last executing test programs: 1.689478282s ago: executing program 1 (id=1127): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80080400) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000e5c000)={0x2, 0x4e20, @remote}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xca, &(0x7f0000000000), &(0x7f0000000080)=0x4) 1.58619469s ago: executing program 1 (id=1132): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0xb, 0x100, 0x100, 0x9, 0x1}, 0x48) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000280)="67b2cbe259921b368a221981adc23c99526f781c1cefb6ad1390bacfc975f635377a9051ef7c34edc2a74c9e50", 0x0, 0x0, r0}, 0x38) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0}, 0x38) 1.58601508s ago: executing program 1 (id=1134): setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) io_setup(0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet(0x2, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, 0x0}, 0x3c0) 1.519499656s ago: executing program 1 (id=1135): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ffffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c00128009000100626f5c64000000000c000280060019"], 0x3c}}, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005f3f770005000000000000000000", @ANYRES32=0x0, @ANYBLOB="fd00000000000000280012800a00010076786c616e"], 0x3}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r1, 0x0, r3, 0x0, 0x4ffe2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x2000480, &(0x7f0000000100), 0x5, 0x757, &(0x7f0000000800)="$eJzs3c9rHFUcAPDvbJKmptXkIGj1EhA0ULoxNbYKHioeRLBQ0LPtstmGmt1syW5KEwJaRPAiqCdBLz37o968+uOq/4UHaamaFiseJDKb2XTb7KabNsmi+/nAa9+bmc2b77yZeW93hpkA+tZ4+k8u4lBEfJREjGbTk4gYauQGI06sL3drdaWYpiTW1t74PWksc3N1pRgtn0kdyAqPR8QP70cczm2ut7a0PFcol0sLWXmyXjk/WVtaPnKuUpgtzZbmj01NTx89/vzxYzsX6J8/Lx+89vGrz3x94u/3Hrvy4Y9JnIiD2ezWOHbKeIxn22Qo3YR3eGWnK+uxpNcrwH1JD82B9aM8DsVoDDRyAMD/2TsRsQYA9JlE/w8Afab5O8DN1ZViM/X2F4m9df3liNi/Hn/z+ub6nMHsmt3+xnXQkZvJHVdGkogY24H6xyPi82/f+jJNsUvXIQHaefdSRJwZG998/k823bOwXc92scz4XWXnP9g736Xjnxfajf9yG+OfaDP+GW5z7N6Pex//uas7UE1H15+MeKnl3rZbLfFnxgay0sONMd9QcvZcuZSe2x6JiIkYGk7LU1vUMXHjnxud5rWO//745O0v0vrT/28vkbs6OHznZ2YK9cKDxNzq+qWIJwbbxZ9stH/SYfx7qss6Xnvxg886zUvjT+Ntps3x7661yxFPt23/23e0JVvenzjZ2B0mmztFG9/88ulIp/pb2z9Naf3N7wJ7IW3/ka3jH0ta79esbb+Ony6Pft9p3r3jb7//70vebOT3ZdMuFur1hamIfcnrm6cfvf3ZrPxQZMun8U881f7432r/T78Tnuky/sFrv311//HvrjT+mW21//YzV27NDXSqv7v2n27kJrIp3Zz/ul3BB9l2AAAAAAAAAAAAAAAAAAAAAAAAANCtXEQcjCSX38jncvn8+ju8H42RXLlaqx8+W12cn4nGu7LHYijXfNTlaMvzUKey5+E3y0fvKj/X8kTBtJwvVsszPY4dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJoOdHj/f+rX4V6vHQCwa/b3egUAgD2n/weA/qP/B4D+o/8HgP6j/weA/qP/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJedOnkyTWt/ra4U0/LMhaXFueqFIzOl2ly+sljMF6sL5/Oz1epsuZQvViv3+nvlavX8dMwvXpysl2r1ydrS8ulKdXG+fvpcpTBbOl0a2pOoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGB7akvLc4VyubQgIyMjs5Hp9ZkJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L/h3wAAAP//HxYpBQ==") r4 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$VT_DISALLOCATE(r4, 0x4b71) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r8], 0x50}, 0x1, 0xba01}, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r8}}, 0x24}}, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_REG(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYBLOB="010700000000"], 0x14}}, 0x0) pipe2$9p(&(0x7f00000000c0), 0x4800) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000005c0)={{{@in=@loopback, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in=@multicast1}}, &(0x7f0000000240)=0xe8) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) 1.058863804s ago: executing program 2 (id=1152): socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$inet(0x2, 0x80001, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1506000000000000004c0100000024000180060005004e22000008000300ffffffff060001000200000008000600a7"], 0x38}}, 0x0) 1.018874457s ago: executing program 2 (id=1154): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80080400) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, 0x0, 0x0) getsockopt$inet_int(r1, 0x10d, 0xca, &(0x7f0000000000), &(0x7f0000000080)=0x4) 954.105272ms ago: executing program 2 (id=1156): r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000340), 0xe) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000005f40)={0x0, 0x20000000, 0x3}, &(0x7f0000005e80)=0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='percpu_free_percpu\x00'}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) listen(0xffffffffffffffff, 0x0) syz_emit_ethernet(0x4b, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "083ff2", 0x15, 0x6, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, {[], {{0xfffd, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"e3"}}}}}}}, 0x0) 889.121128ms ago: executing program 2 (id=1158): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$SG_GET_REQUEST_TABLE(r2, 0x2283, &(0x7f0000001200)) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002a80)=ANY=[@ANYRESDEC=r2], 0x14c}, 0x1, 0x0, 0x0, 0x20044000}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000d80), 0x208e24b) r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r6, &(0x7f00000003c0)={0x0, 0xfe78, &(0x7f0000000200)={&(0x7f0000000180)={0x30, r5, 0x400, 0x70bd2d, 0x0, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}}, 0x40) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r4, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = socket$inet_udp(0x2, 0x2, 0x0) close(r9) socket$nl_route(0x10, 0x3, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000006900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0) r10 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="3800000010000104000000000000000000000000a03443caaca4a2e97a212b887212bab290dff0eef64d586c0320138f6d069f1c2d1ca02fb40ef4d499b46219f00aebf5106190cc903cd5018d820f45e008eb082605f3e64d25a79590f72b43a448d2ed65476bd9a80800000000000003be8af90a08dff75586f750a0f637aab94d3792ffedbda78a7402496cdf2ff3345908bd67d2b29e455d256c1716552fe39be6f474", @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100767469000c00028008000400ac1e0001"], 0x38}}, 0x0) r11 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) getsockopt$bt_l2cap_L2CAP_LM(r11, 0x112, 0x9, 0x0, &(0x7f0000000040)) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000000)="3900000013000b4700bb65e1c3e4ffff01000000350000005600000225001f0019000a0010", 0x25}], 0x1) write$binfmt_misc(r8, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r7, 0x0, r9, 0x0, 0x8000, 0x0) r12 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="4800000010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYRESHEX=r12, @ANYRES32, @ANYBLOB="08000500", @ANYBLOB='\b\x00\n', @ANYRES32=r3], 0x48}}, 0x0) 473.888071ms ago: executing program 1 (id=1165): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x1000) socket$netlink(0x10, 0x3, 0x0) openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0) openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x300, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) read$char_usb(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat$pfkey(0xffffffffffffff9c, 0x0, 0x404300, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bond0\x00'}) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_open_dev$evdev(&(0x7f0000000700), 0x3, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 435.073505ms ago: executing program 1 (id=1166): openat$cgroup(0xffffffffffffffff, &(0x7f0000000380)='syz0\x00', 0x200002, 0x0) r0 = socket$vsock_stream(0x28, 0x1, 0x0) mmap(&(0x7f0000b06000/0x1000)=nil, 0x1000, 0x0, 0x4000010, 0xffffffffffffffff, 0xe9a67000) syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00'}) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) bind$packet(r1, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @random="29ec608dd857"}, 0x14) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000001380)=ANY=[], 0xb0) setfsuid(0xee00) setresuid(0x0, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='ns\x00') statx(r3, &(0x7f0000000100)='\x00', 0x1000, 0x6000, 0x0) perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) ioctl$SG_IO(r5, 0x2285, &(0x7f0000000540)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000001a80)="3e85d5e0e4d6", 0x0, 0x0, 0x0, 0x0, 0x0}) 378.030109ms ago: executing program 4 (id=1167): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000280), 0x16d) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$netlink(r1, 0x10e, 0x4, 0x0, &(0x7f0000000040)) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @empty}, {0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}, 0x48) writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x8880, &(0x7f0000000340)=ANY=[], 0x40, 0x2ff, &(0x7f0000000840)="$eJzs3E1rE10UwPGTNG3TlDZZPDygIr3oRjdDG/dKkBbEgFIb8QWEaTPRkDEJmVCJFBtx4davYeiyu4LWD9CNO1duxE03gpuC1pFkpnbaTtqkNE1D/j8o92TuPZ25uTPhJDCz+eDd81zG0jJ6WcKiJChSlW2RWD3yCkjAaYac12GnqcrV0Z9fLioRSSST07NKzSTmrsWVUuMTH14srVxaL4/eXx1fG5aN2JPNH/FvG/9vnNv8M/csa6mspfKFstLVfOFrWZ83DZXOWjlNqbumoVuGyuYto+T0F8rubqVYrCg9nx6LFEuGZSk9X1E5o6LKBVUeEZGnejavNE1TYxHpH1sTjaYotm23k5eqzc7qiWPudOGYeThx64f2lko7F8+nfWdHqta5YwIAAGeVt/4Pht36f2tv/R8Qp/YPeut/V1Wq9fr/3sNHt1uo/9eGmtT/hab1/w1vf8YsHFL/lypK78/6/yiNNQsf3J6qDRy//kePKI2I1FZk94p+/XhlshFQ/wMAAAAAAAAAAAAAAAAAAAAA0Au2bDtq23a03gbFiet/w+4NIzuvu32c6Azv+jtrHaqvOuvfJzw37oVFzLeLqcWU0zr9iYxkxRRDJiUqvxvng8uJZ24ld24IjMlHc9nNX15MDezNn5KoxHzzp6eUY2/+oES8+XGJyn/++XHf/CG5ctmTr0lUPi9IQUxJN87r3fxXU0rdvJPclz8iaZ875gAAAAAA6EWa+sf3+7umNet38lv4fWB60vf7eUjOh7o7dwAAAAAA+oVVeZnTTdMoHRm8dzOOHPzdHdjyf/YP3rQ8eLDFWQTaPoxAG+/P6QYB901uP939eWb5LMyiJ4JQ/aT3bIk0HTw+4K5Ky7sYdp/KXN+ybe8bc331wq+OT9Budp2e+kcRAAAAgA7bLfq7fSQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPSvA88DW4o4HSf4pLFuzxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4K/4GAAD//2mVG4M=") 321.499604ms ago: executing program 4 (id=1169): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x40, 0xe, 0x0, 0xcca, 0x0, 0x800000, 0x0}) r1 = socket$inet(0x2, 0x1, 0x10000005) setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = accept$inet6(r2, &(0x7f0000000380), &(0x7f00000003c0)=0x1c) getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000400)=@assoc_value, &(0x7f0000000440)=0x8) signalfd4(r2, &(0x7f0000000480)={[0x1]}, 0x8, 0x800) r4 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r4, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'dummy0\x00'}) r5 = socket$netlink(0x10, 0x3, 0x0) getpeername$l2tp(r1, &(0x7f0000000540), &(0x7f0000000580)=0x10) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000300)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="1544010000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r2, @ANYBLOB="08000300", @ANYRESHEX=r5], 0x44}}, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000000)='comm\x00') faccessat2(r6, &(0x7f0000000040)='\x00', 0x1, 0x1300) r7 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r10 = socket$nl_route(0x10, 0x3, 0x0) r11 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r12}]}, 0x3c}}, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r9) r13 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r13, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x1e8, 0x0, 0x8, 0xfa04, 0xc0, 0x6c02, 0x150, 0x194, 0x194, 0x150, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @local, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x98, 0xc0, 0x0, {0x0, 0x74020000}, [@common=@inet=@socket3={{0x28}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ip={@broadcast, @rand_addr, 0x0, 0x0, '\x00', 'tunl0\x00'}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x248) 316.964194ms ago: executing program 4 (id=1171): setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) io_setup(0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet(0x2, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[]}, 0x78) 274.126898ms ago: executing program 4 (id=1172): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000001c00)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'wg0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000180)="0b03632a4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 221.931442ms ago: executing program 0 (id=1173): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000340), 0xe) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000006000)}, &(0x7f0000005ec0)=0x10) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000100)=r3, 0x4) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000005f40)={0x0, 0x20000000, 0x3, 0x4}, &(0x7f0000005e80)=0x10) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000440)='syzkaller\x00'}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='percpu_free_percpu\x00', r4}, 0x10) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400) close(0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) setsockopt(r1, 0x0, 0x82, 0x0, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x26, 0x0, "8ddbb51a3cfd954e41e8ccb21f650fa6a867fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71bc4b828c7de258b6b9ca1fc52bcc83e2a016a"}, 0xd8) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r7 = getpid() process_vm_readv(r7, &(0x7f0000000200)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}, {&(0x7f00000005c0)=""/90, 0x5a}], 0x3, &(0x7f0000008640), 0x0, 0x0) syz_open_procfs(r7, &(0x7f0000000000)='net/udp\x00') syz_emit_ethernet(0x4b, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "083ff2", 0x15, 0x6, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, {[], {{0xfffd, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"e3"}}}}}}}, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000e40)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095", @ANYBLOB="487af75036137bfc053b1e58aefdb217d0a081fcbe1994b7cfac93e0f9688f7c67ef0d853e219e1ce196d016c1057356afbdb5a6df97e2426ed7fbff304d1226332cf06b3fc054e06eabdf825317f77e6e428d4f071424992a50e8bbdfdef79b4f3a27efca3aa961efe3122e28cd622bd4a58df949ae24b437ed46c2ca0aab0a08940087886470602cd316c20defa9b43c8f9a586b97c394f7b01f46f00e59d0a83d29f7e76a05b3dcfb62c293e62083b5ba8879e40a062a08350e46c13bfcda8564c8101a0b7587f04932c523703c961b025d341e5f7922300b1a65974ad97d0eac31d970a294f05f2f417dfe6018081c98cc43f2af35fed22c6eda7d873a7ad3761f9d52071602001618f9b8425aa70c8ce69a8240b8aeca192644b257b00641ba0dbb2e27331e157bf67f21a50a3bf8014947274eb006e7668efa2b9c7fba260004a74a5f3a7f7a43fdd3b0f173b12fb2680c119214b7c1d958ea0dde55d96ab7a04a667faf5684840a43d3cf89979a2d55c3f39e48149f64350a1688513920be726b52dc74bcc7030a5aac483dc90f10acf9d96844c2d728cebf289af86ee2f20bc130376ce35c011200238f1e69d663504a6f5cf0825fed6d4839032852ea8c1e524b062406acfaad6dc06e25f548ee5d49b6e8be7da9496d1137481d758cffcfc3b5b305287e49f9cbb83f1cb24c3b2cd6253a06de14811007a51a54d4a3bc932cd65c6e6c07056519ca9948f8d4dc01db919c46997a5d2af914355bfd85f6f3b4a2ea275b723055f187f86c50e951aa4041932a31652dd6c6f76f6717af6781a48d227ad05eb45b1eef77caf9220b7c384302354a7c14eee4c40f49bc2b26039f208c8e1af2df3206e7bff5257aecb45f63fa367e02176404ab634cf086a8b394e492ba29aa707bf60f89de00f6d6645103341ee394c3023ba7be6e70f5ff7becba2e49b26eb7aa21d61f1966b0704112d555d1963445bdf2df1a2a6ea3fe521a8418bddf66711b95169b2ffcf87785680170ba5bf3f2bc78776b792d8a4975e6ad2748eb50c00b7a01e1fd5a0527583b5a7947fcd99e90e9d9120fc5ef753314412bede2d97744a4eec69d0a8f2c367837dd8676a1164b2654c773ce5c9ded1ce7072337e3ac224e6a51cb76ffe22a12141b0d57678c96ec3c61767afc1a2b1be2d5848a61a6abd527107884af7baa7353c3214dfdcc8ed8a62af29e6f41a9cf405a053560950da6271eb6564812c185dfd83b59341924e55e98c637e087a7e28796194cfaf89786aab69f44f2cfefdae39598a290386aa6938e440500fa7daeb13eb498279196b32c1b709d235e0c8d7ecfe50a8cc6a1b7ff2bf9831e50baa79284ab551b3f8891c168b1c59bf9c146b8cc2c5d449c7b321e67d54fbb6ae3d744762d825efe4d68c0b435893e37434f4ff1e920131f7f3415f94fdf4c10e88873c75da3feeb9eb479f87be62840bfa37031ae4dd046bf7ea816188796ad7e827f5ce433714f840c957abcbcbdbae6a304a684cd8051be5a9688c65876cea6e0c519438ba160574f2c5813c2b628f15055e8b3980c72ad51ef7ce51b4143a881cfc12f295262e65972ef22c67a701d3a6b87f480928b8e21dc831b3b4c3cc763700734ad89890aacddcae8af888ac8e875b2c87e7ad0be8ef611cd4eab73737dfc5e65f756eb575a1e5e8866107d33c1b1e68830ad15765ac276d79cc426fe2c190ce9d7eabecd8977f5507370d2b01da2c902ad6d7f4334f40d58376d4e8da5d873f5d7cdc0928bbcfd68cb261fbce70c6259c145613af4272e252b89b923fe7d98a457d7be4155532e60ff508e23bedd455e91e8bcdd7dcfa3661fe47b5b44bc2d1115beecdcd61ad71310ff1c1580f339b8d7252dc7fb780fa8470632a094ca4c91d58d8ccbc03b93e2cb7fce0a00590c161d2a314a31613b1e0338ea3c327c43cb8c0f50169c178d86744778bce05f5638d13f9e893b20e6bd7f63678c05418ebed82db4d9f873a8fa1a1e774edb7e7d5e9c392075460d5445e5c9b3a5aabdf93c292525a5e69f6f967dca56e7c7401eab63c4e5c4fd8410fcf7a8ba4c731bb71ce9c5bbbc9e7978cc20ae85abdd0554661df00ea42c213e2c30fb17b437b4bb15fda60406edea93524b075c29703b711586103867261a000269c6a3ce6e25c0fb8153db15661098cc48899646a2cd63a3301e797641804db27e500a35b542889b79d0704d9fe680680218a6c21410e98b56b13a1efb3eef27ce7be2f459f620bc17d6729687b0ad98e67f4a82ef86b46ca5f50cc0e1b98a732fdc68577ec8b7af1508c9e6c329dd224744f88ead642a909bd3cecfbfb32f151d21c6fa3b3c4389a921c3ab1fb5dda37a394a0a90abc65b3f29eb0e6f80390070e9c55713f5c209fffc916fa19f2116fb0dba04fb937191499cd3769562848ad8c072d8b7887047fec6aa3e36eca7d77668c6f4b8fa1037ae7454dd982194b4195c75e81ce43a01f0a6fbba82f60aedb5bbc30029ea7d3a8fcd6593fdffb8e2fdbe7bda26cea1686b7268928584a26713e7f9647f54adf1a896ca36d7dde734916e87c260afb63b8defec02ed36d1c022510028d77e453608f914a441ad3fb8d551a64b9b8705c1581644c5daf8a6bb4dee37c900bc50e201791067beb6d5d8229fa34800882b0c43643662140f1a89c3beff2634c3264998d1e647b56690fc06c39f3c4adb763f4f88b0a5e997c64014393746ee75f51bafd6e8bf232e5d24a9add9dfd5dd3d9ce9ccf5ac4a036305803ff4c5b1200cdf333147c3d1ddbe244fe64aed803e5efea09ab36f8d22e9f8d2507c53370dc041879d50e55e1daa263addf4cc3647b9e865634d4d50401bafd390ab51679943d63b101c42c8d63cefb769606ebe2327a760b5734b326c9535ac54a5421b447a042c5036661696819a10cd346d80377197b7635368af50aa07e2161a65c8b515d42b9b9318242b6302bb3a0538dc939443dc0c00018fd5ff8ac0327a17870c9d8cd1907d6ae0dbfa0f82f1bca6eec0b8d136dd8e777756831d62b8e64516632b5b2abdda77e361c198dacdf3b469bd5ea019091e852d36cf9215ac85b44c3366ccf089a6abe3d9be95bcf62e903d0e310cf2216d706fd1c743a4f430c9668949e391f58cd665d47793e2e996728e68cf21e8fc170aecaf0005684774f852aacffad16f697222bd37061a994bb7907a976a634a486f9b3bc0245f85e88578fda3f9115172bdce89418b9898e7bf4629a242d3cd80bee2e9ed38fd726d5c012fb47043332c08adb7f66ef51f2c5ccb8b8b78cad78f6d53be6df702d7c2ec68906f1f0b0b40ec894405c36458ff364a02b7057a2756150e2f1919bd7f3a2f225ace2310419ffd0047b7fc483b0ca0e6287508fe3a2303ef83420df67b553cfa9cb16068001366555f8a158cea7b46f4cc9eb84a16c0c8aeb421e3e9daf6cb33aff366992dae60326cefa5e3bcf8213b52f4bfe2344f81a489940c84f4c02e4d8df1328502892b2745aae9e3473c305191958d47c757a1e57f5e3a51e110ca35b4b168f2ce43cc717dac06c80884bed3c8ea1f8282145209e9fe4b4051df392c859646404c0a6c9ef9606ad23964bd62b59a8cc507fdbcc0318fc1ca8c5e98df5209d5731a90519ba00d3c1e4860ed9b602d550af6a3b92a96b0c9be7172636a8ccd12161abded8afde4a8d5f6a3f9332178d4835958902ca4f3d95310a967d08dd9f21596691fec4b1fd1821eedf8524a012ed9848cd269967c6450ee7e28e5602ca15934a03a99701d53db2ae9d5736b3368c4bb68c3b6ff666c2ba75043fc09a1ca54de2fe4f412b6dd1eef13d25fc7f2cf72992f3d3631f6afd75dd37f2ed8dec6505f9f305c9e9916fd409aaeee055e270f147a0181ab630da1ca8d53947cecc04a213f3a03a7183808459679889354cb7111537002410fc1b34dbcd1f23995dba9292ef82cc87fbb426ee21c485d928868adbd7a3e653d055e0202cb47ac992b8152dd629137c571aa61ffec01af73f1d28b247d019ba576849240b3986a5affc57468c677629dca62092902de01f6305d5f8a58294b22442ebe7c1cf7d61a8a25f616261a6e308c723bcfef9072d0acc096544c08d9831c43f07aef2807ba4462058c3a89600572837c4b4ab371d9f779e8a2f3f807671f2a9d175166e38b3f7405a7f107bcc2cbc42bdd9a46b30f1bf2abf33e140d2b745c581f362d2deb031112963084ed2e3febe4feb9a8a3e1dc0073628eb39fac9092537c954aa066c627237ad0600bc0eff71c118120333537d70aeaedef258b0213fe11c9297bfaeef9207186ddf1e6f37eac6ff823e7f87710f8abd281c0d403af029d2faa3990188bf2d8e5bfe84f214c9b32535cdc39e0f3d9f3c3e2f0721753ba2b34a1b31766bf155796faada26e7e0851137b838add81dac672af76aede1c424355877448377c67cb28528ab5f47d937cdfd19162e09222b2d758aa30fb19d0d4ae42994844c651e8f0ec1615a164a4de154f555dc43b05bfb7d13929c3e3f5e0b6d78183f01236d62cf1dcb03d16ce974a73dfb70f98cd96d496fb9516db6d92ad281fa624b25ccadf8933dfad924a5172802e5cc4879ee4ffc701517f2e6a0ce31ad4453b11a0adfcfed0f288bb7c29f0017e092a8290e631cfc778ec9747600d8bc1fd891506efde00a502a9f226d170911c4b6d88295da8b8d3a1be51512b9dd102ad49d7af2908711bd7d24449b18c3508609f2c06f35a9023f5f1ebdaeec7d0489d83023214f66afb297b5ce934b4c8f67f897713865ad70a6f56bc3bd9444d115f3306afd2f33a2f31f04dff5e8bb319fdb0e53ae20a8e8f8f13f67f5ec38b6bbce4326f85440f1e1bdb5c18bdd65db68a1acfeacee98c928d9a34a5577680aa552338a3cb37196f038bcd0df7bfb7ceb1e14f9c8e00771321defb92ea8e218e6add05aff4b142c6880752aa5d2320f9cb66ba07a8d2b90c50229d0c397a7a3a73bec913d86d60cc73d5fc7ab4c054f4ccbe23b494a50466f01d25d2ce8fd48dbd7e302981eeed92923d1874e2a7c09adcef34084403ec2b195f02115dfe9d7c205c7f1f59e296e6128ca34f0bd340b2dfaebc3a3ddca71dab6a25c1dffc2c9bcf88c2a6d653655113ed0dfc5b0efa057f748eec20031cf6fd3c796db35e2fc3e578a9e999634cbdfeed022b33fd2b46886f2cb18254b30f32e1f3eb2f09c4433288a2be1fa1f2ddb0dcaf29d3ba9fc44bafbd2633683581356f96884d5f89751c4a302781c9962f000ba285b9d3fa0a87d6fdff167badc74e20cd11637f3300052e491bc5e18a2d079e727871bc1f836efc00b8864d5b72c1a2d826599fbd693d92b7a2f895e9ceaeb5c77b2189cfd8ffaec488caa9a7899057cadd308c41d8e4def4fae18582b4a406ebbc1c416e8c9c564bc7fd18e982a96daaaa220bc766bf8f4bffe8ce37cbd9aba95384dd2cfa41a7fb641f21e3e86641f7b03326a885eef04f69373cad9aa566e64eb1e07a36c55118a9d7a51ade3daa356e09e7d0f78e957b7dca20a91e9ff0634bdd457b7b306da207915136ed7b4f3f2ec804ffd88f601f55b9f36f8be2762ba477641125e35e8f9618afc4e8ce9bb69ef0a3033d484ee2d11d9e645efc9158ca3c155508ff945db68258d40685bc477cc906e4593d8e86d0f251aadfb89c1f2c9c169931b1eb682b2554701941fe1ed03bfc27dc68a16c86fc966b774d1ebb95fdb75548830d7d868c84277668e25a1ef2a13325fb385190bfe419ab155e64"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000100)='kfree\x00', r8}, 