0829579a5e3157de1a4ccefa296725a6f9ebdc91bb1760ff0e0a90e59718bdc1fcd3674"}) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4) setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x1a, &(0x7f0000000200)={0x1, 'netdevsim0\x00'}, 0x18) syz_emit_ethernet(0xbe, &(0x7f0000000240)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x24, 0x0, {0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @local, @multicast1, {[@cipso={0x86, 0x71, 0x0, [{0x0, 0xc, "e2ffb28c599d1681fb52"}, {0x0, 0x9, "789607671442eb"}, {0x0, 0xe, "7434954373561de584b703c8"}, {0x5, 0x9, "e706d30bd224f8"}, {0x0, 0x7, "cfa11cab1a"}, {0x0, 0x10, "8475be675de6a70a05a0dc91e5c6"}, {0x2, 0xa, "6580a5e97612fe86"}, {0x0, 0x12, "240011000300"/16}, {0x0, 0xc, "c8f46976e79e56c7a95e"}]}, @cipso={0x86, 0xc, 0x3, [{0x0, 0x6, "7f36c525"}]}]}}}}}}}, 0x0) 10.12789ms ago: executing program 2 (id=1617): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000001c0)={'tunl0\x00', &(0x7f0000000040)={'ip_vti0\x00', 0x0, 0x7827, 0x7f00, 0x25b, 0x7f, {{0x18, 0x4, 0x2, 0x1, 0x60, 0x66, 0x0, 0x0, 0x2f, 0x0, @loopback, @private=0xa010101, {[@end, @noop, @end, @noop, @generic={0x88, 0xc, "7d6d1b67632a576fd232"}, @end, @rr={0x7, 0x17, 0xb0, [@rand_addr=0x64010100, @dev={0xac, 0x14, 0x14, 0x27}, @rand_addr=0x64010101, @broadcast, @remote]}, @cipso={0x86, 0x24, 0x3, [{0x7, 0xc, "3986ce7fa7c9cc64ac00"}, {0x2, 0xb, "8899b141af9820dcd3"}, {0x0, 0x7, "ab27a208fd"}]}]}}}}}) mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000)={[{@mpol={'mpol', 0x3d, {'interleave', '=relative'}}}]}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000180)='GPL\x00', 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) creat(&(0x7f0000000040)='./file0\x00', 0x0) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0x9, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r4, 0x2, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0xd, 0x4, 0x4, 0x7, 0x0, r5, 0x0, '\x00', 0x0, r3, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@version_u}, {@cache_mmap}]}}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='mm_page_free\x00', r8, 0x0, 0x4}, 0x18) r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0x0, 0x0, 0x0, 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x737, 0x1ff}, 0x118280, 0x0, 0xfffffffe, 0x0, 0x3, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r10 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r10, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r10, 0x5437, 0x2) 0s ago: executing program 3 (id=1618): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r2}, 0xc) kernel console output (not intermixed with test programs): ritev+0x2d4/0x880 [ 86.434725][ T6075] ? hash+0x1d6/0x220 [ 86.438723][ T6075] do_writev+0xf4/0x220 [ 86.442916][ T6075] __x64_sys_writev+0x45/0x50 [ 86.447675][ T6075] x64_sys_call+0x1fab/0x2dc0 [ 86.452414][ T6075] do_syscall_64+0xc9/0x1c0 [ 86.456923][ T6075] ? clear_bhb_loop+0x55/0xb0 [ 86.461660][ T6075] ? clear_bhb_loop+0x55/0xb0 [ 86.466342][ T6075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.472265][ T6075] RIP: 0033:0x7f5bf3875d19 [ 86.476711][ T6075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.496328][ T6075] RSP: 002b:00007f5bf1ee7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 86.504742][ T6075] RAX: ffffffffffffffda RBX: 00007f5bf3a65fa0 RCX: 00007f5bf3875d19 [ 86.512808][ T6075] RDX: 0000000000000001 RSI: 00000000200003c0 RDI: 0000000000000009 [ 86.520845][ T6075] RBP: 00007f5bf1ee7090 R08: 0000000000000000 R09: 0000000000000000 [ 86.528821][ T6075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.536864][ T6075] R13: 0000000000000000 R14: 00007f5bf3a65fa0 R15: 00007ffd8ec788d8 [ 86.544848][ T6075] [ 86.761544][ T6109] FAULT_INJECTION: forcing a failure. [ 86.761544][ T6109] name failslab, interval 1, probability 0, space 0, times 0 [ 86.774897][ T6109] CPU: 1 UID: 0 PID: 6109 Comm: syz.0.988 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 86.785582][ T6109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 86.795638][ T6109] Call Trace: [ 86.798926][ T6109] [ 86.801874][ T6109] dump_stack_lvl+0xf2/0x150 [ 86.806496][ T6109] dump_stack+0x15/0x1a [ 86.810671][ T6109] should_fail_ex+0x223/0x230 [ 86.815364][ T6109] should_failslab+0x8f/0xb0 [ 86.820045][ T6109] kmem_cache_alloc_node_noprof+0x59/0x320 [ 86.825901][ T6109] ? __alloc_skb+0x10b/0x310 [ 86.830505][ T6109] __alloc_skb+0x10b/0x310 [ 86.834930][ T6109] alloc_uevent_skb+0x5b/0x120 [ 86.839708][ T6109] kobject_uevent_net_broadcast+0xfb/0x420 [ 86.845629][ T6109] kobject_uevent_env+0x415/0x550 [ 86.850718][ T6109] kobject_uevent+0x1c/0x30 [ 86.855238][ T6109] __kobject_del+0x8e/0x1a0 [ 86.859757][ T6109] kobject_put+0x126/0x180 [ 86.864179][ T6109] netdev_queue_update_kobjects+0x38d/0x3c0 [ 86.870161][ T6109] netdev_unregister_kobject+0xc1/0x120 [ 86.876147][ T6109] unregister_netdevice_many_notify+0xd95/0x11b0 [ 86.882520][ T6109] ? __flush_work+0x495/0x570 [ 86.887209][ T6109] ? detach_if_pending+0x94/0x200 [ 86.892272][ T6109] unregister_netdevice_queue+0x1f4/0x220 [ 86.898029][ T6109] unregister_netdev+0x1c/0x30 [ 86.902886][ T6109] slip_close+0xe5/0x100 [ 86.907264][ T6109] ? __pfx_slip_close+0x10/0x10 [ 86.912190][ T6109] tty_ldisc_close+0x77/0xa0 [ 86.916864][ T6109] tty_set_ldisc+0x1e2/0x3b0 [ 86.921624][ T6109] tiocsetd+0x52/0x60 [ 86.925637][ T6109] tty_ioctl+0xa94/0xbe0 [ 86.929978][ T6109] ? __pfx_tty_ioctl+0x10/0x10 [ 86.934771][ T6109] __se_sys_ioctl+0xc9/0x140 [ 86.939450][ T6109] __x64_sys_ioctl+0x43/0x50 [ 86.944067][ T6109] x64_sys_call+0x1690/0x2dc0 [ 86.948765][ T6109] do_syscall_64+0xc9/0x1c0 [ 86.953308][ T6109] ? clear_bhb_loop+0x55/0xb0 [ 86.958069][ T6109] ? clear_bhb_loop+0x55/0xb0 [ 86.962841][ T6109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.968803][ T6109] RIP: 0033:0x7f2680135d19 [ 86.973277][ T6109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 86.992944][ T6109] RSP: 002b:00007f267e7a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.001410][ T6109] RAX: ffffffffffffffda RBX: 00007f2680325fa0 RCX: 00007f2680135d19 [ 87.009384][ T6109] RDX: 0000000020000140 RSI: 0000000000005423 RDI: 0000000000000003 [ 87.017368][ T6109] RBP: 00007f267e7a1090 R08: 0000000000000000 R09: 0000000000000000 [ 87.025392][ T6109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 87.033368][ T6109] R13: 0000000000000000 R14: 00007f2680325fa0 R15: 00007ffd913e5d38 [ 87.041402][ T6109] [ 87.105863][ T6109] Falling back ldisc for ttyS3. [ 87.146937][ T6122] bond0: entered promiscuous mode [ 87.152096][ T6122] bond0: entered allmulticast mode [ 87.185147][ T6122] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.220213][ T6122] bond0 (unregistering): Released all slaves [ 87.249779][ T6128] netlink: 68 bytes leftover after parsing attributes in process `syz.4.995'. [ 87.302564][ T6126] netlink: 28 bytes leftover after parsing attributes in process `syz.3.993'. [ 87.315928][ T29] kauditd_printk_skb: 611 callbacks suppressed [ 87.315941][ T29] audit: type=1326 audit(1734245334.167:5435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6127 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bf3875d19 code=0x7ffc0000 [ 87.350005][ T6128] syz.4.995[6128] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.350088][ T6128] syz.4.995[6128] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.368270][ T29] audit: type=1326 audit(1734245334.197:5436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6127 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f5bf3875d19 code=0x7ffc0000 [ 87.395298][ T6128] syz.4.995[6128] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 87.403493][ T29] audit: type=1326 audit(1734245334.197:5437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6127 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bf3875d19 code=0x7ffc0000 [ 87.438654][ T29] audit: type=1326 audit(1734245334.197:5438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6127 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5bf3875d19 code=0x7ffc0000 [ 87.462497][ T29] audit: type=1326 audit(1734245334.197:5439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6127 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bf3875d19 code=0x7ffc0000 [ 87.486500][ T29] audit: type=1326 audit(1734245334.197:5440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6127 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5bf3877c37 code=0x7ffc0000 [ 87.509711][ T29] audit: type=1326 audit(1734245334.197:5441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6127 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f5bf3877bac code=0x7ffc0000 [ 87.533676][ T29] audit: type=1326 audit(1734245334.197:5442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6127 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5bf3877ae4 code=0x7ffc0000 [ 87.557613][ T29] audit: type=1326 audit(1734245334.197:5443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6127 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f5bf3877ae4 code=0x7ffc0000 [ 87.580922][ T29] audit: type=1326 audit(1734245334.197:5444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6127 comm="syz.4.995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f5bf387497a code=0x7ffc0000 [ 87.627633][ T5978] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0 [ 87.653365][ T5978] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0 [ 87.887613][ T6139] raw_sendmsg: syz.4.999 forgot to set AF_INET. Fix it! [ 88.028478][ T6159] FAULT_INJECTION: forcing a failure. [ 88.028478][ T6159] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.042247][ T6159] CPU: 1 UID: 0 PID: 6159 Comm: syz.4.1004 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 88.052924][ T6159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 88.063034][ T6159] Call Trace: [ 88.066319][ T6159] [ 88.069262][ T6159] dump_stack_lvl+0xf2/0x150 [ 88.073934][ T6159] dump_stack+0x15/0x1a [ 88.078099][ T6159] should_fail_ex+0x223/0x230 [ 88.082818][ T6159] should_fail+0xb/0x10 [ 88.086984][ T6159] should_fail_usercopy+0x1a/0x20 [ 88.092087][ T6159] _copy_from_iter+0xd5/0xd00 [ 88.096789][ T6159] ? __rcu_read_unlock+0x4e/0x70 [ 88.101787][ T6159] packet_sendmsg+0x216c/0x3670 [ 88.106730][ T6159] ? terminate_walk+0x260/0x280 [ 88.111590][ T6159] ? __rcu_read_unlock+0x4e/0x70 [ 88.116544][ T6159] ? avc_has_perm+0xd4/0x160 [ 88.121150][ T6159] ? selinux_socket_sendmsg+0x185/0x1c0 [ 88.126746][ T6159] ? __pfx_packet_sendmsg+0x10/0x10 [ 88.131972][ T6159] __sock_sendmsg+0x140/0x180 [ 88.136723][ T6159] __sys_sendto+0x1a8/0x230 [ 88.141282][ T6159] __x64_sys_sendto+0x78/0x90 [ 88.145962][ T6159] x64_sys_call+0x29fa/0x2dc0 [ 88.150648][ T6159] do_syscall_64+0xc9/0x1c0 [ 88.155153][ T6159] ? clear_bhb_loop+0x55/0xb0 [ 88.159827][ T6159] ? clear_bhb_loop+0x55/0xb0 [ 88.164520][ T6159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.170479][ T6159] RIP: 0033:0x7f5bf3875d19 [ 88.174892][ T6159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 88.194511][ T6159] RSP: 002b:00007f5bf1ee7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 88.202989][ T6159] RAX: ffffffffffffffda RBX: 00007f5bf3a65fa0 RCX: 00007f5bf3875d19 [ 88.210978][ T6159] RDX: 0000000000010000 RSI: 0000000020000180 RDI: 0000000000000004 [ 88.218952][ T6159] RBP: 00007f5bf1ee7090 R08: 0000000020000140 R09: 0000000000000014 [ 88.226924][ T6159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.234926][ T6159] R13: 0000000000000000 R14: 00007f5bf3a65fa0 R15: 00007ffd8ec788d8 [ 88.242999][ T6159] [ 88.904857][ T6186] tmpfs: Bad value for 'mpol' [ 88.934808][ T6185] infiniband syz!: set active [ 88.939638][ T6185] infiniband syz!: added team_slave_0 [ 88.954541][ T6185] RDS/IB: syz!: added [ 88.961036][ T6185] smc: adding ib device syz! with port count 1 [ 88.967298][ T6185] smc: ib device syz! port 1 has pnetid [ 89.351024][ T6193] syz.0.1014[6193] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 89.351077][ T6193] syz.0.1014[6193] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 89.395220][ T6193] syz.0.1014[6193] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 89.415537][ T6198] netlink: 133536 bytes leftover after parsing attributes in process `syz.0.1014'. [ 89.471807][ T6193] IPv4: Oversized IP packet from 127.202.26.0 [ 90.649703][ T6197] syz.4.1017 (6197) used greatest stack depth: 7272 bytes left [ 90.729986][ T6235] FAULT_INJECTION: forcing a failure. [ 90.729986][ T6235] name failslab, interval 1, probability 0, space 0, times 0 [ 90.742648][ T6235] CPU: 0 UID: 0 PID: 6235 Comm: syz.4.1029 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 90.753329][ T6235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 90.763390][ T6235] Call Trace: [ 90.766712][ T6235] [ 90.769638][ T6235] dump_stack_lvl+0xf2/0x150 [ 90.774268][ T6235] dump_stack+0x15/0x1a [ 90.778458][ T6235] should_fail_ex+0x223/0x230 [ 90.783195][ T6235] should_failslab+0x8f/0xb0 [ 90.787799][ T6235] kmem_cache_alloc_noprof+0x52/0x320 [ 90.793170][ T6235] ? skb_clone+0x154/0x1f0 [ 90.797604][ T6235] ? mod_objcg_state+0x2ea/0x4f0 [ 90.802539][ T6235] skb_clone+0x154/0x1f0 [ 90.806784][ T6235] dev_queue_xmit_nit+0x14b/0x680 [ 90.811849][ T6235] ? __rcu_read_unlock+0x4e/0x70 [ 90.816822][ T6235] dev_hard_start_xmit+0xcc/0x3f0 [ 90.821900][ T6235] ? validate_xmit_skb+0x645/0x830 [ 90.827009][ T6235] __dev_queue_xmit+0x100a/0x2090 [ 90.832071][ T6235] ? __dev_queue_xmit+0x186/0x2090 [ 90.837179][ T6235] ? __skb_clone+0x2d0/0x2f0 [ 90.841810][ T6235] __netlink_deliver_tap+0x3be/0x4f0 [ 90.847144][ T6235] netlink_unicast+0x64a/0x670 [ 90.851919][ T6235] netlink_sendmsg+0x5cc/0x6e0 [ 90.856684][ T6235] ? __pfx_netlink_sendmsg+0x10/0x10 [ 90.862045][ T6235] __sock_sendmsg+0x140/0x180 [ 90.866737][ T6235] ____sys_sendmsg+0x312/0x410 [ 90.871511][ T6235] __sys_sendmsg+0x19d/0x230 [ 90.876106][ T6235] __x64_sys_sendmsg+0x46/0x50 [ 90.880938][ T6235] x64_sys_call+0x2734/0x2dc0 [ 90.885703][ T6235] do_syscall_64+0xc9/0x1c0 [ 90.890226][ T6235] ? clear_bhb_loop+0x55/0xb0 [ 90.894898][ T6235] ? clear_bhb_loop+0x55/0xb0 [ 90.899609][ T6235] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.905552][ T6235] RIP: 0033:0x7f5bf3875d19 [ 90.909957][ T6235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.929559][ T6235] RSP: 002b:00007f5bf1ee7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 90.937965][ T6235] RAX: ffffffffffffffda RBX: 00007f5bf3a65fa0 RCX: 00007f5bf3875d19 [ 90.946058][ T6235] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000007 [ 90.954020][ T6235] RBP: 00007f5bf1ee7090 R08: 0000000000000000 R09: 0000000000000000 [ 90.962022][ T6235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 90.969985][ T6235] R13: 0000000000000000 R14: 00007f5bf3a65fa0 R15: 00007ffd8ec788d8 [ 90.977958][ T6235] [ 91.172092][ T6240] loop4: detected capacity change from 0 to 512 [ 91.226090][ T6240] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.264535][ T6240] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 91.313969][ T6240] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.1031: Failed to acquire dquot type 0 [ 91.361508][ T6240] SELinux: policydb string ŽÝ [ 92.068978][ T6286] dump_stack_lvl+0xf2/0x150 [ 92.073603][ T6286] dump_stack+0x15/0x1a [ 92.077781][ T6286] should_fail_ex+0x223/0x230 [ 92.082570][ T6286] should_failslab+0x8f/0xb0 [ 92.087170][ T6286] __kmalloc_node_track_caller_noprof+0xa8/0x410 [ 92.093506][ T6286] ? resume_store+0xf1/0x3a0 [ 92.098107][ T6286] ? should_fail_ex+0x31/0x230 [ 92.102960][ T6286] ? __pfx_resume_store+0x10/0x10 [ 92.108087][ T6286] kstrndup+0x3f/0x90 [ 92.112086][ T6286] resume_store+0xf1/0x3a0 [ 92.116587][ T6286] ? _copy_from_iter+0x3ae/0xd00 [ 92.121528][ T6286] kobj_attr_store+0x47/0x70 [ 92.126126][ T6286] ? __pfx_kobj_attr_store+0x10/0x10 [ 92.131465][ T6286] sysfs_kf_write+0xae/0xd0 [ 92.135974][ T6286] ? __pfx_sysfs_kf_write+0x10/0x10 [ 92.141179][ T6286] kernfs_fop_write_iter+0x1c8/0x2c0 [ 92.146534][ T6286] iter_file_splice_write+0x5f1/0x980 [ 92.151945][ T6286] ? __pfx_iter_file_splice_write+0x10/0x10 [ 92.157850][ T6286] direct_splice_actor+0x160/0x2c0 [ 92.162967][ T6286] splice_direct_to_actor+0x302/0x670 [ 92.168383][ T6286] ? __pfx_direct_splice_actor+0x10/0x10 [ 92.174056][ T6286] do_splice_direct+0xd7/0x150 [ 92.178838][ T6286] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 92.184811][ T6286] do_sendfile+0x398/0x660 [ 92.189357][ T6286] __x64_sys_sendfile64+0x110/0x150 [ 92.194571][ T6286] x64_sys_call+0xfbd/0x2dc0 [ 92.199164][ T6286] do_syscall_64+0xc9/0x1c0 [ 92.203674][ T6286] ? clear_bhb_loop+0x55/0xb0 [ 92.208366][ T6286] ? clear_bhb_loop+0x55/0xb0 [ 92.213239][ T6286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.219257][ T6286] RIP: 0033:0x7fcfd4e75d19 [ 92.223726][ T6286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.243399][ T6286] RSP: 002b:00007fcfd34e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 92.251854][ T6286] RAX: ffffffffffffffda RBX: 00007fcfd5065fa0 RCX: 00007fcfd4e75d19 [ 92.259846][ T6286] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000006 [ 92.267874][ T6286] RBP: 00007fcfd34e7090 R08: 0000000000000000 R09: 0000000000000000 [ 92.275862][ T6286] R10: 00008000fffffffe R11: 0000000000000246 R12: 0000000000000001 [ 92.283834][ T6286] R13: 0000000000000000 R14: 00007fcfd5065fa0 R15: 00007ffc3cf40f78 [ 92.291857][ T6286] [ 92.308268][ T6278] netlink: 'syz.3.1041': attribute type 322 has an invalid length. [ 92.327232][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.458209][ T6290] syz.1.1049[6290] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 92.458326][ T6290] syz.1.1049[6290] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 92.528775][ T29] kauditd_printk_skb: 247 callbacks suppressed [ 92.528791][ T29] audit: type=1400 audit(1734245339.377:5688): avc: denied { setopt } for pid=6291 comm="syz.1.1050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 92.656524][ T29] audit: type=1326 audit(1734245339.507:5689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6297 comm="syz.1.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcfd4e75d19 code=0x7ffc0000 [ 92.690021][ T6296] 9pnet_fd: Insufficient options for proto=fd [ 92.756681][ T29] audit: type=1326 audit(1734245339.527:5690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4212935d19 code=0x7ffc0000 [ 92.780142][ T29] audit: type=1326 audit(1734245339.527:5691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f4212935d19 code=0x7ffc0000 [ 92.804248][ T29] audit: type=1326 audit(1734245339.527:5692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f4212935d53 code=0x7ffc0000 [ 92.828134][ T29] audit: type=1326 audit(1734245339.537:5693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f42129347cf code=0x7ffc0000 [ 92.851349][ T29] audit: type=1326 audit(1734245339.537:5694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f4212935da7 code=0x7ffc0000 [ 92.875406][ T29] audit: type=1326 audit(1734245339.537:5695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4212934680 code=0x7ffc0000 [ 92.898824][ T29] audit: type=1326 audit(1734245339.537:5696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f421293497a code=0x7ffc0000 [ 92.922669][ T29] audit: type=1326 audit(1734245339.537:5697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6295 comm="syz.3.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4212935d19 code=0x7ffc0000 [ 93.171536][ T6311] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1054'. [ 93.180455][ T6311] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1054'. [ 93.191652][ T6311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1054'. [ 93.200698][ T6311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1054'. [ 93.421465][ T6326] loop4: detected capacity change from 0 to 512 [ 93.432565][ T6326] EXT4-fs: Ignoring removed oldalloc option [ 93.576980][ T6326] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1059: Parent and EA inode have the same ino 15 [ 93.631968][ T6326] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1059: Parent and EA inode have the same ino 15 [ 93.679259][ T6326] EXT4-fs (loop4): 1 orphan inode deleted [ 93.759561][ T6326] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 93.938041][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 93.965049][ T6343] tmpfs: Unknown parameter 'mp«§âŽÊ•”† šâŠol' [ 94.038934][ T6351] x_tables: duplicate entry at hook 2 [ 94.362376][ T6371] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1076'. [ 94.380041][ T6370] bond2: entered promiscuous mode [ 94.385111][ T6370] bond2: entered allmulticast mode [ 94.398911][ T6370] 8021q: adding VLAN 0 to HW filter on device bond2 [ 94.416141][ T6370] bond2 (unregistering): Released all slaves [ 94.481900][ T6383] FAULT_INJECTION: forcing a failure. [ 94.481900][ T6383] name failslab, interval 1, probability 0, space 0, times 0 [ 94.495597][ T6383] CPU: 1 UID: 0 PID: 6383 Comm: syz.2.1081 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 94.506290][ T6383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 94.516477][ T6383] Call Trace: [ 94.519755][ T6383] [ 94.522679][ T6383] dump_stack_lvl+0xf2/0x150 [ 94.527309][ T6383] dump_stack+0x15/0x1a [ 94.531485][ T6383] should_fail_ex+0x223/0x230 [ 94.536197][ T6383] should_failslab+0x8f/0xb0 [ 94.540839][ T6383] kmem_cache_alloc_noprof+0x52/0x320 [ 94.546231][ T6383] ? audit_log_start+0x34c/0x6b0 [ 94.551260][ T6383] audit_log_start+0x34c/0x6b0 [ 94.556090][ T6383] audit_seccomp+0x4b/0x130 [ 94.560601][ T6383] __seccomp_filter+0x6fa/0x1180 [ 94.565550][ T6383] ? net_rx_action+0x77e/0x7f0 [ 94.570318][ T6383] __secure_computing+0x9f/0x1c0 [ 94.575269][ T6383] syscall_trace_enter+0xd1/0x1f0 [ 94.577585][ T6382] vlan2: entered promiscuous mode [ 94.580355][ T6383] do_syscall_64+0xaa/0x1c0 [ 94.585438][ T6382] vlan2: entered allmulticast mode [ 94.589890][ T6383] ? clear_bhb_loop+0x55/0xb0 [ 94.595013][ T6382] hsr_slave_1: entered allmulticast mode [ 94.599624][ T6383] ? clear_bhb_loop+0x55/0xb0 [ 94.610015][ T6383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.615939][ T6383] RIP: 0033:0x7f3e667b472c [ 94.620414][ T6383] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 94.640199][ T6383] RSP: 002b:00007f3e64e27030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 94.648664][ T6383] RAX: ffffffffffffffda RBX: 00007f3e669a5fa0 RCX: 00007f3e667b472c [ 94.656643][ T6383] RDX: 000000000000000f RSI: 00007f3e64e270a0 RDI: 0000000000000003 [ 94.664676][ T6383] RBP: 00007f3e64e27090 R08: 0000000000000000 R09: 0000000000000000 [ 94.672654][ T6383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.680672][ T6383] R13: 0000000000000000 R14: 00007f3e669a5fa0 R15: 00007ffdeb912528 [ 94.688679][ T6383] [ 94.770418][ T6388] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1083'. [ 94.892492][ T6395] Cannot find del_set index 0 as target [ 95.004035][ T6403] netlink: 'syz.1.1089': attribute type 1 has an invalid length. [ 95.096546][ T6410] syz.2.1092[6410] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 95.096617][ T6410] syz.2.1092[6410] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 95.135991][ T6412] netlink: 'syz.4.1093': attribute type 1 has an invalid length. [ 95.208345][ T6416] netlink: 64859 bytes leftover after parsing attributes in process `syz.2.1095'. [ 95.354696][ T6416] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1095'. [ 95.378563][ T6416] xt_SECMARK: invalid mode: 0 [ 95.489692][ T6437] syz.0.1103[6437] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 95.489749][ T6437] syz.0.1103[6437] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 95.632251][ T6447] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 95.651695][ T6447] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 95.660354][ T6447] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 95.667934][ T6447] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 95.761595][ T6460] FAULT_INJECTION: forcing a failure. [ 95.761595][ T6460] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.775312][ T6460] CPU: 1 UID: 0 PID: 6460 Comm: syz.2.1110 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 95.785995][ T6460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 95.796059][ T6460] Call Trace: [ 95.799337][ T6460] [ 95.802347][ T6460] dump_stack_lvl+0xf2/0x150 [ 95.806956][ T6460] dump_stack+0x15/0x1a [ 95.811128][ T6460] should_fail_ex+0x223/0x230 [ 95.815862][ T6460] should_fail+0xb/0x10 [ 95.820100][ T6460] should_fail_usercopy+0x1a/0x20 [ 95.825134][ T6460] _copy_to_user+0x20/0xa0 [ 95.829737][ T6460] simple_read_from_buffer+0xa0/0x110 [ 95.835136][ T6460] proc_fail_nth_read+0xf9/0x140 [ 95.840081][ T6460] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 95.845732][ T6460] vfs_read+0x1a2/0x700 [ 95.849968][ T6460] ? __cond_resched+0x28/0x50 [ 95.854672][ T6460] ksys_read+0xe8/0x1b0 [ 95.858845][ T6460] __x64_sys_read+0x42/0x50 [ 95.863455][ T6460] x64_sys_call+0x2874/0x2dc0 [ 95.868135][ T6460] do_syscall_64+0xc9/0x1c0 [ 95.872634][ T6460] ? clear_bhb_loop+0x55/0xb0 [ 95.877384][ T6460] ? clear_bhb_loop+0x55/0xb0 [ 95.882206][ T6460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.888115][ T6460] RIP: 0033:0x7f3e667b472c [ 95.892531][ T6460] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 95.912200][ T6460] RSP: 002b:00007f3e64e27030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 95.920625][ T6460] RAX: ffffffffffffffda RBX: 00007f3e669a5fa0 RCX: 00007f3e667b472c [ 95.928676][ T6460] RDX: 000000000000000f RSI: 00007f3e64e270a0 RDI: 0000000000000006 [ 95.936748][ T6460] RBP: 00007f3e64e27090 R08: 0000000000000000 R09: 0000000000000000 [ 95.944726][ T6460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 95.952774][ T6460] R13: 0000000000000000 R14: 00007f3e669a5fa0 R15: 00007ffdeb912528 [ 95.960831][ T6460] [ 96.006299][ T6463] RDS: rds_bind could not find a transport for ::ffff:172.30.0.2, load rds_tcp or rds_rdma? [ 96.041242][ T6465] loop4: detected capacity change from 0 to 512 [ 96.077374][ T6465] EXT4-fs: Ignoring removed bh option [ 96.096356][ T6465] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 96.127735][ T6471] netlink: '+}[@': attribute type 66 has an invalid length. [ 96.137912][ T6465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 96.156821][ T6473] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 96.165393][ T6465] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 96.197787][ T6465] syz.4.1114[6465] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.197841][ T6465] syz.4.1114[6465] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.223219][ T6473] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 96.285916][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 96.661995][ T6502] __nla_validate_parse: 2 callbacks suppressed [ 96.662018][ T6502] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1125'. [ 96.786043][ T6509] syz.1.1127[6509] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.786288][ T6509] syz.1.1127[6509] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 96.832318][ T6502] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1125'. [ 96.966865][ T6516] netlink: 133492 bytes leftover after parsing attributes in process `syz.0.1129'. [ 97.059695][ T6524] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1132'. [ 97.099768][ T6529] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=6529 comm=syz.0.1134 [ 97.205221][ T6533] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1134'. [ 97.279013][ T6538] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 97.289211][ T6538] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 97.299944][ T6538] FAULT_INJECTION: forcing a failure. [ 97.299944][ T6538] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 97.313648][ T6538] CPU: 1 UID: 0 PID: 6538 Comm: syz.2.1135 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 97.324354][ T6538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 97.334414][ T6538] Call Trace: [ 97.337688][ T6538] [ 97.340664][ T6538] dump_stack_lvl+0xf2/0x150 [ 97.345334][ T6538] dump_stack+0x15/0x1a [ 97.349562][ T6538] should_fail_ex+0x223/0x230 [ 97.354265][ T6538] should_fail+0xb/0x10 [ 97.358536][ T6538] should_fail_usercopy+0x1a/0x20 [ 97.363604][ T6538] _copy_from_user+0x1e/0xb0 [ 97.368320][ T6538] copy_from_sockptr_offset+0x6b/0xb0 [ 97.373699][ T6538] do_ip6t_set_ctl+0x6a4/0x8c0 [ 97.378505][ T6538] ? kstrtouint+0x77/0xc0 [ 97.382831][ T6538] ? __rcu_read_unlock+0x4e/0x70 [ 97.387808][ T6538] nf_setsockopt+0x195/0x1b0 [ 97.392584][ T6538] ipv6_setsockopt+0x10f/0x130 [ 97.397370][ T6538] udpv6_setsockopt+0x95/0xb0 [ 97.402128][ T6538] sock_common_setsockopt+0x64/0x80 [ 97.407329][ T6538] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 97.413348][ T6538] __sys_setsockopt+0x187/0x200 [ 97.418207][ T6538] __x64_sys_setsockopt+0x66/0x80 [ 97.423228][ T6538] x64_sys_call+0x282e/0x2dc0 [ 97.427913][ T6538] do_syscall_64+0xc9/0x1c0 [ 97.432417][ T6538] ? clear_bhb_loop+0x55/0xb0 [ 97.437111][ T6538] ? clear_bhb_loop+0x55/0xb0 [ 97.441862][ T6538] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.447958][ T6538] RIP: 0033:0x7f3e667b5d19 [ 97.452377][ T6538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.472055][ T6538] RSP: 002b:00007f3e64e27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 97.480525][ T6538] RAX: ffffffffffffffda RBX: 00007f3e669a5fa0 RCX: 00007f3e667b5d19 [ 97.488515][ T6538] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000007 [ 97.496480][ T6538] RBP: 00007f3e64e27090 R08: 00000000000003e8 R09: 0000000000000000 [ 97.504452][ T6538] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.512479][ T6538] R13: 0000000000000000 R14: 00007f3e669a5fa0 R15: 00007ffdeb912528 [ 97.520454][ T6538] [ 97.555669][ T29] kauditd_printk_skb: 345 callbacks suppressed [ 97.555684][ T29] audit: type=1400 audit(1734245344.377:6039): avc: denied { setopt } for pid=6530 comm="syz.4.1136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 97.633298][ T6537] FAULT_INJECTION: forcing a failure. [ 97.633298][ T6537] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 97.646686][ T6537] CPU: 1 UID: 0 PID: 6537 Comm: syz.1.1137 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 97.657362][ T6537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 97.667414][ T6537] Call Trace: [ 97.670690][ T6537] [ 97.673623][ T6537] dump_stack_lvl+0xf2/0x150 [ 97.678287][ T6537] dump_stack+0x15/0x1a [ 97.682473][ T6537] should_fail_ex+0x223/0x230 [ 97.687161][ T6537] should_fail_alloc_page+0xfd/0x110 [ 97.692503][ T6537] __alloc_pages_noprof+0x109/0x340 [ 97.697762][ T6537] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 97.703179][ T6537] alloc_migration_target_by_mpol+0x121/0x230 [ 97.709270][ T6537] migrate_pages_batch+0x333/0x1910 [ 97.714501][ T6537] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 97.721179][ T6537] ? __pfx_remove_migration_pte+0x10/0x10 [ 97.727015][ T6537] migrate_pages+0xff1/0x1820 [ 97.731716][ T6537] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 97.738436][ T6537] ? mas_next_slot+0xb87/0xbe0 [ 97.743254][ T6537] __se_sys_mbind+0xf79/0x1160 [ 97.748043][ T6537] __x64_sys_mbind+0x78/0x90 [ 97.752667][ T6537] x64_sys_call+0x2662/0x2dc0 [ 97.757348][ T6537] do_syscall_64+0xc9/0x1c0 [ 97.761864][ T6537] ? clear_bhb_loop+0x55/0xb0 [ 97.766603][ T6537] ? clear_bhb_loop+0x55/0xb0 [ 97.771348][ T6537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.777270][ T6537] RIP: 0033:0x7fcfd4e75d19 [ 97.781689][ T6537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.801314][ T6537] RSP: 002b:00007fcfd34e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 97.809807][ T6537] RAX: ffffffffffffffda RBX: 00007fcfd5065fa0 RCX: 00007fcfd4e75d19 [ 97.817785][ T6537] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000000020001000 [ 97.825790][ T6537] RBP: 00007fcfd34e7090 R08: 0000000000000000 R09: 0000000000000003 [ 97.833814][ T6537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.841824][ T6537] R13: 0000000000000000 R14: 00007fcfd5065fa0 R15: 00007ffc3cf40f78 [ 97.849930][ T6537] [ 97.890891][ T6545] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1139'. [ 97.944144][ T6545] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1139'. [ 98.042513][ T29] audit: type=1400 audit(1734245344.887:6040): avc: denied { ioctl } for pid=6554 comm="syz.4.1142" path="socket:[14679]" dev="sockfs" ino=14679 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 98.131939][ T6558] loop4: detected capacity change from 0 to 512 [ 98.145099][ T29] audit: type=1400 audit(1734245344.937:6041): avc: denied { setopt } for pid=6554 comm="syz.4.1142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 98.164870][ T29] audit: type=1400 audit(1734245344.937:6042): avc: denied { write } for pid=6554 comm="syz.4.1142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 98.176968][ T6558] EXT4-fs: Ignoring removed nobh option [ 98.211394][ T6558] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 98.220958][ T6558] EXT4-fs (loop4): orphan cleanup on readonly fs [ 98.236246][ T29] audit: type=1400 audit(1734245345.017:6043): avc: denied { mounton } for pid=6557 comm="syz.4.1144" path="/175/file2" dev="tmpfs" ino=934 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 98.237721][ T6558] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated! [ 98.268002][ T6558] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 98.277838][ T6558] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.1144: Failed to acquire dquot type 1 [ 98.312893][ T6558] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1144: bg 0: block 40: padding at end of block bitmap is not set [ 98.333559][ T6558] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 98.350529][ T6558] EXT4-fs (loop4): 1 truncate cleaned up [ 98.362841][ T6558] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 98.377326][ T29] audit: type=1400 audit(1734245345.227:6044): avc: denied { mount } for pid=6557 comm="syz.4.1144" name="/" dev="loop4" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 98.377344][ T6558] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #16: comm syz.4.1144: corrupted xattr block 31: invalid header [ 98.414064][ T6558] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=16 [ 98.423159][ T6558] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #16: comm syz.4.1144: corrupted xattr block 31: invalid header [ 98.437574][ T6572] EXT4-fs error (device loop4): ext4_xattr_block_get:596: inode #16: comm syz.4.1144: corrupted xattr block 31: invalid header [ 98.453168][ T6558] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=16 [ 98.462862][ T6572] SELinux: inode_doinit_use_xattr: getxattr returned 117 for dev=loop4 ino=16 [ 98.471994][ T6572] EXT4-fs error (device loop4): ext4_get_link:106: inode #16: comm syz.4.1144: bad symlink. [ 98.475726][ T29] audit: type=1400 audit(1734245345.327:6045): avc: denied { read } for pid=6557 comm="syz.4.1144" name="file2" dev="loop4" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1 [ 98.482956][ T6558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 98.514614][ T6558] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 98.563439][ T29] audit: type=1400 audit(1734245345.407:6046): avc: denied { unmount } for pid=3304 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 98.596714][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.644374][ T6581] tipc: Enabling of bearer rejected, already enabled [ 98.719685][ T6587] 9pnet_fd: Insufficient options for proto=fd [ 98.757185][ T6598] FAULT_INJECTION: forcing a failure. [ 98.757185][ T6598] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 98.770381][ T6598] CPU: 0 UID: 0 PID: 6598 Comm: syz.1.1158 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 98.781223][ T6598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 98.791298][ T6598] Call Trace: [ 98.794583][ T6598] [ 98.797508][ T6598] dump_stack_lvl+0xf2/0x150 [ 98.802140][ T6598] dump_stack+0x15/0x1a [ 98.806330][ T6598] should_fail_ex+0x223/0x230 [ 98.811006][ T6598] should_fail+0xb/0x10 [ 98.815155][ T6598] should_fail_usercopy+0x1a/0x20 [ 98.820234][ T6598] strncpy_from_user+0x25/0x210 [ 98.825127][ T6598] ? kmem_cache_alloc_noprof+0x18e/0x320 [ 98.830762][ T6598] ? getname_flags+0x81/0x3b0 [ 98.835446][ T6598] getname_flags+0xb0/0x3b0 [ 98.839981][ T6598] user_path_at+0x26/0x120 [ 98.844395][ T6598] do_fchownat+0x92/0x1a0 [ 98.848734][ T6598] __x64_sys_chown+0x47/0x60 [ 98.853387][ T6598] x64_sys_call+0x7e0/0x2dc0 [ 98.857966][ T6598] do_syscall_64+0xc9/0x1c0 [ 98.862458][ T6598] ? clear_bhb_loop+0x55/0xb0 [ 98.867125][ T6598] ? clear_bhb_loop+0x55/0xb0 [ 98.871865][ T6598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.877871][ T6598] RIP: 0033:0x7fcfd4e75d19 [ 98.882280][ T6598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 98.901880][ T6598] RSP: 002b:00007fcfd34e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000005c [ 98.910328][ T6598] RAX: ffffffffffffffda RBX: 00007fcfd5065fa0 RCX: 00007fcfd4e75d19 [ 98.918341][ T6598] RDX: 0000000000000000 RSI: 000000000000ee01 RDI: 0000000020000340 [ 98.926302][ T6598] RBP: 00007fcfd34e7090 R08: 0000000000000000 R09: 0000000000000000 [ 98.934265][ T6598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 98.942238][ T6598] R13: 0000000000000000 R14: 00007fcfd5065fa0 R15: 00007ffc3cf40f78 [ 98.950205][ T6598] [ 98.985456][ T6604] FAULT_INJECTION: forcing a failure. [ 98.985456][ T6604] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 98.998529][ T6604] CPU: 0 UID: 0 PID: 6604 Comm: syz.0.1161 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 99.009255][ T6604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 99.019320][ T6604] Call Trace: [ 99.022596][ T6604] [ 99.025524][ T6604] dump_stack_lvl+0xf2/0x150 [ 99.030166][ T6604] dump_stack+0x15/0x1a [ 99.034409][ T6604] should_fail_ex+0x223/0x230 [ 99.039103][ T6604] should_fail+0xb/0x10 [ 99.043278][ T6604] should_fail_usercopy+0x1a/0x20 [ 99.048332][ T6604] _copy_from_user+0x1e/0xb0 [ 99.052950][ T6604] copy_msghdr_from_user+0x54/0x2a0 [ 99.058218][ T6604] ? __fget_files+0x17c/0x1c0 [ 99.063012][ T6604] __sys_sendmmsg+0x1e8/0x4b0 [ 99.067756][ T6604] __x64_sys_sendmmsg+0x57/0x70 [ 99.072615][ T6604] x64_sys_call+0x29aa/0x2dc0 [ 99.077316][ T6604] do_syscall_64+0xc9/0x1c0 [ 99.081888][ T6604] ? clear_bhb_loop+0x55/0xb0 [ 99.086565][ T6604] ? clear_bhb_loop+0x55/0xb0 [ 99.091321][ T6604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.097221][ T6604] RIP: 0033:0x7f2680135d19 [ 99.101635][ T6604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.121296][ T6604] RSP: 002b:00007f267e7a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 99.129705][ T6604] RAX: ffffffffffffffda RBX: 00007f2680325fa0 RCX: 00007f2680135d19 [ 99.137662][ T6604] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000005 [ 99.145646][ T6604] RBP: 00007f267e7a1090 R08: 0000000000000000 R09: 0000000000000000 [ 99.153676][ T6604] R10: 000000000000008a R11: 0000000000000246 R12: 0000000000000001 [ 99.161630][ T6604] R13: 0000000000000000 R14: 00007f2680325fa0 R15: 00007ffd913e5d38 [ 99.169640][ T6604] [ 99.234875][ T6612] FAULT_INJECTION: forcing a failure. [ 99.234875][ T6612] name failslab, interval 1, probability 0, space 0, times 0 [ 99.248308][ T6612] CPU: 1 UID: 0 PID: 6612 Comm: +}[@ Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 99.258466][ T6612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 99.268529][ T6612] Call Trace: [ 99.271801][ T6612] [ 99.274739][ T6612] dump_stack_lvl+0xf2/0x150 [ 99.279397][ T6612] dump_stack+0x15/0x1a [ 99.283578][ T6612] should_fail_ex+0x223/0x230 [ 99.288341][ T6612] should_failslab+0x8f/0xb0 [ 99.292957][ T6612] kmem_cache_alloc_node_noprof+0x59/0x320 [ 99.298916][ T6612] ? __alloc_skb+0x10b/0x310 [ 99.303518][ T6612] __alloc_skb+0x10b/0x310 [ 99.307993][ T6612] netlink_alloc_large_skb+0xad/0xe0 [ 99.313283][ T6612] netlink_sendmsg+0x3b4/0x6e0 [ 99.318065][ T6612] ? __pfx_netlink_sendmsg+0x10/0x10 [ 99.319312][ T6615] netlink: 108 bytes leftover after parsing attributes in process `GPL'. [ 99.323377][ T6612] __sock_sendmsg+0x140/0x180 [ 99.336456][ T6612] ____sys_sendmsg+0x312/0x410 [ 99.341319][ T6612] __sys_sendmsg+0x19d/0x230 [ 99.345992][ T6612] __x64_sys_sendmsg+0x46/0x50 [ 99.350802][ T6612] x64_sys_call+0x2734/0x2dc0 [ 99.355521][ T6612] do_syscall_64+0xc9/0x1c0 [ 99.360030][ T6612] ? clear_bhb_loop+0x55/0xb0 [ 99.364718][ T6612] ? clear_bhb_loop+0x55/0xb0 [ 99.369451][ T6612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.375461][ T6612] RIP: 0033:0x7f5bf3875d19 [ 99.379872][ T6612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.399509][ T6612] RSP: 002b:00007f5bf1ee7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 99.407981][ T6612] RAX: ffffffffffffffda RBX: 00007f5bf3a65fa0 RCX: 00007f5bf3875d19 [ 99.415957][ T6612] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003 [ 99.423932][ T6612] RBP: 00007f5bf1ee7090 R08: 0000000000000000 R09: 0000000000000000 [ 99.431911][ T6612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 99.439885][ T6612] R13: 0000000000000000 R14: 00007f5bf3a65fa0 R15: 00007ffd8ec788d8 [ 99.447945][ T6612] [ 99.454943][ T6614] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1164'. [ 99.476755][ T6614] syz.1.1164[6614] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 99.476844][ T6614] syz.1.1164[6614] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 99.488562][ T6614] syz.1.1164[6614] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 99.508077][ T6614] netlink: 'syz.1.1164': attribute type 10 has an invalid length. [ 99.554760][ T6614] tipc: Resetting bearer [ 99.564497][ T6614] tipc: Resetting bearer [ 99.593758][ T6614] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.632971][ T6614] bond0: (slave team0): Enslaving as an active interface with an up link [ 99.693089][ T6621] x_tables: duplicate underflow at hook 1 [ 99.759794][ T6648] vxcan0: tx drop: invalid sa for name 0x0000000000000001 [ 99.777157][ T6653] FAULT_INJECTION: forcing a failure. [ 99.777157][ T6653] name failslab, interval 1, probability 0, space 0, times 0 [ 99.790470][ T6653] CPU: 1 UID: 0 PID: 6653 Comm: syz.1.1178 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 99.801157][ T6653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 99.811266][ T6653] Call Trace: [ 99.814557][ T6653] [ 99.817539][ T6653] dump_stack_lvl+0xf2/0x150 [ 99.822200][ T6653] dump_stack+0x15/0x1a [ 99.826374][ T6653] should_fail_ex+0x223/0x230 [ 99.831066][ T6653] should_failslab+0x8f/0xb0 [ 99.835689][ T6653] kmem_cache_alloc_noprof+0x52/0x320 [ 99.841063][ T6653] ? skb_clone+0x154/0x1f0 [ 99.845484][ T6653] skb_clone+0x154/0x1f0 [ 99.849802][ T6653] __netlink_deliver_tap+0x2bd/0x4f0 [ 99.855117][ T6653] netlink_unicast+0x64a/0x670 [ 99.859892][ T6653] netlink_sendmsg+0x5cc/0x6e0 [ 99.864662][ T6653] ? __pfx_netlink_sendmsg+0x10/0x10 [ 99.870010][ T6653] __sock_sendmsg+0x140/0x180 [ 99.874727][ T6653] ____sys_sendmsg+0x312/0x410 [ 99.879570][ T6653] __sys_sendmsg+0x19d/0x230 [ 99.884228][ T6653] __x64_sys_sendmsg+0x46/0x50 [ 99.888999][ T6653] x64_sys_call+0x2734/0x2dc0 [ 99.893668][ T6653] do_syscall_64+0xc9/0x1c0 [ 99.898160][ T6653] ? clear_bhb_loop+0x55/0xb0 [ 99.902830][ T6653] ? clear_bhb_loop+0x55/0xb0 [ 99.907554][ T6653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.913515][ T6653] RIP: 0033:0x7fcfd4e75d19 [ 99.917919][ T6653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.937540][ T6653] RSP: 002b:00007fcfd34e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 99.945942][ T6653] RAX: ffffffffffffffda RBX: 00007fcfd5065fa0 RCX: 00007fcfd4e75d19 [ 99.953933][ T6653] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 99.961893][ T6653] RBP: 00007fcfd34e7090 R08: 0000000000000000 R09: 0000000000000000 [ 99.969986][ T6653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 99.977995][ T6653] R13: 0000000000000000 R14: 00007fcfd5065fa0 R15: 00007ffc3cf40f78 [ 99.986048][ T6653] [ 100.107782][ T6654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 100.139682][ T6666] FAULT_INJECTION: forcing a failure. [ 100.139682][ T6666] name failslab, interval 1, probability 0, space 0, times 0 [ 100.145325][ T6667] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1184'. [ 100.152480][ T6666] CPU: 0 UID: 0 PID: 6666 Comm: syz.2.1183 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 100.162177][ T6654] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 100.171974][ T6666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 100.189438][ T6667] loop4: detected capacity change from 0 to 764 [ 100.189711][ T6666] Call Trace: [ 100.189719][ T6666] [ 100.202233][ T6666] dump_stack_lvl+0xf2/0x150 [ 100.206876][ T6666] dump_stack+0x15/0x1a [ 100.211138][ T6666] should_fail_ex+0x223/0x230 [ 100.215905][ T6666] ? getname_flags+0x1f4/0x3b0 [ 100.220659][ T6666] should_failslab+0x8f/0xb0 [ 100.225263][ T6666] __kmalloc_cache_noprof+0x4e/0x320 [ 100.230634][ T6666] getname_flags+0x1f4/0x3b0 [ 100.235227][ T6666] getname+0x17/0x20 [ 100.239175][ T6666] path_setxattrat+0x23a/0x310 [ 100.243944][ T6666] __x64_sys_lsetxattr+0x71/0x90 [ 100.248945][ T6666] x64_sys_call+0x29c8/0x2dc0 [ 100.253636][ T6666] do_syscall_64+0xc9/0x1c0 [ 100.258135][ T6666] ? clear_bhb_loop+0x55/0xb0 [ 100.262877][ T6666] ? clear_bhb_loop+0x55/0xb0 [ 100.267545][ T6666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.273466][ T6666] RIP: 0033:0x7f3e667b5d19 [ 100.277870][ T6666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.297514][ T6666] RSP: 002b:00007f3e64e27038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 100.306067][ T6666] RAX: ffffffffffffffda RBX: 00007f3e669a5fa0 RCX: 00007f3e667b5d19 [ 100.314025][ T6666] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000020002040 [ 100.321989][ T6666] RBP: 00007f3e64e27090 R08: 0000000000000001 R09: 0000000000000000 [ 100.329974][ T6666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.337934][ T6666] R13: 0000000000000000 R14: 00007f3e669a5fa0 R15: 00007ffdeb912528 [ 100.345969][ T6666] [ 100.396939][ T6672] atomic_op ffff88811738dd28 conn xmit_atomic 0000000000000000 [ 100.433408][ T6672] ALSA: seq fatal error: cannot create timer (-16) [ 100.441759][ T6672] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 100.466348][ T6681] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.2.1189: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0 [ 100.489283][ T6681] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.2.1189: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0 [ 100.515763][ T6683] sd 0:0:1:0: device reset [ 100.546444][ T6687] syz.0.1192[6687] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.546570][ T6687] syz.0.1192[6687] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 100.717501][ T6699] FAULT_INJECTION: forcing a failure. [ 100.717501][ T6699] name failslab, interval 1, probability 0, space 0, times 0 [ 100.741666][ T6699] CPU: 0 UID: 0 PID: 6699 Comm: +}[@ Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 100.751834][ T6699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 100.761884][ T6699] Call Trace: [ 100.765144][ T6699] [ 100.768063][ T6699] dump_stack_lvl+0xf2/0x150 [ 100.772733][ T6699] dump_stack+0x15/0x1a [ 100.776905][ T6699] should_fail_ex+0x223/0x230 [ 100.781570][ T6699] should_failslab+0x8f/0xb0 [ 100.786219][ T6699] kmem_cache_alloc_noprof+0x52/0x320 [ 100.791609][ T6699] ? getname_flags+0x81/0x3b0 [ 100.796292][ T6699] ? vfs_write+0x596/0x920 [ 100.800722][ T6699] getname_flags+0x81/0x3b0 [ 100.805353][ T6699] user_path_at+0x26/0x120 [ 100.809753][ T6699] do_faccessat+0x396/0x640 [ 100.814275][ T6699] __x64_sys_faccessat+0x43/0x50 [ 100.819203][ T6699] x64_sys_call+0x1e6d/0x2dc0 [ 100.823914][ T6699] do_syscall_64+0xc9/0x1c0 [ 100.828398][ T6699] ? clear_bhb_loop+0x55/0xb0 [ 100.833076][ T6699] ? clear_bhb_loop+0x55/0xb0 [ 100.837793][ T6699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.843771][ T6699] RIP: 0033:0x7f2680135d19 [ 100.848170][ T6699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.867809][ T6699] RSP: 002b:00007f267e7a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000010d [ 100.876258][ T6699] RAX: ffffffffffffffda RBX: 00007f2680325fa0 RCX: 00007f2680135d19 [ 100.884293][ T6699] RDX: 0000000000000005 RSI: 0000000020000000 RDI: 0000000000000005 [ 100.892282][ T6699] RBP: 00007f267e7a1090 R08: 0000000000000000 R09: 0000000000000000 [ 100.900358][ T6699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.908317][ T6699] R13: 0000000000000000 R14: 00007f2680325fa0 R15: 00007ffd913e5d38 [ 100.916290][ T6699] [ 100.973992][ T6706] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.2.1200: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0 [ 101.027677][ T6702] tipc: Enabling of bearer rejected, already enabled [ 101.039437][ T6712] loop4: detected capacity change from 0 to 512 [ 101.057153][ T6712] EXT4-fs: Ignoring removed bh option [ 101.078742][ T6712] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 101.131361][ T6712] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 101.204519][ T6712] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 101.216928][ T6726] : entered promiscuous mode [ 101.221731][ T6726] bond_slave_0: entered promiscuous mode [ 101.227452][ T6726] bond_slave_1: entered promiscuous mode [ 101.233215][ T6726] bridge0: entered promiscuous mode [ 101.267074][ T6712] syz.4.1204[6712] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 101.267132][ T6712] syz.4.1204[6712] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 101.281949][ T6736] FAULT_INJECTION: forcing a failure. [ 101.281949][ T6736] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 101.307023][ T6736] CPU: 1 UID: 0 PID: 6736 Comm: syz.0.1211 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 101.317710][ T6736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 101.327754][ T6736] Call Trace: [ 101.331019][ T6736] [ 101.333942][ T6736] dump_stack_lvl+0xf2/0x150 [ 101.338556][ T6736] dump_stack+0x15/0x1a [ 101.342774][ T6736] should_fail_ex+0x223/0x230 [ 101.347472][ T6736] should_fail+0xb/0x10 [ 101.351618][ T6736] should_fail_usercopy+0x1a/0x20 [ 101.356654][ T6736] _copy_to_user+0x20/0xa0 [ 101.361127][ T6736] simple_read_from_buffer+0xa0/0x110 [ 101.366494][ T6736] proc_fail_nth_read+0xf9/0x140 [ 101.371429][ T6736] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 101.376974][ T6736] vfs_read+0x1a2/0x700 [ 101.381138][ T6736] ? __rcu_read_unlock+0x4e/0x70 [ 101.386116][ T6736] ? __fget_files+0x17c/0x1c0 [ 101.390879][ T6736] ksys_read+0xe8/0x1b0 [ 101.395094][ T6736] __x64_sys_read+0x42/0x50 [ 101.399593][ T6736] x64_sys_call+0x2874/0x2dc0 [ 101.404259][ T6736] do_syscall_64+0xc9/0x1c0 [ 101.408789][ T6736] ? clear_bhb_loop+0x55/0xb0 [ 101.413464][ T6736] ? clear_bhb_loop+0x55/0xb0 [ 101.418249][ T6736] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.424191][ T6736] RIP: 0033:0x7f268013472c [ 101.428658][ T6736] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 101.448321][ T6736] RSP: 002b:00007f267e7a1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 101.456801][ T6736] RAX: ffffffffffffffda RBX: 00007f2680325fa0 RCX: 00007f268013472c [ 101.464762][ T6736] RDX: 000000000000000f RSI: 00007f267e7a10a0 RDI: 0000000000000003 [ 101.472771][ T6736] RBP: 00007f267e7a1090 R08: 0000000000000000 R09: 0000000000000000 [ 101.480733][ T6736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.488751][ T6736] R13: 0000000000000001 R14: 00007f2680325fa0 R15: 00007ffd913e5d38 [ 101.496716][ T6736] [ 101.564387][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 101.614623][ T6750] 8021q: adding VLAN 0 to HW filter on device bond2 [ 101.623724][ T6750] bond0: (slave bond2): Enslaving as an active interface with an up link [ 101.643762][ T6754] tipc: Enabling of bearer rejected, already enabled [ 101.649690][ T6759] netlink: 'syz.4.1215': attribute type 1 has an invalid length. [ 101.732479][ T6768] __nla_validate_parse: 3 callbacks suppressed [ 101.732494][ T6768] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.1223'. [ 101.748543][ T6768] netlink: 6328 bytes leftover after parsing attributes in process `syz.3.1223'. [ 101.785386][ T6765] sg_write: data in/out 231/14 bytes for SCSI command 0x0-- guessing data in; [ 101.785386][ T6765] program syz.1.1222 not setting count and/or reply_len properly [ 101.830302][ T6768] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1223'. [ 101.842397][ T6768] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1223'. [ 101.869994][ T6779] syz.2.1226[6779] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 101.870062][ T6779] syz.2.1226[6779] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 101.989679][ T6789] tipc: Enabling of bearer rejected, already enabled [ 102.054680][ T6791] netlink: 'syz.2.1232': attribute type 29 has an invalid length. [ 102.084733][ T6791] netlink: 'syz.2.1232': attribute type 29 has an invalid length. [ 102.108115][ T6791] netlink: 500 bytes leftover after parsing attributes in process `syz.2.1232'. [ 102.117292][ T6791] unsupported nla_type 40 [ 102.209869][ T6801] veth7: entered promiscuous mode [ 102.514400][ T6812] syz.1.1239[6812] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 102.514524][ T6812] syz.1.1239[6812] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 102.593524][ T29] kauditd_printk_skb: 135 callbacks suppressed [ 102.593539][ T29] audit: type=1400 audit(1734245349.437:6182): avc: denied { write } for pid=6816 comm="syz.4.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 102.680783][ T6822] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.695605][ T29] audit: type=1400 audit(1734245349.487:6183): avc: denied { ioctl } for pid=6816 comm="syz.4.1241" path="socket:[16815]" dev="sockfs" ino=16815 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 102.803829][ T6829] IPv6: NLM_F_CREATE should be specified when creating new route [ 102.814351][ T6829] netlink: 'syz.4.1247': attribute type 7 has an invalid length. [ 102.917088][ T6839] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1252'. [ 102.971025][ T6844] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1255'. [ 102.979973][ T6844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1255'. [ 102.980261][ T6847] FAULT_INJECTION: forcing a failure. [ 102.980261][ T6847] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 103.002484][ T6847] CPU: 1 UID: 0 PID: 6847 Comm: syz.4.1256 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 103.013174][ T6847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 103.023236][ T6847] Call Trace: [ 103.026557][ T6847] [ 103.029591][ T6847] dump_stack_lvl+0xf2/0x150 [ 103.034210][ T6847] dump_stack+0x15/0x1a [ 103.038402][ T6847] should_fail_ex+0x223/0x230 [ 103.043158][ T6847] should_fail+0xb/0x10 [ 103.047320][ T6847] should_fail_usercopy+0x1a/0x20 [ 103.052364][ T6847] _copy_from_user+0x1e/0xb0 [ 103.056971][ T6847] move_addr_to_kernel+0x82/0x120 [ 103.062042][ T6847] __sys_sendto+0x12e/0x230 [ 103.066559][ T6847] __x64_sys_sendto+0x78/0x90 [ 103.071241][ T6847] x64_sys_call+0x29fa/0x2dc0 [ 103.076000][ T6847] do_syscall_64+0xc9/0x1c0 [ 103.080563][ T6847] ? clear_bhb_loop+0x55/0xb0 [ 103.085248][ T6847] ? clear_bhb_loop+0x55/0xb0 [ 103.089953][ T6847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.095873][ T6847] RIP: 0033:0x7f5bf3875d19 [ 103.100284][ T6847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.119946][ T6847] RSP: 002b:00007f5bf1ee7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 103.128370][ T6847] RAX: ffffffffffffffda RBX: 00007f5bf3a65fa0 RCX: 00007f5bf3875d19 [ 103.136345][ T6847] RDX: 00000000000005c4 RSI: 0000000000000000 RDI: 0000000000000006 [ 103.144322][ T6847] RBP: 00007f5bf1ee7090 R08: 0000000020000540 R09: 000000000000001c [ 103.152358][ T6847] R10: 000000000404c844 R11: 0000000000000246 R12: 0000000000000001 [ 103.160326][ T6847] R13: 0000000000000000 R14: 00007f5bf3a65fa0 R15: 00007ffd8ec788d8 [ 103.168304][ T6847] [ 103.205112][ T6844] wireguard0: entered promiscuous mode [ 103.210640][ T6844] wireguard0: entered allmulticast mode [ 103.371196][ T6861] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1260'. [ 103.514788][ T6870] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1262'. [ 103.535653][ T6870] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 103.543100][ T6870] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 103.556501][ T6870] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 103.563917][ T6870] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 103.579248][ T29] audit: type=1400 audit(1734245350.417:6184): avc: denied { relabelfrom } for pid=6868 comm="syz.4.1262" name="" dev="pipefs" ino=16928 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1 [ 103.769599][ T6879] netlink: 'syz.3.1266': attribute type 30 has an invalid length. [ 104.012106][ T6885] tipc: Enabling of bearer rejected, already enabled [ 104.025857][ T6889] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 104.032378][ T6889] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 104.039819][ T6889] vhci_hcd vhci_hcd.0: Device attached [ 104.063119][ T6885] tipc: Enabling of bearer rejected, already enabled [ 104.079414][ T29] audit: type=1400 audit(1734245350.927:6185): avc: denied { create } for pid=6888 comm="syz.3.1271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 104.099520][ T29] audit: type=1400 audit(1734245350.927:6186): avc: denied { setopt } for pid=6888 comm="syz.3.1271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 104.119045][ T29] audit: type=1400 audit(1734245350.927:6187): avc: denied { connect } for pid=6888 comm="syz.3.1271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 104.145519][ T6890] vhci_hcd: connection closed [ 104.148139][ T11] vhci_hcd: stop threads [ 104.157124][ T11] vhci_hcd: release socket [ 104.161538][ T11] vhci_hcd: disconnect device [ 104.167871][ T29] audit: type=1400 audit(1734245350.977:6188): avc: denied { ioctl } for pid=6888 comm="syz.3.1271" path="socket:[17007]" dev="sockfs" ino=17007 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 104.192722][ T29] audit: type=1400 audit(1734245350.977:6189): avc: denied { audit_write } for pid=6888 comm="syz.3.1271" capability=29 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 104.214714][ T29] audit: type=1107 audit(1734245350.977:6190): pid=6888 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='upp' [ 104.319222][ T29] audit: type=1400 audit(1734245351.167:6191): avc: denied { create } for pid=6905 comm="syz.0.1277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 104.794196][ T6929] bridge0: port 3(vlan2) entered blocking state [ 104.800719][ T6929] bridge0: port 3(vlan2) entered disabled state [ 104.825462][ T6929] vlan2: entered allmulticast mode [ 104.835771][ T6929] vlan2: left allmulticast mode [ 104.957334][ T6934] tipc: Enabling of bearer rejected, already enabled [ 105.005910][ T6934] tipc: Enabling of bearer rejected, already enabled [ 105.237355][ T6958] netlink: 'syz.4.1295': attribute type 1 has an invalid length. [ 105.700423][ T6975] FAULT_INJECTION: forcing a failure. [ 105.700423][ T6975] name failslab, interval 1, probability 0, space 0, times 0 [ 105.713186][ T6975] CPU: 1 UID: 0 PID: 6975 Comm: syz.3.1302 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 105.723858][ T6975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 105.733937][ T6975] Call Trace: [ 105.737213][ T6975] [ 105.740145][ T6975] dump_stack_lvl+0xf2/0x150 [ 105.744827][ T6975] dump_stack+0x15/0x1a [ 105.749009][ T6975] should_fail_ex+0x223/0x230 [ 105.753733][ T6975] should_failslab+0x8f/0xb0 [ 105.758331][ T6975] kmem_cache_alloc_noprof+0x52/0x320 [ 105.763780][ T6975] ? dst_alloc+0xc0/0x100 [ 105.768200][ T6975] dst_alloc+0xc0/0x100 [ 105.772438][ T6975] ? __pfx_rt_cache_flush+0x2/0x10 [ 105.777558][ T6975] ip_route_output_key_hash_rcu+0xb90/0x12d0 [ 105.783580][ T6975] ip_route_output_flow+0x76/0x120 [ 105.788698][ T6975] udp_sendmsg+0xe5d/0x12f0 [ 105.793207][ T6975] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 105.798821][ T6975] ? avc_has_perm+0xd4/0x160 [ 105.803426][ T6975] ? __pfx_udp_sendmsg+0x10/0x10 [ 105.808408][ T6975] inet_sendmsg+0xaf/0xd0 [ 105.812746][ T6975] __sock_sendmsg+0x102/0x180 [ 105.817434][ T6975] ____sys_sendmsg+0x312/0x410 [ 105.822277][ T6975] __sys_sendmmsg+0x227/0x4b0 [ 105.826971][ T6975] __x64_sys_sendmmsg+0x57/0x70 [ 105.831859][ T6975] x64_sys_call+0x29aa/0x2dc0 [ 105.836544][ T6975] do_syscall_64+0xc9/0x1c0 [ 105.841050][ T6975] ? clear_bhb_loop+0x55/0xb0 [ 105.845814][ T6975] ? clear_bhb_loop+0x55/0xb0 [ 105.850494][ T6975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.856442][ T6975] RIP: 0033:0x7f4212935d19 [ 105.860870][ T6975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.880528][ T6975] RSP: 002b:00007f4210fa7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 105.888945][ T6975] RAX: ffffffffffffffda RBX: 00007f4212b25fa0 RCX: 00007f4212935d19 [ 105.896924][ T6975] RDX: 0000000000000001 RSI: 0000000020008c80 RDI: 0000000000000003 [ 105.904896][ T6975] RBP: 00007f4210fa7090 R08: 0000000000000000 R09: 0000000000000000 [ 105.912942][ T6975] R10: 0000000000000840 R11: 0000000000000246 R12: 0000000000000001 [ 105.920913][ T6975] R13: 0000000000000000 R14: 00007f4212b25fa0 R15: 00007ffd015bc458 [ 105.928914][ T6975] [ 106.207827][ T6986] ip6_vti0: entered promiscuous mode [ 106.213639][ T6986] ip6_vti0: left promiscuous mode [ 106.336701][ T6998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 106.417103][ T6998] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 106.470611][ T7003] 9pnet_fd: Insufficient options for proto=fd [ 106.946161][ T7032] syz.3.1324[7032] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 106.946220][ T7032] syz.3.1324[7032] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 107.033951][ T7034] tipc: Enabling of bearer rejected, already enabled [ 107.094092][ T7040] tipc: Enabling of bearer rejected, already enabled [ 107.177269][ T7045] 9pnet_fd: Insufficient options for proto=fd [ 107.329494][ T7061] IPv6: NLM_F_CREATE should be specified when creating new route [ 107.435950][ T7070] tipc: Enabling of bearer rejected, already enabled [ 107.436528][ T7071] FAULT_INJECTION: forcing a failure. [ 107.436528][ T7071] name failslab, interval 1, probability 0, space 0, times 0 [ 107.456385][ T7071] CPU: 1 UID: 0 PID: 7071 Comm: +}[@ Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 107.463024][ T7070] tipc: Enabling of bearer rejected, already enabled [ 107.466532][ T7071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 107.466546][ T7071] Call Trace: [ 107.466558][ T7071] [ 107.466566][ T7071] dump_stack_lvl+0xf2/0x150 [ 107.495270][ T7071] dump_stack+0x15/0x1a [ 107.499434][ T7071] should_fail_ex+0x223/0x230 [ 107.504132][ T7071] should_failslab+0x8f/0xb0 [ 107.508720][ T7071] kmem_cache_alloc_node_noprof+0x59/0x320 [ 107.514563][ T7071] ? __alloc_skb+0x10b/0x310 [ 107.519261][ T7071] __alloc_skb+0x10b/0x310 [ 107.523662][ T7071] ? audit_log_start+0x34c/0x6b0 [ 107.528593][ T7071] audit_log_start+0x368/0x6b0 [ 107.533351][ T7071] ? __bpf_ringbuf_reserve+0x2de/0x320 [ 107.538845][ T7071] ? _raw_spin_lock_irqsave+0x3c/0xb0 [ 107.544359][ T7071] audit_seccomp+0x4b/0x130 [ 107.548856][ T7071] __seccomp_filter+0x6fa/0x1180 [ 107.553848][ T7071] ? putname+0xcf/0xf0 [ 107.557906][ T7071] ? __traceiter_kmem_cache_free+0x33/0x50 [ 107.563710][ T7071] ? kmem_cache_free+0xdc/0x2d0 [ 107.568585][ T7071] __secure_computing+0x9f/0x1c0 [ 107.573595][ T7071] syscall_trace_enter+0xd1/0x1f0 [ 107.578684][ T7071] do_syscall_64+0xaa/0x1c0 [ 107.583192][ T7071] ? clear_bhb_loop+0x55/0xb0 [ 107.588018][ T7071] ? clear_bhb_loop+0x55/0xb0 [ 107.592766][ T7071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.598663][ T7071] RIP: 0033:0x7f268013472c [ 107.603144][ T7071] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 107.622743][ T7071] RSP: 002b:00007f267e7a1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 107.631149][ T7071] RAX: ffffffffffffffda RBX: 00007f2680325fa0 RCX: 00007f268013472c [ 107.639108][ T7071] RDX: 000000000000000f RSI: 00007f267e7a10a0 RDI: 0000000000000004 [ 107.647162][ T7071] RBP: 00007f267e7a1090 R08: 0000000000000000 R09: 0000000000000000 [ 107.655120][ T7071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 107.663137][ T7071] R13: 0000000000000000 R14: 00007f2680325fa0 R15: 00007ffd913e5d38 [ 107.671177][ T7071] [ 107.674289][ T7071] audit_log_lost: 233 callbacks suppressed [ 107.674339][ T7071] audit: audit_lost=7 audit_rate_limit=0 audit_backlog_limit=64 [ 107.688422][ T7071] audit: out of memory in audit_log_start [ 107.718218][ T29] audit: type=1326 audit(1734245354.567:6425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f26801347cf code=0x7ffc0000 [ 107.768713][ T29] audit: type=1326 audit(1734245354.587:6426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7073 comm="syz.2.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e667b5d19 code=0x7ffc0000 [ 107.792986][ T29] audit: type=1326 audit(1734245354.587:6427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7073 comm="syz.2.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3e667b5d19 code=0x7ffc0000 [ 107.816935][ T29] audit: type=1326 audit(1734245354.587:6428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7073 comm="syz.2.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e667b5d19 code=0x7ffc0000 [ 107.840335][ T29] audit: type=1326 audit(1734245354.587:6429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7073 comm="syz.2.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3e667b5d19 code=0x7ffc0000 [ 107.864276][ T29] audit: type=1326 audit(1734245354.587:6430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7073 comm="syz.2.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e667b5d19 code=0x7ffc0000 [ 107.888328][ T29] audit: type=1326 audit(1734245354.587:6431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7073 comm="syz.2.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e667b5d19 code=0x7ffc0000 [ 107.911718][ T29] audit: type=1326 audit(1734245354.587:6432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7073 comm="syz.2.1343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e667b5d19 code=0x7ffc0000 [ 108.061989][ T7090] syz.0.1351[7090] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 108.062041][ T7090] syz.0.1351[7090] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 108.322558][ T7114] FAULT_INJECTION: forcing a failure. [ 108.322558][ T7114] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 108.347811][ T7114] CPU: 1 UID: 0 PID: 7114 Comm: syz.0.1359 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 108.358623][ T7114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 108.368696][ T7114] Call Trace: [ 108.372028][ T7114] [ 108.374957][ T7114] dump_stack_lvl+0xf2/0x150 [ 108.379562][ T7114] dump_stack+0x15/0x1a [ 108.383788][ T7114] should_fail_ex+0x223/0x230 [ 108.388539][ T7114] should_fail+0xb/0x10 [ 108.392825][ T7114] should_fail_usercopy+0x1a/0x20 [ 108.397846][ T7114] _copy_from_iter+0xd5/0xd00 [ 108.402521][ T7114] ? kmalloc_reserve+0x16e/0x190 [ 108.407450][ T7114] ? __build_skb_around+0x196/0x1f0 [ 108.412698][ T7114] ? __alloc_skb+0x21f/0x310 [ 108.417278][ T7114] ? __virt_addr_valid+0x1ed/0x250 [ 108.422442][ T7114] ? __check_object_size+0x364/0x520 [ 108.427725][ T7114] netlink_sendmsg+0x460/0x6e0 [ 108.432514][ T7114] ? __pfx_netlink_sendmsg+0x10/0x10 [ 108.437819][ T7114] __sock_sendmsg+0x140/0x180 [ 108.442538][ T7114] ____sys_sendmsg+0x312/0x410 [ 108.447351][ T7114] __sys_sendmsg+0x19d/0x230 [ 108.452012][ T7114] __x64_sys_sendmsg+0x46/0x50 [ 108.456784][ T7114] x64_sys_call+0x2734/0x2dc0 [ 108.461452][ T7114] do_syscall_64+0xc9/0x1c0 [ 108.465985][ T7114] ? clear_bhb_loop+0x55/0xb0 [ 108.470654][ T7114] ? clear_bhb_loop+0x55/0xb0 [ 108.475326][ T7114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.481220][ T7114] RIP: 0033:0x7f2680135d19 [ 108.485677][ T7114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.505280][ T7114] RSP: 002b:00007f267e7a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 108.513762][ T7114] RAX: ffffffffffffffda RBX: 00007f2680325fa0 RCX: 00007f2680135d19 [ 108.521721][ T7114] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 108.529717][ T7114] RBP: 00007f267e7a1090 R08: 0000000000000000 R09: 0000000000000000 [ 108.537675][ T7114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 108.545637][ T7114] R13: 0000000000000000 R14: 00007f2680325fa0 R15: 00007ffd913e5d38 [ 108.553677][ T7114] [ 108.577450][ T7112] __nla_validate_parse: 4 callbacks suppressed [ 108.577467][ T7112] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1358'. [ 108.656484][ T7117] tipc: Enabling of bearer rejected, already enabled [ 108.680760][ T7117] tipc: Enabling of bearer rejected, already enabled [ 108.801922][ T7129] sch_tbf: burst 1 is lower than device bond_slave_0 mtu (1514) ! [ 108.830792][ T7132] FAULT_INJECTION: forcing a failure. [ 108.830792][ T7132] name failslab, interval 1, probability 0, space 0, times 0 [ 108.843567][ T7132] CPU: 0 UID: 0 PID: 7132 Comm: syz.4.1365 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 108.854248][ T7132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 108.864509][ T7132] Call Trace: [ 108.867786][ T7132] [ 108.870716][ T7132] dump_stack_lvl+0xf2/0x150 [ 108.875354][ T7132] dump_stack+0x15/0x1a [ 108.879529][ T7132] should_fail_ex+0x223/0x230 [ 108.884384][ T7132] should_failslab+0x8f/0xb0 [ 108.889004][ T7132] __kmalloc_noprof+0xab/0x3f0 [ 108.893766][ T7132] ? security_sb_alloc+0x47/0x110 [ 108.898800][ T7132] security_sb_alloc+0x47/0x110 [ 108.903789][ T7132] alloc_super+0x108/0x5a0 [ 108.908198][ T7132] ? __pfx_set_anon_super_fc+0x10/0x10 [ 108.913651][ T7132] sget_fc+0x259/0x670 [ 108.917715][ T7132] ? __pfx_set_anon_super_fc+0x10/0x10 [ 108.923219][ T7132] ? __pfx_shmem_fill_super+0x10/0x10 [ 108.928642][ T7132] get_tree_nodev+0x28/0xf0 [ 108.933183][ T7132] shmem_get_tree+0x1c/0x30 [ 108.937775][ T7132] vfs_get_tree+0x56/0x1e0 [ 108.942393][ T7132] do_new_mount+0x227/0x690 [ 108.946900][ T7132] path_mount+0x49b/0xb30 [ 108.951271][ T7132] __se_sys_mount+0x27c/0x2d0 [ 108.956031][ T7132] ? fput+0x1c4/0x200 [ 108.960004][ T7132] __x64_sys_mount+0x67/0x80 [ 108.964650][ T7132] x64_sys_call+0x2c84/0x2dc0 [ 108.969435][ T7132] do_syscall_64+0xc9/0x1c0 [ 108.973926][ T7132] ? clear_bhb_loop+0x55/0xb0 [ 108.978595][ T7132] ? clear_bhb_loop+0x55/0xb0 [ 108.983262][ T7132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.989203][ T7132] RIP: 0033:0x7f5bf3875d19 [ 108.993645][ T7132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.013246][ T7132] RSP: 002b:00007f5bf1ec6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 109.021755][ T7132] RAX: ffffffffffffffda RBX: 00007f5bf3a66080 RCX: 00007f5bf3875d19 [ 109.029745][ T7132] RDX: 0000000020000080 RSI: 0000000020000040 RDI: 0000000000000000 [ 109.037729][ T7132] RBP: 00007f5bf1ec6090 R08: 0000000000000000 R09: 0000000000000000 [ 109.045697][ T7132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 109.053718][ T7132] R13: 0000000000000000 R14: 00007f5bf3a66080 R15: 00007ffd8ec788d8 [ 109.061691][ T7132] [ 109.130396][ T7136] FAULT_INJECTION: forcing a failure. [ 109.130396][ T7136] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 109.144169][ T7136] CPU: 1 UID: 0 PID: 7136 Comm: syz.4.1369 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 109.154948][ T7136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 109.165006][ T7136] Call Trace: [ 109.168334][ T7136] [ 109.171260][ T7136] dump_stack_lvl+0xf2/0x150 [ 109.175869][ T7136] dump_stack+0x15/0x1a [ 109.180102][ T7136] should_fail_ex+0x223/0x230 [ 109.184786][ T7136] should_fail+0xb/0x10 [ 109.188937][ T7136] should_fail_usercopy+0x1a/0x20 [ 109.194063][ T7136] _copy_to_user+0x20/0xa0 [ 109.198535][ T7136] simple_read_from_buffer+0xa0/0x110 [ 109.203916][ T7136] proc_fail_nth_read+0xf9/0x140 [ 109.208872][ T7136] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 109.212343][ T7123] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1362'. [ 109.214420][ T7136] vfs_read+0x1a2/0x700 [ 109.227490][ T7136] ? __rcu_read_unlock+0x4e/0x70 [ 109.232606][ T7136] ? __fget_files+0x17c/0x1c0 [ 109.237373][ T7136] ksys_read+0xe8/0x1b0 [ 109.241539][ T7136] __x64_sys_read+0x42/0x50 [ 109.246078][ T7136] x64_sys_call+0x2874/0x2dc0 [ 109.250763][ T7136] do_syscall_64+0xc9/0x1c0 [ 109.255268][ T7136] ? clear_bhb_loop+0x55/0xb0 [ 109.259940][ T7136] ? clear_bhb_loop+0x55/0xb0 [ 109.264714][ T7136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.270626][ T7136] RIP: 0033:0x7f5bf387472c [ 109.275034][ T7136] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 109.294701][ T7136] RSP: 002b:00007f5bf1ee7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 109.303181][ T7136] RAX: ffffffffffffffda RBX: 00007f5bf3a65fa0 RCX: 00007f5bf387472c [ 109.311142][ T7136] RDX: 000000000000000f RSI: 00007f5bf1ee70a0 RDI: 0000000000000006 [ 109.319101][ T7136] RBP: 00007f5bf1ee7090 R08: 0000000000000000 R09: 0000000000000000 [ 109.327098][ T7136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 109.335060][ T7136] R13: 0000000000000000 R14: 00007f5bf3a65fa0 R15: 00007ffd8ec788d8 [ 109.343025][ T7136] [ 109.395909][ T7139] FAULT_INJECTION: forcing a failure. [ 109.395909][ T7139] name failslab, interval 1, probability 0, space 0, times 0 [ 109.409199][ T7139] CPU: 1 UID: 0 PID: 7139 Comm: syz.4.1372 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 109.419877][ T7139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 109.429937][ T7139] Call Trace: [ 109.433247][ T7139] [ 109.436178][ T7139] dump_stack_lvl+0xf2/0x150 [ 109.440782][ T7139] dump_stack+0x15/0x1a [ 109.444984][ T7139] should_fail_ex+0x223/0x230 [ 109.449666][ T7139] should_failslab+0x8f/0xb0 [ 109.454291][ T7139] kmem_cache_alloc_node_noprof+0x59/0x320 [ 109.460109][ T7139] ? __alloc_skb+0x10b/0x310 [ 109.464709][ T7139] __alloc_skb+0x10b/0x310 [ 109.469127][ T7139] ? audit_log_start+0x34c/0x6b0 [ 109.474073][ T7139] audit_log_start+0x368/0x6b0 [ 109.478843][ T7139] ? _raw_spin_lock_irqsave+0x3c/0xb0 [ 109.484242][ T7139] ? _raw_spin_unlock_irqrestore+0x2b/0x60 [ 109.490050][ T7139] audit_seccomp+0x4b/0x130 [ 109.494562][ T7139] __seccomp_filter+0x6fa/0x1180 [ 109.499669][ T7139] __secure_computing+0x9f/0x1c0 [ 109.504631][ T7139] syscall_trace_enter+0xd1/0x1f0 [ 109.509687][ T7139] ? fpregs_assert_state_consistent+0x83/0xa0 [ 109.515844][ T7139] do_syscall_64+0xaa/0x1c0 [ 109.520350][ T7139] ? clear_bhb_loop+0x55/0xb0 [ 109.525025][ T7139] ? clear_bhb_loop+0x55/0xb0 [ 109.529700][ T7139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.535610][ T7139] RIP: 0033:0x7f5bf387472c [ 109.540023][ T7139] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 109.559668][ T7139] RSP: 002b:00007f5bf1ee7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 109.568094][ T7139] RAX: ffffffffffffffda RBX: 00007f5bf3a65fa0 RCX: 00007f5bf387472c [ 109.576068][ T7139] RDX: 000000000000000f RSI: 00007f5bf1ee70a0 RDI: 0000000000000006 [ 109.584030][ T7139] RBP: 00007f5bf1ee7090 R08: 0000000000000000 R09: 0000000000000000 [ 109.591989][ T7139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 109.599950][ T7139] R13: 0000000000000000 R14: 00007f5bf3a65fa0 R15: 00007ffd8ec788d8 [ 109.607916][ T7139] [ 109.737021][ T7165] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1379'. [ 109.746481][ T7166] FAULT_INJECTION: forcing a failure. [ 109.746481][ T7166] name failslab, interval 1, probability 0, space 0, times 0 [ 109.746505][ T7166] CPU: 0 UID: 0 PID: 7166 Comm: syz.4.1381 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 109.746532][ T7166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 109.746547][ T7166] Call Trace: [ 109.746553][ T7166] [ 109.746561][ T7166] dump_stack_lvl+0xf2/0x150 [ 109.746598][ T7166] dump_stack+0x15/0x1a [ 109.746627][ T7166] should_fail_ex+0x223/0x230 [ 109.746650][ T7166] should_failslab+0x8f/0xb0 [ 109.746721][ T7166] __kmalloc_cache_node_noprof+0x56/0x320 [ 109.746746][ T7166] ? __get_vm_area_node+0xfb/0x1c0 [ 109.815179][ T7166] __get_vm_area_node+0xfb/0x1c0 [ 109.820161][ T7166] __vmalloc_node_range_noprof+0x280/0xe80 [ 109.826066][ T7166] ? bpf_prog_alloc_no_stats+0x49/0x380 [ 109.831643][ T7166] ? mntput_no_expire+0x70/0x3c0 [ 109.836573][ T7166] ? avc_has_perm_noaudit+0x1cc/0x210 [ 109.841989][ T7166] ? selinux_capable+0x1f2/0x260 [ 109.846920][ T7166] ? bpf_prog_alloc_no_stats+0x49/0x380 [ 109.852465][ T7166] __vmalloc_noprof+0x5e/0x70 [ 109.857213][ T7166] ? bpf_prog_alloc_no_stats+0x49/0x380 [ 109.862785][ T7166] bpf_prog_alloc_no_stats+0x49/0x380 [ 109.868269][ T7166] ? bpf_prog_alloc+0x28/0x150 [ 109.873020][ T7166] bpf_prog_alloc+0x3a/0x150 [ 109.877598][ T7166] bpf_prog_load+0x4d1/0x1070 [ 109.882297][ T7166] ? __rcu_read_unlock+0x4e/0x70 [ 109.887289][ T7166] __sys_bpf+0x463/0x7a0 [ 109.891583][ T7166] __x64_sys_bpf+0x43/0x50 [ 109.896064][ T7166] x64_sys_call+0x2914/0x2dc0 [ 109.900733][ T7166] do_syscall_64+0xc9/0x1c0 [ 109.905224][ T7166] ? clear_bhb_loop+0x55/0xb0 [ 109.909889][ T7166] ? clear_bhb_loop+0x55/0xb0 [ 109.914620][ T7166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.920526][ T7166] RIP: 0033:0x7f5bf3875d19 [ 109.924928][ T7166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.944523][ T7166] RSP: 002b:00007f5bf1ee7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 109.952925][ T7166] RAX: ffffffffffffffda RBX: 00007f5bf3a65fa0 RCX: 00007f5bf3875d19 [ 109.960885][ T7166] RDX: 0000000000000094 RSI: 00000000200000c0 RDI: 0000000000000005 [ 109.968844][ T7166] RBP: 00007f5bf1ee7090 R08: 0000000000000000 R09: 0000000000000000 [ 109.976891][ T7166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 109.984854][ T7166] R13: 0000000000000000 R14: 00007f5bf3a65fa0 R15: 00007ffd8ec788d8 [ 109.992892][ T7166] [ 109.996061][ T7166] syz.4.1381: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0 [ 110.001122][ T7170] IPv4: Oversized IP packet from 127.202.26.0 [ 110.012180][ T7166] CPU: 0 UID: 0 PID: 7166 Comm: syz.4.1381 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 110.023215][ T7154] tipc: Enabling of bearer rejected, already enabled [ 110.028774][ T7166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 110.028789][ T7166] Call Trace: [ 110.028795][ T7166] [ 110.028802][ T7166] dump_stack_lvl+0xf2/0x150 [ 110.041145][ T7154] tipc: Enabling of bearer rejected, already enabled [ 110.046458][ T7166] dump_stack+0x15/0x1a [ 110.046490][ T7166] warn_alloc+0x145/0x1b0 [ 110.073458][ T7166] __vmalloc_node_range_noprof+0x2a5/0xe80 [ 110.079271][ T7166] ? mntput_no_expire+0x70/0x3c0 [ 110.084277][ T7166] ? avc_has_perm_noaudit+0x1cc/0x210 [ 110.089724][ T7166] ? selinux_capable+0x1f2/0x260 [ 110.094653][ T7166] ? bpf_prog_alloc_no_stats+0x49/0x380 [ 110.100189][ T7166] __vmalloc_noprof+0x5e/0x70 [ 110.104866][ T7166] ? bpf_prog_alloc_no_stats+0x49/0x380 [ 110.110410][ T7166] bpf_prog_alloc_no_stats+0x49/0x380 [ 110.115782][ T7166] ? bpf_prog_alloc+0x28/0x150 [ 110.120702][ T7166] bpf_prog_alloc+0x3a/0x150 [ 110.125286][ T7166] bpf_prog_load+0x4d1/0x1070 [ 110.130027][ T7166] ? __rcu_read_unlock+0x4e/0x70 [ 110.134971][ T7166] __sys_bpf+0x463/0x7a0 [ 110.139214][ T7166] __x64_sys_bpf+0x43/0x50 [ 110.143745][ T7166] x64_sys_call+0x2914/0x2dc0 [ 110.148456][ T7166] do_syscall_64+0xc9/0x1c0 [ 110.152948][ T7166] ? clear_bhb_loop+0x55/0xb0 [ 110.157616][ T7166] ? clear_bhb_loop+0x55/0xb0 [ 110.162338][ T7166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.168268][ T7166] RIP: 0033:0x7f5bf3875d19 [ 110.172674][ T7166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.192272][ T7166] RSP: 002b:00007f5bf1ee7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 110.200748][ T7166] RAX: ffffffffffffffda RBX: 00007f5bf3a65fa0 RCX: 00007f5bf3875d19 [ 110.208742][ T7166] RDX: 0000000000000094 RSI: 00000000200000c0 RDI: 0000000000000005 [ 110.216772][ T7166] RBP: 00007f5bf1ee7090 R08: 0000000000000000 R09: 0000000000000000 [ 110.224891][ T7166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 110.232897][ T7166] R13: 0000000000000000 R14: 00007f5bf3a65fa0 R15: 00007ffd8ec788d8 [ 110.240870][ T7166] [ 110.243922][ T7166] Mem-Info: [ 110.247209][ T7166] active_anon:3504 inactive_anon:23 isolated_anon:0 [ 110.247209][ T7166] active_file:17319 inactive_file:2023 isolated_file:0 [ 110.247209][ T7166] unevictable:0 dirty:277 writeback:0 [ 110.247209][ T7166] slab_reclaimable:2837 slab_unreclaimable:15288 [ 110.247209][ T7166] mapped:28606 shmem:310 pagetables:794 [ 110.247209][ T7166] sec_pagetables:0 bounce:0 [ 110.247209][ T7166] kernel_misc_reclaimable:0 [ 110.247209][ T7166] free:1897831 free_pcp:2550 free_cma:0 [ 110.292019][ T7166] Node 0 active_anon:13900kB inactive_anon:92kB active_file:69276kB inactive_file:8092kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:114424kB dirty:1108kB writeback:0kB shmem:1240kB writeback_tmp:0kB kernel_stack:2944kB pagetables:3176kB sec_pagetables:0kB all_unreclaimable? no [ 110.319991][ T7166] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 110.327550][ T7176] syz.1.1384[7176] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 110.346891][ T7166] lowmem_reserve[]: 0 2866 7844 0 [ 110.346922][ T7166] Node 0 DMA32 free:2950280kB boost:0kB min:4136kB low:7068kB high:10000kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953912kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB [ 110.346990][ T7166] lowmem_reserve[]: 0 0 4978 0 [ 110.347014][ T7166] Node 0 Normal free:4625684kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:14016kB inactive_anon:92kB active_file:69276kB inactive_file:8092kB unevictable:0kB writepending:1108kB present:5242880kB managed:5098208kB mlocked:0kB bounce:0kB free_pcp:6504kB local_pcp:4052kB free_cma:0kB [ 110.347113][ T7166] lowmem_reserve[]: 0 0 0 0 [ 110.347139][ T7166] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 110.347287][ T7166] Node 0 DMA32: 2*4kB (M) 2*8kB (M) 3*16kB (M) 4*32kB (M) 3*64kB (M) 2*128kB (M) 2*256kB (M) 2*512kB (M) 3*1024kB (M) 2*2048kB (M) 718*4096kB (M) = 2950280kB [ 110.347546][ T7166] Node 0 Normal: 1135*4kB (ME) 1045*8kB (UM) 505*16kB (UME) 489*32kB (UME) [ 110.372068][ T7176] syz.1.1384[7176] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 110.392499][ T7166] 518*64kB (UME) 149*128kB (UME) 106*256kB (UME) 80*512kB (UME) 58*1024kB (UME) 27*2048kB (UM) 1063*4096kB (UM) = 4625684kB [ 110.392602][ T7166] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 110.392696][ T7166] 19733 total pagecache pages [ 110.392702][ T7166] 53 pages in swap cache [ 110.392709][ T7166] Free swap = 124032kB [ 110.392716][ T7166] Total swap = 124996kB [ 110.392723][ T7166] 2097051 pages RAM [ 110.392729][ T7166] 0 pages HighMem/MovableOnly [ 110.392735][ T7166] 80181 pages reserved [ 110.723763][ T7198] loop4: detected capacity change from 0 to 1024 [ 110.950975][ T7220] tipc: Enabling of bearer rejected, already enabled [ 110.976116][ T7220] tipc: Enabling of bearer rejected, already enabled [ 111.072708][ T7209] sch_tbf: burst 0 is lower than device lo mtu (81) ! [ 111.130878][ T7230] loop4: detected capacity change from 0 to 2048 [ 111.159734][ T7230] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.196631][ T7230] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 111.218335][ T7230] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 111.231181][ T7230] EXT4-fs (loop4): This should not happen!! Data will be lost [ 111.231181][ T7230] [ 111.240896][ T7230] EXT4-fs (loop4): Total free blocks count 0 [ 111.247013][ T7230] EXT4-fs (loop4): Free/Dirty block details [ 111.252929][ T7230] EXT4-fs (loop4): free_blocks=2415919104 [ 111.259351][ T7230] EXT4-fs (loop4): dirty_blocks=32 [ 111.264466][ T7230] EXT4-fs (loop4): Block reservation details [ 111.270524][ T7230] EXT4-fs (loop4): i_reserved_data_blocks=2 [ 111.328881][ T7243] FAULT_INJECTION: forcing a failure. [ 111.328881][ T7243] name failslab, interval 1, probability 0, space 0, times 0 [ 111.341614][ T7243] CPU: 0 UID: 0 PID: 7243 Comm: syz.0.1412 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 111.352343][ T7243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 111.362474][ T7243] Call Trace: [ 111.365740][ T7243] [ 111.368661][ T7243] dump_stack_lvl+0xf2/0x150 [ 111.373289][ T7243] dump_stack+0x15/0x1a [ 111.377449][ T7243] should_fail_ex+0x223/0x230 [ 111.382122][ T7243] should_failslab+0x8f/0xb0 [ 111.386712][ T7243] kmem_cache_alloc_node_noprof+0x59/0x320 [ 111.392572][ T7243] ? __alloc_skb+0x10b/0x310 [ 111.397152][ T7243] __alloc_skb+0x10b/0x310 [ 111.401556][ T7243] ? audit_log_start+0x34c/0x6b0 [ 111.406590][ T7243] audit_log_start+0x368/0x6b0 [ 111.411349][ T7243] audit_seccomp+0x4b/0x130 [ 111.415843][ T7243] __seccomp_filter+0x6fa/0x1180 [ 111.420828][ T7243] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 111.426506][ T7243] ? vfs_write+0x596/0x920 [ 111.430924][ T7243] __secure_computing+0x9f/0x1c0 [ 111.435863][ T7243] syscall_trace_enter+0xd1/0x1f0 [ 111.440947][ T7243] ? fpregs_assert_state_consistent+0x83/0xa0 [ 111.447011][ T7243] do_syscall_64+0xaa/0x1c0 [ 111.451562][ T7243] ? clear_bhb_loop+0x55/0xb0 [ 111.456280][ T7243] ? clear_bhb_loop+0x55/0xb0 [ 111.461101][ T7243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.466992][ T7243] RIP: 0033:0x7f2680135d19 [ 111.471459][ T7243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.491107][ T7243] RSP: 002b:00007f267e7a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000001b [ 111.499508][ T7243] RAX: ffffffffffffffda RBX: 00007f2680325fa0 RCX: 00007f2680135d19 [ 111.507468][ T7243] RDX: 00000000200003c0 RSI: 0000000000003000 RDI: 0000000020ffa000 [ 111.515454][ T7243] RBP: 00007f267e7a1090 R08: 0000000000000000 R09: 0000000000000000 [ 111.523411][ T7243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 111.531445][ T7243] R13: 0000000000000000 R14: 00007f2680325fa0 R15: 00007ffd913e5d38 [ 111.539408][ T7243] [ 111.574902][ T7247] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1413'. [ 111.608657][ T40] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28 [ 111.735748][ T7257] netlink: 'syz.3.1419': attribute type 7 has an invalid length. [ 111.743714][ T7264] syzkaller1: entered promiscuous mode [ 111.749902][ T7264] syzkaller1: entered allmulticast mode [ 112.138507][ T7294] ip6_vti0: entered promiscuous mode [ 112.157001][ T7294] ip6_vti0: left promiscuous mode [ 112.756565][ T7314] loop4: detected capacity change from 0 to 512 [ 112.763327][ T7314] EXT4-fs: Ignoring removed oldalloc option [ 112.822580][ T7314] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1440: Parent and EA inode have the same ino 15 [ 112.838471][ T7314] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1440: Parent and EA inode have the same ino 15 [ 112.975163][ T7314] EXT4-fs (loop4): 1 orphan inode deleted [ 112.981241][ T7314] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 113.425670][ T29] kauditd_printk_skb: 395 callbacks suppressed [ 113.425683][ T29] audit: type=1400 audit(1734245360.267:6824): avc: denied { setcurrent } for pid=7302 comm="syz.3.1436" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 113.451378][ T29] audit: type=1401 audit(1734245360.267:6825): op=security_bounded_transition seresult=denied oldcontext=root:sysadm_r:sysadm_t newcontext=system_u:object_r:hugetlbfs_t [ 113.470524][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.876635][ T7340] ip6_vti0: entered promiscuous mode [ 113.886514][ T7340] ip6_vti0: left promiscuous mode [ 113.901426][ T29] audit: type=1400 audit(1734245360.747:6826): avc: denied { recv } for pid=7331 comm="syz.1.1446" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1 [ 114.056723][ T7359] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1457'. [ 114.118504][ T7359] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1457'. [ 114.129432][ T7367] loop4: detected capacity change from 0 to 512 [ 114.146030][ T7367] EXT4-fs: Ignoring removed bh option [ 114.160525][ T7367] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 114.178149][ T7370] FAULT_INJECTION: forcing a failure. [ 114.178149][ T7370] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 114.192072][ T7370] CPU: 1 UID: 0 PID: 7370 Comm: syz.0.1460 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 114.202770][ T7370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 114.212822][ T7370] Call Trace: [ 114.216102][ T7370] [ 114.219085][ T7370] dump_stack_lvl+0xf2/0x150 [ 114.223695][ T7370] dump_stack+0x15/0x1a [ 114.227858][ T7370] should_fail_ex+0x223/0x230 [ 114.232606][ T7370] should_fail+0xb/0x10 [ 114.236766][ T7370] should_fail_usercopy+0x1a/0x20 [ 114.241848][ T7370] _copy_from_user+0x1e/0xb0 [ 114.246457][ T7370] rds_rdma_extra_size+0xe7/0x260 [ 114.251541][ T7370] ? krealloc_noprof+0x128/0x2a0 [ 114.256490][ T7370] rds_rm_size+0x31b/0x480 [ 114.261023][ T7370] rds_sendmsg+0x815/0x1400 [ 114.265537][ T7370] ? __pfx_rds_sendmsg+0x10/0x10 [ 114.270482][ T7370] __sock_sendmsg+0x140/0x180 [ 114.275257][ T7370] ____sys_sendmsg+0x312/0x410 [ 114.280148][ T7370] __sys_sendmsg+0x19d/0x230 [ 114.284817][ T7370] __x64_sys_sendmsg+0x46/0x50 [ 114.289590][ T7370] x64_sys_call+0x2734/0x2dc0 [ 114.294300][ T7370] do_syscall_64+0xc9/0x1c0 [ 114.298804][ T7370] ? clear_bhb_loop+0x55/0xb0 [ 114.303492][ T7370] ? clear_bhb_loop+0x55/0xb0 [ 114.308236][ T7370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.314146][ T7370] RIP: 0033:0x7f2680135d19 [ 114.318667][ T7370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.338291][ T7370] RSP: 002b:00007f267e7a1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 114.346743][ T7370] RAX: ffffffffffffffda RBX: 00007f2680325fa0 RCX: 00007f2680135d19 [ 114.354713][ T7370] RDX: 0000000000000000 RSI: 0000000020001600 RDI: 0000000000000006 [ 114.362698][ T7370] RBP: 00007f267e7a1090 R08: 0000000000000000 R09: 0000000000000000 [ 114.370731][ T7370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 114.378704][ T7370] R13: 0000000000000000 R14: 00007f2680325fa0 R15: 00007ffd913e5d38 [ 114.386692][ T7370] [ 114.403050][ T7367] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.425463][ T7367] ext4 filesystem being mounted at /231/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.454923][ T7367] syz.4.1459[7367] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 114.455183][ T7367] syz.4.1459[7367] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 114.481989][ T7379] ip6_vti0: entered promiscuous mode [ 114.499400][ T7378] ip6_vti0: left promiscuous mode [ 114.539263][ T29] audit: type=1326 audit(1734245361.377:6827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7382 comm="syz.3.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4212935d19 code=0x7ffc0000 [ 114.563417][ T29] audit: type=1326 audit(1734245361.377:6828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7382 comm="syz.3.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4212935d19 code=0x7ffc0000 [ 114.587477][ T29] audit: type=1326 audit(1734245361.377:6829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7382 comm="syz.3.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4212935d19 code=0x7ffc0000 [ 114.611110][ T29] audit: type=1326 audit(1734245361.377:6830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7382 comm="syz.3.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4212935d19 code=0x7ffc0000 [ 114.635285][ T29] audit: type=1326 audit(1734245361.377:6831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7382 comm="syz.3.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4212935d19 code=0x7ffc0000 [ 114.658870][ T29] audit: type=1326 audit(1734245361.377:6832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7382 comm="syz.3.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4212935d19 code=0x7ffc0000 [ 114.682870][ T29] audit: type=1326 audit(1734245361.377:6833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7382 comm="syz.3.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4212935d19 code=0x7ffc0000 [ 114.712705][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.754618][ T7393] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1470'. [ 114.877308][ T7410] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1470'. [ 114.999244][ T7421] sch_tbf: burst 19869 is lower than device lo mtu (65550) ! [ 115.157345][ T7440] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1488'. [ 115.269349][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1488'. [ 115.316831][ T7457] SELinux: syz.1.1493 (7457) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 115.352854][ T7457] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1493'. [ 115.610450][ T7466] netlink: 133492 bytes leftover after parsing attributes in process `syz.1.1497'. [ 115.752681][ T7476] loop4: detected capacity change from 0 to 512 [ 115.771724][ T7476] EXT4-fs: Ignoring removed oldalloc option [ 115.799523][ T7476] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1502: Parent and EA inode have the same ino 15 [ 115.801418][ T7478] vlan2: entered promiscuous mode [ 115.812659][ T7476] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.1502: Parent and EA inode have the same ino 15 [ 115.816848][ T7478] vlan2: entered allmulticast mode [ 115.829803][ T7476] EXT4-fs (loop4): 1 orphan inode deleted [ 115.841062][ T7476] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.854113][ T7478] macvlan0: entered allmulticast mode [ 115.859558][ T7478] veth1_vlan: entered allmulticast mode [ 115.865743][ T7478] macvlan0: entered promiscuous mode [ 115.878218][ T7478] team0: Port device vlan2 added [ 115.947411][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.967365][ T7478] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1503'. [ 116.012119][ T7493] sg_write: data in/out 1048540/17 bytes for SCSI command 0x0-- guessing data in; [ 116.012119][ T7493] program syz.0.1509 not setting count and/or reply_len properly [ 116.187641][ T7502] loop4: detected capacity change from 0 to 512 [ 116.223257][ T7502] EXT4-fs: Ignoring removed i_version option [ 116.255357][ T7502] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.1513: corrupted in-inode xattr: invalid ea_ino [ 116.303627][ T7502] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.1513: couldn't read orphan inode 15 (err -117) [ 116.316969][ T7502] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 116.386846][ T3304] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.608633][ T7539] tmpfs: Bad value for 'mpol' [ 116.978054][ T7547] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1529'. [ 118.098789][ T7602] SELinux: syz.0.1547 (7602) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace. [ 118.348024][ T7617] xt_CT: You must specify a L4 protocol and not use inversions on it [ 118.395349][ T7623] futex_wake_op: syz.4.1554 tries to shift op by 144; fix this program [ 118.422388][ T7622] futex_wake_op: syz.4.1554 tries to shift op by 144; fix this program [ 118.446570][ T29] kauditd_printk_skb: 548 callbacks suppressed [ 118.446584][ T29] audit: type=1326 audit(1734245365.297:7380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7612 comm="syz.4.1554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bf3875d19 code=0x7ffc0000 [ 118.528327][ T29] audit: type=1326 audit(1734245365.297:7381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7612 comm="syz.4.1554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bf3875d19 code=0x7ffc0000 [ 118.552408][ T29] audit: type=1326 audit(1734245365.327:7382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7612 comm="syz.4.1554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5bf3875d19 code=0x7ffc0000 [ 118.576935][ T29] audit: type=1326 audit(1734245365.327:7383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7612 comm="syz.4.1554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5bf3875d19 code=0x7ffc0000 [ 118.600470][ T29] audit: type=1326 audit(1734245365.327:7384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7612 comm="syz.4.1554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f5bf3875d19 code=0x7ffc0000 [ 118.624491][ T29] audit: type=1400 audit(1734245365.327:7385): avc: denied { prog_load } for pid=7625 comm="syz.0.1557" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 118.643911][ T29] audit: type=1400 audit(1734245365.327:7386): avc: denied { bpf } for pid=7625 comm="syz.0.1557" capability=39 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 118.665098][ T29] audit: type=1400 audit(1734245365.327:7387): avc: denied { perfmon } for pid=7625 comm="syz.0.1557" capability=38 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 118.686022][ T29] audit: type=1400 audit(1734245365.327:7388): avc: denied { prog_run } for pid=7625 comm="syz.0.1557" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1 [ 118.705601][ T29] audit: type=1400 audit(1734245365.337:7389): avc: denied { read } for pid=7625 comm="syz.0.1557" dev="nsfs" ino=4026532723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 119.140280][ T7657] netlink: 'syz.2.1568': attribute type 7 has an invalid length. [ 119.684643][ T7679] syz.2.1579[7679] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 119.684764][ T7679] syz.2.1579[7679] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 119.739312][ T7679] syz.2.1579[7679] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 119.752291][ T7682] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.817036][ T7684] netlink: 'syz.3.1581': attribute type 7 has an invalid length. [ 119.828316][ T7686] loop4: detected capacity change from 0 to 256 [ 119.834354][ T7689] __nla_validate_parse: 1 callbacks