0x10) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000580)='./file0\x00', 0x80, &(0x7f0000000000)=ANY=[], 0xfd, 0x22e, &(0x7f0000000c00)="$eJzs2k+LW1UYwOH3dkZap0wT8R8tiAfd6ObSZOXCRQdpQQwo2ggqSG+dGw3JJENuGIhIOzu3fgTX4tKdIP0Cs/ETdOFuNrPsQrzSptiZEsFabNQ8zyYvnPzgXE4IZ3EP3/xmZ9Cr8l4xjVNZFuuXYj/uZNGMU7EWc/vx+o03br/0wUcfv7PV6Vx+P6UrW1db7ZTSuZd/+uSr71+5NT374Q/nfjwdB81PD4/avxy8cHD+8LerX/Sr1K/SaDxNRbo+Hk+L68MybferQZ7Se8OyqMrUH1Xl5MR6bzje3Z2lYrS9ubE7KasqFaNZGpSzNB2n6WSWis+L/ijleZ42N4LH0f3uTl3HUf3Utajr+ulv4+yt2LwdjcieSdmzl7Lnr2Uv7mfnj+q6seyt8o9w/qvN+a8257/ajl3qzkTsfL3X3evOP+frW73oxzDKuBiN+DXu/kzum89X3u5cvpjuaUbauXm/v7nXXTvZt6IRzcV9a96nk/3p2Djet6MRzy3u2wv7M/Haq8f6PBrx82cxjmFsx932QX+jldJb73Ye6i/c+x4AwP9Nnv6w8P6W53+2Pu8f4X740P1qPS6sL/fZiahmXw6K4bCcGP7qkP2Nai3+JZs3rM5QZ4+TL/ufiSfhwaEveycAAAAAAAAAAAA8iifxNuKynxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+G/4PQAA//9R0vDu") mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) 203.472024ms ago: executing program 3 (id=1175): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) getsockname(r1, &(0x7f00000014c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001540)=0x80) sendmsg$nl_route_sched(r0, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000009380)={&(0x7f00000000c0)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x600, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0) 191.900505ms ago: executing program 4 (id=1176): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = dup(r0) sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x310}, 0x3}, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="0000000000000000b705000000000000850000007500000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="d4000000", @ANYRES16=r2, @ANYBLOB="010025bd7000ffdbdf252100000008000300", @ANYRES32=r7, @ANYBLOB="700084801000010072213a37314985f82566aa242400010034558714857ddf7d3c4dd20d8f31e83750813ddd36af1a3a79a093be591b5fba080002000000000008000200ff7f00000a00010002020202020200001c0006800800050000000000080003000000008008000100feffffff100084800b0001008c040c668f28620006009800010000000400ff000a00f500da8bd33bb3e700000a00060008021100000000000400ec000400ff0008009e"], 0xd4}}, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000a80)=ANY=[@ANYBLOB="50010000", @ANYRES16=r9, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r10, @ANYBLOB="3301330080000000080211000001080211000000505050505050000000000002000000000000145000000100030124040600000000000005f5204903b81f0eb513b1451feae34fe032a1b514256261b428cde2bd214b230b96948a4cf7bd40a472449a3da3c5ff224435fec3e2423d93599a55d53ea25dfd3dda0c944df7ccb535ddc28eccfb08aa8abfbf76751278ae37cc24c443d5c3e32eda79508217e580845035bc9aafc668f02f097551d0e30a6158ddecc4f64e7173d2ce39139c14bb06e2c73fb15a8aa14c21f62331599793f4060d4ba5792efa0103b55ecd200f128b68534fc2281c764f93ae57a4daf6282bfad870b89332918d1259d1fabb9e40ba28d662475390949cb6cebb13d9565d28ddffc60faf78c7a310f41cceaccf47cd1029ccfb3ea5f5d9404a0c4cce5d959d8415ab450d96d642d221030000c1005e1f9be31a0333e455e4e0cdc4"], 0x150}}, 0x0) sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000100)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000740)=ANY=[@ANYRESDEC, @ANYRES16=r2, @ANYRES32=r4, @ANYRES16=r11, @ANYRESHEX=r2], 0x110}, 0x1, 0x0, 0x0, 0x24040805}, 0x401c001) r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x48) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) r13 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r13, 0x125e, &(0x7f0000001080)) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000040)={r12, 0x58, &(0x7f00000002c0)}, 0x10) r14 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r14, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4) bind$inet6(r14, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r15 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x1a9001) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r15, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00'}) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r15, 0x40bc5311, &(0x7f00000001c0)={0x80, 0x1, 'client1\x00', 0xffffffff80000006, "d62e980da99179cf", "20e48560999fd132b6a5426180a8c27a00fcfffff0003336f794d20352346f8f"}) write$sndseq(r15, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4) 157.572007ms ago: executing program 3 (id=1177): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$caif_stream(0x25, 0x1, 0x0) recvmmsg(r0, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) socket$inet_sctp(0x2, 0x5, 0x84) shutdown(0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), r1) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xa) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="2800000014002101000000000000000002200000", @ANYRES32=r2, @ANYBLOB="08000400ffffffff08000200e0"], 0x28}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x28}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv4_deladdr={0x20, 0x15, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}, [@IFA_ADDRESS={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x20}, 0x1, 0x1000000}, 0x0) fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) 156.946698ms ago: executing program 0 (id=1178): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad4104c60000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14) getsockname$packet(r2, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@RTM_NEWMDB={0x38, 0x26, 0x1, 0x0, 0x0, {0x7, r4}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x0, 0x0, 0x0, {@ip4=@empty}}}]}, 0x38}}, 0x0) 154.748008ms ago: executing program 3 (id=1179): syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000200)='./file1\x00', 0x202000, &(0x7f00000008c0)={[{@stripe={'stripe', 0x3d, 0x3}}, {}, {@data_ordered}, {@data_err_ignore}, {@noauto_da_alloc}, {@init_itable}, {@noblock_validity}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==") pwrite64(0xffffffffffffffff, &(0x7f0000000140)='2', 0x1, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = socket$inet6(0xa, 0x6, 0x0) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000000c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x5422) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000000c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2) close_range(r0, 0xffffffffffffffff, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) socket$netlink(0x10, 0x3, 0x0) socket$caif_stream(0x25, 0x1, 0x0) setsockopt$CAIFSO_LINK_SELECT(0xffffffffffffffff, 0x116, 0x7f, 0x0, 0x1) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x10, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000980)={[{@jqfmt_vfsv1}, {}, {@barrier_val}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=") r3 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r3, &(0x7f0000000400)={0x18, 0x0, {0x8004, @dev, 'lo\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r3, 0x80047437, &(0x7f0000000100)) ioctl$PPPOEIOCSFWD(r3, 0x4008b100, 0x0) r4 = open(&(0x7f0000000040)='./file1\x00', 0x181681, 0x0) fallocate(r4, 0x0, 0x0, 0x1000f4) r5 = open(&(0x7f0000000140)='./file1\x00', 0x141042, 0x0) fallocate(r5, 0x8, 0x0, 0x10000) 113.036791ms ago: executing program 0 (id=1180): ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(0xffffffffffffffff, 0xf502, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000019000100000000000000000000000000000000000000000000000000fe8000000000000000833449155bf3c2640000000000000002"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x17, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}, 0x1, 0x9000000}, 0x0) 70.240144ms ago: executing program 3 (id=1181): r0 = socket$inet6_sctp(0xa, 0x0, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000340), 0xe) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000005f40)={0x0, 0x20000000, 0x3, 0x4}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='percpu_free_percpu\x00'}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) listen(0xffffffffffffffff, 0x0) syz_emit_ethernet(0x4b, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "083ff2", 0x15, 0x6, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, {[], {{0xfffd, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"e3"}}}}}}}, 0x0) 69.658925ms ago: executing program 0 (id=1182): r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2) ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x40, 0xe, 0x0, 0xcca, 0x0, 0x800000, 0x0}) r1 = socket$inet(0x2, 0x1, 0x10000005) setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r3 = accept$inet6(r2, &(0x7f0000000380), &(0x7f00000003c0)=0x1c) getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000400)=@assoc_value, &(0x7f0000000440)=0x8) signalfd4(r2, &(0x7f0000000480)={[0x1]}, 0x8, 0x800) r4 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r4, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'dummy0\x00'}) r5 = socket$netlink(0x10, 0x3, 0x0) getpeername$l2tp(r1, &(0x7f0000000540), &(0x7f0000000580)=0x10) sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000300)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="1544010000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r2, @ANYBLOB="08000300", @ANYRESHEX=r5], 0x44}}, 0x0) sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0) r6 = syz_open_procfs(0x0, &(0x7f0000000000)='comm\x00') faccessat2(r6, &(0x7f0000000040)='\x00', 0x1, 0x1300) r7 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r10 = socket$nl_route(0x10, 0x3, 0x0) r11 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000080)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r12}]}, 0x3c}}, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r7, 0x40042408, r9) r13 = socket$packet(0x11, 0xa, 0x300) setsockopt$SO_ATTACH_FILTER(r13, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10) setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x1e8, 0x0, 0x8, 0xfa04, 0xc0, 0x6c02, 0x150, 0x194, 0x194, 0x150, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @local, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x98, 0xc0, 0x0, {0x0, 0x74020000}, [@common=@inet=@socket3={{0x28}}]}, @common=@inet=@SYNPROXY={0x28}}, {{@ip={@broadcast, @rand_addr, 0x0, 0x0, '\x00', 'tunl0\x00'}, 0x0, 0x70, 0x90}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x248) 60.524515ms ago: executing program 3 (id=1183): setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) io_setup(0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$inet(0x2, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_sctp(0xa, 0x0, 0x84) syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB]}, 0x78) 56.849596ms ago: executing program 4 (id=1184): syz_io_uring_setup(0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x10, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a9a81) ioctl$USBDEVFS_FREE_STREAMS(r1, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303100007006000000002000020d3"]) ioctl$USBDEVFS_CONTROL(r1, 0x4004550d, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 45.118337ms ago: executing program 0 (id=1185): bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0xb, 0x100, 0x100, 0x9, 0x1}, 0x48) bpf$MAP_LOOKUP_BATCH(0x1b, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000280)="67b2cbe259921b368a221981adc23c99526f781c1cefb6ad1390bacfc975f635377a9051ef7c34edc2a74c9e50", 0x0, 0x6}, 0x38) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0}, 0x38) 1.76066ms ago: executing program 2 (id=1186): socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$inet(0x2, 0x80001, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$netlink(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1506000000000000004c0100000024000180060005004e22000008000300ffffffff060001000200000008000600a7"], 0x38}}, 0x0) (fail_nth: 3) 861.76µs ago: executing program 0 (id=1187): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x5}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000440)='bridge0\x00', 0x10) sendto$inet(r1, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10) sendto$inet(r1, 0x0, 0x0, 0x700000000000000, 0x0, 0x0) 419.8µs ago: executing program 2 (id=1188): r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000003c0)={[{@errors_remount}, {@nodiscard}, {@journal_path={'journal_path', 0x3d, './file1'}}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x77}}, {@resgid={'resgid', 0x3d, 0xee01}}, {@sysvgroups}, {@grpid}, {@data_journal}]}, 0x14, 0x4e8, &(0x7f0000001100)="$eJzs3c9vFFEdAPDvTLv8LLaoByQRiGAKUXZbKtB4QEyMnEhEvGNtt03TbbfpboE2xJR418QYNfHkyYuJf4CJ4U8wJiR6N2g0RkEPHtQ1OzuLpezSKstubT+fZJj3Zrb9ft/SfTtv5mUmgEPrQkTcjoihiLgSEaP59jRf7jT332u97tXLJ7PNJYlG4/6fk0jybe3fleTrkxGxFRHHIuKrdyK+kbwdt7axuTRTqZTX8nqpvrxaqm1sXl1cnlkoL5RXpqYmb0zfnL4+PdGTdo5FxK0v/f773/nJl2/94rOPfvvgj5e/2UxrJN+/vR291Gp6IXsv2oYjYu1DBBuAoXxd6LL/20N9TAYAgF01j/E/GhGfyo7/R2MoOzoFAAAADpLGF0biH0lEAwAAADiw0mwObJIW87kAI5GmxWJrDu/H40Raqdbqn5mvrq/MtebKjkUhnV+slCfyucJjUUia9cl8jm27fm1HfSoiTkfE90aPZ/XibLUyN+iTHwAAAHBInNwx/v/baDb+PzrovAAAAIAeG9tRd88mAAAAOHh2jv8BAACAg8f4HwAAAA60r9y921wa7edfzz3cWF+qPrw6V64tFZfXZ4uz1bXV4kK1upDds295t99XqVZXPxcr649L9XKtXqptbD5Yrq6v1B8svvEIbAAAAKCPTp9/9pskIrY+fzxbmo4MOimgL5Jd9mcPCXmRV37Xh4SAvnGrHzi8hgedADAwhUEnAAzcbucBuk7e+WXvcwEAAD6M8U90v/7v3AAcbOmgEwAA+s71fzi8Cm/OALw+uEyAQfnILvvf//p/o/FfJQQAAPTcSLYkaTG/FjgSaVosRpzKHgtQSOYXK+WJfHzw69HC0WZ9MvvJZNc5wwAAAAAAAAAAAAAAAAAAAAAAAABAS6ORRAMAAAA40CLSPyTZ3fwjxkcvjew8P3Ak+ftoto6IRz+6/4PHM/X62mRz+19eb6//MN9+bRBnMAAAAICd2uP09jgeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHrp1csns+1lDy8/0qu4f/piRIx1jH/+WLY6FoWIOPHXJIa3/VwSEUM9iL/1NCLOdIqfNNOKsWhl0Sn+8X7H3/aupxFxsgfx4TB71ux/bnf6/KVxIVt3/vwP58v76t7/pdFoNBqR93Od+p9Te4xx9vnPSl3jP404O9y5/2n3v0mX+Bf3GP/rX9vcfHtrqzNr/DhivOP3T/JGrFJ9ebVU29i8urg8s1BeKK9MTU3emL45fX16ojS/WCnn/3aM/91P/vxf72r/iS7xx3Zp/6U9tv+fzx+//FirWOgU//LFzt+/Z7rET/O/iU/n5eb+8XZ5q1Xe7txPf3XuXe2f69L+1///Hb5omzEv77H9V+5968UeXwoA9EFtY3NpplIpr/0/FtLYF2nsj0LziGwfpPG/F47ujzQUWoVB90wAAECv/eegf9CZAAAAAAAAAAAAAAAAAAAAwOHVj9uJ7Yy5NZimAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8078DAAD//6U726Q=") creat(&(0x7f0000000040)='./bus\x00', 0x0) (async) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1e, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000000000000bfa30000000000001403000000feffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000007c000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac66ad029d1c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d6f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a7c31de7910d1ed4065a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db3503680e5e5971ff4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dacfeb47479321a0574fb304bc2a1681989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3de8726c2a61ec45c19f97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde0745db06753a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9bdce38c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4af05c28308241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5490f6589880ed6eea7b9c670012be05e7de0940313c5870786554df2623d58f5ace92d028f2c71a6ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77962a2cd8a104e16b77d5f7f13b1640d43e11801140caf1a8b1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b905fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af0a77fbcf2cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c026ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf34117a82a96b2ced73abb8e4bb718d6ee7aebf9ef40662d7836d252c566f5ee938a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7eee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab50fe82d5a96b09c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000001762e5f5a3a0bc33fdbe28a5ffc83f2f08544eb2794e7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f85d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d801002653c4d9818708e27c89b552d3fcd11ebce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff2a8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4000000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b850580994484305d7a1759782ae57773e0d8b0ab900edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0bd91e328b6a6f732a91f0e2e9120be61e58c79d497247d278888901d44bf77ff246605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c2d0836395fe39f0e11c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc71300000000000021000000b12f0ec0412268860027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b50f3ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861ddb54684cb73e7aeefae47fa09fd88e6043bd52ae84c1bb0c8a6b769f952283a1f4e3842edb3d42c68a2102fa1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e81163bde261fd00000000007271e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d1b8b90bc0df4c4b51b1f922a44ec675203bf8d1548e49262727c3de6daab3b4ed15aa99802e45d0620617e839b5237ddfcf103c91e61d174e3be6c9fd47398797e3b814e751ff31ecb42de6dd9d6b88121aaa680c236a303914e00150e1ec3f144ebc28287d5b51cfb8cabb844d12b140767d0fc24425590024b2e431722392489e3d43b3e31438a0138988083c47c61384d54e9a40fba01cac6e59ec82edc764840fe551c1d57442970cd8e59b9f41094e158c0a1ee855d8515599685486c2a21fa1c107531a0db8306441e8408b34aa90e9736e672d74cb8e78f8bdb93a23d024fc200796836ab396911a56231e953efad6cd83db32ffc595d970108e9547ea0000002730d5d1b70fe8b458ac1651135037b6cb9c8053299f77ab84c5b9fd2f764c3caa9c69377c397d310ddc7bc4bfa165def7b49e28ef196ae263b6829a8419d8860f56c86c288964ac4bc19839d96ff24b981c3a4fd6f93a000000ea9d6b06dafae4c91177"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0xa}, 0x48) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x34, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x50) (async) r2 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000002040)={[{@discard}, {@bsdgroups}, {@resuid}, {@noblock_validity}, {@minixdf}, {@errors_remount}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@nomblk_io_submit}]}, 0x1, 0x5d8, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async, rerun: 64) setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0) (async, rerun: 64) r3 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r3, 0x0, 0x0) (async) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f00000019c0)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0}}) ioctl$sock_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000001980)) (async) ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000640)={r4, 0x5, 0x0, [0x0, 0x0, 0x0, 0x9], [0x0, 0x7fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xb062, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x800]}) (async) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000300)={{}, 0x0, 0x0, @unused=[0xfffffffffffffffb, 0x7d3, 0xbdd], @devid=r4}) (async) ioctl$BTRFS_IOC_WAIT_SYNC(r2, 0x40089416, &(0x7f00000001c0)) (async) llistxattr(&(0x7f0000000180)='./file0/../file0\x00', 0x0, 0x0) (async) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kmem_cache_free\x00', r5}, 0x10) statfs(&(0x7f0000000400)='./file0\x00', 0x0) (async) r6 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r6, 0x0, 0x0, 0x1000f4) (async) open$dir(&(0x7f0000000240)='./file0/../file0/file0\x00', 0x80, 0x80) r7 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@cgroup=r7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async, rerun: 64) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) (async, rerun: 64) r8 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0) write$binfmt_script(r8, &(0x7f0000000080), 0x208e24b) (async) socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x12, 0x0, &(0x7f0000000280)) 0s ago: executing program 3 (id=1189): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000340), 0xe) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000006000)}, &(0x7f0000005ec0)=0x10) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000100)=r3, 0x4) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000005f40)={0x0, 0x20000000, 0x3, 0x4}, &(0x7f0000005e80)=0x10) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000"], &(0x7f0000000440)='syzkaller\x00'}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='percpu_free_percpu\x00', r4}, 0x10) ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400) close(0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) r5 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000000c0), 0x80000, 0x0) r6 = ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) ioctl$LOOP_CTL_REMOVE(r5, 0x4c81, r6) setsockopt(r1, 0x0, 0x82, 0x0, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000240)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x26, 0x0, "8ddbb51a3cfd954e41e8ccb21f650fa6a867fb9bbcf0feeee4dc036d0675af58b39fa8d54ee8323507a61a95cf134ce8f605671338c7f8838a00bdfba71bc4b828c7de258b6b9ca1fc52bcc83e2a016a"}, 0xd8) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) r7 = getpid() process_vm_readv(r7, &(0x7f0000000200)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}, {&(0x7f00000005c0)=""/90, 0x5a}], 0x3, &(0x7f0000008640), 0x0, 0x0) syz_open_procfs(r7, &(0x7f0000000000)='net/udp\x00') syz_emit_ethernet(0x4b, &(0x7f00000003c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "083ff2", 0x15, 0x6, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, {[], {{0xfffd, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"e3"}}}}}}}, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000e40)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095", @ANYBLOB="487af75036137bfc053b1e58aefdb217d0a081fcbe1994b7cfac93e0f9688f7c67ef0d853e219e1ce196d016c1057356afbdb5a6df97e2426ed7fbff304d1226332cf06b3fc054e06eabdf825317f77e6e428d4f071424992a50e8bbdfdef79b4f3a27efca3aa961efe3122e28cd622bd4a58df949ae24b437ed46c2ca0aab0a08940087886470602cd316c20defa9b43c8f9a586b97c394f7b01f46f00e59d0a83d29f7e76a05b3dcfb62c293e62083b5ba8879e40a062a08350e46c13bfcda8564c8101a0b7587f04932c523703c961b025d341e5f7922300b1a65974ad97d0eac31d970a294f05f2f417dfe6018081c98cc43f2af35fed22c6eda7d873a7ad3761f9d52071602001618f9b8425aa70c8ce69a8240b8aeca192644b257b00641ba0dbb2e27331e157bf67f21a50a3bf8014947274eb006e7668efa2b9c7fba260004a74a5f3a7f7a43fdd3b0f173b12fb2680c119214b7c1d958ea0dde55d96ab7a04a667faf5684840a43d3cf89979a2d55c3f39e48149f64350a1688513920be726b52dc74bcc7030a5aac483dc90f10acf9d96844c2d728cebf289af86ee2f20bc130376ce35c011200238f1e69d663504a6f5cf0825fed6d4839032852ea8c1e524b062406acfaad6dc06e25f548ee5d49b6e8be7da9496d1137481d758cffcfc3b5b305287e49f9cbb83f1cb24c3b2cd6253a06de14811007a51a54d4a3bc932cd65c6e6c07056519ca9948f8d4dc01db919c46997a5d2af914355bfd85f6f3b4a2ea275b723055f187f86c50e951aa4041932a31652dd6c6f76f6717af6781a48d227ad05eb45b1eef77caf9220b7c384302354a7c14eee4c40f49bc2b26039f208c8e1af2df3206e7bff5257aecb45f63fa367e02176404ab634cf086a8b394e492ba29aa707bf60f89de00f6d6645103341ee394c3023ba7be6e70f5ff7becba2e49b26eb7aa21d61f1966b0704112d555d1963445bdf2df1a2a6ea3fe521a8418bddf66711b95169b2ffcf87785680170ba5bf3f2bc78776b792d8a4975e6ad2748eb50c00b7a01e1fd5a0527583b5a7947fcd99e90e9d9120fc5ef753314412bede2d97744a4eec69d0a8f2c367837dd8676a1164b2654c773ce5c9ded1ce7072337e3ac224e6a51cb76ffe22a12141b0d57678c96ec3c61767afc1a2b1be2d5848a61a6abd527107884af7baa7353c3214dfdcc8ed8a62af29e6f41a9cf405a053560950da6271eb6564812c185dfd83b59341924e55e98c637e087a7e28796194cfaf89786aab69f44f2cfefdae39598a290386aa6938e440500fa7daeb13eb498279196b32c1b709d235e0c8d7ecfe50a8cc6a1b7ff2bf9831e50baa79284ab551b3f8891c168b1c59bf9c146b8cc2c5d449c7b321e67d54fbb6ae3d744762d825efe4d68c0b435893e37434f4ff1e920131f7f3415f94fdf4c10e88873c75da3feeb9eb479f87be62840bfa37031ae4dd046bf7ea816188796ad7e827f5ce433714f840c957abcbcbdbae6a304a684cd8051be5a9688c65876cea6e0c519438ba160574f2c5813c2b628f15055e8b3980c72ad51ef7ce51b4143a881cfc12f295262e65972ef22c67a701d3a6b87f480928b8e21dc831b3b4c3cc763700734ad89890aacddcae8af888ac8e875b2c87e7ad0be8ef611cd4eab73737dfc5e65f756eb575a1e5e8866107d33c1b1e68830ad15765ac276d79cc426fe2c190ce9d7eabecd8977f5507370d2b01da2c902ad6d7f4334f40d58376d4e8da5d873f5d7cdc0928bbcfd68cb261fbce70c6259c145613af4272e252b89b923fe7d98a457d7be4155532e60ff508e23bedd455e91e8bcdd7dcfa3661fe47b5b44bc2d1115beecdcd61ad71310ff1c1580f339b8d7252dc7fb780fa8470632a094ca4c91d58d8ccbc03b93e2cb7fce0a00590c161d2a314a31613b1e0338ea3c327c43cb8c0f50169c178d86744778bce05f5638d13f9e893b20e6bd7f63678c05418ebed82db4d9f873a8fa1a1e774edb7e7d5e9c392075460d5445e5c9b3a5aabdf93c292525a5e69f6f967dca56e7c7401eab63c4e5c4fd8410fcf7a8ba4c731bb71ce9c5bbbc9e7978cc20ae85abdd0554661df00ea42c213e2c30fb17b437b4bb15fda60406edea93524b075c29703b711586103867261a000269c6a3ce6e25c0fb8153db15661098cc48899646a2cd63a3301e797641804db27e500a35b542889b79d0704d9fe680680218a6c21410e98b56b13a1efb3eef27ce7be2f459f620bc17d6729687b0ad98e67f4a82ef86b46ca5f50cc0e1b98a732fdc68577ec8b7af1508c9e6c329dd224744f88ead642a909bd3cecfbfb32f151d21c6fa3b3c4389a921c3ab1fb5dda37a394a0a90abc65b3f29eb0e6f80390070e9c55713f5c209fffc916fa19f2116fb0dba04fb937191499cd3769562848ad8c072d8b7887047fec6aa3e36eca7d77668c6f4b8fa1037ae7454dd982194b4195c75e81ce43a01f0a6fbba82f60aedb5bbc30029ea7d3a8fcd6593fdffb8e2fdbe7bda26cea1686b7268928584a26713e7f9647f54adf1a896ca36d7dde734916e87c260afb63b8defec02ed36d1c022510028d77e453608f914a441ad3fb8d551a64b9b8705c1581644c5daf8a6bb4dee37c900bc50e201791067beb6d5d8229fa34800882b0c43643662140f1a89c3beff2634c3264998d1e647b56690fc06c39f3c4adb763f4f88b0a5e997c64014393746ee75f51bafd6e8bf232e5d24a9add9dfd5dd3d9ce9ccf5ac4a036305803ff4c5b1200cdf333147c3d1ddbe244fe64aed803e5efea09ab36f8d22e9f8d2507c53370dc041879d50e55e1daa263addf4cc3647b9e865634d4d50401bafd390ab51679943d63b101c42c8d63cefb769606ebe2327a760b5734b326c9535ac54a5421b447a042c5036661696819a10cd346d80377197b7635368af50aa07e2161a65c8b515d42b9b9318242b6302bb3a0538dc939443dc0c00018fd5ff8ac0327a17870c9d8cd1907d6ae0dbfa0f82f1bca6eec0b8d136dd8e777756831d62b8e64516632b5b2abdda77e361c198dacdf3b469bd5ea019091e852d36cf9215ac85b44c3366ccf089a6abe3d9be95bcf62e903d0e310cf2216d706fd1c743a4f430c9668949e391f58cd665d47793e2e996728e68cf21e8fc170aecaf0005684774f852aacffad16f697222bd37061a994bb7907a976a634a486f9b3bc0245f85e88578fda3f9115172bdce89418b9898e7bf4629a242d3cd80bee2e9ed38fd726d5c012fb47043332c08adb7f66ef51f2c5ccb8b8b78cad78f6d53be6df702d7c2ec68906f1f0b0b40ec894405c36458ff364a02b7057a2756150e2f1919bd7f3a2f225ace2310419ffd0047b7fc483b0ca0e6287508fe3a2303ef83420df67b553cfa9cb16068001366555f8a158cea7b46f4cc9eb84a16c0c8aeb421e3e9daf6cb33aff366992dae60326cefa5e3bcf8213b52f4bfe2344f81a489940c84f4c02e4d8df1328502892b2745aae9e3473c305191958d47c757a1e57f5e3a51e110ca35b4b168f2ce43cc717dac06c80884bed3c8ea1f8282145209e9fe4b4051df392c859646404c0a6c9ef9606ad23964bd62b59a8cc507fdbcc0318fc1ca8c5e98df5209d5731a90519ba00d3c1e4860ed9b602d550af6a3b92a96b0c9be7172636a8ccd12161abded8afde4a8d5f6a3f9332178d4835958902ca4f3d95310a967d08dd9f21596691fec4b1fd1821eedf8524a012ed9848cd269967c6450ee7e28e5602ca15934a03a99701d53db2ae9d5736b3368c4bb68c3b6ff666c2ba75043fc09a1ca54de2fe4f412b6dd1eef13d25fc7f2cf72992f3d3631f6afd75dd37f2ed8dec6505f9f305c9e9916fd409aaeee055e270f147a0181ab630da1ca8d53947cecc04a213f3a03a7183808459679889354cb7111537002410fc1b34dbcd1f23995dba9292ef82cc87fbb426ee21c485d928868adbd7a3e653d055e0202cb47ac992b8152dd629137c571aa61ffec01af73f1d28b247d019ba576849240b3986a5affc57468c677629dca62092902de01f6305d5f8a58294b22442ebe7c1cf7d61a8a25f616261a6e308c723bcfef9072d0acc096544c08d9831c43f07aef2807ba4462058c3a89600572837c4b4ab371d9f779e8a2f3f807671f2a9d175166e38b3f7405a7f107bcc2cbc42bdd9a46b30f1bf2abf33e140d2b745c581f362d2deb031112963084ed2e3febe4feb9a8a3e1dc0073628eb39fac9092537c954aa066c627237ad0600bc0eff71c118120333537d70aeaedef258b0213fe11c9297bfaeef9207186ddf1e6f37eac6ff823e7f87710f8abd281c0d403af029d2faa3990188bf2d8e5bfe84f214c9b32535cdc39e0f3d9f3c3e2f0721753ba2b34a1b31766bf155796faada26e7e0851137b838add81dac672af76aede1c424355877448377c67cb28528ab5f47d937cdfd19162e09222b2d758aa30fb19d0d4ae42994844c651e8f0ec1615a164a4de154f555dc43b05bfb7d13929c3e3f5e0b6d78183f01236d62cf1dcb03d16ce974a73dfb70f98cd96d496fb9516db6d92ad281fa624b25ccadf8933dfad924a5172802e5cc4879ee4ffc701517f2e6a0ce31ad4453b11a0adfcfed0f288bb7c29f0017e092a8290e631cfc778ec9747600d8bc1fd891506efde00a502a9f226d170911c4b6d88295da8b8d3a1be51512b9dd102ad49d7af2908711bd7d24449b18c3508609f2c06f35a9023f5f1ebdaeec7d0489d83023214f66afb297b5ce934b4c8f67f897713865ad70a6f56bc3bd9444d115f3306afd2f33a2f31f04dff5e8bb319fdb0e53ae20a8e8f8f13f67f5ec38b6bbce4326f85440f1e1bdb5c18bdd65db68a1acfeacee98c928d9a34a5577680aa552338a3cb37196f038bcd0df7bfb7ceb1e14f9c8e00771321defb92ea8e218e6add05aff4b142c6880752aa5d2320f9cb66ba07a8d2b90c50229d0c397a7a3a73bec913d86d60cc73d5fc7ab4c054f4ccbe23b494a50466f01d25d2ce8fd48dbd7e302981eeed92923d1874e2a7c09adcef34084403ec2b195f02115dfe9d7c205c7f1f59e296e6128ca34f0bd340b2dfaebc3a3ddca71dab6a25c1dffc2c9bcf88c2a6d653655113ed0dfc5b0efa057f748eec20031cf6fd3c796db35e2fc3e578a9e999634cbdfeed022b33fd2b46886f2cb18254b30f32e1f3eb2f09c4433288a2be1fa1f2ddb0dcaf29d3ba9fc44bafbd2633683581356f96884d5f89751c4a302781c9962f000ba285b9d3fa0a87d6fdff167badc74e20cd11637f3300052e491bc5e18a2d079e727871bc1f836efc00b8864d5b72c1a2d826599fbd693d92b7a2f895e9ceaeb5c77b2189cfd8ffaec488caa9a7899057cadd308c41d8e4def4fae18582b4a406ebbc1c416e8c9c564bc7fd18e982a96daaaa220bc766bf8f4bffe8ce37cbd9aba95384dd2cfa41a7fb641f21e3e86641f7b03326a885eef04f69373cad9aa566e64eb1e07a36c55118a9d7a51ade3daa356e09e7d0f78e957b7dca20a91e9ff0634bdd457b7b306da207915136ed7b4f3f2ec804ffd88f601f55b9f36f8be2762ba477641125e35e8f9618afc4e8ce9bb69ef0a3033d484ee2d11d9e645efc9158ca3c155508ff945db68258d40685bc477cc906e4593d8e86d0f251aadfb89c1f2c9c169931b1eb682b2554701941fe1ed03bfc27dc68a16c86fc966b774d1ebb95fdb75548830d7d868c84277668e25a1ef2a13325fb385190bfe419ab155e64"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000100)='kfree\x00', r8}, 0x10) syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000580)='./file0\x00', 0x80, &(0x7f0000000000)=ANY=[], 0xfd, 0x22e, &(0x7f0000000c00)="$eJzs2k+LW1UYwOH3dkZap0wT8R8tiAfd6ObSZOXCRQdpQQwo2ggqSG+dGw3JJENuGIhIOzu3fgTX4tKdIP0Cs/ETdOFuNrPsQrzSptiZEsFabNQ8zyYvnPzgXE4IZ3EP3/xmZ9Cr8l4xjVNZFuuXYj/uZNGMU7EWc/vx+o03br/0wUcfv7PV6Vx+P6UrW1db7ZTSuZd/+uSr71+5NT374Q/nfjwdB81PD4/avxy8cHD+8LerX/Sr1K/SaDxNRbo+Hk+L68MybferQZ7Se8OyqMrUH1Xl5MR6bzje3Z2lYrS9ubE7KasqFaNZGpSzNB2n6WSWis+L/ijleZ42N4LH0f3uTl3HUf3Utajr+ulv4+yt2LwdjcieSdmzl7Lnr2Uv7mfnj+q6seyt8o9w/qvN+a8257/ajl3qzkTsfL3X3evOP+frW73oxzDKuBiN+DXu/kzum89X3u5cvpjuaUbauXm/v7nXXTvZt6IRzcV9a96nk/3p2Djet6MRzy3u2wv7M/Haq8f6PBrx82cxjmFsx932QX+jldJb73Ye6i/c+x4AwP9Nnv6w8P6W53+2Pu8f4X740P1qPS6sL/fZiahmXw6K4bCcGP7qkP2Nai3+JZs3rM5QZ4+TL/ufiSfhwaEveycAAAAAAAAAAAA8iifxNuKynxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+G/4PQAA//9R0vDu") mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) kernel console output (not intermixed with test programs): 86808][ T3309] RSP: 002b:00007f5037f04048 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 33.495292][ T3309] RAX: ffffffffffffffda RBX: 00007f5038e10f60 RCX: 00007f5038c82bd9 [ 33.503323][ T3309] RDX: 0000000000000000 RSI: c46fad9de4df1d97 RDI: 00000000200003c0 [ 33.511323][ T3309] RBP: 00007f5037f040a0 R08: 0000000000000000 R09: 0000000000000000 [ 33.519330][ T3309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 33.527298][ T3309] R13: 000000000000000b R14: 00007f5038e10f60 R15: 00007ffe7d6dc098 [ 33.535406][ T3309] [ 33.546306][ T3313] capability: warning: `syz.0.26' uses deprecated v2 capabilities in a way that may be insecure [ 33.580653][ T3316] loop3: detected capacity change from 0 to 512 [ 33.587397][ T3316] EXT4-fs: Ignoring removed nobh option [ 33.593639][ T3316] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 33.606809][ T3316] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 33.618670][ T3316] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2856: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 33.632000][ T3316] EXT4-fs (loop3): 1 truncate cleaned up [ 33.637994][ T3316] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.673006][ T3083] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 33.688340][ T3321] loop0: detected capacity change from 0 to 512 [ 33.699734][ T3325] FAULT_INJECTION: forcing a failure. [ 33.699734][ T3325] name failslab, interval 1, probability 0, space 0, times 0 [ 33.712495][ T3325] CPU: 1 PID: 3325 Comm: syz.3.31 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 33.722121][ T3325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 33.726343][ T3321] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 33.732186][ T3325] Call Trace: [ 33.732199][ T3325] [ 33.746414][ T3321] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 33.747865][ T3325] dump_stack_lvl+0xf2/0x150 [ 33.755924][ T3321] EXT4-fs error (device loop0): ext4_do_update_inode:5075: inode #2: comm syz.0.30: corrupted inode contents [ 33.761019][ T3325] dump_stack+0x15/0x20 [ 33.761048][ T3325] should_fail_ex+0x229/0x230 [ 33.767124][ T3321] EXT4-fs error (device loop0): ext4_dirty_inode:5935: inode #2: comm syz.0.30: mark_inode_dirty error [ 33.777155][ T3325] ? fib_rules_register+0x2c/0x270 [ 33.777261][ T3325] __should_failslab+0x92/0xa0 [ 33.777293][ T3325] should_failslab+0x9/0x20 [ 33.777331][ T3325] kmalloc_node_track_caller_noprof+0xa6/0x380 [ 33.786779][ T3321] EXT4-fs error (device loop0): ext4_do_update_inode:5075: inode #2: comm syz.0.30: corrupted inode contents [ 33.797245][ T3325] kmemdup_noprof+0x2a/0x60 [ 33.797287][ T3325] fib_rules_register+0x2c/0x270 [ 33.809086][ T3321] EXT4-fs error (device loop0): ext4_do_update_inode:5075: inode #2: comm syz.0.30: corrupted inode contents [ 33.811627][ T3325] ? fib4_rules_init+0x12/0x120 [ 33.818120][ T3321] EXT4-fs error (device loop0): ext4_dirty_inode:5935: inode #2: comm syz.0.30: mark_inode_dirty error [ 33.829293][ T3325] fib4_rules_init+0x21/0x120 [ 33.835590][ T3321] EXT4-fs error (device loop0): ext4_do_update_inode:5075: inode #2: comm syz.0.30: corrupted inode contents [ 33.838776][ T3325] fib_net_init+0xc9/0x1e0 [ 33.851256][ T3321] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.30: mark_inode_dirty error [ 33.855136][ T3325] ? devinet_init_net+0x29e/0x3b0 [ 33.869824][ T3321] EXT4-fs error (device loop0): ext4_do_update_inode:5075: inode #2: comm syz.0.30: corrupted inode contents [ 33.870873][ T3325] ops_init+0x1ef/0x2b0 [ 33.882881][ T3321] EXT4-fs error (device loop0): ext4_dirty_inode:5935: inode #2: comm syz.0.30: mark_inode_dirty error [ 33.886886][ T3325] ? mutex_lock+0xd/0x40 [ 33.886918][ T3325] setup_net+0x2ea/0x7c0 [ 33.886948][ T3325] copy_net_ns+0x37b/0x510 [ 33.942593][ T3325] create_new_namespaces+0x228/0x430 [ 33.947903][ T3325] unshare_nsproxy_namespaces+0xe6/0x120 [ 33.953545][ T3325] ksys_unshare+0x3da/0x720 [ 33.958080][ T3325] ? ksys_write+0x178/0x1b0 [ 33.962588][ T3325] __x64_sys_unshare+0x1f/0x30 [ 33.967426][ T3325] x64_sys_call+0x2c8d/0x2d60 [ 33.972147][ T3325] do_syscall_64+0xc9/0x1c0 [ 33.976647][ T3325] ? clear_bhb_loop+0x55/0xb0 [ 33.981392][ T3325] ? clear_bhb_loop+0x55/0xb0 [ 33.986058][ T3325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 33.991997][ T3325] RIP: 0033:0x7f5038c82bd9 [ 33.996406][ T3325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 34.016013][ T3325] RSP: 002b:00007f5037f04048 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 34.024505][ T3325] RAX: ffffffffffffffda RBX: 00007f5038e10f60 RCX: 00007f5038c82bd9 [ 34.032469][ T3325] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000042000000 [ 34.040433][ T3325] RBP: 00007f5037f040a0 R08: 0000000000000000 R09: 0000000000000000 [ 34.048397][ T3325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 34.056440][ T3325] R13: 000000000000000b R14: 00007f5038e10f60 R15: 00007ffe7d6dc098 [ 34.064440][ T3325] [ 34.078410][ T3085] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.108945][ T3332] loop0: detected capacity change from 0 to 2048 [ 34.118416][ T3334] loop3: detected capacity change from 0 to 256 [ 34.125437][ T3334] vfat: Unknown parameter 'uni_xl{te' [ 34.164702][ T3332] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 34.207186][ T3349] loop4: detected capacity change from 0 to 512 [ 34.225802][ T3349] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 34.245279][ T3349] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 34.257286][ T3085] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.282334][ T3349] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 34.298046][ T3349] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 511 with error 28 [ 34.310530][ T3349] EXT4-fs (loop4): This should not happen!! Data will be lost [ 34.310530][ T3349] [ 34.320209][ T3349] EXT4-fs (loop4): Total free blocks count 0 [ 34.326520][ T3349] EXT4-fs (loop4): Free/Dirty block details [ 34.332611][ T3349] EXT4-fs (loop4): free_blocks=65280 [ 34.338053][ T3349] EXT4-fs (loop4): dirty_blocks=511 [ 34.343292][ T3349] EXT4-fs (loop4): Block reservation details [ 34.349307][ T3349] EXT4-fs (loop4): i_reserved_data_blocks=511 [ 34.402650][ T3087] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.573445][ T3379] loop3: detected capacity change from 0 to 512 [ 34.586199][ T3381] loop4: detected capacity change from 0 to 256 [ 34.591439][ T3379] EXT4-fs error (device loop3): ext4_orphan_get:1420: comm syz.3.49: bad orphan inode 1 [ 34.593082][ T3381] vfat: Unknown parameter '' [ 34.609828][ T3379] EXT4-fs (loop3): Remounting filesystem read-only [ 34.617417][ T3379] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 34.627763][ T3380] loop4: detected capacity change from 0 to 512 [ 34.640553][ T3379] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 34.648955][ T3379] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.659865][ T3380] EXT4-fs (loop4): orphan cleanup on readonly fs [ 34.676972][ T3380] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.52: bg 0: block 248: padding at end of block bitmap is not set [ 34.692395][ T3380] EXT4-fs error (device loop4): ext4_acquire_dquot:6844: comm syz.4.52: Failed to acquire dquot type 1 [ 34.706666][ T3380] EXT4-fs (loop4): 1 truncate cleaned up [ 34.707866][ T3389] netlink: 20 bytes leftover after parsing attributes in process `syz.2.55'. [ 34.713842][ T3380] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 34.734057][ T3380] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.755731][ T3380] loop4: detected capacity change from 0 to 256 [ 34.772878][ T3380] FAT-fs (loop4): Directory bread(block 64) failed [ 34.779691][ T3380] FAT-fs (loop4): Directory bread(block 65) failed [ 34.786694][ T3380] FAT-fs (loop4): Directory bread(block 66) failed [ 34.793524][ T3380] FAT-fs (loop4): Directory bread(block 67) failed [ 34.800474][ T3380] FAT-fs (loop4): Directory bread(block 68) failed [ 34.807532][ T3380] FAT-fs (loop4): Directory bread(block 69) failed [ 34.814546][ T3380] FAT-fs (loop4): Directory bread(block 70) failed [ 34.821240][ T3380] FAT-fs (loop4): Directory bread(block 71) failed [ 34.828266][ T3380] FAT-fs (loop4): Directory bread(block 72) failed [ 34.835152][ T3380] FAT-fs (loop4): Directory bread(block 73) failed [ 34.849351][ T3380] syz.4.52 (3380) used greatest stack depth: 9384 bytes left [ 34.869765][ T3398] loop4: detected capacity change