suppressed [ 119.834387][ T7689] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1583'. [ 119.845424][ T7686] FAT-fs (loop4): Directory bread(block 64) failed [ 119.856970][ T7686] FAT-fs (loop4): Directory bread(block 65) failed [ 119.865530][ T7686] FAT-fs (loop4): Directory bread(block 66) failed [ 119.872134][ T7686] FAT-fs (loop4): Directory bread(block 67) failed [ 119.885697][ T7686] FAT-fs (loop4): Directory bread(block 68) failed [ 119.892303][ T7686] FAT-fs (loop4): Directory bread(block 69) failed [ 119.908084][ T7682] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.923142][ T7686] FAT-fs (loop4): Directory bread(block 70) failed [ 119.944251][ T7686] FAT-fs (loop4): Directory bread(block 71) failed [ 119.961676][ T7686] FAT-fs (loop4): Directory bread(block 72) failed [ 119.981774][ T7686] FAT-fs (loop4): Directory bread(block 73) failed [ 119.992082][ T7682] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.020716][ T7686] syz.4.1582: attempt to access beyond end of device [ 120.020716][ T7686] loop4: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 120.046851][ T7686] syz.4.1582: attempt to access beyond end of device [ 120.046851][ T7686] loop4: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 120.079785][ T7682] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.177423][ T7682] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.196981][ T7715] tmpfs: Bad value for 'mpol' [ 120.211183][ T7682] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.231051][ T7717] netlink: 'syz.0.1594': attribute type 7 has an invalid length. [ 120.254541][ T7682] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.309119][ T7682] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.368933][ T7719] tipc: Enabling of bearer rejected, already enabled [ 120.404853][ T7719] tipc: Enabling of bearer rejected, already enabled [ 120.599203][ T7741] netlink: 332 bytes leftover after parsing attributes in process `syz.1.1603'. [ 120.644913][ T7746] netlink: 116 bytes leftover after parsing attributes in process `syz.3.1607'. [ 120.781139][ T7756] FAULT_INJECTION: forcing a failure. [ 120.781139][ T7756] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 120.794221][ T7756] CPU: 1 UID: 0 PID: 7756 Comm: syz.3.1611 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 120.804942][ T7756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 120.815071][ T7756] Call Trace: [ 120.818344][ T7756] [ 120.821277][ T7756] dump_stack_lvl+0xf2/0x150 [ 120.825883][ T7756] dump_stack+0x15/0x1a [ 120.830117][ T7756] should_fail_ex+0x223/0x230 [ 120.834794][ T7756] should_fail+0xb/0x10 [ 120.838953][ T7756] should_fail_usercopy+0x1a/0x20 [ 120.844432][ T7756] _copy_from_user+0x1e/0xb0 [ 120.849102][ T7756] memdup_user_nul+0x65/0xd0 [ 120.853765][ T7756] sel_write_enforce+0x9d/0x2e0 [ 120.858722][ T7756] ? __pfx_sel_write_enforce+0x10/0x10 [ 120.864193][ T7756] vfs_write+0x281/0x920 [ 120.868455][ T7756] ? putname+0xcf/0xf0 [ 120.872554][ T7756] ? __fget_files+0x17c/0x1c0 [ 120.877288][ T7756] ksys_write+0xe8/0x1b0 [ 120.881598][ T7756] __x64_sys_write+0x42/0x50 [ 120.886202][ T7756] x64_sys_call+0x287e/0x2dc0 [ 120.890931][ T7756] do_syscall_64+0xc9/0x1c0 [ 120.895520][ T7756] ? clear_bhb_loop+0x55/0xb0 [ 120.900204][ T7756] ? clear_bhb_loop+0x55/0xb0 [ 120.904894][ T7756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.910806][ T7756] RIP: 0033:0x7f4212935d19 [ 120.915272][ T7756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.934925][ T7756] RSP: 002b:00007f4210fa7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 120.943418][ T7756] RAX: ffffffffffffffda RBX: 00007f4212b25fa0 RCX: 00007f4212935d19 [ 120.951456][ T7756] RDX: 0000000000000012 RSI: 00000000200031c0 RDI: 0000000000000003 [ 120.959482][ T7756] RBP: 00007f4210fa7090 R08: 0000000000000000 R09: 0000000000000000 [ 120.967442][ T7756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.975405][ T7756] R13: 0000000000000000 R14: 00007f4212b25fa0 R15: 00007ffd015bc458 [ 120.983378][ T7756] [ 124.210774][ T29] kauditd_printk_skb: 334 callbacks suppressed [ 124.210788][ T29] audit: type=1400 audit(1734245371.057:7724): avc: denied { recv } for pid=0 comm="swapper/1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 124.255427][ T29] audit: type=1400 audit(1734245371.107:7725): avc: denied { recv } for pid=35 comm="kworker/1:1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 127.695889][ T29] audit: type=1400 audit(1734245374.547:7726): avc: denied { recv } for pid=0 comm="swapper/1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 127.762507][ T29] audit: type=1400 audit(1734245374.607:7727): avc: denied { recv } for pid=0 comm="swapper/1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 Dec 15 06:49:36 [ 129.987751][ T29] audit: type=1400 audit(1734245376.837:7728): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller daemon[ 130.010827][ T29] audit: type=1400 audit(1734245376.837:7729): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 .err dhcpcd[3036]: ps_sendpsmmsg: Connection refused Dec 15 06:49:36 syzkaller daemon.err dhcpcd[3036]: ps_root_recvmsgcb: failed to send message to pid 5192: Connection refused Dec 15 06:49:37 [ 130.741838][ T29] audit: type=1400 audit(1734245377.587:7730): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller daemon[ 130.765726][ T29] audit: type=1400 audit(1734245377.587:7731): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 .err dhcpcd[3036]: ps_sendpsmmsg: Connection refused Dec 15 06:49:37 syzkaller daemon.err dhcpcd[3036]: ps_root_recvmsgcb: failed to send message to pid 5228: Connection refused Dec 15 06:49:38 [ 131.937706][ T29] audit: type=1400 audit(1734245378.787:7732): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller daemon[ 131.961535][ T29] audit: type=1400 audit(1734245378.787:7733): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 .err dhcpcd[3036]: ps_sendpsmmsg: Connection refused Dec 15 06:49:38 syzkaller daemon.err dhcpcd[3036]: ps_root_recvmsgcb: failed to send message to pid 5332: Connection refused Dec 15 06:49:39 [ 132.209469][ T29] audit: type=1400 audit(1734245379.057:7734): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller daemon[ 132.233877][ T29] audit: type=1400 audit(1734245379.077:7735): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 .err dhcpcd[3036]: ps_sendpsmmsg: Connection refused Dec 15 06:49:39 syzkaller daemon.err dhcpcd[3036]: ps_root_recvmsgcb: failed to send message to pid 5343: Connection refused [ 134.656731][ T29] audit: type=1400 audit(1734245381.507:7736): avc: denied { recv } for pid=0 comm="swapper/1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 134.682614][ T29] audit: type=1400 audit(1734245381.527:7737): avc: denied { recv } for pid=29 comm="kauditd" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 146.815865][ T29] audit: type=1400 audit(1734245393.667:7738): avc: denied { egress } for pid=5165 comm="kworker/0:5" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=0 [ 148.497367][ T29] audit: type=1400 audit(1734245395.347:7739): avc: denied { recv } for pid=0 comm="swapper/1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 148.736269][ T29] audit: type=1400 audit(1734245395.587:7740): avc: denied { recv } for pid=23 comm="ksoftirqd/1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 151.937042][ T29] audit: type=1400 audit(1734245398.787:7741): avc: denied { egress } for pid=23 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=0 [ 157.057891][ T29] audit: type=1400 audit(1734245403.907:7742): avc: denied { egress } for pid=23 comm="ksoftirqd/1" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=0 [ 162.177557][ T29] audit: type=1400 audit(1734245409.027:7743): avc: denied { egress } for pid=23 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=0 [ 167.307453][ T29] audit: type=1400 audit(1734245414.157:7744): avc: denied { egress } for pid=23 comm="ksoftirqd/1" saddr=fe80::1c daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=0 [ 176.256576][ T29] audit: type=1400 audit(1734245423.107:7745): avc: denied { recv } for pid=0 comm="swapper/1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 176.910359][ T29] audit: type=1400 audit(1734245423.757:7746): avc: denied { recv } for pid=0 comm="swapper/1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 177.535675][ T29] audit: type=1400 audit(1734245424.387:7747): avc: denied { egress } for pid=23 comm="ksoftirqd/1" saddr=fe80::1b daddr=ff02::2 netif=gretap0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=0 Dec 15 06:50:40 [ 193.872501][ T29] audit: type=1400 audit(1734245440.717:7748): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller daemon.err dhcpcd[7778]: ps_bpf_start_bpf: bpf_open: Invalid argument[ 193.901358][ T29] audit: type=1400 audit(1734245440.747:7749): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 Dec 15 06:50:40[ 193.924674][ T29] audit: type=1400 audit(1734245440.747:7750): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller daemo[ 193.948742][ T29] audit: type=1400 audit(1734245440.747:7751): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 n.err dhcpcd[7778]: ps_root_recvmsg: Invalid argument Dec 15 06:50:40 syzkaller daemon.err dhcpcd[3036]: ps_sendpsmmsg: Connection refused Dec 15 06:50:40 syzkaller daemon.err dhcpcd[3036]: ps_root_recvmsgcb: failed to send message to pid 7778: Connection refused Dec 15 06:50:41 [ 195.038504][ T29] audit: type=1400 audit(1734245441.887:7752): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller daemon.err dhcpcd[7779]: ps_bpf_start_bpf: bpf_open: Invalid argument[ 195.067695][ T29] audit: type=1400 audit(1734245441.917:7753): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 Dec 15 06:50:41[ 195.091293][ T29] audit: type=1400 audit(1734245441.917:7754): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller daemo[ 195.114016][ T29] audit: type=1400 audit(1734245441.917:7755): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 n.err dhcpcd[7779]: ps_root_recvmsg: Invalid argument Dec 15 06:50:41 syzkaller daemon.err dhcpcd[3036]: ps_sendpsmmsg: Broken pipe Dec 15 06:50:41 syzkaller daemon.err dhcpcd[3036]: ps_root_recvmsgcb: failed to send message to pid 7779: Broken pipe Dec 15 06:50:43 [ 196.702594][ T29] audit: type=1400 audit(1734245443.547:7756): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 syzkaller daemon.err dhcpcd[7780]: ps_bpf_start_bpf: bpf_open: I[ 196.730967][ T29] audit: type=1400 audit(1734245443.577:7757): avc: denied { read } for pid=2980 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=0 nvalid argument Dec 15 06:50:43 syzkaller daemon.err dhcpcd[7780]: ps_root_recvmsg: Invalid argument Dec 15 06:50:43 syzkaller daemon.err dhcpcd[3036]: ps_sendpsmmsg: Connection refused Dec 15 06:50:43 syzkaller daemon.err dhcpcd[3036]: ps_root_recvmsgcb: failed to send message to pid 7780: Connection refused Dec 15 06:50:43 syzkaller daemon.err dhcpcd[7781]: ps_bpf_start_bpf: bpf_open: Invalid argument Dec 15 06:50:43 syzkaller daemon.err dhcpcd[7781]: ps_root_recvmsg: Invalid argument Dec 15 06:50:43 syzkaller daemon.err dhcpcd[3036]: ps_sendpsmmsg: Connection refused Dec 15 06:50:43 syzkaller daemon.err dhcpcd[3036]: ps_root_recvmsgcb: failed to send message to pid 7781: Connection refused [ 232.202364][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 232.202376][ T29] audit: type=1400 audit(1734245479.047:7764): avc: denied { recv } for pid=0 comm="swapper/1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 233.867056][ T29] audit: type=1400 audit(1734245480.717:7765): avc: denied { recv } for pid=28 comm="kworker/u8:1" saddr=10.128.0.163 src=30030 daddr=10.128.10.17 dest=33942 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=0 [ 242.155099][ C0] ================================================================== [ 242.163197][ C0] BUG: KCSAN: data-race in __tmigr_cpu_activate / tmigr_handle_remote [ 242.171336][ C0] [ 242.173641][ C0] write to 0xffff888237d205dc of 1 bytes by task 0 on cpu 1: [ 242.180998][ C0] __tmigr_cpu_activate+0x55/0x200 [ 242.186101][ C0] tmigr_cpu_activate+0x8a/0xc0 [ 242.190932][ C0] timer_clear_idle+0x28/0x100 [ 242.195693][ C0] tick_nohz_restart_sched_tick+0x22/0x110 [ 242.201507][ C0] tick_nohz_idle_exit+0xfe/0x1d0 [ 242.206522][ C0] do_idle+0x1eb/0x230 [ 242.210574][ C0] cpu_startup_entry+0x25/0x30 [ 242.215331][ C0] start_secondary+0x96/0xa0 [ 242.219919][ C0] common_startup_64+0x12c/0x137 [ 242.224847][ C0] [ 242.227147][ C0] read to 0xffff888237d205dc of 1 bytes by interrupt on cpu 0: [ 242.234664][ C0] tmigr_handle_remote+0x26e/0x940 [ 242.239759][ C0] run_timer_softirq+0x5f/0x70 [ 242.244504][ C0] handle_softirqs+0xbf/0x280 [ 242.249166][ C0] __irq_exit_rcu+0x3a/0xc0 [ 242.253658][ C0] sysvec_apic_timer_interrupt+0x73/0x80 [ 242.259296][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 242.265276][ C0] finish_task_switch+0xbf/0x2b0 [ 242.270190][ C0] __schedule+0x6fa/0x930 [ 242.274515][ C0] schedule+0x55/0xc0 [ 242.278478][ C0] schedule_timeout+0xb8/0x160 [ 242.283223][ C0] wait_for_common+0xfb/0x1c0 [ 242.287883][ C0] usb_start_wait_urb+0xdc/0x190 [ 242.292805][ C0] usb_control_msg+0x182/0x240 [ 242.297550][ C0] hub_ext_port_status+0xbf/0x480 [ 242.302556][ C0] hub_event+0x538/0x2910 [ 242.306868][ C0] process_scheduled_works+0x483/0x9a0 [ 242.312313][ C0] worker_thread+0x51d/0x6f0 [ 242.316884][ C0] kthread+0x1d1/0x210 [ 242.320929][ C0] ret_from_fork+0x4b/0x60 [ 242.325320][ C0] ret_from_fork_asm+0x1a/0x30 [ 242.330066][ C0] [ 242.332366][ C0] value changed: 0x00 -> 0x01 [ 242.337024][ C0] [ 242.339324][ C0] Reported by Kernel Concurrency Sanitizer on: [ 242.345456][ C0] CPU: 0 UID: 0 PID: 5165 Comm: kworker/0:5 Not tainted 6.13.0-rc2-syzkaller-00333-ga0e3919a2df2 #0 [ 242.356192][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 242.366236][ C0] Workqueue: usb_hub_wq hub_event [ 242.371257][ C0] ==================================================================