from 0 to 128 [ 34.937624][ T3402] loop4: detected capacity change from 0 to 2048 [ 34.956981][ T3402] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 34.971137][ T3402] netlink: 32 bytes leftover after parsing attributes in process `syz.4.60'. [ 34.987463][ T3087] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 34.988219][ T3404] process 'syz.2.61' launched '/dev/fd/3' with NULL argv: empty string added [ 35.335522][ T3448] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=528 sclass=netlink_route_socket pid=3448 comm=syz.1.80 [ 35.468717][ T3464] Zero length message leads to an empty skb [ 35.487728][ T3467] FAULT_INJECTION: forcing a failure. [ 35.487728][ T3467] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 35.500981][ T3467] CPU: 0 PID: 3467 Comm: syz.1.88 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 35.510617][ T3467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 35.520691][ T3467] Call Trace: [ 35.523965][ T3467] [ 35.526908][ T3467] dump_stack_lvl+0xf2/0x150 [ 35.531512][ T3467] dump_stack+0x15/0x20 [ 35.535671][ T3467] should_fail_ex+0x229/0x230 [ 35.540424][ T3467] should_fail+0xb/0x10 [ 35.544639][ T3467] should_fail_usercopy+0x1a/0x20 [ 35.549747][ T3467] _copy_to_user+0x1e/0xa0 [ 35.554166][ T3467] simple_read_from_buffer+0xa0/0x110 [ 35.559578][ T3467] proc_fail_nth_read+0xfc/0x140 [ 35.564527][ T3467] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 35.570128][ T3467] vfs_read+0x1a2/0x6e0 [ 35.574397][ T3467] ? __rcu_read_unlock+0x4e/0x70 [ 35.579370][ T3467] ? __fget_files+0x1da/0x210 [ 35.584147][ T3467] ksys_read+0xeb/0x1b0 [ 35.588412][ T3467] __x64_sys_read+0x42/0x50 [ 35.592933][ T3467] x64_sys_call+0x27d3/0x2d60 [ 35.597611][ T3467] do_syscall_64+0xc9/0x1c0 [ 35.602117][ T3467] ? clear_bhb_loop+0x55/0xb0 [ 35.606878][ T3467] ? clear_bhb_loop+0x55/0xb0 [ 35.611573][ T3467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 35.617526][ T3467] RIP: 0033:0x7fc9de8686bc [ 35.621934][ T3467] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 35.641584][ T3467] RSP: 002b:00007fc9ddaeb040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 35.650045][ T3467] RAX: ffffffffffffffda RBX: 00007fc9de9f7f60 RCX: 00007fc9de8686bc [ 35.658012][ T3467] RDX: 000000000000000f RSI: 00007fc9ddaeb0b0 RDI: 000000000000000f [ 35.665978][ T3467] RBP: 00007fc9ddaeb0a0 R08: 0000000000000000 R09: 0000000000000000 [ 35.673945][ T3467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 35.681946][ T3467] R13: 000000000000000b R14: 00007fc9de9f7f60 R15: 00007ffecd8680a8 [ 35.689950][ T3467] [ 35.702271][ C0] vcan0: j1939_tp_rxtimer: 0xffff888113b23600: rx timeout, send abort [ 35.736916][ T3472] netlink: 4 bytes leftover after parsing attributes in process `syz.1.90'. [ 35.850049][ T3493] GUP no longer grows the stack in syz.1.96 (3493): 20004000-20008000 (20002000) [ 35.859574][ T3493] CPU: 1 PID: 3493 Comm: syz.1.96 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 35.869167][ T3493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 35.879292][ T3493] Call Trace: [ 35.882572][ T3493] [ 35.885517][ T3493] dump_stack_lvl+0xf2/0x150 [ 35.890149][ T3493] dump_stack+0x15/0x20 [ 35.894317][ T3493] __get_user_pages+0xbb6/0x10d0 [ 35.899415][ T3493] get_user_pages_remote+0x1df/0x790 [ 35.904720][ T3493] __access_remote_vm+0x15b/0x580 [ 35.909884][ T3493] access_remote_vm+0x34/0x50 [ 35.914608][ T3493] proc_pid_cmdline_read+0x3e9/0x670 [ 35.919919][ T3493] vfs_readv+0x3f1/0x660 [ 35.924192][ T3493] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 35.930035][ T3493] __x64_sys_preadv+0x100/0x1c0 [ 35.934907][ T3493] x64_sys_call+0x1d5c/0x2d60 [ 35.939676][ T3493] do_syscall_64+0xc9/0x1c0 [ 35.944224][ T3493] ? clear_bhb_loop+0x55/0xb0 [ 35.948970][ T3493] ? clear_bhb_loop+0x55/0xb0 [ 35.953706][ T3493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 35.959635][ T3493] RIP: 0033:0x7fc9de869bd9 [ 35.964050][ T3493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 35.983759][ T3493] RSP: 002b:00007fc9ddaeb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 35.992184][ T3493] RAX: ffffffffffffffda RBX: 00007fc9de9f7f60 RCX: 00007fc9de869bd9 [ 36.000169][ T3493] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000005 [ 36.008196][ T3493] RBP: 00007fc9de8d8e60 R08: 0000000000000000 R09: 0000000000000000 [ 36.016242][ T3493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 36.024241][ T3493] R13: 000000000000000b R14: 00007fc9de9f7f60 R15: 00007ffecd8680a8 [ 36.032229][ T3493] [ 36.182361][ T3501] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.189668][ T3501] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.210602][ C0] vcan0: j1939_tp_rxtimer: 0xffff888113b23600: abort rx timeout. Force session deactivation [ 36.266317][ T3501] netlink: 4 bytes leftover after parsing attributes in process `syz.1.99'. [ 36.535324][ T3525] netlink: 20 bytes leftover after parsing attributes in process `syz.4.108'. [ 36.621460][ T3534] netlink: 'syz.2.111': attribute type 3 has an invalid length. [ 36.667043][ T29] kauditd_printk_skb: 213 callbacks suppressed [ 36.667060][ T29] audit: type=1400 audit(1721165579.389:337): avc: denied { read } for pid=3545 comm="syz.2.116" name="event3" dev="devtmpfs" ino=233 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 36.700110][ T29] audit: type=1400 audit(1721165579.389:338): avc: denied { open } for pid=3545 comm="syz.2.116" path="/dev/input/event3" dev="devtmpfs" ino=233 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 36.725362][ T3552] netlink: 892 bytes leftover after parsing attributes in process `syz.0.113'. [ 36.803623][ T3565] futex_wake_op: syz.3.121 tries to shift op by -1; fix this program [ 36.818830][ T29] audit: type=1400 audit(1721165579.519:339): avc: denied { mount } for pid=3568 comm="syz.0.125" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 36.840836][ T29] audit: type=1400 audit(1721165579.519:340): avc: denied { write } for pid=3568 comm="syz.0.125" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 36.862110][ T29] audit: type=1400 audit(1721165579.519:341): avc: denied { add_name } for pid=3568 comm="syz.0.125" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 36.882677][ T29] audit: type=1400 audit(1721165579.519:342): avc: denied { create } for pid=3568 comm="syz.0.125" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 36.902878][ T29] audit: type=1400 audit(1721165579.519:343): avc: denied { associate } for pid=3568 comm="syz.0.125" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 36.906575][ T3574] netlink: 4 bytes leftover after parsing attributes in process `syz.2.126'. [ 36.924578][ T29] audit: type=1400 audit(1721165579.539:344): avc: denied { unmount } for pid=3085 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 36.988802][ T29] audit: type=1400 audit(1721165579.709:345): avc: denied { mounton } for pid=3581 comm="syz.3.131" path="/proc/50/task" dev="proc" ino=5433 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1 [ 37.011362][ T29] audit: type=1400 audit(1721165579.709:346): avc: denied { mount } for pid=3581 comm="syz.3.131" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 37.075395][ T3593] Invalid ELF header magic: != ELF [ 37.119046][ T3612] netlink: 'syz.3.139': attribute type 4 has an invalid length. [ 37.230951][ T3612] netlink: 'syz.3.139': attribute type 4 has an invalid length. [ 37.242283][ T3625] netlink: 3 bytes leftover after parsing attributes in process `syz.1.146'. [ 37.251144][ T3625] netlink: 3 bytes leftover after parsing attributes in process `syz.1.146'. [ 37.265539][ T3612] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 37.315014][ T3639] FAULT_INJECTION: forcing a failure. [ 37.315014][ T3639] name failslab, interval 1, probability 0, space 0, times 0 [ 37.327774][ T3639] CPU: 0 PID: 3639 Comm: syz.1.149 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 37.337434][ T3639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 37.347525][ T3639] Call Trace: [ 37.350813][ T3639] [ 37.353753][ T3639] dump_stack_lvl+0xf2/0x150 [ 37.358434][ T3639] dump_stack+0x15/0x20 [ 37.362623][ T3639] should_fail_ex+0x229/0x230 [ 37.367321][ T3639] ? io_cqring_event_overflow+0x5a/0x300 [ 37.372974][ T3639] __should_failslab+0x92/0xa0 [ 37.377905][ T3639] should_failslab+0x9/0x20 [ 37.382500][ T3639] __kmalloc_noprof+0xa5/0x370 [ 37.387283][ T3639] io_cqring_event_overflow+0x5a/0x300 [ 37.392754][ T3639] io_req_cqe_overflow+0x89/0xb0 [ 37.397769][ T3639] __io_submit_flush_completions+0x34e/0xa00 [ 37.403895][ T3639] io_submit_sqes+0xe91/0x1080 [ 37.408714][ T3639] ? kstrtouint_from_user+0xb0/0xe0 [ 37.413984][ T3639] __se_sys_io_uring_enter+0x1c6/0x15a0 [ 37.419556][ T3639] ? __fget_files+0x1da/0x210 [ 37.424316][ T3639] ? fput+0x13b/0x180 [ 37.428300][ T3639] ? ksys_write+0x178/0x1b0 [ 37.432877][ T3639] __x64_sys_io_uring_enter+0x78/0x90 [ 37.438305][ T3639] x64_sys_call+0x2567/0x2d60 [ 37.443006][ T3639] do_syscall_64+0xc9/0x1c0 [ 37.447547][ T3639] ? clear_bhb_loop+0x55/0xb0 [ 37.452228][ T3639] ? clear_bhb_loop+0x55/0xb0 [ 37.456924][ T3639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 37.462917][ T3639] RIP: 0033:0x7fc9de869bd9 [ 37.467355][ T3639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 37.487130][ T3639] RSP: 002b:00007fc9ddaeb048 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 37.495615][ T3639] RAX: ffffffffffffffda RBX: 00007fc9de9f7f60 RCX: 00007fc9de869bd9 [ 37.503644][ T3639] RDX: 0000000000000000 RSI: 0000000000006256 RDI: 0000000000000004 [ 37.511611][ T3639] RBP: 00007fc9ddaeb0a0 R08: 0000000000000000 R09: 0000000000000000 [ 37.520029][ T3639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 37.528073][ T3639] R13: 000000000000000b R14: 00007fc9de9f7f60 R15: 00007ffecd8680a8 [ 37.536050][ T3639] [ 37.566183][ T3653] __nla_validate_parse: 1 callbacks suppressed [ 37.566218][ T3653] netlink: 32 bytes leftover after parsing attributes in process `syz.4.152'. [ 37.583721][ T3644] netlink: 2 bytes leftover after parsing attributes in process `syz.2.151'. [ 37.668069][ T3664] usb usb9: usbfs: process 3664 (syz.4.154) did not claim interface 0 before use [ 37.679948][ T3664] x_tables: duplicate underflow at hook 1 [ 37.716667][ T28] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 37.755885][ T3669] netlink: 8 bytes leftover after parsing attributes in process `syz.3.157'. [ 37.778292][ T28] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 37.861794][ T28] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 37.959091][ T28] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 38.130409][ T28] bridge_slave_1: left allmulticast mode [ 38.136156][ T28] bridge_slave_1: left promiscuous mode [ 38.141897][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.282518][ T3707] TCP: TCP_TX_DELAY enabled [ 38.289407][ T28] bridge_slave_0: left allmulticast mode [ 38.295340][ T28] bridge_slave_0: left promiscuous mode [ 38.301218][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.565880][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 38.579334][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 38.590622][ T28] bond0 (unregistering): Released all slaves [ 38.721883][ T28] hsr_slave_0: left promiscuous mode [ 38.751075][ T28] hsr_slave_1: left promiscuous mode [ 38.763344][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 38.771021][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 38.783611][ T3758] capability: warning: `syz.2.175' uses 32-bit capabilities (legacy support in use) [ 38.793605][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 38.801126][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 38.810980][ T28] veth1_macvtap: left promiscuous mode [ 38.816569][ T28] veth0_macvtap: left promiscuous mode [ 38.822158][ T28] veth1_vlan: left promiscuous mode [ 38.827472][ T28] veth0_vlan: left promiscuous mode [ 38.932966][ T28] team0 (unregistering): Port device team_slave_1 removed [ 38.943990][ T28] team0 (unregistering): Port device team_slave_0 removed [ 39.006854][ T3677] chnl_net:caif_netlink_parms(): no params data found [ 39.073193][ T3785] FAULT_INJECTION: forcing a failure. [ 39.073193][ T3785] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 39.086393][ T3785] CPU: 0 PID: 3785 Comm: syz.1.185 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 39.096116][ T3785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 39.104442][ T3781] syz.4.184 uses obsolete (PF_INET,SOCK_PACKET) [ 39.106167][ T3785] Call Trace: [ 39.106177][ T3785] [ 39.118673][ T3785] dump_stack_lvl+0xf2/0x150 [ 39.123395][ T3785] dump_stack+0x15/0x20 [ 39.127735][ T3785] should_fail_ex+0x229/0x230 [ 39.132431][ T3785] should_fail+0xb/0x10 [ 39.136694][ T3785] should_fail_usercopy+0x1a/0x20 [ 39.141736][ T3785] _copy_to_user+0x1e/0xa0 [ 39.146165][ T3785] map_lookup_and_delete_elem+0x649/0x6a0 [ 39.151976][ T3785] __sys_bpf+0x53c/0x7a0 [ 39.156256][ T3785] __x64_sys_bpf+0x43/0x50 [ 39.160752][ T3785] x64_sys_call+0x2625/0x2d60 [ 39.165479][ T3785] do_syscall_64+0xc9/0x1c0 [ 39.170067][ T3785] ? clear_bhb_loop+0x55/0xb0 [ 39.174870][ T3785] ? clear_bhb_loop+0x55/0xb0 [ 39.179562][ T3785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 39.185476][ T3785] RIP: 0033:0x7fc9de869bd9 [ 39.189893][ T3785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 39.209582][ T3785] RSP: 002b:00007fc9ddaeb048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 39.218017][ T3785] RAX: ffffffffffffffda RBX: 00007fc9de9f7f60 RCX: 00007fc9de869bd9 [ 39.225986][ T3785] RDX: 0000000000000020 RSI: 0000000020000100 RDI: 0000000000000015 [ 39.234007][ T3785] RBP: 00007fc9ddaeb0a0 R08: 0000000000000000 R09: 0000000000000000 [ 39.241975][ T3785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 39.249999][ T3785] R13: 000000000000000b R14: 00007fc9de9f7f60 R15: 00007ffecd8680a8 [ 39.258061][ T3785] [ 39.262979][ T3677] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.270410][ T3677] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.280058][ T3677] bridge_slave_0: entered allmulticast mode [ 39.286783][ T3677] bridge_slave_0: entered promiscuous mode [ 39.308031][ T3677] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.315231][ T3677] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.332458][ T3677] bridge_slave_1: entered allmulticast mode [ 39.340638][ T3677] bridge_slave_1: entered promiscuous mode [ 39.395268][ T3677] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.431408][ T3677] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.475779][ T3677] team0: Port device team_slave_0 added [ 39.482643][ T3677] team0: Port device team_slave_1 added [ 39.538635][ T3677] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.545691][ T3677] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.571655][ T3677] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.613396][ T3677] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.620484][ T3677] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.646495][ T3677] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.744847][ T3843] netlink: 16 bytes leftover after parsing attributes in process `syz.1.196'. [ 39.759531][ T3677] hsr_slave_0: entered promiscuous mode [ 39.765917][ T3677] hsr_slave_1: entered promiscuous mode [ 39.862805][ T3850] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512 [ 40.102827][ C0] hrtimer: interrupt took 28345 ns [ 40.136054][ T3677] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 40.153261][ T3677] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 40.172557][ T3677] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 40.202320][ T3677] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 40.225560][ T3910] Invalid ELF header magic: != ELF [ 40.341213][ T3677] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.353910][ T3677] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.400383][ T3163] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.407544][ T3163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.429009][ T3163] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.436277][ T3163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.489961][ T3933] netlink: 'syz.1.217': attribute type 4 has an invalid length. [ 40.561475][ T3677] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.619734][ T3943] netlink: 'syz.1.217': attribute type 4 has an invalid length. [ 40.681756][ T3933] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 40.754055][ T3677] veth0_vlan: entered promiscuous mode [ 40.768903][ T3677] veth1_vlan: entered promiscuous mode [ 40.801520][ T3677] veth0_macvtap: entered promiscuous mode [ 40.812362][ T3677] veth1_macvtap: entered promiscuous mode [ 40.831824][ T3677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.842386][ T3677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.852248][ T3677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.862706][ T3677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.872731][ T3677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.883216][ T3677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.893087][ T3677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.903604][ T3677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.922391][ T3677] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.933388][ T3677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.943869][ T3677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.953772][ T3677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.964335][ T3677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.974190][ T3677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.984676][ T3677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.994555][ T3677] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.005039][ T3677] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.025609][ T3677] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.039469][ T3677] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.048275][ T3677] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.057185][ T3677] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.066092][ T3677] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.280354][ T4027] netlink: 168 bytes leftover after parsing attributes in process `syz.3.236'. [ 41.329980][ T4023] netlink: 'syz.2.235': attribute type 4 has an invalid length. [ 41.337821][ T4023] netlink: 17 bytes leftover after parsing attributes in process `syz.2.235'. [ 41.427402][ T4036] netlink: 'syz.3.238': attribute type 4 has an invalid length. [ 41.540750][ T4036] netlink: 'syz.3.238': attribute type 4 has an invalid length. [ 41.700765][ T4083] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 41.712773][ T4083] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1) [ 41.724802][ T4083] bridge_slave_0: default FDB implementation only supports local addresses [ 41.820523][ T4115] netlink: 'syz.4.257': attribute type 4 has an invalid length. [ 41.835399][ T29] kauditd_printk_skb: 96 callbacks suppressed [ 41.835483][ T29] audit: type=1326 audit(1721165584.559:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4116 comm="syz.3.258" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5038c82bd9 code=0x0 [ 41.913795][ T4115] netlink: 'syz.4.257': attribute type 4 has an invalid length. [ 41.976741][ T29] audit: type=1400 audit(1721165584.699:444): avc: denied { create } for pid=4116 comm="syz.3.258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 42.006363][ T29] audit: type=1400 audit(1721165584.729:445): avc: denied { bind } for pid=4116 comm="syz.3.258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 42.048143][ T29] audit: type=1400 audit(1721165584.769:446): avc: denied { create } for pid=4130 comm="syz.0.262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 42.067576][ T29] audit: type=1400 audit(1721165584.769:447): avc: denied { write } for pid=4130 comm="syz.0.262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 42.253767][ T29] audit: type=1400 audit(1721165584.969:448): avc: denied { create } for pid=4165 comm="syz.0.269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 42.279931][ T29] audit: type=1400 audit(1721165584.969:449): avc: denied { ioctl } for pid=4165 comm="syz.0.269" path="socket:[7618]" dev="sockfs" ino=7618 ioctlcmd=0x0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 42.562532][ T4202] netlink: 'syz.1.275': attribute type 4 has an invalid length. [ 42.600874][ T4202] netlink: 'syz.1.275': attribute type 4 has an invalid length. [ 42.641600][ T29] audit: type=1400 audit(1721165585.359:450): avc: denied { shutdown } for pid=4206 comm="syz.1.276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 42.734558][ T4134] delete_channel: no stack [ 42.764700][ T29] audit: type=1400 audit(1721165585.489:451): avc: denied { setopt } for pid=4212 comm="syz.3.278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 43.085801][ T4230] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 43.085801][ T4230] The task syz.3.284 (4230) triggered the difference, watch for misbehavior. [ 43.130483][ T4234] netlink: 'syz.3.286': attribute type 4 has an invalid length. [ 43.176854][ T4234] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 43.248431][ T29] audit: type=1400 audit(1721165585.969:452): avc: denied { map } for pid=4240 comm="syz.0.288" path="socket:[6809]" dev="sockfs" ino=6809 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1 [ 43.398928][ T4253] bond0: entered promiscuous mode [ 43.404134][ T4253] bond_slave_0: entered promiscuous mode [ 43.409881][ T4253] bond_slave_1: entered promiscuous mode [ 43.514256][ T4264] netlink: 264 bytes leftover after parsing attributes in process `syz.3.299'. [ 43.584042][ T4270] netlink: 20 bytes leftover after parsing attributes in process `syz.3.302'. [ 43.651573][ T4274] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 43.730336][ T4284] netlink: 28 bytes leftover after parsing attributes in process `syz.4.307'. [ 43.740433][ T4284] netlink: 8 bytes leftover after parsing attributes in process `syz.4.307'. [ 43.833923][ T4296] netlink: 20 bytes leftover after parsing attributes in process `syz.4.312'. [ 43.877273][ T4306] netlink: 32 bytes leftover after parsing attributes in process `syz.3.316'. [ 43.902640][ T4308] netlink: 20 bytes leftover after parsing attributes in process `syz.4.317'. [ 43.917461][ T4308] netlink: 8 bytes leftover after parsing attributes in process `syz.4.317'. [ 43.926963][ T4308] bridge1: port 1(veth1_to_bond) entered blocking state [ 43.934010][ T4308] bridge1: port 1(veth1_to_bond) entered disabled state [ 43.941387][ T4308] veth1_to_bond: entered allmulticast mode [ 43.948564][ T4308] veth1_to_bond: entered promiscuous mode [ 43.955291][ T4308] bridge1: port 1(veth1_to_bond) entered blocking state [ 43.962330][ T4308] bridge1: port 1(veth1_to_bond) entered forwarding state [ 44.025905][ T4320] bond0: left promiscuous mode [ 44.030839][ T4320] bond_slave_0: left promiscuous mode [ 44.036392][ T4320] bond_slave_1: left promiscuous mode [ 44.043096][ T4320] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.056807][ T4320] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 44.072419][ T4321] netlink: 20 bytes leftover after parsing attributes in process `syz.4.323'. [ 44.145223][ T4327] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 44.419788][ T4379] netlink: 16 bytes leftover after parsing attributes in process `syz.3.344'. [ 44.499229][ T4392] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 44.564648][ T4395] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 44.905686][ T4420] program syz.0.359 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 45.035797][ T4438] IPVS: Unknown mcast interface: [ 45.795358][ T4466] tmpfs: Bad value for 'mpol' [ 46.885668][ T4462] syz.1.377 (4462) used greatest stack depth: 7528 bytes left [ 46.951196][ T29] kauditd_printk_skb: 27 callbacks suppressed [ 46.951213][ T29] audit: type=1400 audit(1721165589.669:480): avc: denied { getopt } for pid=4506 comm="syz.1.395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 46.977839][ T4511] batadv0: entered promiscuous mode [ 46.983587][ T29] audit: type=1400 audit(1721165589.699:481): avc: denied { write } for pid=4506 comm="syz.1.395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 47.117935][ T4529] FAULT_INJECTION: forcing a failure. [ 47.117935][ T4529] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 47.131281][ T4529] CPU: 0 PID: 4529 Comm: syz.2.402 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 47.141045][ T4529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 47.141063][ T4529] Call Trace: [ 47.141071][ T4529] [ 47.157394][ T4529] dump_stack_lvl+0xf2/0x150 [ 47.161993][ T4529] dump_stack+0x15/0x20 [ 47.166161][ T4529] should_fail_ex+0x229/0x230 [ 47.170892][ T4529] __should_fail_alloc_page+0xfd/0x110 [ 47.176353][ T4529] __alloc_pages_noprof+0x109/0x360 [ 47.181556][ T4529] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 47.187061][ T4529] vma_alloc_folio_noprof+0x176/0x2d0 [ 47.192446][ T4529] do_wp_page+0x62b/0x22b0 [ 47.196910][ T4529] ? __rcu_read_lock+0x36/0x50 [ 47.201774][ T4529] handle_mm_fault+0xc4c/0x2ac0 [ 47.206660][ T4529] exc_page_fault+0x296/0x650 [ 47.211489][ T4529] asm_exc_page_fault+0x26/0x30 [ 47.216385][ T4529] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 47.222322][ T4529] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 47.241949][ T4529] RSP: 0018:ffffc90001333a50 EFLAGS: 00050202 [ 47.242847][ T29] audit: type=1400 audit(1721165589.959:482): avc: denied { mount } for pid=4549 comm="syz.3.408" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 47.248113][ T4529] RAX: ffff88810756ed80 RBX: 0000000000000e44 RCX: 0000000000000e44 [ 47.275715][ T29] audit: type=1400 audit(1721165589.959:483): avc: denied { setopt } for pid=4549 comm="syz.3.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 47.278155][ T4529] RDX: 0000000000000000 RSI: ffff888112534000 RDI: 0000000020002640 [ 47.278173][ T4529] RBP: 0000000000000000 R08: 0000000080000000 R09: 0000000000000000 [ 47.313399][ T4529] R10: 0001888112534000 R11: 0001888112534e43 R12: 0000000000000e44 [ 47.321456][ T4529] R13: ffffc90001333dc8 R14: ffffc90001333de0 R15: ffff888112534000 [ 47.329452][ T4529] _copy_to_iter+0x2c5/0xaf0 [ 47.334047][ T4529] ? __virt_addr_valid+0x1ed/0x250 [ 47.339233][ T4529] ? __check_object_size+0x35b/0x510 [ 47.344521][ T4529] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 47.350209][ T4529] __skb_datagram_iter+0xce/0x5c0 [ 47.355314][ T4529] skb_copy_datagram_iter+0x41/0x130 [ 47.360607][ T4529] netlink_recvmsg+0x1a4/0x780 [ 47.365445][ T4529] ? __pfx_netlink_recvmsg+0x10/0x10 [ 47.370771][ T4529] sock_recvmsg+0x13f/0x170 [ 47.375400][ T4529] ____sys_recvmsg+0xf9/0x280 [ 47.380197][ T4529] __sys_recvmsg+0x1ea/0x280 [ 47.384846][ T4529] __x64_sys_recvmsg+0x46/0x50 [ 47.389605][ T4529] x64_sys_call+0xb84/0x2d60 [ 47.394197][ T4529] do_syscall_64+0xc9/0x1c0 [ 47.398712][ T4529] ? clear_bhb_loop+0x55/0xb0 [ 47.403388][ T4529] ? clear_bhb_loop+0x55/0xb0 [ 47.408061][ T4529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 47.413976][ T4529] RIP: 0033:0x7f5eff189bd9 [ 47.418677][ T4529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 47.438322][ T4529] RSP: 002b:00007f5efe40b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 47.446747][ T4529] RAX: ffffffffffffffda RBX: 00007f5eff317f60 RCX: 00007f5eff189bd9 [ 47.454844][ T4529] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000003 [ 47.462813][ T4529] RBP: 00007f5efe40b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 47.470900][ T4529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 47.478879][ T4529] R13: 000000000000000b R14: 00007f5eff317f60 R15: 00007ffd616ac158 [ 47.486944][ T4529] [ 47.515305][ T29] audit: type=1400 audit(1721165590.239:484): avc: denied { unmount } for pid=3083 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 47.576518][ T29] audit: type=1326 audit(1721165590.299:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4552 comm="syz.0.409" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde4259ebd9 code=0x0 [ 47.614540][ T29] audit: type=1400 audit(1721165590.329:486): avc: denied { read } for pid=4563 comm="syz.2.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 47.642654][ T4558] block device autoloading is deprecated and will be removed. [ 47.658938][ T29] audit: type=1400 audit(1721165590.339:487): avc: denied { mount } for pid=4563 comm="syz.2.414" name="/" dev="ramfs" ino=8464 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1 [ 47.681165][ T29] audit: type=1400 audit(1721165590.339:488): avc: denied { create } for pid=4556 comm="syz.1.411" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 47.701805][ T29] audit: type=1400 audit(1721165590.349:489): avc: denied { mounton } for pid=4556 comm="syz.1.411" path="/79/file0" dev="tmpfs" ino=451 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 47.703427][ T4558] syz.1.411: attempt to access beyond end of device [ 47.703427][ T4558] loop3: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 47.738922][ T4558] EXT4-fs (loop3): unable to read superblock [ 47.803987][ T4595] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=4595 comm=syz.3.423 [ 47.845223][ T4603] mmap: syz.1.426 (4603) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 47.936963][ T4615] usb usb8: usbfs: process 4615 (syz.1.430) did not claim interface 0 before use [ 48.066382][ T4634] validate_nla: 8 callbacks suppressed [ 48.066400][ T4634] netlink: 'syz.4.435': attribute type 1 has an invalid length. [ 48.091632][ T4637] netlink: 'syz.4.436': attribute type 1 has an invalid length. [ 48.591192][ T4669] netlink: 'syz.0.445': attribute type 4 has an invalid length. [ 48.632540][ T4669] netlink: 'syz.0.445': attribute type 4 has an invalid length. [ 48.657667][ T4669] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 48.805499][ T4692] __nla_validate_parse: 12 callbacks suppressed [ 48.805517][ T4692] netlink: 108 bytes leftover after parsing attributes in process `syz.1.452'. [ 49.092703][ T4734] netlink: 'syz.4.469': attribute type 4 has an invalid length. [ 49.146533][ T4734] netlink: 'syz.4.469': attribute type 4 has an invalid length. [ 49.162436][ T4734] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 49.215653][ T4741] syzkaller1: entered promiscuous mode [ 49.221303][ T4741] syzkaller1: entered allmulticast mode [ 49.313517][ T4744] netlink: 'syz.0.472': attribute type 21 has an invalid length. [ 49.321406][ T4744] netlink: 100 bytes leftover after parsing attributes in process `syz.0.472'. [ 49.473109][ T4756] netlink: 40 bytes leftover after parsing attributes in process `syz.4.477'. [ 49.802146][ T4774] netlink: 4 bytes leftover after parsing attributes in process `syz.3.479'. [ 49.907101][ T4803] netlink: 'syz.2.485': attribute type 4 has an invalid length. [ 49.981355][ T4803] netlink: 'syz.2.485': attribute type 4 has an invalid length. [ 49.996361][ T4803] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 50.501229][ T4926] SELinux: Context system_u:object_r:ldconfig_cache_t:s0 is not valid (left unmapped). [ 50.565277][ T4923] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 50.573594][ T4923] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 50.663554][ T4937] netlink: 'syz.1.499': attribute type 4 has an invalid length. [ 50.799043][ T4937] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 50.827447][ T4958] vhci_hcd: invalid port number 202 [ 50.832702][ T4958] vhci_hcd: default hub control req: 400e v0000 i00ca l0 [ 50.847677][ T4958] gretap0: entered promiscuous mode [ 50.861840][ T4958] ip6gretap0: entered promiscuous mode [ 50.869194][ T4958] ip6gretap0: left promiscuous mode [ 51.036618][ T4963] tipc: Started in network mode [ 51.041562][ T4963] tipc: Node identity 6f66663a20313132, cluster identity 4711 [ 51.049157][ T4963] tipc: Enabling of bearer rejected, failed to enable media [ 51.506214][ T4991] bond1: entered promiscuous mode [ 51.511510][ T4991] 8021q: adding VLAN 0 to HW filter on device bond1 [ 51.707165][ T5001] netlink: 20 bytes leftover after parsing attributes in process `syz.3.521'. [ 51.855789][ T5016] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 52.057250][ T29] kauditd_printk_skb: 37 callbacks suppressed [ 52.057266][ T29] audit: type=1400 audit(1721165594.779:527): avc: denied { write } for pid=5030 comm="syz.2.533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 52.057289][ T5031] ieee802154 phy0 wpan0: encryption failed: -90 [ 52.099979][ T5034] netlink: 277 bytes leftover after parsing attributes in process `syz.3.534'. [ 52.101362][ T29] audit: type=1400 audit(1721165594.819:528): avc: denied { bind } for pid=5030 comm="syz.2.533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 52.204253][ T29] audit: type=1400 audit(1721165594.919:529): avc: denied { read } for pid=5050 comm="syz.2.540" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 52.226391][ T5043] netlink: 8 bytes leftover after parsing attributes in process `syz.3.536'. [ 52.227236][ T29] audit: type=1400 audit(1721165594.919:530): avc: denied { open } for pid=5050 comm="syz.2.540" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1 [ 52.394264][ T5066] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 52.405227][ T29] audit: type=1326 audit(1721165595.129:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5082 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eff189bd9 code=0x7ffc0000 [ 52.457565][ T29] audit: type=1326 audit(1721165595.159:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5082 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f5eff189bd9 code=0x7ffc0000 [ 52.480934][ T29] audit: type=1326 audit(1721165595.159:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5082 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eff189bd9 code=0x7ffc0000 [ 52.504297][ T29] audit: type=1326 audit(1721165595.159:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5082 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eff189bd9 code=0x7ffc0000 [ 52.527596][ T29] audit: type=1326 audit(1721165595.159:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5082 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5eff18b9f7 code=0x7ffc0000 [ 52.550751][ T29] audit: type=1326 audit(1721165595.159:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5082 comm="syz.2.549" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eff189bd9 code=0x7ffc0000 [ 52.640825][ T5099] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22 [ 52.649145][ T5099] netdevsim netdevsim0: Direct firmware load for . failed with error -22 [ 52.696474][ T5108] bridge: RTM_NEWNEIGH with invalid state 0x0 [ 52.748827][ T5112] loop0: detected capacity change from 0 to 2048 [ 52.778847][ T5112] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 52.804277][ T5112] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 52.830590][ T5112] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.558: bg 0: block 192: padding at end of block bitmap is not set [ 52.941813][ T5131] netlink: 14 bytes leftover after parsing attributes in process `syz.3.565'. [ 52.971556][ T5126] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 53.240650][ T5153] syzkaller1: entered promiscuous mode [ 53.246230][ T5153] syzkaller1: entered allmulticast mode [ 53.348517][ T5169] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=31310 sclass=netlink_route_socket pid=5169 comm=syz.1.577 [ 53.417198][ T5171] netlink: 4 bytes leftover after parsing attributes in process `syz.1.578'. [ 53.438590][ T5171] team1: Mode changed to "loadbalance" [ 53.464172][ T5177] validate_nla: 7 callbacks suppressed [ 53.469795][ T5177] netlink: 'syz.4.580': attribute type 4 has an invalid length. [ 53.483768][ T5177] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 53.524647][ T5194] FAULT_INJECTION: forcing a failure. [ 53.524647][ T5194] name failslab, interval 1, probability 0, space 0, times 0 [ 53.537432][ T5194] CPU: 1 PID: 5194 Comm: syz.2.587 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 53.547116][ T5194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 53.557200][ T5194] Call Trace: [ 53.560502][ T5194] [ 53.563449][ T5194] dump_stack_lvl+0xf2/0x150 [ 53.568068][ T5194] dump_stack+0x15/0x20 [ 53.572381][ T5194] should_fail_ex+0x229/0x230 [ 53.577094][ T5194] ? __alloc_skb+0x10b/0x300 [ 53.577567][ T5198] vhci_hcd: invalid port number 202 [ 53.581800][ T5194] __should_failslab+0x92/0xa0 [ 53.587268][ T5198] vhci_hcd: default hub control req: 400e v0000 i00ca l0 [ 53.591758][ T5194] should_failslab+0x9/0x20 [ 53.603313][ T5194] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 53.606239][ T5198] gretap0: entered promiscuous mode [ 53.609161][ T5194] __alloc_skb+0x10b/0x300 [ 53.618952][ T5194] netlink_alloc_large_skb+0xad/0xe0 [ 53.624258][ T5194] netlink_sendmsg+0x3b4/0x6e0 [ 53.629130][ T5194] ? __pfx_netlink_sendmsg+0x10/0x10 [ 53.634433][ T5194] __sock_sendmsg+0x140/0x180 [ 53.639140][ T5194] ____sys_sendmsg+0x312/0x410 [ 53.644011][ T5194] __sys_sendmsg+0x1e9/0x280 [ 53.648721][ T5194] __x64_sys_sendmsg+0x46/0x50 [ 53.653527][ T5194] x64_sys_call+0x2689/0x2d60 [ 53.658241][ T5194] do_syscall_64+0xc9/0x1c0 [ 53.662751][ T5194] ? clear_bhb_loop+0x55/0xb0 [ 53.667433][ T5194] ? clear_bhb_loop+0x55/0xb0 [ 53.672335][ T5194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 53.678271][ T5194] RIP: 0033:0x7f5eff189bd9 [ 53.682741][ T5194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 53.702377][ T5194] RSP: 002b:00007f5efe40b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 53.710941][ T5194] RAX: ffffffffffffffda RBX: 00007f5eff317f60 RCX: 00007f5eff189bd9 [ 53.718915][ T5194] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000009 [ 53.727046][ T5194] RBP: 00007f5efe40b0a0 R08: 0000000000000000 R09: 0000000000000000 [ 53.735025][ T5194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 53.743024][ T5194] R13: 000000000000000b R14: 00007f5eff317f60 R15: 00007ffd616ac158 [ 53.751003][ T5194] [ 53.757042][ T3677] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 53.795761][ T5203] netlink: 'syz.2.591': attribute type 1 has an invalid length. [ 53.808214][ T5203] TCP: tcp_parse_options: Illegal window scaling value 150 > 14 received [ 53.873882][ T5212] batadv0: entered promiscuous mode [ 53.893001][ T5212] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.981695][ T5233] netlink: 20 bytes leftover after parsing attributes in process `syz.2.603'. [ 54.067021][ T5249] loop1: detected capacity change from 0 to 128 [ 54.631233][ T5282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.619'. [ 54.779661][ T5284] netlink: 4 bytes leftover after parsing attributes in process `syz.4.620'. [ 54.791905][ T5284] bridge0: entered promiscuous mode [ 54.798844][ T5284] macvtap1: entered promiscuous mode [ 54.804659][ T5284] macvtap1: entered allmulticast mode [ 54.810094][ T5284] bridge0: entered allmulticast mode [ 54.820045][ T5284] netlink: 4 bytes leftover after parsing attributes in process `syz.4.620'. [ 54.832937][ T5284] bridge0: left allmulticast mode [ 54.838232][ T5284] bridge0: left promiscuous mode [ 54.844144][ T5284] macvtap1: left promiscuous mode [ 54.849303][ T5284] macvtap1: left allmulticast mode [ 54.922369][ T5296] loop1: detected capacity change from 0 to 128 [ 54.929610][ T5298] netlink: 12 bytes leftover after parsing attributes in process `syz.4.627'. [ 55.016951][ T5314] netlink: 20 bytes leftover after parsing attributes in process `syz.2.633'. [ 55.067844][ T5320] No such timeout policy "syz0" [ 55.277826][ T5339] netlink: 20 bytes leftover after parsing attributes in process `syz.3.644'. [ 55.314496][ T4898] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.366684][ T5357] netlink: 4 bytes leftover after parsing attributes in process `syz.3.650'. [ 55.390037][ T4898] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.454651][ T4898] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.513575][ T5352] chnl_net:caif_netlink_parms(): no params data found [ 55.542708][ T4898] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 55.575014][ T5352] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.582117][ T5352] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.590815][ T5352] bridge_slave_0: entered allmulticast mode [ 55.598122][ T5352] bridge_slave_0: entered promiscuous mode [ 55.606203][ T5352] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.613314][ T5352] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.621907][ T5352] bridge_slave_1: entered allmulticast mode [ 55.629550][ T5352] bridge_slave_1: entered promiscuous mode [ 55.656074][ T5352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 55.683384][ T5352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.718892][ T5352] team0: Port device team_slave_0 added [ 55.725047][ T4898] bridge_slave_1: left allmulticast mode [ 55.730776][ T4898] bridge_slave_1: left promiscuous mode [ 55.736568][ T4898] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.745180][ T4898] bridge_slave_0: left allmulticast mode [ 55.750834][ T4898] bridge_slave_0: left promiscuous mode [ 55.756607][ T4898] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.867350][ T4898] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 55.880319][ T4898] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 55.908703][ T4898] bond0 (unregistering): Released all slaves [ 55.925410][ T5352] team0: Port device team_slave_1 added [ 55.953079][ T5381] netlink: 20 bytes leftover after parsing attributes in process `syz.3.656'. [ 55.992222][ T5393] geneve2: entered promiscuous mode [ 55.997634][ T5393] geneve2: entered allmulticast mode [ 56.006289][ T5352] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 56.013262][ T5352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.039294][ T5352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 56.065487][ T5352] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 56.072481][ T5352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.098733][ T5352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 56.113340][ T4898] hsr_slave_0: left promiscuous mode [ 56.119047][ T4898] hsr_slave_1: left promiscuous mode [ 56.137885][ T4898] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 56.145389][ T4898] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 56.153005][ T4898] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 56.160590][ T4898] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 56.170996][ T4898] veth1_macvtap: left promiscuous mode [ 56.176584][ T4898] veth0_macvtap: left promiscuous mode [ 56.241678][ T4898] team0 (unregistering): Port device team_slave_1 removed [ 56.253043][ T4898] team0 (unregistering): Port device team_slave_0 removed [ 56.302649][ T5421] bridge0: entered promiscuous mode [ 56.309192][ T5421] vlan2: entered promiscuous mode [ 56.316036][ T5421] bridge0: left promiscuous mode [ 56.344245][ T5352] hsr_slave_0: entered promiscuous mode [ 56.350356][ T5352] hsr_slave_1: entered promiscuous mode [ 56.357718][ T5352] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 56.366241][ T5352] Cannot create hsr debugfs directory [ 56.493367][ T5451] netlink: 20 bytes leftover after parsing attributes in process `syz.4.676'. [ 56.524313][ T5455] pim6reg9: entered allmulticast mode [ 56.726841][ T5352] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 56.739809][ T5352] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 56.748869][ T5352] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 56.759344][ T5352] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 57.014454][ T5518] chnl_net:caif_netlink_parms(): no params data found [ 57.055885][ T5518] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.063029][ T5518] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.070346][ T5518] bridge_slave_0: entered allmulticast mode [ 57.076857][ T5518] bridge_slave_0: entered promiscuous mode [ 57.084120][ T5518] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.091296][ T5518] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.100453][ T5518] bridge_slave_1: entered allmulticast mode [ 57.107036][ T5518] bridge_slave_1: entered promiscuous mode [ 57.117872][ T4898] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.145162][ T5518] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.159778][ T4898] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.174688][ T5518] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.195548][ T5518] team0: Port device team_slave_0 added [ 57.202206][ T5518] team0: Port device team_slave_1 added [ 57.221030][ T5518] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.228132][ T5518] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.254118][ T5518] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.265423][ T5518] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.272436][ T5518] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.298549][ T5518] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.315196][ T4898] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.344695][ T5518] hsr_slave_0: entered promiscuous mode [ 57.350827][ T5518] hsr_slave_1: entered promiscuous mode [ 57.356914][ T5518] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.365351][ T5518] Cannot create hsr debugfs directory [ 57.402990][ T4898] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.489345][ T4898] bridge_slave_1: left allmulticast mode [ 57.495214][ T4898] bridge_slave_1: left promiscuous mode [ 57.500888][ T4898] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.508719][ T4898] bridge_slave_0: left allmulticast mode [ 57.514425][ T4898] bridge_slave_0: left promiscuous mode [ 57.520093][ T4898] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.562142][ T29] kauditd_printk_skb: 116 callbacks suppressed [ 57.562174][ T29] audit: type=1326 audit(1721165599.480:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5569 comm="syz.1.700" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9de869bd9 code=0x0 [ 57.577835][ T5572] Invalid ELF header len 56 [ 57.592780][ T29] audit: type=1400 audit(1721165599.500:654): avc: denied { module_load } for pid=5571 comm="syz.3.701" path=2F6D656D66643A21202864656C6574656429 dev="tmpfs" ino=1119 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=system permissive=1 [ 57.632036][ T29] audit: type=1400 audit(1721165599.550:655): avc: denied { read } for pid=5574 comm="syz.3.702" name="file0" dev="tmpfs" ino=914 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 57.632115][ T29] audit: type=1400 audit(1721165599.550:656): avc: denied { open } for pid=5574 comm="syz.3.702" path="/167/file0" dev="tmpfs" ino=914 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 57.657303][ T5575] block device autoloading is deprecated and will be removed. [ 57.659712][ T29] audit: type=1400 audit(1721165599.580:657): avc: denied { ioctl } for pid=5574 comm="syz.3.702" path="/167/file0" dev="tmpfs" ino=914 ioctlcmd=0x125e scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1 [ 57.719372][ T4898] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 57.731822][ T4898] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 57.742290][ T4898] bond0 (unregistering): Released all slaves [ 57.768741][ T5578] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.796390][ T5578] bridge_slave_0 (unregistering): left allmulticast mode [ 57.803476][ T5578] bridge_slave_0 (unregistering): left promiscuous mode [ 57.810531][ T5578] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.872909][ T4898] hsr_slave_0: left promiscuous mode [ 57.878811][ T4898] hsr_slave_1: left promiscuous mode [ 57.885989][ T4898] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 57.893467][ T4898] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 57.901160][ T4898] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 57.908621][ T4898] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 57.925442][ T29] audit: type=1326 audit(1721165599.850:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5581 comm="syz.4.705" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e44d9dbd9 code=0x0 [ 57.953655][ T4898] veth1_macvtap: left promiscuous mode [ 57.959219][ T4898] veth0_macvtap: left promiscuous mode [ 57.964966][ T4898] veth1_vlan: left promiscuous mode [ 57.970422][ T4898] veth0_vlan: left promiscuous mode [ 58.066703][ T4898] team0 (unregistering): Port device team_slave_1 removed [ 58.078235][ T4898] team0 (unregistering): Port device team_slave_0 removed [ 58.129393][ T5352] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.141653][ T5352] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.153240][ T3659] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.160347][ T3659] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.173182][ T3658] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.180377][ T3658] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.253429][ T5518] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.276545][ T5518] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.289313][ T5518] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.307508][ T5518] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.341387][ T5352] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.393599][ T5518] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.436372][ T5518] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.460448][ T3159] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.467698][ T3159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.484896][ T3163] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.492096][ T3163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.542287][ T5352] veth0_vlan: entered promiscuous mode [ 58.557835][ T5352] veth1_vlan: entered promiscuous mode [ 58.571862][ T29] audit: type=1400 audit(1721165600.490:659): avc: denied { write } for pid=5649 comm="syz.1.717" name="event0" dev="devtmpfs" ino=217 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 58.630703][ T5352] veth0_macvtap: entered promiscuous mode [ 58.640549][ T5518] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 58.650819][ T5352] veth1_macvtap: entered promiscuous mode [ 58.671667][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.682290][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.692296][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.702750][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.712627][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 58.723098][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.734702][ T5352] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 58.747193][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.757709][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.767605][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.778093][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.788035][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 58.798474][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 58.810789][ T5352] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 58.820601][ T5352] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.829473][ T5352] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.838882][ T5352] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.847733][ T5352] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 58.921852][ T5518] veth0_vlan: entered promiscuous mode [ 58.936060][ T5518] veth1_vlan: entered promiscuous mode [ 58.967550][ T5518] veth0_macvtap: entered promiscuous mode [ 58.977627][ T5518] veth1_macvtap: entered promiscuous mode [ 58.990651][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.001152][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.011133][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.021600][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.031450][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.041978][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.051874][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.062334][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.062338][ T29] audit: type=1326 audit(1721165600.980:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5690 comm="syz.2.728" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff03e5dbbd9 code=0x0 [ 59.080993][ T5518] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.113947][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.124667][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.135017][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.145762][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.155597][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.166302][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.176162][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.186641][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.199709][ T5518] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.212632][ T5518] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.221528][ T5518] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.230297][ T5518] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.239044][ T5518] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.299309][ T5711] netlink: 'syz.0.687': attribute type 8 has an invalid length. [ 59.337917][ T5719] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 59.358903][ T5722] __nla_validate_parse: 3 callbacks suppressed [ 59.358918][ T5722] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.735'. [ 59.379712][ T29] audit: type=1400 audit(1721165601.300:661): avc: denied { read } for pid=5723 comm="syz.2.740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 59.400463][ T5713] FAULT_INJECTION: forcing a failure. [ 59.400463][ T5713] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 59.413919][ T5713] CPU: 1 PID: 5713 Comm: syz.3.735 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 59.413997][ T5713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 59.414009][ T5713] Call Trace: [ 59.414015][ T5713] [ 59.414022][ T5713] dump_stack_lvl+0xf2/0x150 [ 59.414049][ T5713] dump_stack+0x15/0x20 [ 59.414074][ T5713] should_fail_ex+0x229/0x230 [ 59.414143][ T5713] __should_fail_alloc_page+0xfd/0x110 [ 59.414177][ T5713] __alloc_pages_noprof+0x109/0x360 [ 59.414216][ T5713] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 59.414293][ T5713] vma_alloc_folio_noprof+0x176/0x2d0 [ 59.414425][ T5713] do_wp_page+0x62b/0x22b0 [ 59.414444][ T5713] ? __rcu_read_unlock+0x4e/0x70 [ 59.414489][ T5713] ? __rcu_read_lock+0x36/0x50 [ 59.414528][ T5713] handle_mm_fault+0xc4c/0x2ac0 [ 59.414633][ T5713] exc_page_fault+0x296/0x650 [ 59.499302][ T5713] asm_exc_page_fault+0x26/0x30 [ 59.499343][ T5713] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 59.499378][ T5713] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 59.499397][ T5713] RSP: 0018:ffffc90001367a50 EFLAGS: 00050202 [ 59.499413][ T5713] RAX: ffff88812bee6d80 RBX: 0000000000000e50 RCX: 0000000000000e50 [ 59.499439][ T5713] RDX: 0000000000000000 RSI: ffff8881073bf000 RDI: 0000000020002640 [ 59.499534][ T5713] RBP: 0000000000000000 R08: 0000000080000000 R09: 0000000000000000 [ 59.499546][ T5713] R10: 00018881073bf000 R11: 00018881073bfe4f R12: 0000000000000e50 [ 59.499559][ T5713] R13: ffffc90001367dc8 R14: ffffc90001367de0 R15: ffff8881073bf000 [ 59.499576][ T5713] _copy_to_iter+0x2c5/0xaf0 [ 59.499610][ T5713] ? __virt_addr_valid+0x1ed/0x250 [ 59.499630][ T5713] ? __check_object_size+0x35b/0x510 [ 59.499660][ T5713] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 59.499681][ T5713] __skb_datagram_iter+0xce/0x5c0 [ 59.499718][ T5713] skb_copy_datagram_iter+0x41/0x130 [ 59.499775][ T5713] netlink_recvmsg+0x1a4/0x780 [ 59.499805][ T5713] ? __pfx_netlink_recvmsg+0x10/0x10 [ 59.499832][ T5713] sock_recvmsg+0x13f/0x170 [ 59.499858][ T5713] ____sys_recvmsg+0xf9/0x280 [ 59.499917][ T5713] __sys_recvmsg+0x1ea/0x280 [ 59.499943][ T5713] __x64_sys_recvmsg+0x46/0x50 [ 59.499962][ T5713] x64_sys_call+0xb84/0x2d60 [ 59.499989][ T5713] do_syscall_64+0xc9/0x1c0 [ 59.500011][ T5713] ? clear_bhb_loop+0x55/0xb0 [ 59.500030][ T5713] ? clear_bhb_loop+0x55/0xb0 [ 59.500081][ T5713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.500115][ T5713] RIP: 0033:0x7f5038c82bd9 [ 59.500175][ T5713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 59.500193][ T5713] RSP: 002b:00007f5037f04048 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 59.500211][ T5713] RAX: ffffffffffffffda RBX: 00007f5038e10f60 RCX: 00007f5038c82bd9 [ 59.500223][ T5713] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000003 [ 59.500280][ T5713] RBP: 00007f5037f040a0 R08: 0000000000000000 R09: 0000000000000000 [ 59.500292][ T5713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 59.500304][ T5713] R13: 000000000000000b R14: 00007f5038e10f60 R15: 00007ffe7d6dc098 [ 59.500321][ T5713] [ 59.532611][ T5713] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.735'. [ 59.534454][ T29] audit: type=1326 audit(1721165601.440:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5720 comm="syz.4.739" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e44d9dbd9 code=0x0 [ 59.557278][ T5734] FAULT_INJECTION: forcing a failure. [ 59.557278][ T5734] name failslab, interval 1, probability 0, space 0, times 0 [ 59.557417][ T5734] CPU: 1 PID: 5734 Comm: syz.1.743 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 59.557463][ T5734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 59.557478][ T5734] Call Trace: [ 59.557486][ T5734] [ 59.557493][ T5734] dump_stack_lvl+0xf2/0x150 [ 59.557520][ T5734] dump_stack+0x15/0x20 [ 59.557543][ T5734] should_fail_ex+0x229/0x230 [ 59.557603][ T5734] ? io_cqring_event_overflow+0x5a/0x300 [ 59.557637][ T5734] __should_failslab+0x92/0xa0 [ 59.557665][ T5734] should_failslab+0x9/0x20 [ 59.557707][ T5734] __kmalloc_noprof+0xa5/0x370 [ 59.557732][ T5734] io_cqring_event_overflow+0x5a/0x300 [ 59.557768][ T5734] io_req_cqe_overflow+0x89/0xb0 [ 59.557796][ T5734] __io_submit_flush_completions+0x34e/0xa00 [ 59.557894][ T5734] io_submit_sqes+0xe91/0x1080 [ 59.557934][ T5734] ? __rcu_read_unlock+0x4e/0x70 [ 59.557967][ T5734] ? xa_load+0xb9/0xe0 [ 59.557997][ T5734] __se_sys_io_uring_enter+0x1c6/0x15a0 [ 59.558093][ T5734] ? __fget_files+0x1da/0x210 [ 59.558130][ T5734] ? fput+0x13b/0x180 [ 59.558170][ T5734] ? ksys_write+0x178/0x1b0 [ 59.558209][ T5734] __x64_sys_io_uring_enter+0x78/0x90 [ 59.558262][ T5734] x64_sys_call+0x2567/0x2d60 [ 59.558297][ T5734] do_syscall_64+0xc9/0x1c0 [ 59.558398][ T5734] ? clear_bhb_loop+0x55/0xb0 [ 59.558422][ T5734] ? clear_bhb_loop+0x55/0xb0 [ 59.558447][ T5734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 59.558491][ T5734] RIP: 0033:0x7fc9de869bd9 [ 59.558508][ T5734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 59.558606][ T5734] RSP: 002b:00007fc9ddaeb048 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 59.558625][ T5734] RAX: ffffffffffffffda RBX: 00007fc9de9f7f60 RCX: 00007fc9de869bd9 [ 59.558640][ T5734] RDX: 0000000000000000 RSI: 0000000000005e40 RDI: 0000000000000007 [ 59.558667][ T5734] RBP: 00007fc9ddaeb0a0 R08: 0000000000000000 R09: 0000000000000000 [ 59.558683][ T5734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 59.558697][ T5734] R13: 000000000000000b R14: 00007fc9de9f7f60 R15: 00007ffecd8680a8 [ 59.558718][ T5734] [ 59.799500][ T5764] SELinux: Context k8mST_)d+'Qd#iEg uzLژK. [ 59.799500][ T5764] H@anQTL܎09tlC Q:H7]fZj()Lm኷jK C{hӴTF C^,5EC)|s=2@3^efv:l)tѹK*!MzG_NPgzc])yA4=JM.~q߮ is not valid (left unmapped). [ 59.799583][ T5764] SELinux: Context ơY]+|0fj@:d߻!?|>F0=[W{'by/xReZ} k,J=*Ɯqm{96x2NYǝcqqyXͅui is not valid (left unmapped). [ 59.799683][ T5764] SELinux: Context ;6T}jV:ң\]݅xswT<{&sJv/hGRYqˬ~RώYe@bs is not valid (left unmapped). [ 59.811584][ T5767] netlink: 56 bytes leftover after parsing attributes in process `syz.3.756'. [ 60.002217][ T5782] netlink: 8 bytes leftover after parsing attributes in process `syz.3.762'. [ 60.345207][ T5801] netlink: 'syz.2.769': attribute type 1 has an invalid length. [ 60.352917][ T5801] netlink: 4 bytes leftover after parsing attributes in process `syz.2.769'. [ 60.457198][ T5816] netlink: 12 bytes leftover after parsing attributes in process `syz.3.776'. [ 60.593299][ T5837] netlink: 32 bytes leftover after parsing attributes in process `syz.1.782'. [ 60.616065][ T5843] netlink: 20 bytes leftover after parsing attributes in process `syz.1.783'. [ 60.709170][ T5866] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 60.791324][ T5882] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 60.821553][ T5889] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 61.259342][ T5915] netlink: 20 bytes leftover after parsing attributes in process `syz.2.805'. [ 61.282961][ T5917] netlink: 40 bytes leftover after parsing attributes in process `syz.2.806'. [ 61.660686][ T5934] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 62.371864][ T5950] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 62.380009][ T5950] batadv_slave_0: entered promiscuous mode [ 62.450534][ T5954] bond1: entered promiscuous mode [ 62.455693][ T5954] bond1: entered allmulticast mode [ 62.461056][ T5954] 8021q: adding VLAN 0 to HW filter on device bond1 [ 62.474415][ T5954] macvlan2: entered promiscuous mode [ 62.479863][ T5954] macvlan2: entered allmulticast mode [ 62.569115][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 62.569130][ T29] audit: type=1326 audit(1721165604.490:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5959 comm="syz.2.822" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff03e5dbbd9 code=0x0 [ 62.742382][ T5963] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 62.846790][ T29] audit: type=1326 audit(1721165604.770:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5967 comm="syz.4.825" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6e44d9dbd9 code=0x0 [ 63.012094][ T29] audit: type=1326 audit(1721165604.930:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5978 comm="syz.1.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9de869bd9 code=0x7ffc0000 [ 63.037776][ T29] audit: type=1326 audit(1721165604.930:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5978 comm="syz.1.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9de869bd9 code=0x7ffc0000 [ 63.061591][ T29] audit: type=1326 audit(1721165604.930:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5978 comm="syz.1.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=276 compat=0 ip=0x7fc9de869bd9 code=0x7ffc0000 [ 63.085126][ T29] audit: type=1326 audit(1721165604.930:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5978 comm="syz.1.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9de869bd9 code=0x7ffc0000 [ 63.108457][ T29] audit: type=1326 audit(1721165604.930:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5978 comm="syz.1.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc9de869bd9 code=0x7ffc0000 [ 63.436246][ T6006] FAULT_INJECTION: forcing a failure. [ 63.436246][ T6006] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 63.449539][ T6006] CPU: 0 PID: 6006 Comm: syz.2.839 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 63.459271][ T6006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 63.469448][ T6006] Call Trace: [ 63.469460][ T6006] [ 63.469468][ T6006] dump_stack_lvl+0xf2/0x150 [ 63.480273][ T6006] dump_stack+0x15/0x20 [ 63.484440][ T6006] should_fail_ex+0x229/0x230 [ 63.489136][ T6006] __should_fail_alloc_page+0xfd/0x110 [ 63.494612][ T6006] __alloc_pages_noprof+0x109/0x360 [ 63.499836][ T6006] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 63.505231][ T6006] shmem_get_folio_gfp+0x3e4/0xb70 [ 63.510429][ T6006] shmem_write_begin+0xa0/0x1c0 [ 63.515410][ T6006] generic_perform_write+0x1d5/0x410 [ 63.520792][ T6006] ? __pfx_shmem_write_end+0x10/0x10 [ 63.526085][ T6006] shmem_file_write_iter+0xc8/0xf0 [ 63.531232][ T6006] vfs_write+0x78f/0x900 [ 63.535510][ T6006] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 63.541361][ T6006] ksys_write+0xeb/0x1b0 [ 63.545676][ T6006] __x64_sys_write+0x42/0x50 [ 63.550330][ T6006] x64_sys_call+0x27dd/0x2d60 [ 63.555104][ T6006] do_syscall_64+0xc9/0x1c0 [ 63.559615][ T6006] ? clear_bhb_loop+0x55/0xb0 [ 63.564317][ T6006] ? clear_bhb_loop+0x55/0xb0 [ 63.568998][ T6006] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 63.574986][ T6006] RIP: 0033:0x7ff03e5da75f [ 63.579413][ T6006] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48 [ 63.599097][ T6006] RSP: 002b:00007ff03d85ce00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 63.607513][ T6006] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007ff03e5da75f [ 63.615485][ T6006] RDX: 0000000000040000 RSI: 00007ff03543d000 RDI: 0000000000000004 [ 63.623458][ T6006] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000000004a4 [ 63.631515][ T6006] R10: 00000000000003ba R11: 0000000000000293 R12: 0000000000000004 [ 63.639488][ T6006] R13: 00007ff03d85cf00 R14: 00007ff03d85cec0 R15: 00007ff03543d000 [ 63.647551][ T6006] [ 63.729051][ T6024] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 63.808092][ T6034] FAULT_INJECTION: forcing a failure. [ 63.808092][ T6034] name failslab, interval 1, probability 0, space 0, times 0 [ 63.820835][ T6034] CPU: 1 PID: 6034 Comm: syz.2.851 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 63.830518][ T6034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 63.840617][ T6034] Call Trace: [ 63.843962][ T6034] [ 63.846900][ T6034] dump_stack_lvl+0xf2/0x150 [ 63.851491][ T6034] dump_stack+0x15/0x20 [ 63.855643][ T6034] should_fail_ex+0x229/0x230 [ 63.860448][ T6034] ? register_netdevice+0x185/0xdd0 [ 63.865651][ T6034] __should_failslab+0x92/0xa0 [ 63.870481][ T6034] should_failslab+0x9/0x20 [ 63.875010][ T6034] kmalloc_trace_noprof+0x4b/0x2a0 [ 63.880170][ T6034] ? __kmalloc_node_noprof+0x21e/0x380 [ 63.885637][ T6034] register_netdevice+0x185/0xdd0 [ 63.890665][ T6034] ? dev_addr_mod+0x1df/0x200 [ 63.895407][ T6034] ipvlan_link_new+0x277/0x5a0 [ 63.900206][ T6034] ? __pfx_ipvlan_link_new+0x10/0x10 [ 63.905508][ T6034] rtnl_newlink+0xefd/0x1690 [ 63.910113][ T6034] ? security_capable+0x64/0x80 [ 63.915006][ T6034] ? ns_capable+0x7d/0xb0 [ 63.919388][ T6034] ? __pfx_rtnl_newlink+0x10/0x10 [ 63.924466][ T6034] rtnetlink_rcv_msg+0x85e/0x910 [ 63.929442][ T6034] ? memcg_list_lru_alloc+0xd2/0x740 [ 63.934836][ T6034] ? __rcu_read_unlock+0x34/0x70 [ 63.939839][ T6034] ? bpf_trace_run3+0x12b/0x1d0 [ 63.944688][ T6034] ? mod_objcg_state+0x2e2/0x4e0 [ 63.949694][ T6034] ? __memcg_slab_free_hook+0xc9/0x1e0 [ 63.955158][ T6034] ? xas_load+0x3ae/0x3d0 [ 63.959565][ T6034] ? kmem_cache_free+0xd8/0x280 [ 63.964510][ T6034] ? nlmon_xmit+0x51/0x60 [ 63.968862][ T6034] ? __kfree_skb+0x102/0x150 [ 63.973490][ T6034] ? consume_skb+0x57/0x180 [ 63.978163][ T6034] ? nlmon_xmit+0x51/0x60 [ 63.982492][ T6034] ? dev_hard_start_xmit+0x3c1/0x3f0 [ 63.987799][ T6034] ? __dev_queue_xmit+0xb21/0x1e50 [ 63.993039][ T6034] ? netlink_rcv_skb+0xcc/0x230 [ 63.997942][ T6034] netlink_rcv_skb+0x12c/0x230 [ 64.002730][ T6034] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 64.008247][ T6034] rtnetlink_rcv+0x1c/0x30 [ 64.012670][ T6034] netlink_unicast+0x58d/0x660 [ 64.017516][ T6034] netlink_sendmsg+0x5ca/0x6e0 [ 64.022337][ T6034] ? __pfx_netlink_sendmsg+0x10/0x10 [ 64.027676][ T6034] __sock_sendmsg+0x140/0x180 [ 64.032402][ T6034] ____sys_sendmsg+0x312/0x410 [ 64.037230][ T6034] __sys_sendmsg+0x1e9/0x280 [ 64.041909][ T6034] __x64_sys_sendmsg+0x46/0x50 [ 64.046671][ T6034] x64_sys_call+0x2689/0x2d60 [ 64.051438][ T6034] do_syscall_64+0xc9/0x1c0 [ 64.056018][ T6034] ? clear_bhb_loop+0x55/0xb0 [ 64.060690][ T6034] ? clear_bhb_loop+0x55/0xb0 [ 64.065413][ T6034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 64.071316][ T6034] RIP: 0033:0x7ff03e5dbbd9 [ 64.075722][ T6034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 64.095379][ T6034] RSP: 002b:00007ff03d85d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 64.103863][ T6034] RAX: ffffffffffffffda RBX: 00007ff03e769f60 RCX: 00007ff03e5dbbd9 [ 64.111831][ T6034] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 64.119940][ T6034] RBP: 00007ff03d85d0a0 R08: 0000000000000000 R09: 0000000000000000 [ 64.127931][ T6034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 64.135957][ T6034] R13: 000000000000000b R14: 00007ff03e769f60 R15: 00007ffc08dc2fa8 [ 64.143939][ T6034] [ 64.154893][ T29] audit: type=1326 audit(1721165606.080:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6029 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e44d9dbd9 code=0x7fc00000 [ 64.178747][ T29] audit: type=1326 audit(1721165606.110:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6029 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6e44d9dbd9 code=0x7fc00000 [ 64.204148][ T29] audit: type=1326 audit(1721165606.110:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6029 comm="syz.4.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e44d9dbd9 code=0x7fc00000 [ 64.387581][ T6070] vhci_hcd: default hub control req: 0000 v0000 i0000 l2 [ 66.257271][ T6140] netlink: 'syz.0.885': attribute type 21 has an invalid length. [ 66.265252][ T6140] __nla_validate_parse: 7 callbacks suppressed [ 66.265264][ T6140] netlink: 128 bytes leftover after parsing attributes in process `syz.0.885'. [ 66.283990][ T6140] netlink: 'syz.0.885': attribute type 5 has an invalid length. [ 66.291859][ T6140] netlink: 'syz.0.885': attribute type 6 has an invalid length. [ 66.299574][ T6140] netlink: 3 bytes leftover after parsing attributes in process `syz.0.885'. [ 66.418969][ T6156] netlink: 4 bytes leftover after parsing attributes in process `syz.4.892'. [ 66.427828][ T6156] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 66.435329][ T6156] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 66.448335][ T6156] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 66.455949][ T6156] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 66.524478][ T6168] netlink: set zone limit has 8 unknown bytes [ 66.585155][ T2782] udevd[2782]: worker [3715] terminated by signal 33 (Unknown signal 33) [ 66.594405][ T6183] netlink: 'syz.0.899': attribute type 24 has an invalid length. [ 66.602150][ T6183] netlink: 8 bytes leftover after parsing attributes in process `syz.0.899'. [ 66.611919][ T2782] udevd[2782]: worker [3715] failed while handling '/devices/virtual/block/loop0' [ 66.715400][ T6196] Invalid ELF header magic: != ELF [ 67.556103][ T6219] loop0: detected capacity change from 0 to 512 [ 67.566501][ T6219] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.579395][ T6219] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 67.593097][ T29] kauditd_printk_skb: 248 callbacks suppressed [ 67.593112][ T29] audit: type=1400 audit(1721165609.510:942): avc: denied { write open } for pid=6218 comm="syz.0.912" path="/31/file0/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 67.622271][ T29] audit: type=1400 audit(1721165609.510:943): avc: denied { read } for pid=6218 comm="syz.0.912" name="bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 67.654010][ T29] audit: type=1400 audit(1721165609.520:944): avc: denied { mounton } for pid=6218 comm="syz.0.912" path="/31/file0/file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 67.677132][ T29] audit: type=1400 audit(1721165609.530:945): avc: denied { create } for pid=6227 comm="syz.4.915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1 [ 67.697818][ T5518] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.775474][ T6248] af_packet: tpacket_rcv: packet too big, clamped from 64989 to 3952. macoff=96 [ 67.788023][ T6250] vhci_hcd: invalid port number 202 [ 67.792413][ T29] audit: type=1326 audit(1721165609.710:946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6243 comm="syz.0.918" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5bdcb41bd9 code=0x0 [ 67.793235][ T6250] vhci_hcd: default hub control req: 400e v0000 i00ca l0 [ 67.892882][ T6265] tap0: tun_chr_ioctl cmd 1074025676 [ 67.898542][ T6265] tap0: owner set to 0 [ 67.941089][ T6239] chnl_net:caif_netlink_parms(): no params data found [ 67.975371][ T29] audit: type=1326 audit(1721165609.900:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.4.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e44d9dbd9 code=0x7ffc0000 [ 67.998987][ T29] audit: type=1326 audit(1721165609.900:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.4.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e44d9dbd9 code=0x7ffc0000 [ 68.022338][ T29] audit: type=1326 audit(1721165609.900:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.4.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6e44d9dbd9 code=0x7ffc0000 [ 68.045537][ T29] audit: type=1326 audit(1721165609.900:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.4.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e44d9dbd9 code=0x7ffc0000 [ 68.068918][ T29] audit: type=1326 audit(1721165609.900:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6272 comm="syz.4.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e44d9dbd9 code=0x7ffc0000 [ 68.107185][ T37] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.118764][ T6239] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.125973][ T6239] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.133825][ T6239] bridge_slave_0: entered allmulticast mode [ 68.140220][ T6239] bridge_slave_0: entered promiscuous mode [ 68.151645][ T6239] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.158832][ T6239] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.169953][ T6239] bridge_slave_1: entered allmulticast mode [ 68.176798][ T6239] bridge_slave_1: entered promiscuous mode [ 68.186206][ T37] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.210515][ T6239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.221281][ T6239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.242956][ T37] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.261106][ T6239] team0: Port device team_slave_0 added [ 68.263959][ T6300] vhci_hcd: invalid port number 202 [ 68.268134][ T6239] team0: Port device team_slave_1 added [ 68.272004][ T6300] vhci_hcd: default hub control req: 400e v0000 i00ca l0 [ 68.292899][ T6239] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 68.299960][ T6239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.325977][ T6239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 68.337527][ T6239] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 68.344622][ T6239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 68.370706][ T6239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 68.382144][ T6302] netlink: 20 bytes leftover after parsing attributes in process `syz.2.938'. [ 68.395010][ T37] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 68.428312][ T6239] hsr_slave_0: entered promiscuous mode [ 68.434498][ T6239] hsr_slave_1: entered promiscuous mode [ 68.484367][ T37] bridge_slave_1: left allmulticast mode [ 68.490216][ T37] bridge_slave_1: left promiscuous mode [ 68.495961][ T37] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.503958][ T37] bridge_slave_0: left allmulticast mode [ 68.509647][ T37] bridge_slave_0: left promiscuous mode [ 68.515353][ T37] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.636857][ T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 68.647555][ T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 68.658250][ T37] bond0 (unregistering): Released all slaves [ 68.667575][ T37] bond1 (unregistering): Released all slaves [ 68.694424][ T6317] sctp: [Deprecated]: syz.2.942 (pid 6317) Use of int in max_burst socket option. [ 68.694424][ T6317] Use struct sctp_assoc_value instead [ 68.823429][ T6345] bridge0: entered allmulticast mode [ 68.836922][ T37] hsr_slave_0: left promiscuous mode [ 68.842654][ T37] hsr_slave_1: left promiscuous mode [ 68.848927][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.856436][ T37] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.864064][ T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.871499][ T37] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 68.880335][ T37] veth1_macvtap: left promiscuous mode [ 68.885841][ T37] veth0_macvtap: left promiscuous mode [ 68.891342][ T37] veth1_vlan: left promiscuous mode [ 68.896857][ T37] veth0_vlan: left promiscuous mode [ 68.982040][ T37] team0 (unregistering): Port device team_slave_1 removed [ 68.992437][ T37] team0 (unregistering): Port device team_slave_0 removed [ 69.030480][ T6345] bridge0: left allmulticast mode [ 69.150048][ T6366] bond0: entered promiscuous mode [ 69.155155][ T6366] bond_slave_0: entered promiscuous mode [ 69.160939][ T6366] bond_slave_1: entered promiscuous mode [ 69.215331][ T6239] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 69.227807][ T6239] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 69.234785][ T6377] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=6377 comm=syz.2.953 [ 69.255256][ T6239] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 69.267833][ T6239] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 69.302074][ T6383] netlink: 'syz.2.956': attribute type 5 has an invalid length. [ 69.348343][ T6239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.381002][ T6239] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.401384][ T3152] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.408519][ T3152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.453918][ T3658] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.461130][ T3658] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.540252][ T6239] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 69.582149][ T6419] netlink: 36 bytes leftover after parsing attributes in process `syz.0.962'. [ 69.595976][ T6419] loop0: detected capacity change from 0 to 256 [ 69.695997][ T6439] netlink: 16 bytes leftover after parsing attributes in process `syz.2.965'. [ 69.706326][ T6239] veth0_vlan: entered promiscuous mode [ 69.726572][ T6239] veth1_vlan: entered promiscuous mode [ 69.745833][ T6239] veth0_macvtap: entered promiscuous mode [ 69.753993][ T6239] veth1_macvtap: entered promiscuous mode [ 69.765890][ T6444] team0: Device ipvlan2 failed to register rx_handler [ 69.788917][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.799518][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.809402][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.819910][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.830840][ T6239] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.841193][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.851761][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.861691][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.872132][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.881994][ T6239] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.892518][ T6239] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.903822][ T6239] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.913516][ T6239] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.922515][ T6239] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.931288][ T6239] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.940093][ T6239] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.996734][ T6455] netlink: 8 bytes leftover after parsing attributes in process `syz.1.917'. [ 70.042561][ T6463] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551359) [ 70.053090][ T6463] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 70.177399][ T6482] netlink: 20 bytes leftover after parsing attributes in process `syz.1.970'. [ 70.556802][ T6479] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=6479 comm=syz.0.975 [ 70.572321][ T6477] loop0: detected capacity change from 0 to 128 [ 70.580598][ T6477] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 70.581320][ T6528] netlink: 28 bytes leftover after parsing attributes in process `syz.2.985'. [ 70.593583][ T6477] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 70.664504][ T6527] FAULT_INJECTION: forcing a failure. [ 70.664504][ T6527] name failslab, interval 1, probability 0, space 0, times 0 [ 70.677277][ T6527] CPU: 1 PID: 6527 Comm: syz.4.991 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 70.686906][ T6527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 70.697017][ T6527] Call Trace: [ 70.700289][ T6527] [ 70.703212][ T6527] dump_stack_lvl+0xf2/0x150 [ 70.707847][ T6527] dump_stack+0x15/0x20 [ 70.712005][ T6527] should_fail_ex+0x229/0x230 [ 70.716742][ T6527] ? security_inode_alloc+0x32/0xd0 [ 70.721970][ T6527] __should_failslab+0x92/0xa0 [ 70.726878][ T6527] should_failslab+0x9/0x20 [ 70.731392][ T6527] kmem_cache_alloc_noprof+0x4c/0x290 [ 70.736861][ T6527] security_inode_alloc+0x32/0xd0 [ 70.741883][ T6527] inode_init_always+0x439/0x480 [ 70.746826][ T6527] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 70.752661][ T6527] alloc_inode+0x7d/0x160 [ 70.757007][ T6527] new_inode+0x1e/0x100 [ 70.761304][ T6527] hugetlbfs_get_inode+0x82/0x2b0 [ 70.766334][ T6527] hugetlb_file_setup+0x188/0x3c0 [ 70.771416][ T6527] ksys_mmap_pgoff+0x172/0x340 [ 70.776198][ T6527] x64_sys_call+0x1884/0x2d60 [ 70.780926][ T6527] do_syscall_64+0xc9/0x1c0 [ 70.785455][ T6527] ? clear_bhb_loop+0x55/0xb0 [ 70.790248][ T6527] ? clear_bhb_loop+0x55/0xb0 [ 70.794932][ T6527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.800917][ T6527] RIP: 0033:0x7f6e44d9dbd9 [ 70.805325][ T6527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.824948][ T6527] RSP: 002b:00007f6e4401f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 70.833393][ T6527] RAX: ffffffffffffffda RBX: 00007f6e44f2bf60 RCX: 00007f6e44d9dbd9 [ 70.841376][ T6527] RDX: 0000000000000000 RSI: 0000000000ff5000 RDI: 0000000020000000 [ 70.849367][ T6527] RBP: 00007f6e4401f0a0 R08: ffffffffffffffff R09: 0000000000000000 [ 70.857406][ T6527] R10: 000200000005c831 R11: 0000000000000246 R12: 0000000000000001 [ 70.865373][ T6527] R13: 000000000000000b R14: 00007f6e44f2bf60 R15: 00007fff3c3eceb8 [ 70.873344][ T6527] [ 70.916529][ T6533] vlan2: entered promiscuous mode [ 70.921651][ T6533] team0: entered promiscuous mode [ 70.926712][ T6533] team_slave_0: entered promiscuous mode [ 70.932420][ T6533] team_slave_1: entered promiscuous mode [ 70.938264][ T6533] vlan2: entered allmulticast mode [ 70.943474][ T6533] team0: entered allmulticast mode [ 70.948937][ T6533] team_slave_0: entered allmulticast mode [ 70.954702][ T6533] team_slave_1: entered allmulticast mode [ 71.003990][ T6547] program syz.0.994 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 71.016048][ T6541] program syz.0.994 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 71.034958][ T6539] loop0: detected capacity change from 0 to 512 [ 71.070169][ T6559] xt_CT: You must specify a L4 protocol and not use inversions on it [ 71.146105][ T6572] loop0: detected capacity change from 0 to 128 [ 71.156700][ T6572] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 71.230219][ T37] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 71.447349][ T6620] program syz.2.1023 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 71.487889][ T6596] xt_ecn: cannot match TCP bits for non-tcp packets [ 71.568020][ T6634] FAULT_INJECTION: forcing a failure. [ 71.568020][ T6634] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 71.581172][ T6634] CPU: 1 PID: 6634 Comm: syz.4.1026 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 71.591010][ T6634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 71.601125][ T6634] Call Trace: [ 71.604409][ T6634] [ 71.607336][ T6634] dump_stack_lvl+0xf2/0x150 [ 71.611942][ T6634] dump_stack+0x15/0x20 [ 71.616147][ T6634] should_fail_ex+0x229/0x230 [ 71.620900][ T6634] should_fail+0xb/0x10 [ 71.625062][ T6634] should_fail_usercopy+0x1a/0x20 [ 71.630138][ T6634] _copy_from_user+0x1e/0xd0 [ 71.634767][ T6634] copy_from_bpfptr+0x5e/0x90 [ 71.639489][ T6634] bpf_prog_load+0x712/0x1060 [ 71.644176][ T6634] __sys_bpf+0x463/0x7a0 [ 71.648467][ T6634] __x64_sys_bpf+0x43/0x50 [ 71.652901][ T6634] x64_sys_call+0x2625/0x2d60 [ 71.657634][ T6634] do_syscall_64+0xc9/0x1c0 [ 71.662189][ T6634] ? clear_bhb_loop+0x55/0xb0 [ 71.666880][ T6634] ? clear_bhb_loop+0x55/0xb0 [ 71.671554][ T6634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.677476][ T6634] RIP: 0033:0x7f6e44d9dbd9 [ 71.681922][ T6634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.701588][ T6634] RSP: 002b:00007f6e4401f048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 71.710044][ T6634] RAX: ffffffffffffffda RBX: 00007f6e44f2bf60 RCX: 00007f6e44d9dbd9 [ 71.718021][ T6634] RDX: 0000000000000080 RSI: 0000000020001800 RDI: 0000000000000005 [ 71.726073][ T6634] RBP: 00007f6e4401f0a0 R08: 0000000000000000 R09: 0000000000000000 [ 71.734040][ T6634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 71.742004][ T6634] R13: 000000000000000b R14: 00007f6e44f2bf60 R15: 00007fff3c3eceb8 [ 71.749974][ T6634] [ 71.798426][ T3092] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.843088][ T6610] chnl_net:caif_netlink_parms(): no params data found [ 71.869699][ T3092] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 71.898962][ T6610] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.906115][ T6610] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.915550][ T6610] bridge_slave_0: entered allmulticast mode [ 71.925591][ T6610] bridge_slave_0: entered promiscuous mode [ 71.933326][ T6610] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.941128][ T6610] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.949674][ T6610] bridge_slave_1: entered allmulticast mode [ 71.956581][ T6610] bridge_slave_1: entered promiscuous mode [ 71.970778][ T3092] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.009957][ T6610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 72.021186][ T6610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 72.040723][ T3092] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 72.061543][ T6610] team0: Port device team_slave_0 added [ 72.072379][ T6610] team0: Port device team_slave_1 added [ 72.098186][ T6610] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 72.105395][ T6610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.131494][ T6610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 72.151823][ T6610] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 72.158879][ T6610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 72.184843][ T6610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 72.249921][ T6610] hsr_slave_0: entered promiscuous mode [ 72.257357][ T6610] hsr_slave_1: entered promiscuous mode [ 72.271260][ T6610] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 72.279243][ T6610] Cannot create hsr debugfs directory [ 72.287610][ T6688] netlink: 'syz.1.1045': attribute type 17 has an invalid length. [ 72.295491][ T6688] netlink: 'syz.1.1045': attribute type 27 has an invalid length. [ 72.304168][ T3092] bridge_slave_1: left allmulticast mode [ 72.309870][ T3092] bridge_slave_1: left promiscuous mode [ 72.315737][ T3092] bridge0: port 2(bridge_slave_1) entered disabled state [ 72.380789][ T6708] vhci_hcd: default hub control req: 0000 v0003 i0000 l0 [ 72.487010][ T3092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 72.498739][ T3092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 72.512827][ T3092] bond0 (unregistering): Released all slaves [ 72.617986][ T3092] hsr_slave_0: left promiscuous mode [ 72.630373][ T6744] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 72.641755][ T3092] hsr_slave_1: left promiscuous mode [ 72.656914][ T3092] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 72.664470][ T3092] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 72.692006][ T6747] loop0: detected capacity change from 0 to 512 [ 72.706637][ T3092] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 72.714067][ T3092] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 72.757969][ T3092] veth1_macvtap: left promiscuous mode [ 72.760950][ T29] kauditd_printk_skb: 148 callbacks suppressed [ 72.760966][ T29] audit: type=1400 audit(1721165614.680:1100): avc: denied { mount } for pid=6766 comm="syz.0.1064" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 72.763534][ T3092] veth0_macvtap: left promiscuous mode [ 72.773750][ T6767] debugfs: Invalid uid '0x00000000ffffffff' [ 72.792015][ T3092] veth1_vlan: left promiscuous mode [ 72.797480][ T29] audit: type=1400 audit(1721165614.700:1101): avc: denied { remount } for pid=6766 comm="syz.0.1064" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 72.803311][ T3092] veth0_vlan: left promiscuous mode [ 72.835883][ T6767] loop0: detected capacity change from 0 to 164 [ 72.872969][ T29] audit: type=1326 audit(1721165614.790:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6762 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff03e5dbbd9 code=0x7fc00000 [ 72.931057][ T29] audit: type=1400 audit(1721165614.820:1103): avc: denied { unmount } for pid=5518 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 72.951280][ T29] audit: type=1400 audit(1721165614.840:1104): avc: denied { ioctl } for pid=6762 comm="syz.2.1063" path="socket:[17005]" dev="sockfs" ino=17005 ioctlcmd=0xf501 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 73.002466][ T6781] loop0: detected capacity change from 0 to 512 [ 73.019073][ T6781] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 73.030700][ T6781] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal [ 73.086795][ T3092] team0 (unregistering): Port device team_slave_1 removed [ 73.098196][ T3092] team0 (unregistering): Port device team_slave_0 removed [ 73.195909][ T6799] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 73.478088][ T6836] vhci_hcd: invalid port number 202 [ 73.483342][ T6836] vhci_hcd: default hub control req: 400e v0000 i00ca l0 [ 73.499029][ T6836] gretap0: entered promiscuous mode [ 73.516782][ T6836] ip6gretap0: entered promiscuous mode [ 73.531027][ T6610] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 73.539746][ T6610] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 73.549745][ T6610] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 73.559694][ T6610] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 73.604009][ T29] audit: type=1400 audit(1721165615.520:1105): avc: denied { ioctl } for pid=6844 comm="syz.4.1077" path="socket:[17725]" dev="sockfs" ino=17725 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 73.670984][ T29] audit: type=1326 audit(1721165615.560:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6762 comm="syz.2.1063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff03e5dbbd9 code=0x7fc00000 [ 73.672687][ T6610] 8021q: adding VLAN 0 to HW filter on device bond0 [ 73.761028][ T6868] loop0: detected capacity change from 0 to 2048 [ 73.770508][ T6610] 8021q: adding VLAN 0 to HW filter on device team0 [ 73.782357][ T3154] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.789531][ T3154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.806797][ T6874] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 73.818616][ T6868] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.852562][ T6610] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 73.863347][ T6610] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 73.887046][ T29] audit: type=1400 audit(1721165615.800:1107): avc: denied { mount } for pid=6879 comm="syz.1.1083" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1 [ 73.918873][ T3154] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.925983][ T3154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.934304][ T5518] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.953770][ T29] audit: type=1400 audit(1721165615.870:1108): avc: denied { audit_control } for pid=6890 comm="syz.1.1086" capability=30 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 74.048854][ T6907] vhci_hcd: invalid port number 202 [ 74.054334][ T6907] vhci_hcd: default hub control req: 400e v0000 i00ca l0 [ 74.061446][ T29] audit: type=1326 audit(1721165615.920:1109): auid=0 uid=0 gid=0 ses=2 subj=root:sysadm_r:sysadm_t pid=6890 comm="syz.1.1086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94f46d6bd9 code=0x7fc00000 [ 74.156302][ T6610] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.285386][ T6948] xt_TCPMSS: Only works on TCP SYN packets [ 74.372540][ T6610] veth0_vlan: entered promiscuous mode [ 74.415788][ T6610] veth1_vlan: entered promiscuous mode [ 74.433317][ T6983] team_slave_0: entered promiscuous mode [ 74.439151][ T6983] team_slave_0: entered allmulticast mode [ 74.476463][ T6610] veth0_macvtap: entered promiscuous mode [ 74.510029][ T6610] veth1_macvtap: entered promiscuous mode [ 74.534426][ T6988] IPVS: Error connecting to the multicast addr [ 74.547581][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.558208][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.568166][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.578637][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.596062][ T6610] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.645479][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.656325][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.666383][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.676854][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.686746][ T6610] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.697227][ T6610] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.718429][ T6610] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.727655][ T6610] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.736623][ T6610] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.745500][ T6610] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.754282][ T6610] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.804714][ T7026] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1117'. [ 74.958330][ T7057] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1126'. [ 74.967466][ T7057] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1126'. [ 75.027177][ T7067] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1131'. [ 75.042221][ T7069] loop0: detected capacity change from 0 to 1024 [ 75.087173][ T7069] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 75.131945][ T7069] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.193497][ T5518] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.210332][ T7085] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1135'. [ 75.219676][ T7085] netlink: 'syz.1.1135': attribute type 25 has an invalid length. [ 75.252454][ T7085] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 75.261237][ T7085] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 75.270082][ T7085] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 75.278926][ T7085] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 75.404161][ T7085] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1135'. [ 75.414125][ T7085] bridge_slave_1: left allmulticast mode [ 75.419942][ T7085] bridge_slave_1: left promiscuous mode [ 75.425746][ T7085] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.450185][ T7085] bridge_slave_0: left allmulticast mode [ 75.456100][ T7085] bridge_slave_0: left promiscuous mode [ 75.461912][ T7085] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.533015][ T7127] block device autoloading is deprecated and will be removed. [ 75.556772][ T7130] netlink: 'syz.3.1149': attribute type 5 has an invalid length. [ 75.580318][ T7136] loop7: detected capacity change from 0 to 16384 [ 75.650090][ T7145] dvmrp0: entered allmulticast mode [ 75.658391][ T7145] dvmrp0: left allmulticast mode [ 75.692455][ T46] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0 [ 75.696647][ T7143] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.711070][ T7143] Buffer I/O error on dev loop7, logical block 0, async page read [ 75.719101][ T7143] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 75.728341][ T7143] Buffer I/O error on dev loop7, logical block 0, async page read [ 75.736587][ T7143] loop7: unable to read partition table [ 75.743380][ T7143] loop_reread_partitions: partition scan of loop7 (K>i) /480# $qZI[u@3bj!5MM]z) failed (rc=-5) [ 75.790607][ T7158] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1158'. [ 75.870740][ T7166] netlink: 'syz.2.1158': attribute type 10 has an invalid length. [ 75.941516][ T7173] FAULT_INJECTION: forcing a failure. [ 75.941516][ T7173] name fail_futex, interval 1, probability 0, space 0, times 1 [ 75.954618][ T7173] CPU: 0 PID: 7173 Comm: syz.0.1163 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 75.964369][ T7173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 75.974548][ T7173] Call Trace: [ 75.974560][ T7173] [ 75.980763][ T7173] dump_stack_lvl+0xf2/0x150 [ 75.985414][ T7173] dump_stack+0x15/0x20 [ 75.989582][ T7173] should_fail_ex+0x229/0x230 [ 75.994339][ T7173] should_fail+0xb/0x10 [ 75.998512][ T7173] get_futex_key+0xf4/0x710 [ 76.003031][ T7173] futex_wait_setup+0x61/0x1d0 [ 76.007892][ T7173] futex_wait_requeue_pi+0x1bb/0x6d0 [ 76.013239][ T7173] ? __pfx_futex_wake_mark+0x10/0x10 [ 76.018631][ T7173] do_futex+0x146/0x370 [ 76.022846][ T7173] __se_sys_futex+0x25d/0x3a0 [ 76.027618][ T7173] __x64_sys_futex+0x78/0x90 [ 76.032243][ T7173] x64_sys_call+0x23c4/0x2d60 [ 76.036933][ T7173] do_syscall_64+0xc9/0x1c0 [ 76.041544][ T7173] ? clear_bhb_loop+0x55/0xb0 [ 76.046266][ T7173] ? clear_bhb_loop+0x55/0xb0 [ 76.050944][ T7173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.056853][ T7173] RIP: 0033:0x7f5bdcb41bd9 [ 76.061267][ T7173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.080879][ T7173] RSP: 002b:00007f5bdbdc3048 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 76.089293][ T7173] RAX: ffffffffffffffda RBX: 00007f5bdcccff60 RCX: 00007f5bdcb41bd9 [ 76.097280][ T7173] RDX: 0000000000000000 RSI: 000080000000000b RDI: 000000002000cffc [ 76.105340][ T7173] RBP: 00007f5bdbdc30a0 R08: 0000000020048000 R09: 0000000000000000 [ 76.113322][ T7173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 76.121332][ T7173] R13: 000000000000000b R14: 00007f5bdcccff60 R15: 00007ffc7e92fe58 [ 76.129361][ T7173] [ 76.161498][ T7176] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 76.161807][ T7166] veth0_vlan: left promiscuous mode [ 76.175120][ T7166] veth0_vlan: entered promiscuous mode [ 76.183357][ T7166] team0: Device veth0_vlan failed to register rx_handler [ 76.242552][ T7170] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1158'. [ 76.288365][ T7186] vhci_hcd: invalid port number 202 [ 76.293622][ T7186] vhci_hcd: default hub control req: 400e v0000 i00ca l0 [ 76.501794][ T7209] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1176'. [ 76.512629][ T7214] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1178'. [ 76.556174][ T7209] block device autoloading is deprecated and will be removed. [ 76.569354][ T7226] vhci_hcd: invalid port number 202 [ 76.574664][ T7226] vhci_hcd: default hub control req: 400e v0000 i00ca l0 [ 76.603297][ T7232] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 76.661444][ T7243] ================================================================== [ 76.669555][ T7243] BUG: KCSAN: data-race in __dentry_kill / fast_dput [ 76.676234][ T7243] [ 76.678560][ T7243] write to 0xffff8881120ba190 of 8 bytes by task 7241 on cpu 0: [ 76.686195][ T7243] __dentry_kill+0x13e/0x4c0 [ 76.690794][ T7243] dput+0x5c/0xd0 [ 76.694446][ T7243] step_into+0x21a/0x810 [ 76.698686][ T7243] link_path_walk+0x54c/0x820 [ 76.703360][ T7243] path_lookupat+0x72/0x2b0 [ 76.707873][ T7243] filename_lookup+0x127/0x300 [ 76.712633][ T7243] user_path_at+0x3c/0x110 [ 76.717050][ T7243] __se_sys_mount+0x248/0x2d0 [ 76.721734][ T7243] __x64_sys_mount+0x67/0x80 [ 76.726333][ T7243] x64_sys_call+0x203e/0x2d60 [ 76.731017][ T7243] do_syscall_64+0xc9/0x1c0 [ 76.735527][ T7243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.741452][ T7243] [ 76.743769][ T7243] read to 0xffff8881120ba190 of 8 bytes by task 7243 on cpu 1: [ 76.751413][ T7243] fast_dput+0x65/0x2c0 [ 76.755573][ T7243] dput+0x24/0xd0 [ 76.759203][ T7243] step_into+0x21a/0x810 [ 76.763444][ T7243] walk_component+0x169/0x230 [ 76.768116][ T7243] path_lookupat+0x10a/0x2b0 [ 76.772858][ T7243] filename_lookup+0x127/0x300 [ 76.777638][ T7243] user_path_at+0x3c/0x110 [ 76.782073][ T7243] path_setxattr+0x5d/0x1a0 [ 76.786575][ T7243] __x64_sys_setxattr+0x6d/0x80 [ 76.791458][ T7243] x64_sys_call+0x2927/0x2d60 [ 76.796246][ T7243] do_syscall_64+0xc9/0x1c0 [ 76.800759][ T7243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.806689][ T7243] [ 76.809021][ T7243] value changed: 0xffff888237713758 -> 0x0000000000000000 [ 76.816137][ T7243] [ 76.818476][ T7243] Reported by Kernel Concurrency Sanitizer on: [ 76.824645][ T7243] CPU: 1 PID: 7243 Comm: syz.2.1188 Not tainted 6.10.0-syzkaller-01155-gd67978318827 #0 [ 76.834380][ T7243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 76.844443][ T7243] ==================================================================